Start of Main Content

In August 2017, Nick Dorrough and Dave Peet, Senior Developers at Velir, attended the Web App Penetration Testing and Ethical Hacking training through SANS. As a private company that serves more than 165,000 security professionals, SANS is the largest and most trusted authority for information security training in the world.

Given that we work with numerous high-profile clients, as well as those in industries with complex security needs like healthcare, finance, education, etc., web security is an area that we are highly focused on at Velir. With ever-evolving security threats and protocols, we aim to stay vigilant and help our clients identify security gaps in their digital solutions along with the associated paths forward for resolution.

"Investing in ongoing education and training for our team members to stay up-to-date on the latest, critical protocols in web security is a priority for us. Nick and Dave have both demonstrated exemplary commitment to mastering the demanding curriculum of the SANS training program. We are proud of their accomplishments and contributions to Velir and our clients."

Corey caplette, cto, Velir

The training focused on understanding major web application flaws and their exploitation. Specifically, the course syllabus covered topics including configuration, identity, authentication testing, injection, JavaScript and XSS (cross-site scripting), CSRF (cross-site request forgery), and web application logic flaws. Given that cybersecurity threats are causing increasingly problematic issues, organizations need to understand which threats to prioritize so that they can invest the necessary capital to employ appropriate countermeasures. The training utilized a hands-on, practical methodology to empower security professionals to effectively communicate with clients on not only the technical facets of security threats, but also the resultant business impacts.



GIAC (Global Information Assurance Certification) is the accreditation arm of SANS and offers the GWAPT (GIAC Web Application Penetration Tester) certification. After hours of rigorous training, Nick Dorrough and Dave Peet both passed the relevant exams in November and are now officially GWAPT certified.

About Velir

We are a fully-integrated digital agency based right outside of Boston, in Somerville MA. With a team of over 130 digital professionals, we are best-known for our digital work for some of the world’s largest and most influential organizations across a variety of verticals including healthcare, education, non-profit foundations, professional associations, publishing, and professional services such as research and consulting. Our capabilities in marketing technology and data storytelling are recognized as best-in-industry, stemming from a 17-year focus on designing and implementing digital solutions. We have completed complex implementations and large-scale builds for brands including Bayer, Main Line Health, the Robert Wood Johnson Foundation, the Metropolitan Museum of Art, AARP, Yale, and Informa. We are honored to have been the recipient of the “Small Business of the Year” award from both the Greater Boston Chamber of Commerce and the Somerville Chamber of Commerce. For more information, please visit


Take advantage of our expertise with your next project.