Summary
Andrew Waugh is a Senior Product Security Engineer with a decade of experience helping teams build and operate more secure software, currently driving product security at ServiceNow. He combines hands-on web and API penetration testing with low-level expertise in binary fuzzing (AFL/LibFuzzer) and reverse engineering, and is fluent in AWS. Known for mentoring engineers and building automation to remove tedious work, he has led large pen test engagements and interviewed and trained dozens of security hires. Andrew also explores emerging areas like LLM prompt-injection testing, IoT, and mobile security, and brings a principled approach to risk reduction—advocating password managers, MFA (with push disabled), and strongly typed languages.
10 years of coding experience
6 years of employment as a software developer
Bachelor’s Degree Computer Science, Bachelor’s Degree Computer Science at Portland State University
Cultural Anthropology Computer Science, Cultural Anthropology Computer Science at Pacific University