Eric Johnson

Security Consultant, Web Application Security

Eric Johnson is a security consultant at Cypress Data Defense and an instructor and contributing author for the SANS DEV544 Secure Coding in .NET course. He previously spent six years performing web application security assessments for a large financial institution and another four years focusing on ASP.NET web development. Other experience includes developing security tools, secure code review, vulnerability assessment, penetration testing, risk assessment, static source code analysis, and security research. Eric completed a Bachelor of Science in computer engineering and a Master of Science in information assurance at Iowa State University. Eric currently holds the GSSP-.NET, GWAPT, and CISSP certifications and is located in West Des Moines, IA.