This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

2014 BASC Speakers

From OWASP
Revision as of 04:14, 30 September 2014 by Tom Conner (talk | contribs)

Jump to: navigation, search

Boston-Banner-468x60.gif 2014 BASC: Home Agenda Presentations Speakers

Platinum Sponsors

Akamai Cigital EMC Rapid7 Sonatype


Gold Sponsors

Accuvant bugcrowdContrast Security   NetSPI nVisium Veracode

Silver Sponsor

SWAMP - Software Assurance Marketplace


We kindly thank our sponsors for their support. All slots are full.
Please help us keep BASC free by viewing and visiting all of our sponsors.

Collin Mulliner

Northeastern University
Collin Mulliner is a postdoc researcher at SECLAB at Northeastern University. Collin's main interest is in the area of security and privacy of mobile and embedded devices with an emphasis on mobile and smart phones. Since 1997, Collin has developed software and did security work for Palm OS, J2ME, Linux, Symbian OS, Windows Mobile, Android, and the iPhone. In 2006, he published the first remote code execution exploit based on the multimedia messaging service (MMS). Collin's most recent projects are in the area of vulnerability analysis and offensive security.

Dinesh Shetty

Security Innovation
Dinesh is a Security Engineer and Trainer for Security Innovation. He is an accomplished author and speaker, and his research has been published in numerous international security magazines and websites. Dinesh is a Hall of Fame member of Apple, Adobe, and Barracuda Networks for his identification and responsible disclosure of critical security vulnerabilities in their products, web sites, and web services. He has spoken and taken trainings at leading National and International conferences like Boston Security Meetup Conference, ClubHack, OWASP AsiaPac - Sydney, National Institute of Bank Management – India, Quest Knowledge center and multiple organizations among others. Dinesh also holds a number of professional IT and security certifications.

EMC Product Security Response Center

EMC
EMC PSRC is responsible for responding and managing security vulnerabilities reported in EMC/RSA products.

George Ehrhorn

MathWorks
George Ehrhorn is the IT Security Manager for MathWorks, a leading developer of mathematical computing software for engineers and scientists. George is responsible for the IT Security program at MathWorks including infrastructure security, risk assessment, and web application security. Prior to MathWorks George worked in IT Audit and Security functions at SunGard Data Systems, Ellucian, and Wayfair.com.

Jack Mannino and Geller Bedoya

nVisium
Jack is the CEO at nVisium and loves solving problems in the field of application security. With experience building, breaking, and securing software, he founded nVisium to invent new and more efficient ways of protecting software. Jack is a huge fan of contributing to open source projects, and leads the OWASP Northern Virginia chapter. In his spare time, he loves to kick around new frameworks and technologies, especially things that run Android and code written in Scala. He’s also an optimistic New York Mets fan, although that optimism slowly fades away every summer.

Geller Bedoya is a senior application security at nVisium. Geller graduated from Georgia Tech with a degree in Electrical Engineering. As a undergraduate student Geller tackled a range of security challenges from memory forensics to botnet research. After graduation, he promptly put his security knowledge to work at a financial brokerage where he aided in design and implementation of security throughout the SDLC. He performs security code reviews and application security testing of products. Outside the office, he finds peace of mind by cycling and running.

Jeff Williams

Contrast Security
Jeff Williams is the founder and CTO of Contrast Security, bringing the power of instrumentation and real time analytics to secure your application portfolio. Previously, Jeff was a founder and CEO of Aspect Security. He also served as Global Chairman of the OWASP Foundation where he created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten, WebGoat, ESAPI, XSS CheatSheet, ASVS and more. Jeff welcomes hearing from you and may be reached directly at [email protected].

Jonathan Chittenden and Anson Gomes

iSEC Partners

Prior to his employment with iSEC, Jonathan worked for the Air Force as a civilian. His roles consisted of reverse engineering malware for both signature and exploitation development. This experience enabled Jonathan to be comfortable working at a low-level with unknown protocols and binaries. During this time, he also assisted in the development of an open-source intelligence application to be used to identify indicators of compromise.

During his employment with iSEC Partners, Jonathan has been tasked with a variety of engagements. Of which his memorable projects include performing assessments of a novel application container and custom kernel modules to be used for virtualization. Jonathan has also collaborated and presented on a tool called AWS Scout. Scout helps automate security assessments of several Amazon Web Services. The tool was showcased at Blackhat USA 2012 Arsenal and OWASP AppSec 2012 conference. Recently Jonathan gave a turbo talk at Blackhat USA 2013 on an embedded system called Twine, which covered analysis and findings of the research project. Jonathan graduated with a M.S. in Cyber Security from NYU: Polytechnic and a BBA in Infrastructure Assurance and Information Security from UTSA.

Anson Gomes is a security researcher and consultant at iSEC Partners. He specializes in web applications and web services security, network security, mobile application security, and architecture reviews. He has led numerous assessments for applications written in languages such as Java, .NET, PHP, and Objective C. In his spare time, Anson spends his time researching cloud systems, custom protocols, and embedded devices. He is passionate about red teaming and social engineering. Anson has also given multiple presentations both locally at NYC and at major conferences such as Black Hat. He lives in New York City.

Michael Weissbacher

Northeastern University

Patrick Laverty

Akamai
Patrick is a member of the Akamai Technologies Customer Security Incident Response Team (CSIRT) in Cambridge where he helps detect and thwart hackers from some of the biggest and most well-known web sites in the world. He organizes the monthly meetings for the OWASP Rhode Island chapter. In his spare time, he's working on a wicked hahd slap shot for his hockey team.

Sagar Dongre

Cigital
Sagar Dongre is Senior Consultant with Cigital. At Cigital, he is one of the leaders in the static analysis practice within the company. He consults for many of Cigital’s clients on static analysis topics such as enterprise-wide code review processes and secure software development lifecycle (SSDLC).

Steve Markey

nControl
Steve Markey is the principal of nControl, a consulting firm based in Philadelphia, Pennsylvania, USA. He is also an adjunct professor, a published author, and a principal speaker at a number of global conferences. Markey holds multiple certifications and degrees, and has more than 14 years of experience in the technology sector. He frequently presents on information security, information privacy, cloud computing, project management, e-discovery, and information governance.

Walt Williams

Lattice Engines
Walt Williams, CISSP®, SSCP®, CEH, CPT has served as an infrastructure and security architect at firms as diverse as GTE Internetworking, State Street Corp, Teradyne, The Commerce Group, and EMC. He has since moved to security management, where he now manages security at Lattice Engines. He is an outspoken proponent of design before build, an advocate of frameworks and standards, and has spoken at Security B-Sides on risk management as the cornerstone of a security architecture.

Mr. Williams' articles on security and service oriented architecture have appeared in the Information Security Management Handbook, and is the author of Security for Service Oriented Architecture by CRC press, 2014. He sits on the board of directors for the New England ISSA chapter and is a member of the program committee for Metricon. He has a master’s degree in Anthropology from Hunter College.


You can find out more about this conference at basc2014.org
Conference Organizer: Jim Weiler