David Litchfield

IRL Name: 
David Litchfield

David Litchfield was born on 1975 and is a know security researcher or expert from UK. He found hundreds of vulnerabilities in many popular products by Microsoft, Oracle and IBM. He is the author of Oracle Forensics , the Oracle Hacker's Handbook , the Database Hacker's Handbook and SQL Server Security and is the co-author of the Shellcoder's Handbook . He is a regular speaker at a number of computer security conferences and has delivered lectures to the National Security Agency, the UK's Security Service, GCHQ and the Bundesamt für Sicherheit in der Informationstechnik in Germany. He has found and helped to fix 24 security flaws in SQL Server, including the vulnerability that was exploited by Slammer, 17 in IBM's DB2, 22 in Informix and over 100 in Oracle. In February 2008 David discovered a new class of vulnerability in Oracle that can lead to "Lateral SQL Injection" and, in the November of 2006, another new class of vulnerability in the same RDBMS that can lead to "cursor snarfing" attacks. Both are general programming flaws, that can lead to data compromise. David pioneered major advancements in Oracle forensics and has authored 7 technical papers since March 2007 on the topic. He founded a company named Cerberus Information Security which was acquired by @stake in July 2000. David recently founded v3rity , a new venture. v3rity develops breach investigation software to examine compromised database servers. Until February 2010, David was Chief Research Scientist at NGSSoftware , a UK computer security services and software company he founded in 2001. NGSSoftware was acquired by NCC Group in November 2008.


Information Security Magazine voted him as "The World's Best Bug Hunter" for 2003.

Listed by CRN as a “Security Superstar” in 2010

In May 2008, David was named the "Entrepreneur of the Year" at the South London Business Awards 2008 .

He was also a contributing author for Special Ops.

He was the Scottish Under 20 Champion for both the long jump and decathlon and is the holder of the Scottish Schools Indoor record for long jump.