David Felio is a Managing Consultant in the Application Security practice at FishNet Security. During his years in application security, he has conducted scores of application assessments and code reviews. He also delivers application security training classes, threat modeling, architecture reviews, and secure SDLC reviews. David has conducted assessments and training for national and international clients in myriad industries, including retail, healthcare, petroleum, financial services, and government.
David has been working in information technology for over 15 years. Prior to joining FishNet Security, David worked for a government contractor, where he led his division’s security efforts. Before realizing he enjoyed breaking applications more than building them, he was a senior developer. David is a PCI QSA and a member of the SANS/GIAC advisory board.