Senior Security Consultant

Toronto, Canada

Profile image for Stephen Hall

Stephen is a Senior Security Consultant at Security Compass. He specializes in network penetration testing and phishing.

Stephen has been instrumental in building up Security Compass's phishing expertise, methodology, and standardized toolset which is now utilized across all phishing assessments Security Compass performs. He specializes in the design and execution of large-scale phishing assessments to help Fortune 500 clients determine how to better focus their security awareness training efforts. Stephen has served clients in a variety of industries, including financial, energy, health care, retail, and technology.

Stephen has helped write numerous tools to aid in the development and streamlining of various assessment tasks. Of note, he was involved in the development of Yasuo which allows for quicker enumeration of potentially vulnerable targets.

Prior to Security Compass, Stephen worked at a software development firm and holds a Diploma in Computer Systems Technology with Honours. Stephen is also Security Compass's Gamemaster - he hosts and coordinates all internal CTF and challenge events. He enjoys building challenges that are geared towards learning and strengthening participants' security skill sets. Stephen has won multiple CTF awards throughout his career and has presented research at a variety of conferences across North America.

Areas of Expertise:
Advisory Services
  • Phishing and Employee Awareness Campaigns
  • Periodic Security Assessments & Delta Analysis Program
Verification Services
  • Web Application Security Assessment
  • Mobile Application Security Assessment
  • Desktop Application Security Assessment
  • Point of Sale Application Assessment
  • Network Security Assessment
  • Configuration Review
  • Internet of Things (IoT) Device Review
  • Red Team, Blue Team & Purple Team Exercises
  • Phishing Simulation
  • Financial Services
  • Technology
  • Retail
  • Telecom

Diploma - Computer Systems Technology
Seneca College of Applied Arts and Technology
Toronto, Ontario, Canada

  • Making Smart Locks Smarter read
  • Gone in 60 Minutes: a Practical Approach to Hacking an Enterprise with Yasuo (Hack3rCon, 2014) watch
Events & Associations:
  • Hackfest
  • DerbyCon
  • ToorCon
  • Hack3rCon
  • BSidesTo
Back to Our People

Contact Us

Our Advisory services team has 14 years of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.

Some of
(Choose One)
(All that apply)
Web Search
Online Ad
White Paper
Analyst Report
Trade Show
Worked With Us Elsewhere