David has extensive experience in many areas of information security.
Beginning his career as a Network Security Analyst, David monitored perimeter firewalls and intrusion detection systems to identify and neutralize threats in real time. After moving to the world of penetration testing, David led the security assessment and software development teams at Redspin as its CTO & VP of Professional Services through the company's acquisition in 2015.
Since 2015, David has been CISO of AppFolio, managing internal SecOps and AppSec blue teams.
David has particular interests in complex threat modeling and unconventional attack vectors, and has presented research at ToorCon, LayerOne, DEF CON, NolaCon, THOTCON, BSides Las Vegas, BSides Los Angeles, and BSides Seattle.