B.S., Computer Information Systems, University of North Carolina at Wilmington
Denny Deaton is a Security Testing Practice Leader within Aon’s Cyber Solutions and brings over 20 years of consulting experience as a leader in the information security field.
Denny has spent much of his career helping companies improve and mature their security posture through both strategic and tactical initiatives.
He is a recognized subject matter expert in application security testing, network penetration tests, Red Team simulations and social engineering campaigns, having delivered or supervised thousands of cross-functional client engagements in those areas for clients in the financial, health care, technology, retail, energy, insurance, and media & entertainment sectors.
- Responsible for running the Security Testing Team in the US for Aon’s Cyber Solutions
- Account management of security consulting services and delivery for Fortune 500 companies including the financial, healthcare, retail, insurance, manufacturing and software/technology industries
- Dynamic application security testing assessments for Fortune 500 companies
- Applications tested include Internet banking, financial trading, human resources, insurance support and customer service applications
- Internet, intranet, and wireless penetration testing for Fortune 500 companies in the financial services and technology industries
- Performed social engineering assessments including voice phishing, spear phishing and physical security for Fortune 500 companies
- Works with clients to develop custom remediation plans following the completion of penetration tests and application security assessments
- Develops software components in PHP, Python and Perl for internal company applications and security assessment tools
- Assists with management of internal testing methodologies and internal team development and training at Aon
- Mentoring of other security engineers on vulnerability assessment and penetration testing practices as well as regulatory, mandate, and policy compliance
Specific Skill Sets
- Network and Infrastructure-layer penetration testing
- Application-layer penetration testing (web & mobile)
- Experience with commercial security tools to include Burp Suite Pro, IBM AppScan, HP WebInspect, Nessus, and Qualys
- Development in PHP, Java, Python and Perl, SQL
- Security administration of Linux and Windows operating systems as well as IIS, Apache, MS SQL Server, and MySQL
- Excellent written, public speaking and presentation skills