Independent Security Consultant
Greater New York City Area
- Current
-
- Independent Security Consultant at phm security LLC
- Past
-
- Security Researcher at VMware
- Vulnerability Researcher at Determina Inc.
- System Administrator at University of Alabama
- Independent Security Researcher at phreedom.org
- Education
-
- University of Alabama
- University of Alabama
- Recommended
-
3 people have recommended Alexander - Connections
-
126
connections
- Industry
- Computer & Network Security
- Websites
Alexander Sotirov’s Summary
Independent security consultant with professional experience in security research, reverse engineering and exploitation techniques, as well as an academic background in computer science. Presented innovative research at several security conferences and credited with the discovery of the first vulnerabilities in Windows Vista.
Alexander Sotirov’s Specialties:
software security assessment, reverse engineering, exploitation techniques, vulnerability research
Alexander Sotirov’s Experience
-
Independent Security Consultant
phm security LLC
(Computer & Network Security industry)
January 2009 — Present (11 months)
Providing specialized security consulting services.
-
Security Researcher
VMware
(Public Company; 1001-5000 employees; VMW; Computer Software industry)
August 2007 — December 2008 (1 year 5 months)
Determina was acquired by VMware in August of 2007. As a member of a product security team at VMware I performed code audits, threat modeling, architecture reviews and analysis of externally reported security vulnerabilities. Represented the VMware security team at VMworld Europe and numerous security conferences throughout 2008.
-
Vulnerability Researcher
Determina Inc.
(Privately Held; 11-50 employees; Computer & Network Security industry)
June 2005 — August 2007 (2 years 3 months)
Led a two-person team responsible for vulnerability analysis and hotpatch development. Developed analysis infrastructure and tools for reverse engineering. Discovered multiple vulnerabilities in Microsoft products and presented at numerous security conferences. Involved in a variety of internal and product oriented software development tasks throughout the company.
-
System Administrator
University of Alabama
(Educational Institution; Higher Education industry)
February 2000 — May 2005 (5 years 4 months)
Responsible for managing networking equipment, servers and computer labs with more than 500 workstations. Significant experience with administration and multi-platform integration of Windows, Linux and Novell systems. Developed custom authentication and print accounting software, and a number of web based applications. Led a four-person team.
-
Independent Security Researcher
phreedom.org
(Computer & Network Security industry)
January 1999 — May 2005 (6 years 5 months)
Vulnerability research and exploit development. Published reliable exploitation techniques for vulnerabilities in Windows, ProFTPd, Apache/OpenSSL, OpenLDAP and Solaris.
Developed open source security tools, including an SNMP scanner currently packaged by Fedora and OpenBSD.
Alexander Sotirov’s Education
-
University of Alabama
MS , Computer Science , 2003 — 2005
Master's thesis titled "Automatic Vulnerability Detection Using Static Source Code Analysis", available at http://gcc.vulncheck.org/
-
University of Alabama
BS , Computer Science , 1999 — 2003
Full tuition scholarship. Party school.
Additional Information
Alexander Sotirov’s Websites:
Alexander Sotirov’s Groups:
Mallet Assembly, Phreedom Magazine
-
Determina Alumni
Alexander Sotirov’s Honors:
Presented security research at numerous security conferences, including CanSecWest, BlackHat, Recon and SyScan
Organizer and a member of the panel of judges for the Pwnie Awards.
Named Time Magazine's Person of the Year 2006
Alexander Sotirov’s Contact Settings
Interested In:
- career opportunities
- consulting offers
- new ventures
- job inquiries
- expertise requests
- business deals
- reference requests
- getting back in touch
