With decades of combined experience in system and application architecture, Black Arc Security's team of vereran certified security experts can quickly evaluate and mitigate risks within your organization.
Black Arc Security consultants have helped secure hundreds of clients all across the globe, and have worked for some of the nations leading security firms, including Accuvant Labs, Fishnet Security, GuidePoint Security, and Optiv.
Marshall has been working in the computer security and information technology field for over eighteen years and provides clients with a breadth of proven experience in the areas of application penetration testing, network penetration testing, code reviews, vulnerability assessments, wireless security, physical security, PCI compliance, and information security training. He has been responsible for managing and executing engagements for hundreds of clients, including Fortune 5 companies and the US military. Additionally, Marshall is a widely requested trainer for his style, depth and breadth of knowledge and insight into the computer underground. Marshall holds the CISSP certification as well as several SANS certifications. Before starting Black Arc Security, Marshall had been previously employed and subcontracted for some of the top consulting firms in the nation.
Kary brings over 15 years of software architecture, design and development in large scale high volume financial applications. Expertise in design and development of secure systems meeting PCI compliance regulations, including in depth security related code reviews, vulnerability research and mitigations, and developing secure coding standards for multiple languages. Expert in mobile technologies and application development for Android and iOS platforms, with multiple applications on both the app store and play store.
Dave Ferguson has been a specialist in Application Security since 2006. After being immersed in coding for 10+ years as an application developer and development manager, Dave penetration tested countless web applications and trained developers as a Principal Consultant with FishNet Security (now Optiv). He has also worked as a Solutions Architect with Veracode and served as the Application Security Lead at Sabre, a multi-billion dollar travel technology company in Texas. Dave is the primary author of the OWASP Forgot Password Cheat Sheet and enjoys participating in bug bounty programs and speaking on application security topics at various events around the country. He currently holds CISSP and CSSLP certifications and has held QSA and PA-QSA qualifications from the PCI Security Standards Council.
Having over 15 years of experience in Information Security Governance and Compliance, Lance focuses on optimizing the availability, confidentiality and integrity of business critical production environments. Lance's background includes information security expertise in multiple industry processes and technologies (Financial Services, Retail, Technology and Communications), project management, quality assurance, metric identification/reporting, governance strategy in compliance/risk management, policy development, standards development, system hardening, privacy initiatives (PCI-DSS, SOX, GLBA, HIPAA/HITECH), incident response, data classification, encryption, IT audit, identity and access management, monitoring, physical security and secure data disposal.