Entirely Focused on Security

We provide security consulting services to the Fortune 1000 and high-tech startups.

Bishop Fox was founded in 2005 on the principle that all we do is advise our clients, so they make the best possible security decisions.

Trusted by Peers and Global Industry Leaders:

5 of the Top 10

Global Media Organizations

10 of the Top 20

Global Retailers

25 of the Fortune 100

Organizations

6 of the Top 10

Manufacturing Organizations

8 of the Top 10

Global Technology Companies

Contact an Expert

We Bring Technical Depth To Our Clients

Our team's technical expertise allows us to tailor every solution or project to your unique requirements and to your industry. Our consultants' experience is drawn from a diverse background. Some of us are hackers. Some are developers. Some are engineers. We built Bishop Fox together to deliver practical and sustainable security solutions.

We have worked all over the world, in public and private sectors, and with clients large and small. So, no matter what problem your company faces, we have the security know-how to build a tailored solution for you.

Industries we have worked with include:

Bishop Fox Industries About

Meet Bishop Fox

Vincent Liu

CEO & Co-founder

With nearly two decades of experience, Vincent Liu is an expert in security strategy, red teaming, and product security; he oversees firm strategy and client relationships. He is regularly cited and interviewed by media such as Al Jazeera, The Information, and NPR while also writing as a contributing columnist for Dark Reading. He has co-authored books including Hacking Exposed Wireless and Hacking Exposed Web Applications. Vincent sits on several advisory boards in addition to serving as returning faculty at the Practising Law Institute.

Francis Brown

CTO & Co-founder

Francis Brown focuses on running service delivery and heading the thought leadership program. Francis has presented his research at leading conferences such as Black Hat USA, DEF CON, InfoSec World, ToorCon, RSA, and HackCon. His research has been featured in USA Today, Forbes, InformationWeek, and Dark Reading. Francis is the creator of the Tastic RFID Thief (which has appeared on “Mr. Robot”), the Danger Drone, and the SearchDiggity Project. 

Christie Terrill

VP of Operations

Christie Terrill has provided security advisory services for over a decade. Her focuses are engagement oversight, thought leadership, and relationship management. Christie is a monthly contributor to Forbes. In 2017 and 2016, she spoke at several Dark Reading webinars on Preparing a Next-Generation IT Security Strategy. In late 2017, she was featured at the O’Reilly Security Conference where she shared her experiences on creating a security program. She is based in New York City.

Justin Hays

Principal

Justin Hays focuses on all aspects of security testing and design in addition to firm-wide research endeavors. Justin actively conducts mobile device and web application security research, and is a contributing author to Hacking Exposed Web Applications 3rd Edition. He is fluent in Japanese, having received the highest-level language certification granted to non-citizens by the Japanese government.

Carl Livitt

Principal Researcher

Carl Livitt has decades of experience in mobile and application security, hardware and embedded devices, reverse engineering, and global-scale penetration testing. Carl is credited with the discovery of many vulnerabilities within both commercial and open-source software. He was brought in as a third-party expert to lead the team that confirmed several security issues with St. Jude Medical implantable devices. His work eventually led to an official communication from the FDA.

Rob Ragan

Principal Researcher

Rob Ragan provides security solutions and strategy to Bishop Fox clients. His other focuses include red teaming and threat modelling. He also manages the San Francisco consulting team. Rob has presented at Black Hat, DEF CON, Interop, and SummerCon. He was a contributing author to Hacking Exposed Web Applications 3rd Edition. His writing has appeared in Dark Reading and he has been quoted in publications such as Wired.

Andrew Wilson

VP of Consulting

Andrew Wilson is responsible for managing the Bishop Fox consulting practice. He has presented at DEF CON, BSides, ToorCon, and AppSec. Andrew is the founder and lead organizer of CactusCon, the largest security conference in Arizona. His research and writing have been cited numerous times by OWASP. Andrew is recognized by Microsoft as an expert in application security, having previously been selected as one of only 19 Developer Security MVPs in the world.

Gwenyth Castro

Chief Revenue Officer

Gwenyth Castro acts as a liaison between the various Bishop Fox departments that she manages and the executive team. She is responsible for the day-to-day leadership, management, and guidance on all aspects of the company’s operational policies, objectives, and initiatives. She oversees the development and implementation of both long and short-term strategic plans. Additionally, Gwenyth mitigates risks for the company as whole.

Danielle Sahlin

Director of Human Resources

Danielle Sahlin leads Team People – Human Resources and Recruiting. Her specialties are talent acquisition and retention. Under her direction, Bishop Fox has steadily increased its size to more than 100 employees. She has continuously built and revamped processes in addition to implementing tools for improving performance and learning management. She previously created the HR program at one of the most prestigious observatories in the world.

Arissa Kirkland

Director of Strategic Operations

Arissa Kirkland focuses on special projects, strategy planning, conflict resolving, and assisting other departments in achieving their objectives. She has been with the firm for nearly a decade, having led the Marketing and Public Relations programs prior to her current role. Arissa oversaw the rebranding of Stach & Liu into Bishop Fox in 2013.

We Are Passionate

We want to contribute to the greater conversation and be at the forefront of the latest trends.

Our team researches and continuously learns about what is happening in the industry.

Tools

Articles

  • The Wall Street Journal – An Unexpected Security Problem in the Cloud
  • WIRED – Watch a Test of Anti-Drone Weapons, From Shotguns to Superdrones
  • CSO – New Cyber Security Style Guide helps bridge the communication gap
  • See all articles

Books

  • Web Application Security – A Beginner's Guide
  • Hacking Exposed Web Applications 3rd Edition
  • Hacking Exposed Wireless: Wireless Security Secrets & Solutions
  • See all books

Conferences

We Guarantee Neutrality

We are vendor agnostic.

We will deliver individualized and tailored solutions that address your specific needs.

Our work has received the following certifications:

  • Certified Ethical Hacker
  • Systems Security Certified Practitioner
  • Certified Information Systems Security Professional
  • Microsoft Most Valuable Professional
  • Certified Information Systems Auditor
  • Six Sigma
  • PCI Security Standard Council
  • Microsoft SDL Pro Network
  • PMI PMP Certified
  • Global Information Assurance Certification
Contact an Expert

Some facts about us

Global

Expertise

5

Locations

100+

Employees

Vincent Liu

With nearly two decades of experience, Vincent Liu is an expert in security strategy, red teaming, and product security; he oversees firm strategy and client relationships. He is regularly cited and interviewed by media such as Al Jazeera, The Information, and NPR while also writing as a contributing columnist for Dark Reading. He has co-authored books including Hacking Exposed Wireless and Hacking Exposed Web Applications. Vincent sits on several advisory boards in addition to serving as returning faculty at the Practising Law Institute.

Francis Brown

Francis Brown focuses on running service delivery and heading the thought leadership program. Francis has presented his research at leading conferences such as Black Hat USA, DEF CON, InfoSec World, ToorCon, RSA, and HackCon. His research has been featured in USA Today, Forbes, InformationWeek, and Dark Reading. Francis is the creator of the Tastic RFID Thief (which has appeared on “Mr. Robot”), the Danger Drone, and the SearchDiggity Project. 

Christie Terrill

Christie Terrill has provided security advisory services for over a decade. Her focuses are engagement oversight, thought leadership, and relationship management. Christie is a monthly contributor to Forbes. In 2017 and 2016, she spoke at several Dark Reading webinars on Preparing a Next-Generation IT Security Strategy. In late 2017, she was featured at the O’Reilly Security Conference where she shared her experiences on creating a security program. She is based in New York City.

Justin Hays

Justin Hays focuses on all aspects of security testing and design in addition to firm-wide research endeavors. Justin actively conducts mobile device and web application security research, and is a contributing author to Hacking Exposed Web Applications 3rd Edition. He is fluent in Japanese, having received the highest-level language certification granted to non-citizens by the Japanese government.

Carl Livitt

Carl Livitt has decades of experience in mobile and application security, hardware and embedded devices, reverse engineering, and global-scale penetration testing. Carl is credited with the discovery of many vulnerabilities within both commercial and open-source software. He was brought in as a third-party expert to lead the team that confirmed several security issues with St. Jude Medical implantable devices. His work eventually led to an official communication from the FDA.

Rob Ragan

Rob Ragan provides security solutions and strategy to Bishop Fox clients. His other focuses include red teaming and threat modelling. He also manages the San Francisco consulting team. Rob has presented at Black Hat, DEF CON, Interop, and SummerCon. He was a contributing author to Hacking Exposed Web Applications 3rd Edition. His writing has appeared in Dark Reading and he has been quoted in publications such as Wired.

Andrew Wilson

Andrew Wilson is responsible for managing the Bishop Fox consulting practice. He has presented at DEF CON, BSides, ToorCon, and AppSec. Andrew is the founder and lead organizer of CactusCon, the largest security conference in Arizona. His research and writing have been cited numerous times by OWASP. Andrew is recognized by Microsoft as an expert in application security, having previously been selected as one of only 19 Developer Security MVPs in the world.

Gwenyth Castro

Gwenyth Castro acts as a liaison between the various Bishop Fox departments that she manages and the executive team. She is responsible for the day-to-day leadership, management, and guidance on all aspects of the company’s operational policies, objectives, and initiatives. She oversees the development and implementation of both long and short-term strategic plans. Additionally, Gwenyth mitigates risks for the company as whole.

Danielle Sahlin

Danielle Sahlin leads Team People – Human Resources and Recruiting. Her specialties are talent acquisition and retention. Under her direction, Bishop Fox has steadily increased its size to more than 100 employees. She has continuously built and revamped processes in addition to implementing tools for improving performance and learning management. She previously created the HR program at one of the most prestigious observatories in the world.

Arissa Kirkland

Arissa Kirkland focuses on special projects, strategy planning, conflict resolving, and assisting other departments in achieving their objectives. She has been with the firm for nearly a decade, having led the Marketing and Public Relations programs prior to her current role. Arissa oversaw the rebranding of Stach & Liu into Bishop Fox in 2013.