About

Personal Details:

Name: Chrissy Morgan         Location: UK   Twitter:@5w0rdfish

Chrissy heads up the IT Security Operations for a Close Protection (Bodyguard) company by day and is a Security Researcher by night.

As an advocate of practical learning, Chrissy also takes part in bug bounty programs and has found bugs in platforms such as Microsoft and Whois.com. She has carried out research in the areas of Steganography, RFID, Physical Cyber Systems Security and is actively involved within the information security community across a wealth of subjects.

As a recent Masters Graduate, she has accomplished the following successes so far: Winner of Cyber Security Challenge UK (University Challenge), CTF Finalist for the Pragyan CTF, A BlackHat Challenge Coin winner for OSINT from Social Engineer.org and Black Hat Scholarship, Steelcon Award, WISP Sponsorship and finally was the BSides London Rookie Track Speaker Winner for 2018.

Featured News Articles & Interviews:

• Trip Wire – Women in Information Security Series
• Akami Security and Threat Intelligence blog
• Writer for Detectify Research blog

Security Research and vulnerability discovery:

•  Multiple XSS discovery’s in commercial platforms
• Discovered vulnerabilities in Microsoft Office 365, and two other top level domains
• Discovered Vulnerability in Whois.com domain registrar
• HackerOne #702 contestant in Las Vegas – Salesforce

Projects & Community:

• Author of WebSecDev Web Application Teaching Platform
• Founder of The Co-Lab – Hardware Security Research Workshops – London
• Church of Hackers – Security Researcher wellbeing & fund
• Contributor to RFID Research Group – Proxmark Github Repo

Scholarships and Awards:

• ISC2 Up and Coming information Security Professional Winner
• BSides London Conference Speaker – Rookie Track Winner Tickets
• Women in Security and Privacy Award
• Steelcon Award Winner
• Scholarship granted for Black Hat Europe covering Attendance and OSINT training.
• Kent County Councils winner of “Best idea, for an app to assist the community”

CTF Competitions:

• Placed Top 5, Pragyan International CTF 2016
• Black Hat Challenge Coin Winner 2015
• Winner of the Cyber Security Challenge UK 2015: Universally Challenged Cyber Security & Cryptography CTF. Team Edinburgh Napier.

Placements:

• Cyber Security Research Placement: Steganography & Visual Polyglot File Analysis
• Selected out of 150 applicants for a modern apprenticeship at Pfizer Pharmaceuticals

Public speaking:

• The good, the bad and the ugly of responsible disclosure.
  March 23rd 2019 https://enusec.org/LTDH19/
• Institute Of Danish Engineers (IDA) – RFID Attack Exploitation
• The Many Hats Club London – Tech Enabled Crime
• BSides London Rookie Track – Breaking the Bodyguards

Forthcoming:

• August : Bsides Las Vegas – Proving Ground Track  August 2019
• July: Steelcon – Interpretive Exploits
• June: Keynote at Oxford University June 3-4 : Practically Teaching the next generation. Secure Software Engineering in DevOps and Agile Development (http://secse.org/) as part of the Cyber Security 2019 conference https://www.c-mric.com/cs2019
• May: THMC Podcast – 15th May – “Mother Morgan” Security Research Guest Slot

Research Projects:

• Web Sec Dev -Practical Cyber Security Mitigation Teaching Platform
• RFID Research and Defensive Countermeasures
• Visual analysis for Malware and File Type Detection
• Steganography Tool Detection
• Cyber Physical Security Systems Hardware