|Tim Brown has been working as an senior information security consultant at Portcullis 10 almost years, having previously worked in financial institutions and telcos. He is a certified CREST Team Leader allowing him to perform all manner of security assessments including policy reviews, infrastructure testing, host hardening, product reviews, source code audits, application assessments and hardware reviews. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Portcullis’ bespoke methodologies covering subjects as diverse as mobile (iOS, Android and Symbian) applications, hardware hacking, SCADA and risk management.
Outside of the customer driven realm of information assurance, Tim is also a prolific researcher with papers on KDE, Vista and web application security to his name. His most recent research has been into the world of POSIX alike OS such as FreeBSD, GNU/Linux, Solaris and AIX. In addition to this, Tim is credited with almost 100 vulnerability advisories covering topics as varied as the TCP/IP stack, web browser flaws, appliance management interfaces, enterprise applications and mobile applications.
Tim has previously talked at 44CON on Big Game Hunting: Simple techniques for bug hunting on big iron UNIX.
Finally, Tim is a strong believer in open source software and contributes to a variety of projects including Debian and OpenVAS as well as pro-bono security reviews of projects he makes use of.
Tim has presented at: