This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

2015 BASC Speakers

Jump to: navigation, search

Boston-Banner-468x60.gif 2015 BASC: Home | Agenda | Presentations | Speakers

Platinum Sponsors


Silver Sponsors


Sponsorships are available: See Sponsorship Kit
Please help us keep BASC free by viewing and visiting all of our sponsors.

Rob Cheyne

CEO, Big Brain Security, Executive Director, SOURCE Conference

Rob Cheyne is a highly regarded technologist, security expert, trainer, and serial entrepreneur.

He has over 25 years of experience in the information technology field and has been working in information security since 1998. Rob has led information security training classes for over 25,000 people across many industry-leading global organizations, and consults regularly with Fortune 500 clients.

Rob is the founder and CEO of Big Brain Security and the Executive Director of the SOURCE conferences. Previously, Rob was the co-founder and CEO of Safelight, a leading provider of information security education programs that was acquired by Security Innovation in July 2014.

He was also an early employee of @stake, a well-known pioneer in information security consulting. Rob was the author of LC4, a version of the award-winning L0phtCrack password auditing tool, and he also worked on the code scanning technology that was eventually spun off as Veracode.

Rob regularly speaks at security and training conferences, and frequently presents to the local chapters of various security organizations.

Matt Cheung

Matt Cheung is a Quality Assurance Engineer for the static analysis engine at Veracode. His first practical introduction to modern cryptography was from an internship during grad school where he worked on additively homomorphic encryption and secure multiparty computation. In the years since, he has developed an interest in how cryptography does and doesn't work. Matt has Masters degrees in mathematics and computer science.

Ray DeMeo

Virsec Systems
Ray DeMeo is Co-Founder and Chief Operating Officer at Virsec.  With more than twenty years of operations and global business development experience, Ray has held key roles in the successful growth and transition of multiple tech. startups, including Giganet, acquired by Emulex and EqualLogic, acquired by Dell. He has led teams in roles of responsibility ranging from operations management to global sales and CEO. Ray holds a bachelor's degree in mechanical engineering and a computer science minor from Norwich University, and a master's degree in business management from Rensselaer Polytechnic Institute.

Luke Donoho

Luke Donoho is a security professional with over 15 years of security expertise within the United States. He holds a Bachelor's Degree in Computer Science from Illinois State University, and a Master's Degree in Computer Science from Boston University. He is experienced in the EDA, Healthcare, and Financial verticals. In his current role he provides security consulting to internal technology teams as well as developing and running the organization's security development life cycle program.

Luke’s technical background is in full stack Microsoft technologies, code analysis, vulnerability assessments, and security engineering. His career has had him engaged in various security roles such as: Enterprise Security Architect, Web Systems Engineer, Hosting Manager, and IT Security Engineer. Luke holds CSSLP and CEH certifications. He is also passionate about drones, artificial intelligence, .NET development, Azure, machine learning, threat modeling, and security education.

Casey Dunham

GuidePoint Security
Casey Dunham is a Security Consultant in the Application Security practice at GuidePoint Security. Casey has over 10 years experience in IT, most of which have been focused on application development. Casey has worked in the industrial control and finance industries, as well as in academia. Casey has a bachelor’s degree from the University of Southern Maine in Computer Science and is currently working on the Offensive Security Certified Professional certification and many interests include OSINT, reverse engineering and exploit development.

Satya Gupta

Virsec Systems
Satya Gupta is the CTO and Founder of Virsec Systems, Inc. Satya has over 25 years of experience in the security, embedded systems, networking, and telecom sectors. His experience spans large companies as well as startups ranging from 3COM, Nortel, Narad Networks, Ellacoya Networks. He has six issued patents and five in process in the security and embedded firmware space. Several products designed by Satya are deployed to hundreds of thousands of users. Satya is a graduate of the Indian Institute of Technology, and University of Massachusetts.

Brian Heemsoth

Brian Heemsoth is an experienced Information Security Professional. He currently leads Aetna's Mobile Security & Software Security Groups, and is responsible for stewarding Aetna's Software & Mobile Security Programs, and for continually evolving the resources and controls applied to Aetna's web, mobile, and other software platforms. Prior to joining the Software Security Group, Brian worked as a Security Engineer supporting encryption & key management technologies, Identify & Access Management platforms, and other security technologies. Brian is a Threat Lecturer for the National Health ISAC, and is active within the Financial Services ISAC, and BSIMM Community.

Robert Hurlbut

Robert Hurlbut Consulting Services
Robert Hurlbut is an independent software security consultant, architect, developer, and trainer through Robert Hurlbut Consulting Services. Robert is a Microsoft MVP for Developer Security and holds the (ISC)2 CSSLP certification. Robert has over 20+ years of industry experience in secure coding, software architecture, and software development and has served at times as a project manager, chief architect, and director of software development for several clients. Robert blogs at and shares links and other information on Twitter at @RobertHurlbut.

Amin Kharraz

Northeastern University and Seclab Boston
Amin Kharraz is a researcher at Northeastern University and Seclab Boston. His primary area of research lies on low-level system security. This encompasses program analysis, vulnerability detection and system hardening. His current research is to develop malware detection tools to detect zero-day malware attacks.

Kellen Kleinfelter

Akamai Technologies
Kellen is a Specialist with Akamai's Security Operations Center. He mitigates volumetric and application attacks on some of the busiest sites on the web. Additionally he handles analysis, incident response, custom solutions, and tuning. Outside of that he enjoys abusing in-game mechanics for NES game speed-running.

Tony Martin

Tony Martin is a security architect at Fortune 100 networking company and is part of the corporate, secure development lifecycle team (SDLC). He has previously worked at a defense contractor conducting software-defined radio security research and was the system architect at a point of sale, identity fraud prevention company. He has an undergrad, CS degree from UMaine and a Master’s in CS with a concentration in security from BU. Tony volunteers many places including DefCon’s Packet Hacking / Wall of Sheep Village.

Matt Morency

Matt believes that he is a boring person who is fortunate enough to be surrounded by interesting people.

Biju Nair

Biju Nair is a software engineer focused on developing high performance and scalable systems. He has worked on delivering large enterprise applications and software products on multiple platforms. His interest includes operating systems, distributed systems and DBMS.

Mike Pittenger

Black Duck Software
Mike Pittenger is Black Duck Software's Vice President of Product Strategy. His 30-year technology and management career includes 15 years in security. He previously served as Vice President and General Manager of @stake’s product division. After @stake’s acquisition by Symantec, Mike led the spin-out of his team to form Veracode. He later served as Vice President of the product and training division of Cigital. Mike has consulted independently for several security companies including Bit9, KoreLogic, Digital Guardian, Verisign, and Beyond Trust.

You can find out more about this conference at the 2015 BASC Homepage
Conference Organizer: Jim Weiler