David Litchfield

From Wikipedia, the free encyclopedia

David Litchfield (born 1975) is a renowned security expert from the United Kingdom, who focuses on the discovery and publication of computer security vulnerabilities with a special focus on database server software. Information Security Magazine voted him as "The World's Best Bug Hunter" for 2003[1].

David has found hundreds of vulnerabilities in many popular products, among which the most outstanding discoveries were in products by Microsoft, Oracle and IBM. At the Blackhat Security Briefings in July 2002 David presented some exploit code to demonstrate a buffer overflow vulnerability he had discovered in Microsoft's SQL Server 2000. 6 months later, on the 25th of January 2003, persons unknown were to use this code as the template for the SQL Slammer Worm[2].

After several years in vulnerability research, David made a move into Oracle forensics and has documented how to perform a forensic analysis of a compromised database server in a series of white papers - Oracle Forensics Parts 1 to 6[3]. David is in the process of researching and developing an open source tool called the Forensic Examiner's Database Scalpel (F.E.D.S)[4].

David founded a company named Cerberus Information Security which was acquired by @stake in July 2000. A year and a half later he founded Next Generation Security Software with five colleagues from @stake. He is the author of various software packages, and also of many technical documents on security issues. He is the author of the Oracle Hacker's Handbook and is a co-author of the Database Hacker's Handbook, the Shellcoder's Handbook and SQL Server Security. He was also a contributing author for Special Ops.

  1. ^ http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss288_art514,00.html
  2. ^ David Litchfield talks about the SQL Worm in the Washington Post
  3. ^ Oracle Forensics and Incident Response - databasesecurity.com
  4. ^ Owning database forensics - Security - Technology - theage.com.au

[edit] External links


 This biographical article relating to a computer specialist is a stub. You can help Wikipedia by expanding it.