Illuminated Security’s expert training courses and consultancy services melt the barriers standing between your technical teams and success. We illuminate complex application security topics including:

  • Web and API Security
  • OAuth 2.0 and OpenID Connect
  • JSON Web Tokens (JWT) and alternatives
  • Modern Authentication, including WebAuthn and Passkeys
  • Cloud & Kubernetes Secrets Management
  • Applied Cryptography and Hardware Security
  • Securing the Internet of Things (IoT)





“Every now and again you read a book by someone who completely understands the domain and knows how to explain it well. For me this is one of those books, I wish he wrote all the tech books I have ever read.”

— reviewer of API Security in Action

Picture of somebody looking at the screen of an e-reader displaying a slide about symmetric cryptography. In the background is a cup of coffee and a donut.
Training Courses


Picture of a man in the background with pigeons taking off in front of him.
Consultancy



Image of Neil sitting in a cafe drinking a cup of coffee
Architecture Review



Hi, I’m Neil Madden


I’m the founder of Illuminated Security and author of API Security in Action. I have over 20 years experience as a software engineer and architect, and I am an expert in applied cryptography and application security with a PhD in Computer Science.

In 2021 I discovered a critical vulnerability in Java’s digital signature code that was called “cryptography bug of the year” and named in the Top 10 web hacking techniques of 2022 by Portswigger.

I am an active member of the OAuth working group at the IETF and the Crypto Forum Research Group at the IRTF.