Stratum Security is an information security consulting company headquartered in the Washington DC Metro area. Founded in 2005, we provide services to clients world wide. Our list of clients include large multi-national enterprises to small start-ups in numerous industries including finance, insurance, retail, hospitality, health care, government, technology, energy, and telecommunications.



Nate Miller, CISSP, Co-Founder and Managing Principal – Mr. Miller has fifteen years of information security experience in government and commercial markets, including security architecture and design for large networks, risk management, application security assessment, vulnerability and penetration testing and wireless security assessment engagements.  Mr. Miller is a regular instructor of the Certified Ethical Hacker (CEH) training course.  Previously, he was employed as a Senior Security Consultant at Cybertrust, performing many types of engagements primarily focusing on web application security assessments and delivering web application security testing training.  Prior to working at Cybertrust, Mr. Miller worked at International Network Services as a Senior Network Security Consultant and performed many engagements including penetration testing, vulnerability assessments, secure network design and implementation. Prior to that, he was employed by a large Government Contractor and was involved in a number of secure network deployment projects for Federal, State, and Local Law Enforcement Agencies. Mr. Miller holds a degree in Electrical Engineering from Penn State University.

Jeff LoSapio, Managing Partner – Jeff has over 12 years of information security experience working in a variety of business, sales, marketing, and consulting
management positions. Over the past decade, Jeff successfully built information security consulting practices for American Management Systems, True North Solutions, Fishnet Security, and Fortify Software (acquired by HP). He currently serves as the managing partner for Stratum Security where he is responsible for business, financial, and sales management. Jeff has deep experience in the information security industry in both product and channel companies. He has worked extensively with customers in various industries and the Federal government to address their security requirements. Jeff’s consulting management experience includes product implementation, assessment, compliance, identity & access management, staff augmentation, and a variety of other services. He has been involved with well over 2000 successful customer engagements in every industry sector both public and private.

Daniel Purucker, Director of Professional Services – Daniel has fifteen years of information technology experience, 13 of which focused on information security, in both consulting and corporate security roles.  He was previously employed by RSA where he managed security for RSA’s Software as a Service (SaaS) offerings including navigating the offerings through ISO 27001, PCI, SAS 70 and Visa ACS certifications.  Prior to RSA, Daniel was part of the Cybertrust acquisition by Verizon Business.  At Verizon Business, Daniel managed Verizon Business’ security policies and led the Enterprise Security Task Force.  Prior to the acquisition by Verizon Business, Daniel was the Director of Security at Cybertrust and was responsible for the security of both the Cybertrust enterprise and Cybertrust’s managed offerings.  Before turning to corporate security, Daniel held a number of roles at Cybertrust delivering security engagements to customers, including technical security assessments, policy reviews, physical security reviews, incident response and forensics.  Prior to Cybertrust, Daniel worked on a number of contracts delivering security and IT services to the federal government.