Colin Morrell, BS is a Software Security Consultant with over 5 years of experience specializing in application security through static and dynamic analysis. He uses his background in offensive security testing to help improve software and IT security based on industry best practices. His security consulting experience has focused on some of the largest Fortune 100 healthcare and financial institutions in the world.
Since joining the Quandary Peak team, Colin has focused on securing patient data in EHR software through continuous security auditing, using applicable standards such as HIPAA, NIST, OWASP, and ISO27001. This includes dynamic application testing, as well as static analysis of software vulnerabilities on the code level to integrate in-depth, proactive security practices throughout the Software Development Life Cycle (SDLC.)
Areas of Expertise
-
Programming Languages
Python, Java, C, C++, Javascript, COBOL
-
Security Tools
BurpSuite, Metasploit, Kali Linux, Nmap, Splunk, Wireshark
-
Operating systems and servers
Linux, Windows, macOS, UNIX
-
Networking and protocols
TCP/IP, UDP, DNS, SSH, HTTP/S, FTP/S, DHCP, SMTP, ICMP, Kerberos, SMB, Telnet, Git, Active
Directory -
Regulatory & Compliance
OWASP, NIST, HIPAA, PCI-DSS, GDPR
