Philip Behnke

[email protected]

Education

  1. Grand Valley State University; Allendale, MI (2006 – August 2011)
    Bachelor of Science in Engineering Program
    Major: Computer Engineering
    Minor: Mathematics
    GPA: 3.55
    Honors: Dean's List (6 Semesters)
    Member of Tau Beta Pi Engineering Honors Society, Treasurer
    Member of IEEE Student Branch

  2. Chippewa Valley High School; Clinton Twp., MI (2002 – 2006)
    Graduated Magnum Cum Laud: June 2006
    Founder & President of High School Technology Club

Work Experience

  1. Cisco Systems, Charlotte, North Carolina - Remote
    Security Researcher
    Advanced Security Initiatives Group
    (July 2015 - Present)
    My current role is as a security researcher within Cisco's elite Advanced Security Initiatives Group (ASIG). This position has been application-security centric, and leans heavily on the offensive side of the security industry. The focus of this role is to evaluate Cisco products and services to identify security vulnerabilities, weaknesses, and improvements using tools, techniques, and processes that emulate those used by sophisticated and motivated attackers.
  • Performed detailed security evaluations of Cisco products and services, typically lasting 5-8 months in duration.
  • Evaluated the security posture of products across the breadth of Cisco's portfolio. Examples include Cisco's Security Services Platform (SSP), Cisco IOS-XE, Cisco/OpenDNS Brain, Meraki System Manager, Meraki Dashboard, Duo Security 2FA, along with other Cisco products.
  • Performed security evaluations across the software stack, from Linux kernel drivers and networking routing stacks, to web applications.
  • Lead engineer of the detailed security evaluation of Webex Teams -- a Slack competitor. Lead of several other short-term (2-3 week) penetration test engagements.
  • Discovered and reported many security vulnerabilities in Cisco products over the course of many product evaluations, with PoC code and detailed reports delivered to the respective business unit.
  • Developed exploits, PoC code, and demonstrations for discovered vulnerabilities.
  1. Arbor Networks, Ann Arbor, MI
    Software Engineer – DDos Protection
    (May 2014 - July 2015)
    Software developer for the Peakflow SP product team. Peakflow SP is Arbor's service provider DDoS detection and mitigation appliance used by 90% of ISPs.
  • Developed new anti-DDoS and network visibility features for Peakflow SP.
  • Fixed bugs for Peakflow SP throughout all areas of the product, from UI to backend.
  • Developed tools and features using a multitude of different technologies and languages such as C, Python, PHP, Javascript, TCL, and Bash.
  • Participate in code reviews and walkthroughs.
  • Discovered and fixed security vulnerabilities in the Peakflow SP appliance.
  • Participate in Security Guild discussions.
  1. General Motors, Warren, MI
    Embedded Controls Security Engineer
    Vehicle Cybersecurity Group
    (March 2013 - May 2014)
    Worked in GM's core group of vehicle security engineers to bootstrap vehicle security efforts in the wake of research from Charlie Miller and Chris Valasek. Helped to develop and enforce security requirements throughout GM's global vehicle lineup for in-vehicle systems and ECUs.
  • Worked with product engineers and suppliers to evaluate the security posture of ECUs and implement secure embedded controller designs.
  • Reverse engineered firmware binaries to discover and exploit new vulnerabilities.
  • Developed a cross-platform shared library (in C) to implement secure controller unlock. Used to program cryptographically sensitive key material at time of manufacture, eventually rolling out across every GM plant and new vehicle.
  • Developed tools for testing and verification of upcoming vehicle message authentication technology.
  • Worked independently and with third parties to find, report, and track security vulnerabilities through resolution.
  • Developed security requirements for controllers in the areas of active safety, infotainment, and automotive ethernet.
  1. Barracuda Networks, Ann Arbor, MI
    Software Engineer in Test
    (August 2011 – March 2013)
    Software Engineer in test as part of Barracuda Networks's Message Archiver team. Expanded testing automation and performed manual testing of the email message archiver appliance, while also greatly expanding my own knowledge of Linux internals and ecosphere.
  • Automated test coverage for email archiver appliance using Selenium with Perl and Python.
  • Developed automated, object oriented test suite for a new hybrid data storage product in Python.
  • Managed QA infrastructure including Linux and Windows VMs and hardware.
  • Managed manufacturing test suite for email archiver appliance.
  • Discovered and reported security vulnerabilities in both message archiver and modules common to Barracuda products.

Certifications

  • Offensive Security Certified Professional (OSCP)

Publications

Behnke, P., D. Soberal, S. Bredeweg, B. Dunne, A. Sterian, and D. Furton. "Senior capstone: A software defined radio design for amateur astronomy." In Interdisciplinary Engineering Design Education Conference (IEDEC), 2013 3rd, pp. 104-111. IEEE, 2013.

Projects