Security Consulting

I want to work with you to make sure your programs, your people, and your company are secure. I'm available for a daily rate to look over your protocol designs, software implementations, and for consulting to help you keep your business secure. To give back to the community, I substantially reduce my rate for published open-source software (GPL, MIT, BSD, CC0, etc.) as well as open-access research.

What I can do:

Evaluate the design and implementation of cryptographic protocols.
Check web code for XSS, SQL injection, session, password hashing, etc. vulnerabilities.
Find memory corruption / threading bugs in C and C++ code.
Write proof-of-concept exploits for vulnerabilities.
Verifying vulnerability fixes.
Train your developers and staff.

Here are some examples of my security auditing work:

Critical bugs found in ZGo, a cryptographic payment processor
Audit of a cryptocurrency hardware wallet
The "invariant-centric" threat modeling approach
gocryptfs
EncFS
eCryptfs
PEFS
ZeroBin
Crypto Fails
Padding Oracle PoC

Interested? Email me at taylor@defuse.ca or mention @DefuseSec on Twitter/X.

Your IP:	18.191.240.94
DNT Header:	Disabled

Your IP:

18.191.240.94

DNT Header:

Disabled

Page Hits:	54740
Unique Hits:	23666

Page Hits:

54740

Unique Hits:

23666