InfosecStuff is an information security research and consulting firm based in Raleigh, North Carolina. It was started in 2008 by Mark Baldwin who also serves as the principal researcher and consultant at InfosecStuff. Mark has over 14 years of direct experience in the field of information security and possesses a solid understanding of the threats to information systems. Moreover, he understands how to use technology and processes to address those threats and mitigate risks to businesses. Throughout his career, Mark has built and maintained information security programs that have improved system security, reduced risks, and successfully achieved compliance (PCI, Sarbanes-Oxley, HIPAA) for a variety of enterprises in numerous industries.
Presently, Mark is focusing his research on web application security and mobile device security. Mark’s research is published on InfosecStuff.com as well as other information security outlets such as . He is also working with organizations to test web applications for vulnerabilities before being deployed onto production systems and to design networks that are resistant to both network and application layer attacks. Using both open source and commercial tools, black and grey box testing techniques, and robust network designs, Mark has helped his clients improve the security of their web applications as well as reduce their cost by integrating security early in the software development and network design process. By doing so, organizations can greatly improve the security of their applications at a much lower cost than would be required to do so after an application has gone into production.
Mark is currently a Certified Information Systems Security Professional (CISSP), a SANS GIAC Certified Incident Handler (GCIH) and a Certified Cisco Network Associate (CCNA). He is also a member of the Eastern North Carolina Chapter of . He can be contacted by email at mark at infosecstuff.com.