About Carve Systems

Carve Systems LLC was founded in 2011 to bring enterprise level information security, training, and risk management services to organizations of any size and industry. Like most boutique security consulting shops, Carve has its roots in delivering high-end security consulting services to Fortune 500 organizations. Unlike most, Carve also complements its enterprise consulting offerings with services specifically tailored for mid-size companies.

We believe that true security is found in the continual process of evaluation and improvement required to match the dynamic technology, business, and threat landscape. We’ll advocate for security and challenge your thinking in a way that’s beneficial to your organization.

Our Management Team

Jeremy Allen

Jeremy started writing code for MUDs (Multi User Dungeons) on a 66 Mhz 486 running Slackware Linux in 1995, he has never been the same since. Jeremy is responsible for conducting risk assessments, threat modeling, code reviews, application security assessments, research, and reverse engineering. He has discovered numerous critical flaws and bugs. He helps organizations by understanding their key risks and building security into their organization (through people, processes, and the technology stack).

Blackhat Vegas 2010 - Mallory

Jeremy's Github

Building Secure iOS Applications

Mike Zusman

At 7 years old, Mike was hammering on the keys of a Ti-99 computer. By age 10, Mike was a licensed amateur radio operator and was building Intel x86 computers in his room at home. Now, a two-time Blackhat speaker with media mentions in publications such as Forbes. Mike leads Carve Systems to help clients manage technology risk, and operate with appropriate levels of security assurance.

Forbes: Secure Browsing Takes a Beating

DEFCON: Criminal charges not pursued: Hacking PKI (Youtube)

Max Sobell

Max began hacking on computers in The Valley and barely escaped the wreckage of the dot com bubble with his sanity intact. He trekked eastward and worked in quantitative finance before finding out that breaking computers is a legitimate profession. He has responsibly disclosed bugs in mobile payment, public transit, embedded internet devices, and Android smartphones and spoken at high-profile industry conferences such as CanSecWest and ShmooCon. Max manages Carve's consulting practice and works with customers to understand and manage technology risk.

How Secure are NFC Payments

Free Rides: The Story of the Smartphone Subway Hackers