As a 10-year veteran of Tripwire's Vulnerability and Exposures Research Team (VERT), Craig has been active in numerous areas of computer security research over several years with nearly 200 CVEs to show for it. In 2014, Craig won both tracks of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. Since that time, Craig has taught hundreds of infosec students about IoT security fundamentals and reverse engineering at such conferences as SecTor, Black Hat USA, DEF CON, and AusCERT. Craig's successful use of American Fuzzy Lop (afl) to find bugs in Apache and PHP has earned him high rankings in those Internet Bug Bounty programs. Craig has also collaborated on two Pwnie nominated cryptographic attacks including the Return of Bleichenbacher's Oracle Threat (ROBOT) Attack which won the 2018 Best Cryptographic Attack Pwnie award.
