AT A GLANCE

David Wolverton is Senior Manager of Engineered Defense in the Cyber and Data Resilience business, based in New York.

David is a CrowdStrike specialist who leads Professional Services as part of Kroll’s Engineered Defense team. He leverages over eight years of experience in SIEM, SOAR, SOC transformation, automation and detection engineering to enable leading organizations to solve some of their most demanding security challenges. David has a proven track record of working with large enterprises and small and midsize businesses across the consulting, technology and financial services sectors.

Key achievements in David’s role at Kroll include leading the NG-SIEM migration of Kroll’s internal MDR to CrowdStrike Falcon Complete, developing AI Process Evaluation & eXecution (APEX) to help prioritize, track and operationalize AI and automation initiatives within CrowdStrike Foundry, building and defining CrowdStrike NG-SIEM service offerings, and developing custom AI agents for SIEM migrations, rule development and triage use cases.

Before joining Kroll, David served as Cyber Threat Intelligence Manager and Cyber Threat Intelligence Consultant at EY, where he supported Fortune 50 clients in the technology, financial services, retail and consumer products sectors. Key client initiatives included setting up a detection engineering team for a large social media company, leading SIEM and SOAR migrations, performing data pipelining for 1TB+ of data per day and automating dozens of workflows for clients gaining thousands of hours of productivity. On an internal level at EY, David developed and managed a SIEM or SOAR use-case library that includes more than 500 SIEM use cases and more than 100 SOAR use cases. He also developed a proof of concept for implementing AI and natural language processing into SOC triage and operations within SOAR- automated workflows.

Prior to EY, David held the role of Security Development Operations Developer at Synchrony, a financial services company. In this role, he supported SOC, incident response and Insider Threat teams for SIEM tuning, rule creation and the development of automation scripts and playbooks utilizing third-party integrations and APIs within XSOAR through a defined software development life cycle.

David is the author of a research paper that sets out how Large Language Models and automation scripts can expedite the translation of detection logic between SIEMs.

David holds an M.S. in information security engineering from the SANS Technology Institute and a B.S. in computer and information systems security/information assurance from DeVry University. He also has the following professional certifications: CrowdStrike SIEM Engineer, GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, GIAC Defensible Security Architecture, GIAC Continuous Monitoring Certification, GIAC Certified Security Operations Manager, GIAC Strategic Planning, Policy, & Leadership, GIAC Systems and Network Auditor, GIAC Security Essentials Certification, GIAC Certified Project Manager and SANS Security Awareness Professional.

 

Let’s get the conversation started.

Drop me a quick line and we’ll set up a time to connect.

We will use this information to respond to your inquiry and process your data in accordance with our privacy policy.

Stay Ahead with Kroll

Cyber and Data Resilience

Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident responses and regulatory compliance, financial crime and due diligence engagements to make our clients more cyber- resilient.

Cyber Transformation

Implement, configure and run scalable cybersecurity programs at the pace of digital transformation