CREST Intelligence-Led Testing Focus Group

Matt has been working in the IT industry for the last 25 years. He has held CREST qualifications for over 10 years as a Crest Certified Tester and CREST Simulated Attack Specialist. Matt is dedicated to the role and has delivered engagements for a diverse range of global clients working within the military, government, financial and commercial sectors. Matt has also been awarded Chartership status through the UK Cyber Security Council and is a CHECK Team Leader. He has presented at a broad range of conferences with topics that cover cyber security skills development, red team tradecraft and career progression in the industry. He is an experienced speaker and regularly contributes to podcasts and publications.

Security consultant, trainer and author with significant experience delivering engagements to financial, government and retail organisations.

Responsible for STAR-FS, CBEST, TIBER and intelligence-led penetration testing.

Notable achievements:
– CHECK/CREST Team Leader since 2007
– CREST Certified Simulated Attack Specialist
– CREST Certified Simulated Attack Manager
– Lead for MDSec’s CBEST, STAR-FS and TIBER services
– Lead author for the Mobile Application Hacker’s Handbook (ISBN-10: 1118958500)
– Founding director of MDSec
– Subject matter expert for CompTIA Secure iOS Development examination

Ian has 20 years’ experience in the IT industry latterly as technical lead for DXC managing CHECK, STAR and GBEST penetration testing and long-term vulnerability scanning implementations. He has also been responsible for secure architecture reviews and secure code reviews covering multiple industries including finance, public sector, telecoms, and oil and gas. Ian has been a CREST Assessor since 2015 and is currently running the our exam development group creating our next generation exams.

Doug possess World-leading knowledge and skills pertaining to penetration testing, networking, architecture, security systems and integration, developed and evidenced over a 20-year career, within numerous and varied highly technical information security roles. Currently, Doug is the Head of Nettitude’s Global Red Team, conducting offensive engagements in-line with industry frameworks, testing the detection and response capabilities of countless, prominent global organizations.

Doug started his career as a systems administrator, before working in network security and managed security services roles. Doug then moved into consultancy in both a defensive and offensive capacity, building Secure Operations Centers and carrying out hundreds of penetrations tests. Now, with around six years of experience simulating Advanced Persistent Threats (APT) groups and cyber criminals, Doug has a consummate understanding of emerging threats and what it takes to assist companies in defending themselves against highly sophisticated cyber-attacks.

Philip is an accomplished Information Security Consultant and Manager with over 20 years of experience in cybersecurity. He possesses a Master of Science degree in Network and Information Security and holds several prestigious certifications, including CISSP, GXPN, and GCPN. His extensive background and advanced qualifications underscore his expertise and commitment to information security. 

He spearheaded establishing and managing robust penetration testing programs for major global clients across diverse sectors, including government, banking, and multinational corporations. Philip is experienced at developing and implementing comprehensive, tailored penetration testing strategies, including Red Team emulations and Purple Team simulations, to enhance security performance and information assurance. 

Philip’s leadership extends beyond his technical expertise. He excels in creating training and mentorship programs, significantly contributing to developing high-performance information security teams. His mentorship has inspired these teams to manage complex security landscapes effectively, showcasing the positive impact of his leadership.

Paul is the Chief Hacking Officer and co-founder at Vantage Point Security group, where he oversees the penetration testing services delivered by the group across Southeast Asia. Paul has more than two decades of penetration testing experience working in the banking and finance sectors and has been leading cyber security teams for most of his career.

Paul has published books on cyber security, spoken at international security conferences and has appeared on a range of news and current affairs programs regarding cyber security risks including TV and print media.