Profile
Eric is a co-founder and Principal Security Engineer at Puma Security focusing on cloud, DevSecOps automation, and static code analysis. His responsibilities include performing cloud security reviews, infrastructure as code automation, application security automation, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments. Prior to Puma Security, Eric spent 5 years as a Principal Security Consultant at an information security consulting firm helping companies deliver secure products to their customers, and another 10 years as an Information Security Engineer at a large US financial institution performing source code audits.
Expertise
- Cloud Security (AWS, Azure, GCP)
- DevSecOps & Secure Development Lifecycle (SDL)
- Source Code Analysis
- Application & Product Security
- Penetration Testing
Qualifications
Achievements & Contributions
- Senior Instructor with the SANS Institute, lead author of SEC540: Cloud Security and
DevSecOps Automation, and co-author of SEC510: Public Cloud Security: AWS, Azure, and GCP - Speaker at conferences including RSA, BlackHat, OWASP, BSides, DevOps Days,
fwd:cloudsec, and ISSA. - AWS Security & Identity Community Builder
Certifications & Credentials
- GIAC GCSA, GPCS, GWAPT, GSSP
- ISC2 Certified Information Systems Security Professional (CISSP)
- AWS Certified Developer
- MS, Information Assurance and Computer Engineering - Iowa State University
- BS, Computer Engineering - Iowa State University
Portal Publications
Want sample content from this Faculty member?
We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Policy.