Jason Haddix

Aurora, Colorado, United States Contact Info
500+ connections

Join to view profile

About

I previously served as the Head of Global Cyber Security for Ubisoft, where I led all…

Articles by Jason

Activity

Experience & Education

  • Arcanum Information Security

View Jason’s full experience

By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.

Volunteer Experience

  • Charity Bug Hunter

    Bugcrowd Inc

    Through BugCrowd's organization I have competed in several events to help security test charity websites for vulnerabilities. I enjoy donating my time and skills to these organizations, especially the one's that aim to help kids.

    In 2013 all charity researchers were ranked by impact and number of vulnerabilities found for charity organizations. I placed 3rd on that list 5,000 researchers.

Publications

Courses

  • Carnegie Mellon - SEI Malware Analysis

    -

  • Certified Ethical Hacker

    -

  • Offensive Security - 101

    -

  • OpenSecurityTraining.info - Android Forensics

    -

  • SANS - GPEN, Penetration Testing

    Certified

  • SANS - GSEC, Security Essentials

    Certified

  • SANS - GWAPT, Web Application Penetration Testing

    Certified

  • SecurityTube - iOS Security Expert

    -

  • Strategic Security - Advanced Penetration Testing

    Certified

  • Strategic Security - Mobile Application Penetration Testing

    Certified

  • Strategic Security - Web Application Penetration Testing

    Certified

  • Web Application Hacker's Handbook Live

    Certified

  • WireShark University

    -

  • eLearnSecurity - Penetration Testing Proffessional

    Certified

  • eLearnSecurity - Web Application Penetration Testing Proffessional

    -

Projects

  • Project Leader: OWASP Mobile Top Ten Risks

    I currently work with Jack Mannino and other highly gifted mobile application auditors to to refresh the OWASP Mobile Security Project and the OWASP Mobile Top Ten Vulnerability listing. This entails describing, categorizing, rating, and contributing/reviewing statistics of the most current and prevalent mobile security issues in today's mobile application world.

    See project

  • Contributor: OWASP iOS Testing CheatSheet

    This cheat sheet provides a checklist of tasks to be performed when testing an iOS application and a collection of tools known to aid iOS auditors.

    See project

  • Co-Leader: SecLists Project

    The SecLists project is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

    Other creators
    See project

  • Open Penetration Testing Bookmarks Project

    The Open Penetration Testing Bookmarks Collection is just that, a collection of handy bookmarks I initially collected that aid me in my day to day work or I find in the course of research. They are not all inclusive and some sections need to be parsed but they are all good reference materials. I find having this Hackery folder in Firefox an easy way to reference syntax, tricks, methods, and generally facilitate and organize research.

    See project

  • Nmap (HTTP Enummeration Module)

    Helped create fingerprints for the HTTPEnum module of the Nmap Scripting Engine. This module fingerprints web servers and identifies known security vulnerabilities of commonly used web platforms.

    See project

  • Nessus Parsers

    Created a series of Nessus scripts (before the tooling was inter-operable with nmap and metasploit) to identify several reliable vulnerabilities and output them to a format to be consumed by other pentesting tools.

    See project

  • Pentester Scripting Portal

    -

    A group effort by some skilled penetration testers to open-source scripts that automate parts of certain pentests.

    See project

  • ShellPhish Member

    -

    I am honorary member of UCSB Hacking group named ShellPhish. I have been competing with them for 3 years during the qualifier rounds for the Defcon CTF. I organize the contribution of HP/Fortify's staff to augment their already stellar security group. We have qualified for the Defcon Finals 3 years in a row. We also competed in several other CTF competitions (Mozilla - 5th place, Stripe - completed, etc).

Honors & Awards

  • Awards:

    -

    Best Technical Solution - HP Fortify (2013)

    Awarded for reducing time to completion on mobile assessment services by developing a binary analysis tool-set that aided testers.

    PayPal Security Bug Bounty Hall of Fame (2013)

    Best Public Presenter - HP Fortify (2012)

  • Honors:

    -

    Ranked #1 Security Researcher - BugCrowd (2014)

    Ranked Top Ten Security Researcher - BugCrowd (2013)

    Participated in several bug bounty programs. Placed in the top ten of over 5,000 application security researchers for quality and number of security findings. Final position for 2013 - 4th place.

    PayPal Security Bug Bounty Hall of Fame (2013)

    Responsibly disclosed vulnerabilities for web domains.

  • Speaking:

    -

    I have been privileged to speak at over a hundred security and technology conferences worldwide. This includes such prestigious conferences as DEF CON, BlackHat, OWASP, SANS, IANS, B-Sides, Rootcon, ISC2, Toorcon, NullCon, NahamCon, LevelUp, HouSecCon, H@cktivityCon, and more. In addition I have keynoted numerous smaller internal security conferences for clients.

Recommendations received

19 people have recommended Jason

Join now to view

View Jason’s full profile

  • See who you know in common
  • Get introduced
  • Contact Jason directly
Join to view full profile

Other similar profiles

Explore collaborative articles

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Explore More

Others named Jason Haddix in United States

10 others named Jason Haddix in United States are on LinkedIn

See others named Jason Haddix

Add new skills with these courses

See all courses