Andre Gironda is the VP of Mi3 Security. Before joining Mi3 Security, Andre Gironda was a security professional engaged with embedded systems, mobile payment, and application security testing initiatives at well-known technology product vendors, banks, and payment-card processing companies. Prior to this Andre was a mobile lead in the HP Fortify-On Demand ShadowLabs group, an international, SaaS-based dynamic testing and secure-code analysis service from Hewlett Packard. Before his tenure at HP, Andre served as a penetration tester for partners of HP and was responsible for directing the establishment of red team methodologies and core techniques in common use at many boutiques and big-firm institutions today.
He joined HP during the peak of the mobile app hype cycle, the mobile security group he co-founded and led, where he oversaw the development of the OWASP Mobile Security Testing Project – a standard that set the path for mobile application security testing techniques and tools. Prior to joining the OWASP leadership in 2007, Andre worked for eBay in a network security capacity and at Cisco Systems for early-effort, large-installation IPS/IDS scaling as well as pre-UTM firewall, VPN, anti-DDoS, anti-botnet, and security product feature enablement.
Andre has been engaged in the Internet security arena since 1996 and has become widely recognized as a leading expert in mobile security, penetration testing, and the identification of emerging security threats. His pioneering efforts and expertise in mobile security have helped define the direction of the mobile application security industry. Andre is a member of CMDSP (Credentialed Mobile Device Security Professionals) and is one of the founding visionaries of the Cybersecurity Incident and Crisis Management models that intersect the work of CLUSIF/Wavestone and the MITRE ATT&CK framework, as well as a former member of the Financial Services Information Sharing Alliance Center (FS-ISAC). He is also a Certified Information Systems Security Professional (CISSP), a frequent speaker, quoted expert, and is a dominant voice on the SANS DFIR/GPWN mailing lists and on the StackExchange forums focused towards Information Security, Android, iOS, and Reverse Engineering.