Brian Knopf
Oak Park,CA
Summary
Dynamic Application Security Engineer with extensive experience at Amazon AWS, excelling in threat modeling and vulnerability assessments. Proven track record of enhancing security protocols, achieving an 80% increase in internal vulnerability detection. Adept at collaborating with cross-functional teams and implementing security best practices, driving innovation in cloud security and application development.
Overview
17
17
years of professional experience
2
2
Certification
Work History
Application Security Engineer III
Amazon AWS
Los Angeles (Remote), CA
07.2020 - Current
- Developed threat models to identify potential vulnerabilities in systems used for generative AI, agentic AI, games, IoT, and VDI on EC2 and containers (ECS, Docker, Bottlerocket).
- Collaborated with development teams to integrate security best practices.
- Reviewed code for security flaws and provided remediation guidance.
- Conducted security assessments on AWS infrastructure and applications.
- Trained developers on application security principles, including threat modeling.
- Creation of a streamlined application security review process template to reduce the time between design review and project sign-off.
- Documentation of SDLC standards for developers.
- Design and roadmap of static analysis integration into the CI/CD pipeline for early security threat detection.
- Code review of C, C++, Java, Go, and Python CRs for security issue fixes and mitigations.
- Code generation using internal vibe coding tools Q Dev, Q CLI, Quick Automate, and Quick, which are all products on which I performed security reviews.
Innovator of IoT, Office of the CTO
Secureworks
Los Angeles (Remote), CA
02.2019 - 06.2020
- Working across the Dell Technologies companies including Dell, EMC, VMware, and Secureworks, my role was to identify IoT/OT products and technologies that we should build or companies we should partner with.
- Performed as a technical individual contributor on a small innovation team that is inventing next-gen cybersecurity solutions for OT / IoT / ICS
- Developed prototypes for proving out new technology and validating use-cases that the team considers important to our end-state architecture
- Worked across internal teams to mature inventions into product offerings that protect our customers
- Drove idea generation for new software products, or for the next version of an existing product
- Identified new technologies and security problem spaces that are ripe for disruption
CEO & Security Researcher
BRK Security
Calabasas, CA
03.2012 - 12.2019
- Clients included Sony (post breach), TrustPipe, Digital Immunity, CUJO, oneID, Wink, and others that require confidentiality
- Selected as a Featured Security Researcher on BuildItSecure.ly based on my IoT security research
- Added to the I am the Cavalry research group based on my 5-Star Consumer IoT rating work
- Presented security research at Black Hat 20, DEF CON 23, DEF CON 25, ISSA-OC, B-Sides LA, & IEEE
- Participated in multiple security panels at B-Sides LA 2014 and AppSec Cali 2015
- Member of the staff for AppSec Cali 2016
- Research focused on IoT device, their security impact on IT departments, and medical device security
- Worked with Steve Kirsch at oneID to develop oneID IoT security offering solving inherent issues with PKI
- BRK Security is a consulting company focusing on helping companies build their security programs, design more secure products, and auditing their existing programs and processes.
Senior Director of Security Research & IoT Architect
Neustar, Inc.
Los Angeles (Remote), CA
08.2016 - 01.2018
- Created initial architecture and design of IoT identity management PKI replacement platform
- Researched IoT security exploits and mitigation techniques for specific scenarios we were working on mitigating
- Reverse engineered IoT devices to identify specific exploits that could be used to attack devices running oneID solution and counter them
- Researched partner and customer products to identify vulnerabilities or exploits and design solutions to mitigate and recover from them
- Threat modeling of oneID solutions for specific customers
- OneID (renamed to Trusted Device Identity or TDI after the acquisition) is a redesign of PKI that I created.
Director of Application Security
Belkin International
Playa Vista, CA
04.2012 - 12.2014
- Responsible for application security and IT security of product-focused assets, penetration testing, Security Development Lifecycle (SDL) implementation, and Product Security Incident Response Team (PSIRT) across Belkin, Linksys, and WeMo product lines.
- Saved over $4 MM in Engineering staff time by identifying critical vulnerabilities earlier in the SDLC
- Increased percentage of security vulnerabilities caught internally from 5% to 80%
- Introduced PSIRT (Product Security Incident Response Team) process to reduce time to remediate externally found issues from 180 days to under 45
- Reduced company spend on penetration testing by over $500,000 per year by shifting from consultants to full-time staff
- Created outreach program with security researchers to identify vulnerabilities before product launch
- Accepted an offer to join the UPnP Task Force to contribute to future security improvements
- Presented ‘IoT and the Impact on Security’ at ISSA OC
- Implemented MSA changes for all Belkin partners and vendors to audit and improve supplier code
- Reduced cost of individual penetration tests by 28% by implementing automation and fuzzing strategy
- Conducted regular Threat Models on staging and production environments to identify areas of highest risk
- Created risk management strategy to provide balance between avoidance, transference, mitigation, and acceptance while delivering maximum value to the company
- Created vendor evaluation process to identify products and partners that would benefit our products
- Identify security best practices for testing and development including design of security enhancements in products
- Linksys (acquired by Belkin in 03/2013)
Principal Test Architect, Office of the CTO
Rapid7, Inc
El Segundo, USA
06.2009 - 03.2012
- Responsible for designing the architecture of automation frameworks, requirements and design of virtualization test labs, building customer simulation test environments, intelligence gathering, identifying and documenting real-world customer test scenarios across Rapid7 products and partner products including Nexpose, Metasploit, w3af, RedSeal and numerous others.
- Responsible for architecture and design of automation framework using Robot Framework and Selenium
- Reviewed architecture for new features under development or being considered for development
- Design of data deployment model for large enterprise customers including identification of network topology, organizational structure, types of assets, and responsibility coverage between IT and Security
- Architecture and design of virtualized test environments based off customer interviews for testing vulnerability management and penetration test scanning on enterprise scale networks
- Deployed test lab with over 1500 VMs using VMware Lab Manager, vCloud Director, ESX/ESXi, and View
- Creation of features based on customer interviews to solve deficiencies in security assessment programs
- Creation of security interoperability test scenarios using Nexpose, Metasploit, RedSeal, Nmap, and w3af
- Created training on IDS, IPS, firewall, vulnerability management, penetration testing, SIEM products
Education
Some College (No Degree) - Networking Administration & Programming
California State University, Northridge
Northridge, CASkills
- Application Security
- Vulnerability Management & Assessment
- Governance, Risk, and Compliance
- Network Security
- Security Research
- Security Development Lifecycle (SDL)
- Incident Response
- Perimeter Security
- Quality Assurance
- Threat modeling
- Security assessments
- Cloud security
- Security architecture design
- Patch management
- API security
- Web application security
- Container security
- Cryptography
Projects
Creator of the 5-Star Consumer IoT Rating, Inform consumers about the security, safety, and privacy rating of products. Creator of oneID (renamed TDI after acquisition by Neustar), Redesign of PKI to allow for real-time revocation, easy key rotation, and prevention of unwanted certificate expiration.
Certification
- Certified ScrumMaster, 08/01/07, https://www.scrumalliance.org/community/profile/bknopf
- GICSP, 03/01/20, http://bit.ly/brk-gicsp
Presentations
- Black Hat 20 – Redesigning PKI to Solve Revocation, Expiration, and Rotation Problems, http://bit.ly/TDI-BH, http://bit.ly/TDI-Video
- DEF CON 25 – Redesigning PKI Because Crypto is Hard, http://bit.ly/tdidc25, http://bit.ly/PKI-DC-Video
- DEF CON 23 – Application Security on a Startup Budget, http://bit.ly/AppSecBK
- ISSA-OC - IoT and the Impact on Security, http://bit.ly/iot-sec
- B-Sides LA - Threat Modeling My Wife, http://bit.ly/tmmw-bsides, http://bit.ly/TMMW-Video
- IEEE - Threat Modeling Potentially Vulnerable Devices, http://bit.ly/tmmw-ieee
Timeline
Application Security Engineer III
Amazon AWS
07.2020 - Current
Innovator of IoT, Office of the CTO
Secureworks
02.2019 - 06.2020
Senior Director of Security Research & IoT Architect
Neustar, Inc.
08.2016 - 01.2018
Director of Application Security
Belkin International
04.2012 - 12.2014
CEO & Security Researcher
BRK Security
03.2012 - 12.2019
Principal Test Architect, Office of the CTO
Rapid7, Inc
06.2009 - 03.2012
Some College (No Degree) - Networking Administration & Programming
California State University, Northridge