VP and CISO at Memorial Sloan Kettering Cancer Center
I have over 11 years experience in IT and Information Security. My primary role is developing and leading an application security and penetration testing program, performing hands-on testing of a variety of systems, devices, and applications (web, desktop and mobile applications, medical devices, etc).
My primary areas of interest and core competencies are application security, penetration testing, and Windows OS security and I spend the majority of my free time researching these and related topics. Please visit my website to see more of my research interests: http://www.securitysift.com.
Published Exploits: http://www.exploit-db.com/author/?a=6450
Other Published Advisories/CVEs: http://osvdb.org/creditees/11091-mike-czumak
Regular Hands-on Experience with:
– Pentesting suites / tools (Kali, Metasploit, Burpsuite, Nmap, Sqlmap, etc)
– Debugging / Reversing / Binary Analysis (Immunity, WinDbg, IDA Pro, JPEXS, etc)
– Web / Database Platforms (IIS, Apache, MS-SQL, MySQL, Oracle, Sybase, etc)
– Other: Vulnerability Scanners, DLP, Network analysis, etc
Recognized by multiple organizations for security contributions including: Microsoft, Apple, Adobe, PayPal, Ebay, Sony, and Etsy
Practical Professional Certifications: OSCE, OSCP
Other certifications: CISSP, CISM, CNSS 4012, Six Sigma Green Belt, CompTIA Security+/Network+/A+/Project+
Updated November 2018