Over the years I've moved from penetration testing to consultancy and eventually to training, further and further left in the development lifecycle. Training is by far the best and most effective way to improve the security posture of an organisation by arming the people that make up that organisation with the information they need to be secure.

I've teamed up with Troy Hunt to deliver his 'Hack Yourself First' workshop and with Ivan Ristic to deliver 'The Best TLS Training in The World'.


Hack Yourself First

"Hack Yourself First" is all about building up defensive skills in software developers. It looks at security from the attacker's perspective and takes them through the steps necessary to exploit vulnerable software on the web so that they can experience hacking first hand. Workshop participants are set specific goals they must complete that involve probing for risks and then exploiting discrete vulnerabilities in a specially built vulnerable application. The interactive nature of the workshop means that multiple attack vectors are usually identified across the spectrum of participants and each person contributes their own unique perspective as to how specific risks are exploited.

Find out more about the Hack Yourself First workshop and Troy's announcement about us working together.


The Best TLS Training in the World

Spend two days to understand both the theory and practice of SSL/TLS and Internet PKI. Designed by the author of the much acclaimed Bulletproof SSL and TLS, this practical training course will teach you how to deploy secure servers and encrypted web applications and understand both the theory and practice of Internet PKI.

Find out more about The Best TLS Training in the World.