Jerry Decime

Security Researcher, Builder, Strategist, Inventor


About Me

With a strong belief that one must break something to make it stronger, I've honed my application security skills from pen-testing to security design and architecture. From the development of technologies used by Google, Microsoft, HP, Hewlett-Packard Enterprise, DXC, Micro Focus and many others, I've been a guiding force in securing the applications and operating systems people use every day.

While there are many elements of my work which I cannot talk about, my public disclosures paint a picture of just some of my capabilities. I work with teams to identify and mitigate vulnerabilities which are typically not found by automated scanners and run the range from user experience flaws to application hijack and remote code execution vulnerabilities. From my work with the Department of Homeland security to Apple, I've been a regular fixture in major OS and application security updates.



11 / 2017 - Present

Principal Strategist and Researcher

Helping to drive a security always strategy as a senior member of staff to better enable Micro Focus and our customers in the marketplace into the future.

Leading cyber security all-hands cross functional technical sessions focused on pressenting attack vectors and mitigation strategies.

Developed policies, standards, and specifications using a risk based approach.

Approved in policy and developed models for the support of Let's Encrypt to be used as an enterprise CA for both internal and Internet facing solutions.


11 / 2015 - 10 / 2017

Principal Strategist and Researcher

Continued my HP journey with Hewlett Packard Enterprise focusing on application and product security strategy and research.

Built out a Cyber Security Lab in Boise, Idaho focused on both product hardware and software security research and development.

Focused on staff mentorship.


02 / 2014 - Present

Consulting, non-executive technical board member, and research securing critical infrastructure.


01 / 1999 - 11 / 2015

Information Security Strategist

Assisted product development teams in the development and implementation of security solutions across all regions and product lines from mobile, PC, and printing platforms to cloud computing.

Worked with both the consumer and commercial business teams to identify vulnerabilities and secure HP's eCommerce platforms including,,, as well as the commercial and government online platforms including the Canada Post.

Worked with world-wide fraud management to identify fraud vectors within HP's eCommerce and consumer support organizations, saving HP hundreds of millions of dollars a year.

Architected and developed with a team of developers an innovative mitigation framework solution for the identification and prevention of common web application vulnerabilities.(US Patent: 9,083,736)

A recognized thought leader in the HP global security space providing cross functional mentorship.

Provide technical direction for the worldwide application security program through the development of solutions, training and policy creation.

Identified and worked with industry financial partners to mitigate critical and systemic vulnerabilities which if exploited could have resulted in massive, worldwide economic loss.


08 / 1994 - 12 / 1998

Solutions Architect

Co-founded, a service to provide HP product documentation and support to HP customers worldwide.

Founded, HP's online product support service.

Architected the HP Support Assistant CD-ROM service to leverage an online to offline content model.

Co-architected content management and release strategies supporting

Founded, an interactive public forum to discuss HP product support related issues in 12 languages and across numerous platforms including Microsoft WebTV.

HP worldwide support e-mail program architect.


04 / 1992 - 1994

Alternative Support Sysop & Solutions Architect

Developed methods for consumer support including Macintosh driver documentation solutions which shipped in product.

HP Sysop on CompuServe responsible for building the Macintosh products community.

Lead the technical investigation and implementation of the HP Technical Support BBS service, a 96 line BBS providing technical support documentation and drivers for HP products.

Public VU and CVE History


09 / 2018


An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store on iOS, tvOS, and watchOS. Because the itunestored/1.0 daemon runs with system privilege it was possible for an attacker to leverage this to spoof password prompts within any application or OS context. It was further possible to use this vector in denial of service attacks against iOS resulting in the need to perform a soft-reset of the device.


06 / 2018


An attacker in a privileged network position may be able to spoof password prompts in iBooks which in turn, through network monitoring by an attacker could result in spoofing password prompts in macOS applications of choice which communicate on the network.


04 / 2018


The Isaac Mizrahi iOS and Android application platform failed to use HTTPS for critical interfaces related to authentication. As a result it was possible for an attacker in a privileged network position to spoof application interfaces and obtain user credentials in clear text.


04 / 2018


A flaw existed which allowed an attacker in a privileged network position to prompt users for their authentication credentials.


01 / 2018

WebKitGTK+ Security Advisory WSA-2018-0002

Attacker controlled HTTP authentication responses result in security interface confusion in certain contexts.


01 / 2018


An attacker in a privileged network position may be able to spoof password prompts in the App Store.


01 / 2018


If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the authentication request and may cause users to mistakenly send private credential information to a third party site.


10 / 2017


Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows a remote attacker to steal authentication hashes or clear-text authentication credentials.


06 / 2017


The embedded printing management service in enterprise printers failed to validate specific strings within an IPP print job and as a result it was possible to reflect JavaScript into print management interfaces by sending carefully crafted documents to a printer.


03 / 2017


A flaw existed in the Microsoft Lync for Mac client which allowed a networked attacker to compromise the TLS connection between the client and the server to impersonate a Lync server, obtaining user authentication credentials in clear-text.

MS16-099 Defense in Depth

08 / 2016


In certain contexts, Windows leaked user authentication credentials to unauthorized parties in clear-text.

VU#905344 - FalseCONNECT

08 / 2016


Discovered cross platform vulnerabilities resulting in the full compromise of HTTPS communications allowing an attacker full visibility and control of data.

In the Press
FalseCONNECT sends vendors scrambling to patch proxy MITM bug
Paranoid iPhone owners used a privacy tool that made them hackable
Proxy authentication flaw can be exploited to crack HTTPS protection
FalseCONNECT Flaw Exposes Proxy Connections to Attacks
False CONNECT vulnerability allows MitM-attack and intercept HTTPS-traffic
FalseCONNECT Vulnerability Affects Most Of The Internet Users
Proxy authentication flaw affects Apple, Microsoft, Oracle, Opera






Bee U G DMG Mori Seiki Co., Ltd.

Hewlett-Packard Enterprise
Multiple Products

Micro Focus Detect & Response
Activate Packages FalseCONNECT

Trend Micro Detect & Response
Trend Micro DPI Rule

Microsoft Security Advisory 3045755

04 / 2015


Organizational credentials could be leaked to unauthorized parties via WLID.

VU#924307 - D-Link DIR-685 WPA/WPA2 Encryption Failure

10 / 2011


Heavy network load causes the router to fail into an open wireless AP mode despite the configuration of WPA or WPA2 encryption. This attack can take place through any networking condition so that an attacker sending a large number of authentication requests to the router can cause it to fail into an open state. Due to the nature of the flaw, it can also be triggered through standard use of the router when under heavy network load.



Monitoring and Mitigating Client-Side Exploitation of Application Flaws

Issued, 01 / 2013

US Patent: 9083736

Inventors: Jerry Decime, Cale Smith

A system for monitoring and mitigating client-side exploitation of application flaws, the system comprising a client device operating an application, a server communicatively coupled to the client device, and an application flaw service module communicatively coupled to the client device and server in which the application flaw service module receives a request from the client device comprising transactional metadata and inspecting the transactional metadata for malicious content within the request. A method of monitoring and mitigating client-side exploitation of application flaws by adding computer usable program code to the response to a first request from a client, receiving a second request from the client, determining that transactional metadata within the response contains an attack vector, and returning a response to the browser including attack vector countermeasures embedded in the response.

System and Method for Authenticating Digital Content

Issued, 03 / 2009

US Patent: 7509683

Inventors: Jerry Decime

A system and method for authenticating digital content is described. In one implementation, digital content recorded by a recording device is stored in a secure section of a memory device.

Connector Locking Device

Issued , 10 / 2004

US Patent: 6802723

Inventors: Jerry Decime, Brenda A. Burget

A locking device for a connector that can be readily adapted to an existing electronics enclosure such as personal computer. Preferably the locking device has one or more sheathing members that form a hollow space for at least partially retaining a connector.

Tracking Users at a Web Server Network

Issued , 10 / 2003

US Patent: 20030187976

Inventors: Jerry Decime

A method of tracking clients at a web server network comprises intercepting web page communications between a client computer and at least one web server within the network.

System and Method for Monitoring a Network Site for Linked Content

Issued , 09 / 2003

US Patent: 20030172050

Inventors: Jerry Decime, Jason Crawford, Marcus Nilson

A method of monitoring a network site includes searching a network site to identify any objectionable content associated with a network page link on the network site, and responding to the identified network page link.

Interactive Remote Monitoring of Client Page Render Times

Issued , 09 / 2002

US Patent: 20020124047

Inventors: Jerry Decime, M. Scott Gartner, Matthew Parrish, Marcus Richard Nilson

A server architecture remotely monitors client page render times by approximating the time lapse from when a hyperlink is first activated to request a web page to when the web page is rendered on the requesting client machine.

Method and System for Efficient Routing of Customer and Contact E-mail Messages

Issued , 06 / 2002

US Patent: 20020083181

Inventors: Jerry Decime

After a client or potential client accesses the web-site of a host organization and generates an e-mail to the organization, an e-mail sorting and routing system parses the meta-tags appended to the message to appropriately sort and route the message.

System and Method for Tracking Usage of Multiple Resources Provided...

Issued , 05 / 2002

US Patent: 20020059193

Inventors: Jerry Decime

The present invention is directed to a method for tracking the use of an e-mail support tool. In one embodiment, the method initially involves eliciting from a user a query in connection with providing the e-mail support service.


Bsides Boise


401 Problems and Getting Your Password Isn't One of Them

Bsides Boise


Settling the score: taking down the Equifax mobile application

Bsides Boise


The FalseCONNECT Syndrome: A Little Bit of History Repeating

Bsides Boise


The Spooky Internet of Things:The Future is a Stephen King Novel


BS 7799 (ISO 27001) LEAD AUDITOR


British Standards Institute issuing authority



BA in Writing, Technical Emphasis