Allen Foust is a Security Consultant III at Bishop Fox, where he specializes in penetration testing with a focus on cloud environments, including Amazon Web Services (AWS). Since joining the firm in 2020, he has progressed through multiple consulting roles, demonstrating deep technical expertise and a consistent ability to deliver high-impact security assessments for clients. His work is grounded in real-world adversarial techniques, helping organizations identify and remediate critical vulnerabilities across modern infrastructure.

More recently, Allen has shifted a significant portion of his research focus to the offensive AI space, both testing against AI systems themselves and leveraging AI to augment traditional vulnerability discovery. On the offensive side, he conducts GenAI security testing and LLM exploitation research, probing the attack surface of deployed AI systems including prompt injection, agentic privilege escalation, and cross-context data leakage. In parallel, through bug bounty research in the Windows Insider Program, he has developed an orchestration-focused approach to AI-assisted kernel vulnerability discovery: grounding models with CVE research and variant analysis pipelines, equipping them with binary analysis tooling, and running persistent research loops that surface findings a traditional review would miss. This dual perspective of attacking AI systems and using AI as a research instrument informs his views on where the capability curve is actually moving and what that means for defenders as the same techniques become available to a much broader range of potential adversaries.

Prior to Bishop Fox, Allen worked as a penetration tester at New Genesis Solutions and served as a cybersecurity instructor at the Arizona Cyber Warfare Range, where he developed and delivered hands-on training to aspiring security professionals. His background also includes experience as an IT administrator, giving him a well-rounded understanding of both offensive and defensive security practices.

Allen holds a Bachelor’s degree in Computer Science (Cybersecurity) from Arizona State University’s Ira A. Fulton Schools of Engineering. While at ASU, he founded DevilSec, a student organization dedicated to advancing practical, industry-relevant cybersecurity training. Under his leadership, the group has supported participation in competitions such as the Collegiate Cyber Defense Competition, Collegiate Penetration Testing Competition, and Hack The Box, fostering a collaborative, hands-on learning environment for students entering the field.

He remains actively engaged in the security community through continued involvement with organizations like the Arizona Cyber Warfare Range and Shellphish, and is passionate about mentoring the next generation of offensive security professionals.