Neil Madden

I am an independent IAM and application security consultant based in Stroud, UK. Previously I was the security architect and technical co-lead for ForgeRock’s flagship OpenAM access management product, and I have extensive knowledge of all aspects of that product. I am the architect of OpenAM’s highly scalable stateless session logout facilities, which are unmatched in any product on the market today. My background as an experienced software engineer with a PhD in Computer Science provides a solid grounding in designing and building scalable, performant and secure software systems.

I am available for identity and application security consultancy work within the UK (South West, London or remote):

  • Architectural review of access management and OpenAM.
  • Technical “deep dives” on all aspects of OAuth 2, OpenID Connect, UMA, SAML 2 federation, stateless sessions, authentication, authorisation, audit, and Web and Java EE Agents.
  • Performance tuning and scalability advice and guidance.
  • Development of bespoke OpenAM authentication modules, policy conditions and custom integrations.
  • Application security and cryptography training, such as best use of JSON Web Tokens, securing RESTful web services and microservices, or correctly implementing complex cryptographic protocols.

Contact me at to discuss your requirements.