My name is Steve. I currently live in Austin TX and I’ve been working in the field of digital forensics and cyber incident response for over 20 years.  I’m currently with KPMG Cyber and serve clients around the globe, responding to network intrusions, data breach incidents, email account compromise, and various types of fraud investigations. I’m fluent in network protocols and architecture, multiple OSs (Windows, macOS, Linux, Solaris, *BSD, AIX, etc), and have used and abused most forensic software tools out there.

I regularly wear a software developer hat, having written several applications and scripts over the years for extracting/parsing/processing various types of data considered to be relevant for a variety of investigations. Due to its flexibility and portability, my current “daily driver” is Python, but I’m also fluent in C#, C, bash, PowerShell, Java, Ruby, javascript, Perl, and EnScript. Currently experimenting with Golang programming and reversing Go malware.

My past includes working as SunOS/Solaris server operations admin at UUNET,  a commissioned police officer with the Austin Police Department’s High Tech Crime Unit, and before that I was an infantry Sergeant in the U.S. Marine Corps.


Twitter: @stevegibson