CREST Intelligence-Led Testing Focus Group

Matt has been working in the IT industry for the last 25 years. He has held CREST qualifications for over 10 years as a Crest Certified Tester and CREST Simulated Attack Specialist. Matt is dedicated to the role and has delivered engagements for a diverse range of global clients working within the military, government, financial and commercial sectors. Matt has also been awarded Chartership status through the UK Cyber Security Council and is a CHECK Team Leader. He has presented at a broad range of conferences with topics that cover cyber security skills development, red team tradecraft and career progression in the industry. He is an experienced speaker and regularly contributes to podcasts and publications.

Zoja is a strategic thinker and visionary leader, creating value through innovation, collaboration, and transformation. With a keen ability to identify and connect emerging opportunities in complex, dynamic environments, she helps organizations and teams expand their perspectives, align their actions, and achieve business objectives. Her leadership style is both inspirational and results-driven, fostering trust, respect, and a strong culture of excellence.

With deep expertise in cybersecurity, business development, and strategic growth, she has successfully led organizations in delivering cutting-edge solutions across diverse regions and sectors.

Security consultant, trainer and author with significant experience delivering engagements to financial, government and retail organisations.

Responsible for STAR-FS, CBEST, TIBER and intelligence-led penetration testing.

Notable achievements:
– CHECK/CREST Team Leader since 2007
– CREST Certified Simulated Attack Specialist
– CREST Certified Simulated Attack Manager
– Lead for MDSec’s CBEST, STAR-FS and TIBER services
– Lead author for the Mobile Application Hacker’s Handbook (ISBN-10: 1118958500)
– Founding director of MDSec
– Subject matter expert for CompTIA Secure iOS Development examination

Ian has 20 years’ experience in the IT industry latterly as technical lead for DXC managing CHECK, STAR and GBEST penetration testing and long-term vulnerability scanning implementations. He has also been responsible for secure architecture reviews and secure code reviews covering multiple industries including finance, public sector, telecoms, and oil and gas. Ian has been a CREST Assessor since 2015 and is currently running the our exam development group creating our next generation exams.

Bobby Spooner is a Principal Security Consultant at LRQA. As a CREST Certified Simulated Attack Manager (CCSAM), Bobby has expertise overseeing intelligence-led red teaming engagements across the world. Previously, Bobby has built and managed Operational Security Assurance in a large UK Government Department, alongside managing Red & Purple Teaming across UK Critical National Infrastructure (CNI).

Paul is the Chief Hacking Officer and co-founder at Vantage Point Security group, where he oversees the penetration testing services delivered by the group across Southeast Asia. Paul has more than two decades of penetration testing experience working in the banking and finance sectors and has been leading cyber security teams for most of his career.

Paul has published books on cyber security, spoken at international security conferences and has appeared on a range of news and current affairs programs regarding cyber security risks including TV and print media.