Jason Haddix is the Director of Penetration Testing at HP Fortify and a Security Blogger at http://www.securityaegis.com. Jason currently leads all efforts on matters of information security consulting. The gamut stretches from developing test plans for Fortune 100 companies to competing in "bake-offs" to win business against other top tier consulting vendors. This involves being in the trenches and performing actual assessments but also handling clients, architecting solutions, designing services, improving business processes, managing technical consultants, training, technical writing, marketing, and delivering solutions. Jason's strengths are web, network/infrastructure, and mobile assessments, but he has performed a myriad of other services and implemented them for a consultancy as a deliverable (mainframe, wireless, cloud assessment, database, OSINT, APT simulation, binary reversing, and static code analysis). Jason actively participates in research/discussions regarding (E)hacking, Social Engineering, the security-con community, and plays on the academic CtF team, Shellphish, which competes at the Defcon CtF yearly. He also serves on the advisory board for GIAC Penetration Testing curriculum and has earned the GSEC, GPEN, GWAPT, and eCPPT credentials.