Security Consulting
I want to work with you to make sure your programs, your people, and your company are secure. I'm available for a daily rate to look over your protocol designs, software implementations, and for consulting to help you keep your business secure. To give back to the community, I substantially reduce my rate for published free or open source software (GPL, BSD, CC0, etc.) as well as open-access research.
Please note: I am currently working full-time on Zcash, so I'm not available for consulting work at the moment. I can still help with general quick advice, or recommend someone who would be a good match for auditing your project.
What I can do:
- Evaluate the design and implementation of cryptography software.
- Check web code for XSS, SQL injection, session, password hashing, etc. vulnerabilities.
- Find memory corruption bugs in C and C++ code.
- Write proof-of-concept exploits for vulnerabilities.
- Verifying vulnerability fixes.
- Train your developers and staff.
Here are some examples of my security auditing work:
Interested? Email me at taylor@defuse.ca or mention @DefuseSec on Twitter.