Andrew is a Security Researcher on the Vulnerabilities & Mitigations team at the Microsoft Security Response Centre (MSRC). He has worked in computer software and hardware security for around 8 years, with prior experience in software development. Andrew has particular expertise in low-level Windows OS internals, kernel development, vulnerability research, exploit development and mitigation techniques. He has previously presented at the USENIX Workshop on Offensive Technologies (WOOT) on the optimization of cryptographic primitives for hardware-accelerated password cracking.