“Still developing, one day I'll be grown up.”

Brett Crawley

A bit about me.

"Brain dumping security knowledge to Software Engineers because it helps"

Drawing on > 10 yrs of Application Security experience and > 25 yrs of Software Engineering experience I have worked with teams to define their security best practices and introduce security by design into their existing SDLC. Applying my data science knowledge in analysing and aggregating the data made available by various AppSec scanning tools across multiple projects, I have helped to identify which are the business-critical components and ways in which to maximize the reduction in risk to the organization. My background in Software Engineering has also helped build relationships and trust from engineering teams because I speak their language. I am experienced in managing teams of various sizes, ensuring all work towards a common operational goal, mentoring them and positively influencing the timely execution of tasks. I am Fluent in both English and Italian, with dual English / Italian citizenship

Skills include:

  • S-SDLC (Secure Software Development Lifecycle)
  • Security by Design
  • Security Requirements Analysis (abuse-case / abuse-stories)
  • Secure Architecture Review
  • Threat Modelling (Attack Trees / STRIDE / Elevation of Privilege / Brainstorming / CAPEC)
  • Secure Coding and Secure Code Review
  • Risk Management
  • DevSecOps
  • SAST/DAST/IAST/RASP
  • Software Composition Analysis (SCA) and the SBOM
  • Data Driven Security
  • Security Champion Training
  • Vulnerability Management
  • SSL mutual authentication
  • IAM, SSO (SPNego / Kerberos / SAML / OAuth / JWT)
  • Tomcat realm and valve development
  • Encryption (at rest and in motion)
  • Digital signatures
  • Data Science
  • Data/Text Mining

Principal Programming Languages:

  • Java, Python, C#, JavaScript

“For me programming is like an enormous book of puzzles that always gives new challenges. To stay ahead of the technology wave you have to study continuously. Those who are really passionate about what they do manage but they are few and far between.”

Brett Crawley

Brett Crawley

You can visit my other sites by following the links below: