Jay Beale is a information security specialist, well known for his work on mitigation technology, specifically in the form of operating system and application hardening. He's written two of the most popular tools in this space: Bastille UNIX/Linux, a system lockdown and audit tool that introduced a vital security-training component, and the Center for Internet Security's Unix Scoring Tool. Both are used worldwide throughout private industry and government. Through Bastille and his work with the Center, Jay has provided leadership in the Linux system hardening space, participating in efforts to set, audit, and implement standards for Linux/Unix security within industry and government. In the past, Jay was a member of the HoneyNet Project and worked actively on the OVAL project, working with government and industry to standardize and improve the field of vulnerability assessment. Jay has served as an invited speaker at a variety of conferences worldwide as well as government symposia. He's written for Information Security Magazine, SecurityFocus, and the SecurityPortal.com. He has worked on five books in the Information Security space. Three of these make up his Open Source Security Series, while two are technical works of fiction in the "Stealing the Network" series. Jay works as an information security analyst with InGuardians, a firm he co-founded with Ed Skoudis, Mike Poor, Jim Alderson, and Bob Hillery. He formerly led the MandrakeSoft/Mandriva Security team.

Principal Security Consultant, CTO, and COO @ We provide computer security services, including: Security Architecture Review Hardware Assessment, with specialties in SCADA and Medical Devices Penetration Testing and Vulnerability Assessment Application Security Review Incident Response and Preparedness Security Monitoring and Security Operations Center Consulting Security Training From September 2013 to Present (2 years 4 months) Conference Speaker, Book Series Editor @ Invited speaker to IT Security conferences world-wide, including the Black Hat Briefings, Def Con, SANS, MIS, ToorCon, Interzone West/SecurityOpus, IDG LinuxWorldExpo, RSA, and US Government internal conferences Conference Chair of SANS' IO Wargames 2001 and the International Libre Software Meeting's Security section in 2001. From December 1999 to Present (16 years 1 month) Project Lead @ Bastille Linux is an Open Source program that increases the security of Linux, Unix and Apple Macintosh computers through better configuration. I designed Bastille Linux and created the initial codebase. I now lead the project, making architecture decisions, developing code and coordinating with developers at organizations ranging from Hewlett Packard, which ships Bastille as an installer component, to the US Government, which helps build Bastille to increase the security of its own Linux or Unix computers. From August 1999 to Present (16 years 5 months) Sr Security Consultant, Managing Partner, CFO, Chairman @ We provide computer security services, including: Security Architecture Review Penetration Testing Vulnerability Assessment O/S and Application Security Reviews Training in Unix Lockdown and other security-focused topics. From October 2001 to September 2013 (12 years) Scoring Tool Creator and Linux Benchmark Author @ - Created the first Linux and UNIX Scoring Tool, which assessed systems against the Center for Internet Security Benchmarks. - Coordinated development of the CIS Linux Benchmarks, leading the consensus process among inter-industry contributors. - Advised the Center for Internet Security management. From 2000 to 2004 (4 years) Director of Security Team @ • Coordination of Mandriva (formerly MandrakeSoft)'s security development and response staff • Development of Bastille Linux and derivative security software • Creation of an international presence for MandrakeSoft in the security space • Advisement to the CIO, CTO and CEO on security-related business • Design, evaluation and audit of security products including IDS and firewalls • Audit and feature veto on security products • Company-wide security training and advocacy From 2000 to 2001 (1 year)

PhD Program, Applied Mathematics, Computer Science @ University of Maryland College Park From 1998 to 1999 BS, Mathematics and Physics @ University of Maryland Baltimore County From 1993 to 1998 Jay Beale is skilled in: Information Security, Computer Security, Security, Penetration Testing, Vulnerability Assessment, Application Security, Firewalls, Security Audits, Network Security, IDS, Information Security Management, Internet Security, Security Architecture Design, Linux, Vulnerability Management