Mark Bell, PMP, CISSP, CISA, CHSS
Mark is responsible for management of the Company's information security and client advocacy operations. His responsibilities include, but are not limited to: delivery of vulnerability assessments, penetration testing, Payment Card Industry (PCI) Approved Scanning Vendor (ASV) services, social engineering and risk assessments as well as providing world-class client support to Digital Defense's client base.
Mark served as Director of Security Operations for Digital Defense from 2000-2003. After a 3 1/2-year hiatus, working for Science Applications International Corporation (SAIC) where he served as a Senior Systems Engineer and Deputy Lead Technical Architect for the Air Force-wide Vulnerability Lifecycle Management System (VLMS) Systems Engineering & Integration effort, returned to Digital Defense in 2007. While at SAIC, Mark was the lead technical architect and was recently awarded a patent (US Patent #8,266,320) for his development of a cyber defense training system that is today the national standard for cyber defense and security training, certification and competition. Most notably, it is now the test foundation for the national cyber defense competition known as CyberPatriot, where high school student teams compete to test their knowledge and practice of information security and cyber competency using real-world exercises.
Prior to 2000, Mark was engaged as a Senior Information Security Engineer for Computer Sciences Corporation on the Air Force Information Warfare Center's Computer Security Engineering Team. Mark also served for over 20 years in the United States Air Force in both Active and Reserve components before retiring in February 2009. During his time in the Air Force, Mark worked in the Intelligence and Computer Security fields as a Senior Network Security Engineer with the 92nd Information Operations Squadron, Air Force Information Operations Center. In this capacity, he acted as a Team Chief and Technical Lead in performing Red and Blue Team security assessments around the world in support of various commands, agencies and operations.
Mark holds a Master of Science degree in Information Assurance from Norwich University and a Bachelor of Science in Computer Science from Hawaii Pacific University. He is also certified as a Project Management Professional (PMP), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified HIPAA Security Specialist (CHSS).
08/03/2015 » CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. [READ ME]