Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the BlackHat Briefings, ISACA's Networks Security Conference, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Mr. Grossman is also a featured expert and frequent contributor on TechTarget's SearchAppSecurity.com. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!
Chief Technology Officer
WhiteHat Security, Inc.
October 2001 – Present
Information Technology and Services Industry
Grew the company from a single person operation to a leading provider of web application security services. Generated the sales of professional services including security assessments and training while forming early key partner relationships with domestic and international firms. Developed the core technology for what would later become the Sentinel scanner. Raised 1MM in seed capital from an influential group of angel investors. The investment was used to scale the consulting operation to an enterprise scale managed security services firm.
- Set the vision and strategy for the company
- Oversee the technology development process
- Engage in press, speaking and analyst tours
- Provide sales support
- Assist with web application security assessments
- Research additional products and services
- Co-founded the Web Application Security Consortium (WASC) www.webappsec.org
Information Security Officer
December 1999 – July 2001
Information security for the organization’s engineering department. Focused solely on web application security for the enterprise’s over 10,000 publicly facing web servers and ~600 web sites both domestically and internationally.
- Performed web application security assessments and incident response
- Presentations to business development managers and engineers on security issues
- Assisted with security implications of partner system integrations
- Helped to resolve security issues and implement stronger security solutions
May 1998 – November 1999
Part of the Unix administration for the Sales & Marketing Department. Performed general Solaris administration duties for ~20 servers and ~200 user nodes.
- Backup restoration and disaster recovery
- System configuration and account maintenance
- Web enable various business processes
information security, web application security, web development, australian rules football, video game hacking, technology culture and innovation, online gaming
Groups and Associations
Web Application Security Consortium (WASC), Center for Internet Security (CIS) Apache Benchmark.