2014 BASC Speakers

2014 BASC: Home Agenda Presentations Speakers

Collin Mulliner

Northeastern University
Collin Mulliner is a postdoctoral researcher in the Systems Security Lab at Northeastern University. Collin's main interest is the security and privacy of mobile and embedded systems with an emphasis on mobile and smart phones. Since 1997 Collin worked on all kinds of mobile devices and touched most of the mobile platforms for either software development or security work. Collin received a Ph.D. from the Technische Universitaet Berlin in 2011, and a M.S. and B.S. in computer science from UC Santa Barbara and FH-Darmstadt, respectively. Collin has a broad interest in systems security that is somehow connected to mobile devices and cellular infrastructure. He has a specific interest in vulnerability analysis and offensive security but recently switched his focus to the defensive side to work on mitigations and countermeasures.

Dinesh Shetty

Security Innovation
Dinesh is a Security Engineer and Trainer for Security Innovation. He is an accomplished author and speaker, and his research has been published in numerous international security magazines and websites. Dinesh is a Hall of Fame member of Apple, Adobe, and Barracuda Networks for his identification and responsible disclosure of critical security vulnerabilities in their products, web sites, and web services. He has spoken and taken trainings at leading National and International conferences like Boston Security Meetup Conference, ClubHack, OWASP AsiaPac - Sydney, National Institute of Bank Management – India, Quest Knowledge center and multiple organizations among others. Dinesh also holds a number of professional IT and security certifications.

EMC Product Security Response Center

EMC
EMC PSRC is responsible for responding and managing security vulnerabilities reported in EMC/RSA products.

George Ehrhorn

MathWorks
George Ehrhorn is the IT Security Manager for MathWorks, a leading developer of mathematical computing software for engineers and scientists. George is responsible for the IT Security program at MathWorks including infrastructure security, risk assessment, and web application security. Prior to MathWorks George worked in IT Audit and Security functions at SunGard Data Systems, Ellucian, and Wayfair.com. Some of the nerdiest things about George are that he plays competitive bridge and that he was president of the math club in college. Twice.

Jack Mannino and Geller Bedoya

nVisium
Jack is the CEO at nVisium and loves solving problems in the field of application security. With experience building, breaking, and securing software, he founded nVisium to invent new and more efficient ways of protecting software. Jack is a huge fan of contributing to open source projects, and leads the OWASP Northern Virginia chapter. In his spare time, he loves to kick around new frameworks and technologies, especially things that run Android and code written in Scala. He’s also an optimistic New York Mets fan, although that optimism slowly fades away every summer.

Geller Bedoya is a senior application security at nVisium. Geller graduated from Georgia Tech with a degree in Electrical Engineering. As a undergraduate student Geller tackled a range of security challenges from memory forensics to botnet research. After graduation, he promptly put his security knowledge to work at a financial brokerage where he aided in design and implementation of security throughout the SDLC. He performs security code reviews and application security testing of products. Outside the office, he finds peace of mind by cycling and running.

Jeff Williams

Contrast Security
Jeff Williams is the founder and CTO of Contrast Security, bringing the power of instrumentation and real time analytics to secure your application portfolio. Previously, Jeff was a founder and CEO of Aspect Security. He also served as Global Chairman of the OWASP Foundation where he created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten, WebGoat, ESAPI, XSS CheatSheet, ASVS and more. Jeff welcomes hearing from you and may be reached directly at jeff.williams@contrastsecurity.com.

Jonathan Chittenden and Anson Gomes

iSEC Partners

Prior to his employment with iSEC, Jonathan worked for the Air Force as a civilian. His roles consisted of reverse engineering malware for both signature and exploitation development. This experience enabled Jonathan to be comfortable working at a low-level with unknown protocols and binaries. During this time, he also assisted in the development of an open-source intelligence application to be used to identify indicators of compromise.

During his employment with iSEC Partners, Jonathan has been tasked with a variety of engagements. Of which his memorable projects include performing assessments of a novel application container and custom kernel modules to be used for virtualization. Jonathan has also collaborated and presented on a tool called AWS Scout. Scout helps automate security assessments of several Amazon Web Services. The tool was showcased at Blackhat USA 2012 Arsenal and OWASP AppSec 2012 conference. Recently Jonathan gave a turbo talk at Blackhat USA 2013 on an embedded system called Twine, which covered analysis and findings of the research project. Jonathan graduated with a M.S. in Cyber Security from NYU: Polytechnic and a BBA in Infrastructure Assurance and Information Security from UTSA.

Anson Gomes is a security researcher and consultant at iSEC Partners. He specializes in web applications and web services security, network security, mobile application security, and architecture reviews. He has led numerous assessments for applications written in languages such as Java, .NET, PHP, and Objective C. In his spare time, Anson spends his time researching cloud systems, custom protocols, and embedded devices. He is passionate about red teaming and social engineering. Anson has also given multiple presentations both locally at NYC and at major conferences such as Black Hat. He lives in New York City.

Michael Weissbacher

Northeastern University
Michael Weissbacher is a PhD student and Research Assistant at the SecLab of Northeastern University. His research interests are focused on the security of web applications on both client and server side. Michael plays CTFs with Shellphish.

Patrick Laverty

Akamai
Patrick is a member of the Akamai Technologies Customer Security Incident Response Team (CSIRT) in Cambridge where he helps detect and thwart hackers from some of the biggest and most well-known web sites in the world. He organizes the monthly meetings for the OWASP Rhode Island chapter. In his spare time, he's working on a wicked hahd slap shot for his hockey team.

Sagar Dongre

Cigital
Sagar Dongre is Senior Consultant with Cigital. At Cigital, he is one of the leaders in the static analysis practice within the company. He consults for many of Cigital’s clients on static analysis topics such as enterprise-wide code review processes and secure software development lifecycle (SSDLC).

Steve Markey

nControl
Steve Markey is the principal of nControl, a consulting firm based in Philadelphia, Pennsylvania, USA. He is also an adjunct professor, a published author, and a principal speaker at a number of global conferences. Markey holds multiple certifications and degrees, and has more than 14 years of experience in the technology sector. He frequently presents on information security, information privacy, cloud computing, project management, e-discovery, and information governance.

Walt Williams

Lattice Engines
Walt Williams, CISSP®, SSCP®, CEH, CPT has served as an infrastructure and security architect at firms as diverse as GTE Internetworking, State Street Corp, Teradyne, The Commerce Group, and EMC. He has since moved to security management, where he now manages security at Lattice Engines. He is an outspoken proponent of design before build, an advocate of frameworks and standards, and has spoken at Security B-Sides on risk management as the cornerstone of a security architecture.

Mr. Williams' articles on security and service oriented architecture have appeared in the Information Security Management Handbook, and is the author of Security for Service Oriented Architecture by CRC press, 2014. He sits on the board of directors for the New England ISSA chapter and is a member of the program committee for Metricon. He has a master’s degree in Anthropology from Hunter College.