| Jonathan Wilkins 4881 Cleon Ave, #4 North Hollywood, CA, 91601 |
Phone: 425-890-2853 URL: http://www.jwilkins.com Email: jwilkins[at]bitland[dot]net |
| SUMMARY |
I am a Canadian citizen eligible to work in the USA (Greencard)
I have worked professionally in the information security industry since 1996 and have a prodigious knowledge of host and network security issues, including industry-leading expertise with secure programming and network vulnerability assessment. I have released security advisories and performed research in many areas of information security including intrusion detection, traffic analysis and authentication technologies. My work has been published in infomation security resources from Bugtraq to Phrack. I have given numerous presentations to industry, including speaking at major events such as Blackhat and CanSecWest to smaller events such as the Canadian Security Intelligence Service (CSIS) Conference and the Banff Business Institute. I have taught secure programming practices to developers and computer security awareness and threat modeling to wider audiences. I also led the winning team in the Capture the Flag competition (a hacking contest) at Defcon 6. I have substantial professional experience designing and implementing large and complex software projects in C/C++, C# and Ruby. My experience includes lead and supporting roles in award winning commercial shrink-wrap software and open-source projects. I have been a member of small, medium and large (150+) development teams and have experience working with professional quality-assurance teams. My technical expertise includes deep understanding of the C and Ruby programming languages as well as considerable experience with C#, C++, Java, Python and PHP. I am versed in object-oriented design, and can communicate designs effectively using UML and Patterns. Development environments have included Windows platforms as well as free and commercial Unix systems. I have experience with x86 assembly language. I possess comprehensive cross-platform development experience including native OS interfaces and compatibility libraries such as Cygwin. I am extremely familiar with software portability issues across Windows NT/2K/XP/2K3, OpenBSD, FreeBSD, Linux and Solaris. I have written drivers for Windows NT and kernel modules for FreeBSD. |
| EXPERIENCE | MySpace Inc | Beverly Hills, CA, USA | 2008 - Present |
| Architect |
| Develop abuse detection systems as part of the Information Security Team. |
| Information Security Partners | San Francisco, CA, USA | 2006 - 2008 |
| Principal Security Consultant |
| Perform security analysis of customer systems and products. This includes source code analysis, black box testing, reverse engineering, penetration testing. |
| Microsoft | Redmond, WA, USA | 2002 - 2006 |
| Security Architect |
| As part of the MSN Security Team, my responsibilities included security consulting for all properties under the MSN umbrella. This included MSN Messenger, Passport, Hotmail and Search. I also spent two years working in the Passport group (http://www.passport.com) at Microsoft, where I was responsible for security analysis and incident response. I performed threat modeling, consulted on security architecture and performed code audits of the Passport system. Passport is the authentication system used by Hotmail and MSN Internet Access as well as dozens of other sites. Passport has more than 500 million accounts and performs over 1 billion authentications per day. I was also loaned to the Windows group to work on the Windows Server 2003 audit. |
| Emaze | Trieste, Italy | 2001 - 2002 |
| Security Researcher and Software Architect |
| I designed and built the first generation of an object oriented network protocol hardening system based on Gnome's CORBA bindings for C. This system facilitated the development of complex network tests through the use of pluggable components. |
| Zero Knowledge Systems | Montreal, QC, Canada | 2000 - 2001 |
| Adversary |
| I performed security analysis of all aspects of our operations, including code audits in C, C++, PHP and ASP. I organized a security incident response team and developed procedures for this team to follow. I performed penetration testing and security analysis of existing network infrastructure as well as designs for future generations of our products. I provided security analysis of Freedom, Zero Knowledge's flagship product as well as security analysis of solutions for our Managed Privacy Services division. Freedom was a personal privacy product incorporating hundreds of servers located worldwide. I taught courses in general security awareness and secure coding practices. I devised policies to ensure that security critical components were protected |
| Troba Inc | San Francisco, CA, USA | 1999 - 2001 |
| Senior Software Engineer |
| Under contract, I developed a custom distributed network sniffer for realtime data capture of web traffic that included a high performance userland TCP/IP stack optimized for use with the HTTP protocol. This was efficient enough for use on saturated 100 Mb networks. In 2001 I was brought back as a full time employee and extended my previous work on the realtime data collection system to support realtime SSL decryption (when keys were available) as well as provide fine grained filtering of transactions. |
| Secure Networks Inc. | Calgary, AB, Canada | 1996 - 1998 | |
| Network Associates/McAfee |
| Senior Software Engineer |
|
Lead Windows NT developer and architect for the Ballista network assessment
product, which earned the InfoWorld test lab's highest rating in a product
review. Was responsible for porting this product from a UNIX code base to
Windows NT. Responsible for all architecture decisions. Conducted
security research resulting in the discovery of vulnerabilities in
widely-used Internet software. Managed a small team of developers
utilizing several development platforms including gcc, C++ Builder and
Visual C++
Network Associates purchased Secure Networks and renamed Ballista to CyberCop Scanner. I maintained my role as project lead and architect for Network Associates' CyberCop Scanner 5.0 network assessment product for Windows NT. Working with a medium-sized development team and a large professional QA team, successfully met aggressive product release deadlines and earned excellent ratings in product reviews from computer trade press (including the InfoWorld Test Labs, in which our product won a competitive review over the industry-leading Internet Scanner from ISS as well as Axent's NetRecon). |
| ISIS Inc. | Saskatoon, SK, Canada | 1995 - 1996 |
| Founding Partner |
| Started a small consulting business. We provided custom applications developed in Delphi |
| Rem Manufacturing Inc. | Swift Current, SK, Canada | 1994 - 1995 |
| Network Administrator |
| Managed a small 25 user Novell Netware network. I was responsible for all aspects of network operations, including rewiring network (10base2 to cat5), upgrading hardware, in house application development and providing user support |
| PATENTS |
Security attack detection and defense Remote command framework for devices |
| PRESENTATIONS |
CanSecWest 2007 ProxMon - Automating Web Application Penetration Tests Blackhat Europe 2007 ProxMon - Automating Web Application Penetration Tests CanSecWest 2002 Layer 2 hijacking attacks with Taranis Blackhat Windows 2002 Layer 2 hijacking attacks with Taranis |
| SOFTWARE | Commercial | Microsoft Passport, Microsoft Windows Server 2003, Secure Network's Ballista/Network Associate's CyberCop Scanner, Zero Knowledge's Freedom, Troba's Evaluator, EMaze's IPLegion (Based on the Nessus core) |
| Open Source | Author of ProxMon, Taranis, NTCrack. Contributed to LibNIDS, DSniff |
| SKILLS | Area | Level | Last Used | Experience |
| Network Security Firewalls (Checkpoint Firewall-1, IPF, IPFW, PF) / IDS (Snort, RealSecure) / Vulnerability Assessment (CyberCop Scanner, Ballista, ISS, Satan, Nessus, NMap, IPLegion) |
Expert | Currently Used | 9 years |
| Host Security FreeBSD, OpenBSD, Linux, Solaris, Windows NT/2K/XP/2K3 |
Expert | Currently Used | 9 years |
| C/C++ Programming GCC, Borland C++, Borland C++Builder, Visual Studio, Lex, YACC, Automake/Autoconf, gprof, Numega Boundschecker |
Expert | Currently Used | 9 years |
| Cryptography Public Key, Private Key, PKI, SSL |
Expert | Currently Used | 5 years |
| Low Level Numega SoftICE, IDA, GDB, x86 Assembly |
Expert | Currently Used | 5 years |
| Java Programming Borland JBuilder, Sun Forte |
Medium | Not Recently Used | 3 years |
| Other Programming Languages Borland Delphi (Object Pascal), Python, PHP, Perl, ASP, Common LISP |
Varies | Varies | Varies |