John has worked in the information security field for over 15 years. His main focus has been on application security assessments and he has worked in this capacity for a number of companies in both direct and consulting roles. His work has included network penetration testing, application review, architecture design analysis, source code review, as well as physical security assessments. He was the technical editor and primary author of the book “Virtualization for Security”. He was also a technical reviewer for the book “Network Security Hacks 2nd Edition”