Meet The NetSPI Agents
Get to know the 300+ in-house security experts who specialize in everything from web apps to AI. This team represents the deep domain expertise that reinforces NetSPI’s quality no matter the focus of your security program.
Open-source cybersecurity tools
Browse pentesting tools The NetSPI Agents created to help collectively advance the cybersecurity industry.
300+ In-house security experts with the right credentials for your program
Andy Acer
Director, Mobile Application Pentesting
Sam Beaumont
Director, Transportation, Mobility & Cyber-Physical Systems
Thomas Elling
Director, Cloud Pentesting
Karl Fosaaen
VP, Research
Eric Gruber
VP, Services Research
Giles Inkson
Director of Services, EMEA
Andre Joseph
Director, Thick Application Pentesting
Sam Kirkman
Director of Services, EMEA
Antti Rantasaari
Sr. Director, Application Security
Paul Ryan
Director, Web Application Pentesting
Patrick Sayler
Director, Social Engineering
Paroksh Sharma
Director, Secure Code Review
Scott Sutherland
VP, Research
Larry “Patch” Trowell
Director, Hardware and Embedded Systems
Josh Weber
Director, Network Pentesting
Rich Wolferd
Director, Red Team
Philip Young
Director, Mainframe
Responsible vulnerability disclosures
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.
The Silk Wasm: Obfuscating HTML Smuggling with Web Assembly
A new technique for HTML smuggling using Web Assembly helped us bypass potential malware detection.
Escalating Privileges with Azure Function Apps
Explore how undocumented APIs used by the Azure Function Apps Portal menu allowed for directory traversal on the Function App containers.
