Brian has worked in IT for over 15 years and Information/Application Security for the last decade. He has worked as a full stack dev, application assessor, technical lead, incident response, anti-malware engineer, application architect, infosec manager, and consultant. Brian has spent the last several years helping clients build AppSec Programs, perform SAMM Assessments, create/update SDLCs, and other related work. He has worked on the Trustworthy Computing team at Microsoft and is currently working at nVisium as a Managing Consultant. Brian is one of the project leads and actively contributing to SAMM v1.1-2.0 and working as a Data Analyst for the OWASP Top 10.