Profile
Dave is the founder and principal consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a senior instructor, analyst and course author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as co-chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture and engineering. He has also worked as a security architect, analyst and manager for several Fortune 500 companies.
Expertise
- Cloud Security
- Virtualization and Container Security
- Network Architecture and Security Monitoring
- Security Operations
- Event Log Management and Monitoring
Qualifications
Achievements & Contributions
- Former CSO for Configuresoft
- Former CTO for the Center for Internet Security
- Speaker at information security conferences such as RSA, DEF CON, and BSides
- Author of Virtualization Security: Protecting Virtualized Environments (2012)
Certifications & Credentials
- MBA – Georgia State University
- BS, Computer Information Systems – Kennesaw State University
- BS, Psychology & Microbiology – Georgia State University
- CISSP – (ISC)2
Upcoming Events
View More
June 04 2026
2026 IANS Service Spotlight - Why Vendor Evaluation Is Broken—and IANS Plans to Fix It
Security leaders invest dozens of hours evaluating vendors, yet the data that matters most — what peers who've already implemented those tools have learned, and what they'd do differently — remains nearly impossible to get at scale. In this session, we'll introduce the IANS Vendor Intelligence Database, a new product that brings peer-sourced satisfaction data, real-world implementation experiences, pricing benchmarks, and community usage trends directly into your IANS platform.
June 23 2026
2026 Q2 Symposium: Design Secure AI Architectures: Applying Zero Trust to LLMs, Agents, and Data Pipelines
AI is rapidly reshaping enterprise application architectures, introducing LLMs, AI agents, model context protocols (MCP), vector databases, external APIs, and autonomous workflows into environments that were never designed for dynamic, decision-making systems. Yet many organizations are deploying AI capabilities without rethinking their foundational security models. Traditional perimeter controls are insufficient for systems where identity, data access, and API interactions drive risk. In this symposium, IANS Faculty Dave Shackleford explores how the core pillars of zero trust (IAM, data security, network segmentation, device trust, and continuous monitoring) must evolve to secure modern AI architectures.