Patrick Thomas is a recovering software developer turned penetration tester with Neohapsis (now Cisco). He works on offensive and defensive security tools, with an emphasis on web application security, web malware, and social engineering. He has previously spoken at Black Hat, DEFCON, SecTor, AppSec Cali, and others.

Recent talks:

• “Mitigating Cross-site Scripting with Content Security Policy” - talk at Boston Security Meetup, Aug 2013.
• “What is CSP and why Haven't You Applied It?” – panel at OWASP AppSec Cali, Jan 2014.
• “Bioinformatics: Erasing the line between biology and hacking” – talk at BSides Chicago, Apr 2014.
• “Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols” – talk at Black Hat USA, Aug 2014.
• “Building a Social Engineering Resistant Organization” – Boston Federal Reserve Threat Sharing Group, Oct 2014.