David has extensive experience in many areas of information security.
Beginning his career as a Network Security Analyst, David monitored perimeter firewalls and intrusion detection systems to identify and neutralize threats in real time. After moving to the world of penetration testing, David led the security assessment and software development teams at Redspin as its CTO & VP of Professional Services through the company's acquisition in 2015.
Since 2015, David has been CISO of AppFolio, serving as a trusted advisor on technical risk.
David has particular interests in complex threat modeling and unconventional attack vectors, and has presented research at ToorCon, LayerOne, DEF CON, NolaCon, THOTCON, BSides Las Vegas, BSides Los Angeles, and BSides Seattle.