Please browse the list below for biographies of selected members of LMG's consulting team.
Sherri E. Davidoff
MIT 2003, GCFA and GPEN-certified
Sherri Davidoff has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing and web application assessments. She has consulted for a wide variety of industries, including banking, insurance, health care, transportation, manufacturing, academia, and government institutions. Sherri is the co-author of "Network Forensics: Tracking Hackers Through Cyberspace" (Prentice Hall, 2012). She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in Computer Science and Electrical Engineering from MIT.
Certified SANS Instructor, CISSP
Jonathan Ham specializes in large-scale enterprise security issues, from policy and procedure, to scalable prevention, detection, and response techniques. He’s been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than 2000 feet underground, taught intrusion analysis to the NSA, and chartered and trained the CIRT for one of the largest U.S. civilian Federal agencies. Jonathan has helped his clients achieve greater success for over 15 years. He is a Certified Instructor with the SANS Institute, and the co-author of "Network Forensics: Tracking Hackers Through Cyberspace" (Prentice Hall, 2012).
B.S. Management of Information Systems and B.S. Accounting, University of Montana
Certified Forensic Examiner (GCFE)
Randi Price specializes in policy and procedure review and development, including ISO 27001 assessments and HIPAA risk analyses. She provides security management consulting for large enterprises such as financial and health care organizations. Randi is a certified digital forensic examiner and holds her GIAC forensic certification (GCFE). She holds two BS degrees in Management of Information Systems and Accounting from the University of Montana.
Certified Web Application Penetration Tester (GWAPT)
Scott Fretheim is an experienced web application penetration tester and risk assessment consultant. He advises clients regarding risk management and risk analysis, and enjoys conducting security training seminars. Scott is a primary author of several network forensics contests, including the "L33t Pill" series which was first released at DEFCON 2011. Scott is a GIAC Certified Web Application Penetration Tester (GWAPT) and holds his B.S. in Management of Information Systems.
B.A. Cognitive Science (University of California - Berkeley)
Jonathan Neff is a senior system administrator and security consultant with over fifteen years of experience managing information technology infrastructures. Jonathan has designed IT solutions for businesses with high-availability requirements, government organizations, health care institutions, and scientific research groups. He has extensive experience responding to computer security incidents and developing security solutions. Jonathan is a founder of the Montana High Tech Crime Investigation Association.