David has extensive experience in many aspects of information security.
Beginning his career as a Network Security Analyst, David monitored perimeter firewalls and intrusion detection systems in order to identify and neutralize threats in real time. After working in the trenches of perimeter analysis, David joined an External Threat Assessment Team as a Security Researcher, working closely with large financial institutions to mitigate external risk and combat phishing attacks.
In 2009, David joined Redspin and worked as a Senior Security Engineer, Director of Penetration Testing, and Senior Director of Engineering. David then led security assessment and software development teams as Redspin's Chief Technology Officer and VP of Professional Services, specializing in External and Application security assessments.
David's current role is Chief Information Security Officer at AppFolio, where he is managing internal AppSec and SecOps.
David has particular interests in complex threat modeling and unconventional attack vectors, and has been a speaker at ToorCon, LayerOne, DEF CON, NolaCon, THOTCON, BSides Las Vegas, BSides Los Angeles, and BSides Seattle.