Hi, my name is Casey Dunham and I am an information security professional living in Portland, Maine.
My primary focus is in Application Security and over the past few years I have performed numerous security assessments across a wide variety of applications and platforms, consisting of web based technologies and mobile platforms. I have also worked in multiple software development roles throughout my career which allows me to bring a unique perspective to my security consulting.
Feel free to check out my LinkedIn profile for more information on my background and work experience.
I moved around a lot as a kid, so making friends was never easy. Even if I went through the trouble and did make friends, it would most likely not be that long before I moved again and I would lose contact, and have to start over. So I stopped trying too hard after a while and my interests and time became more focused on computers. I was an avid gamer and was fortunate to own an Atari, NES, and Sega Genesis. Things changed for me when I found an Atari 400 at a garage sale. The Atari 400 for those of you don't know, had a built in keyboard along with a purchasable Atari BASIC cartridge that would allow you to write programs in a language called Atari BASIC, which was a derivative of the BASIC language. You could save your program onto a cassette tape with an additional Atari module. It happened that along with a handful of games and manuals, that this garage find also came with the Atari Basic cartridge.
I immediately devoured the BASIC manual on my way home, and as soon as I was home I immediately set it up and began painstakingly transcribing the introductory programs out of the book. I was about seven or eight years old at this time, and this was my first introduction to programming and I was immediately hooked.
It wasn't long after this (and another move, this time halfway across the country), that my parents bought us a computer for Christmas. It was a Packard Bell running Windows 3.1. This version of Windows also shipped with a copy of Microsoft QBasic which started me off programming on a real PC. It wasn't long before I moved into C and C++.
It was here living in rural Northern Wisconsin through one of my few lifelong friends, I was introduced to 2600 and started making the drive to Minneapolis to attend the monthly 2600 meetings there in the Mall of America food court. I am no longer in contact with anyone I knew from attending those meetings, but it introduced me to the hacker mindset, as well as culture that has pervaded everything else I have done with my life.
After high school graduation, I moved back to Portland, Maine, where I spent a couple of years working and doing odd programming jobs. Once I was on my own feet, I started college at the University of Southern Maine where I graduated with a Bachelor of Science in Computer Science.
I spent my college years, and a few years after that, working for various companies in and around Portland as a programmer, mostly in Java and in the finance industry. While doing so I always strived to write robust, secure code, and to help increase the security of the companies I was working for.
I knew that I would eventually end up moving out of development and into security full time, but I spent quite a few years looking for the right fit and opportunity.
I am currently employed full time as a Senior Security Consultant, and spend most of my work time performing web application assessments, although I have been doing a bit more mobile applications lately. I am also still working on obtaining the Offensive Security Certified Professional certification, although time has played a major roadblock in getting that course completed.
I travel frequently between Portland, Maine and Salem, MA and attend many industry conferences such as Security BSides Boston/Las Vegas, DEFCON, Source Boston, DerbyCon, and Hackfest, to name a few.
My current research goals include learning more about exploit development, cryptography, blockchain technology, and building out advanced training courses covering web and mobile applications.
Writing is another area of pursuit I feel strongly about and making more time for that and this blog is on my agenda.
I'm always up for meeting new people so feel free to say hi and hit me up on Twitter or send me an email.