IMG_0014 copy 7.37.53 PM.jpg
books.jpg
IMG_5328.jpg
IMG_0014 copy 7.37.53 PM.jpg

Cutting edge security expertise for an uncertain world


AZIMUTH SECURITY

SCROLL DOWN

Cutting edge security expertise for an uncertain world


AZIMUTH SECURITY

 

ABOUT US

Azimuth is a small, independent information security consultancy, focused intensely on providing best-of-breed technical services for our clients.

Our consultants are extensively published security researches and practitioners with a wide range of expertise. Please don't hesitate to contact us to find out how we can help your organization.

 
books.jpg

Services


We're excited to offer a wide range of professional services. Our consultants have years of experience performing successful engagements for enterprise clients, commercial software vendors, research teams, an myriad organizations. We'll tailor our services to provide you the best value for security investment. 

services

SCROLL DOWN

Services


We're excited to offer a wide range of professional services. Our consultants have years of experience performing successful engagements for enterprise clients, commercial software vendors, research teams, an myriad organizations. We'll tailor our services to provide you the best value for security investment. 

services

RESOURCES

Azimuth employees are active participants in the security community, regularly speaking at conferences, publishing whitepapers, and discovering vulnerabilities. This page highlights a cross-section of some of our more recent notable work, and provides a place for us to publish ongoing and future research.

IMG_5328.jpg

The Team


SCROLL DOWN

The Team


Mark Dowd

FOUNDER

Mark is a director and founder of Azimuth Security, and brings over 10 years of security experience to the team. The bulk of his professional career has been focused in the area of application security research. Mark spent a number of years as a senior researcher at IBM's Internet Security Systems (ISS) X-Force, during which he discovered a number of high-profile vulnerabilities in ubiquitous Internet software. In addition to professional vulnerability research, Mark's previous experience includes serving as a principal security architect for McAfee, as well as performing a variety of information security consulting services independently and for ITAC Consulting. 

 

Mark's vulnerability research record speaks for itself. Over the last decade, Mark has identified and helped remediate critical remotely exploitable security vulnerabilities in Sendmail, Microsoft Exchange, OpenSSH, Internet Explorer, Mozilla Firefox, Adobe Flash, Checkpoint VPN, and Microsoft's SSL implementation. In addition to his vulnerability research, Mark has published several technical research papers, and was a co-author of the Addison-Wesley Professional book "The Art of Software Security Assessment". He was the winner of the 2009 Google Native Client Security Contest. Mark regularly speaks at industry conferences, including BlackHat, CanSecWest, PacSec, and Ruxcon.

John Mcdonald

FOUNDER

John is a director and founder of Azimuth Security, who brings over a decade of security experience to the team. John's professional experience has been focused on software security, split evenly between vulnerability research and security consulting. John has held positions as a senior security researcher for IBM's Internet Security Systems X-Force and NAI Covert Labs (now McAfee). He spent five years as a senior security consultant for Neohapsis, where he was responsible for security engagements ranging from network penetration tests to in-depth focused manual source code reviews of COTS software. His experience is rounded out by a tour of duty as a security architect for Citibank, and participation in various professional development efforts.

 

As a vulnerability researcher, John has identified and helped resolve numerous critical vulnerabilities, including remotely exploitable issues in QuickTime, XviD, Solaris, BSD, Checkpoint FireWall-1, OpenSSL, and BIND. John is also a co-author of Addison Wesley's "The Art of Software Security Assessment." He has published multiple papers over the years, and presents his research at industry conferences such as BlackHat and CanSec West.

Tarjei MANDT 

SENIOR RESEARCHER

Tarjei Mandt (@kernelpool) is a senior security researcher at Azimuth Security. He holds a Master’s degree in Information Security from GUC (Norway) and has spoken at security conferences such as Black Hat USA, CanSecWest, INFILTRATE, RECon, SyScan, and Hack in the Box. In his free time, he enjoys spending countless hours challenging security mechanisms and researching intricate issues in low-level system components. Previously, he has discovered several Windows kernel vulnerabilities, and spoken on topics such as kernel pool exploitation and user-mode callback attacks. More recently, he has focused on Apple technology and presented on various security flaws and weaknesses in Mac OS X and iOS.