Andy Grant

Andy Grant is a Technical Vice President for NCC Group with more than a decade of professional experience in offensive security and two decades of involvement in the computer security space. While at NCC Group, Andy has worked on a wide-variety of projects. He has performed countless application assessments across many platforms and systems. This includes web applications, widget/third-party platforms, mobile applications on Android, iOS and WP7, and native/desktop applications for OS X/macOS, Windows, and unix. Andy’s security assessments regularly include code review of many programming languages, including C, C++, Java, Scala, PHP, Ruby, Python, Go, Kotlin, Objective-C, and Swift. Andy has also conducted multiple internal and external network penetration tests, architecture and design reviews, and threat modeling exercises.

Andy has worked with small tech start-ups, small and large software development groups, and large financial institutions. He has been embedded in corporate security programs for multiple months to provide on going security guidance and program/process improvements. Prior to working at iSEC Partners (aquired by NCC Group), Andy was part of a three person team that developed the security application that became the foundation for Dasient, a dynamic, behavioral-based engine to defend web sites against attacks and malware. Andy has a BS in Computer Science and an Advanced Computer Security Certificate, both from Stanford University.

Appearing at:

Unpacking pkgs: A look inside macOS Installer packages and common security flaws