Team

WHO IS VSR?

VSR was founded by a former @stake consultant, whose vision was to create a firm focused on delivering the highest quality information security consulting services. Our company structure and operations allow us to be nimble, provide unbiased recommendations and remain vendor neutral.

The Senior Consulting Team

The VSR consulting team consists of proven industry experts who each bring unique expertise that add value to our services.



George D. Gal
Founder & Managing Partner

George leads the team's delivery service capabilities and business development. George has over sixteen years of network and application security expertise. His specialties include mobile and application security assessments and attack simulation with significant experience within the financial services, retail, health care, commercial software & service provider market sectors. At VSR George works with clients as a subject matter expert performing application security assessments ranging from secure code review, architectural review, black-box penetration testing and application security training.

Prior to VSR, George was a Senior Security Consultant with @stake involved in both the attack simulation and forensics / incident response centers of excellence. George is a graduate of Northeastern University with Bachelor of Science and Master of Science degrees in Computer Science.

John Redford
Partner & Training Services Practice Lead

John has an extensive background in secure application and systems infrastructure development, with over twenty years implementation and innovation experience. Using his extensive knowledge of diverse software platforms, John assists VSR clients to implement solutions that are both secure and practical. John develops and delivers training materials to educate clients, focusing on fundamental security threats and modern defensive programming techniques. He also performs architectural assessments, code reviews, and application penetration testing.

Prior to VSR, John was a security consultant with @stake and Symantec, where he implemented penetration testing and reporting tools. Previously, he worked in the financial sectors of Boston and New York.

Robert Wessen
Partner & Enterprise Security Lead

Robert specializes in vulnerability assessment, risk management and penetration testing. He has over 12 years hands-on experience in IT support, implementation and security. Prior to joining VSR he spent just over 4 years supporting information security initiatives for the US military, intelligence and special operations communities. This included the security design for new initiatives and assessment duties of existing military networks and systems as a team lead for the Army as well as being individually appointed by the Navy for global assessments.

Robert's other experience has covered projects in the commercial, health care and educational sectors. His diverse experience brings a deep understanding of where security theory meets reality when implementing and maintaining complex systems which actually have to be used by humans.

Robert holds a Bachelor of Science in Computer Science from Northeastern University and many industry certifications including; CISSP, ISSEP, ITIL and GREM. He is the Treasurer of his local (ISC)2 regional chapter and is a mentor and volunteer with a local high school for security CTF and CCDC style competitions.

Dan King
Senior Security Consultant

Dan is a senior security consultant specializing in black box infrastructure and network security penetration testing, social engineering, as well as wireless penetration testing. He has experience working with clients in diverse vertical markets including healthcare/medical, financial, aerospace and retail. Dan has participated in responsible disclosure in several commonly used applications and network services and has spoken at the BlackHat security conference based on some of his discoveries.

Prior to VSR, Dan was a security consultant with IOActive where he performed penetration tests on enterprise networks, mobile and web applications, physical penetration tests, and research on medical devices, automated teller machines, kiosks.

Dan's work has also led to the disclosure of many vulnerabilities which were not released to the public.

Before IOActive, Dan worked at Dell SecureWorks in many roles. Working with and managing Intrusion Detection and Prevention systems, doing packet and protocol analysis for emerging threats, as well as performing internal and external vulnerability assessments. Dan also helped manage the deployment of thousands of vulnerability management scanning appliances within clients environments.

Mitch Kucia
Senior Security Consultant

Mitch specializes in web application and network security penetration testing. His main interests are focused on both passive and active network reconnaissance. Prior to joining the VSR team, Mitch's professional experience involved developing applications for medical devices and designing and implementing full-stack web applications. Mitch joined VSR as an intern in 2015 and joined the team full time in 2016.

Mitch earned his Bachelor of Science in Computer Engineering at Northeastern University. While there he participated in the Cyber Security Defense Competition and a MITRE embedded system CTF.

John McGuiness
Senior Security Consultant

John specializes in web and mobile application security, as well as protocol analysis and network vulnerability testing. Previous professional experience includes full stack web application development and IT infrastructure service. He has worked on software for the Novartis Institute for Biomedical Research's oncology department, implementing and securing API, database, and UI components.

Additionally, John has participated in collegiate security competitions in both offensive and defensive scenarios.

John earned his Bachelor of Science in Computer Science at Northeastern University.

Ido Naor
Senior Security Consultant

Ido joined VSR in 2014, with experience and research interests focused in web and application security. Ido specializes in web application exploitation and software reverse engineering and has been acknowledged for his work by major enterprises globally. Ido is credited with responsible vulnerability disclosures for companies including: Google, eBay, Linkedin, and Alibaba.

Aside from his technical skills, Ido excels in Mixed Martial Arts and acquired vast experience with special intelligence tactics as part of his military background.

Ido holds a Bachelor of Science degree in Computer Science from the College of Management Academic Studies, Rishon LeZion, Israel and later returned to teach at the same college as an information security lecturer.


Copyright © 2004-2016. Virtual Security Research, LLC. All rights reserved. Design by Star Graphic Design