Graham Cluley is one of the world’s leading experts in viruses and spam, and works as Senior Technology Consultant at Sophos. He has given talks around the world at events such as EICAR, ICSA, Virus Bulletin and the European Internet Security Forum on the virus threat, and is a respected industry expert. Graham has made many media appearances commenting on the threats posed by spam and viruses, including BBC TV News, Good Morning America, CNN, BBC Panorama, BBC Newsnight, ITN, Channel 4 News, 5 News, Sky News, GMTV, BBC Breakfast, IRN, CNet Radio, BBC Radio 1, Radio 2, Radio 4, Radio 5 Live, and BBC World Service. Graham has also written regular columns on computer security for publications such as IT Week, Computer Weekly and VNUNet.
Parisa Tabriz is a computer security expert who works for Google as a Senior Engineering Director. She has been called Google’s “Security Princess” due to her experience in hacking and internet security. She heads a team of 30 experts responsible for the security of Google Chrome.She is also responsible for training Google staff interested in moving into the internet security field. Tabriz co-founded the Our Security Advocates conference.
Dan Goodin is Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, and hardware hacking. A journalist with more than 15 years experience, he has been chronicling the exploits of white-hat, grey-hat and black-hat hackers since 2005 as a reporter for the Associated Press and later, The Register. He has a Bachelor’s Degree in English from the University of Massachusetts and a Masters of Journalism from UC Berkeley.
Cyber Security Analyst, Trainer, Infosec Journalist, Tech Blogger, Speaker, Traveller and Part-time Hacker. Founder and CEO of The Hacker News — attracting over 10 million monthly readers, THN has internationally been recognized as the leading, most trusted news source of hacking and cyber security for the technologists. THN as a dedicated cybersecurity and hacking news platform, which has turned into one of the biggest Information Security channels, working as a bridge between a large number of communities, leading security researchers, Geeks, Techies, Business grads, CISOs, along with thousands of other Security Professionals.
An expert in application security, specializing primarily in host and server based Operating Systems. He is currently the director of Azimuth Security, a botique security company he founded that specializes in code review and cutting edge security research. Prior to starting Azimuth, his professional experience includes several years as a senior researcher at a fortune 500 company, where he uncovered a variety of major vulnerabilities in ubiquitous Internet software. He also worked as a Principal Security Architect for McAfee, where he was responsible for internal code audits, secure programming classes, and undertaking new security initiatives. Mark has also co-authored a book on the subject of application security named “The Art of Software Security Assessment,” and has spoken at several industry-recognized conferences.
Pierluigi Paganini is CTO at Cybaze Enterprise SpA Pierluigi is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group, member of Cyber G7 Workgroup of the Italian Ministry of Foreign Affairs and International Cooperation, Professor and Director of the Master in Cyber Security at the Link Campus University. He is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Michał Zalewski, also known by the user name ‘lcamtuf’ is a “white hat” hacker, computer security expert and a former Google Inc. employee.He has been a prolific vulnerability researcher and a frequent Bugtraq poster since the mid-1990s, and has authored a number of programs for Unix-like operating systems. In 2005, Zalewski authored Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, a computer security book published by No Starch Press and subsequently translated into a number of languages. In 2011, Zalewski authored The Tangled Web: A Guide to Securing Modern Web Applications, also published by No Starch Press.For his continued research on browser security, he was named one of the 15 most influential people in security and among the 100 most influential people in IT. Zalewski was one of the original creators of Argante, a virtual open source operating system. Among other projects, he also created p0f and American fuzzy lop.
Kelly Lumhas “officially” worked in Information Security since 2003, and is currently a Senior Security Engineer at Tumblr where she brings her decades worth of application security experience in the financial and government sectors to the microblogging world. She regularly speaks about reverse engineering at various conferences, including Black Hat, SummerCon, and COUNTERMEASURE. Additionally, she teaches as an adjunct professor of Application Security at NYU.
Robin is a freelance security consultant specialised in web app testing. Performed tests for a range of companies from small local start-ups through to international banks and multi-national corporations and also ran custom training classes for various clients who need specific in-house training, author of a large number of open source tools and a regular contributor to various mailing lists and forums. Presented at conferences across the world including DEFCON, ShmooCon and Wild West Hackin’ Fest, Co-founder of SteelCon – one of the UKs most popular security conferences.
Avram Marius Gabriel has been publicly thanked by a number of prominent organisations for his responsible disclosure of new web security issues. Evernote is the seventeenth company to name the RandomStorm security engineer in its Security Hall of Fame. His voluntary research, discovery and reporting of security bugs has also been acknowledged by Google, Microsoft, Adobe, Facebook, eBay, Twitter, Dropbox, Etsy, iFixit, Yandex, Mozilla, Baracuda, Keneva, AT &T, Nokia Siemens and Paypal.
Wendy Nather is Director of Advisory CISOs at Duo Security. She was previously the Research Director at the Retail ISAC, as well as Research Director of the Information Security Practice at independent analyst firm 451 Research. Nather led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She speaks regularly on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues. Nather is Co-Author of The Cloud Security Rules, and was listed as one of SC Magazine’s Women in IT Security “Power Players” in 2014.
Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. Prior to founding DisruptOPS and Securosis, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator
Ashar Javed is a research assistant in Ruhr University Bochum, Germany and working towards his PhD. He has been listed ten (`X`) times in #Google Security Hall of Fame, Twitter/Microsoft/Ebay/Adobe/Etsy/AT&T Security Pages & #Facebook White Hat, #1 in Microsoft’s Top 100 Security Researcher List – 2018 He spoke in the main security venues like Hack in the Box, DeepSec, #OWASP Spain and #OWASP Seminar@RSA Europe.
Michael Coates is the former Chief Information Security Officer at Twitter. He headed Twitter’s security program across all elements of information security. Coates was Chairman and is a current member of the global board of directors for OWASP, the largest open source application security community. Prior to 2015, he was Director of Product Security at Shape and worked with an amazing team to drastically change the way organizations defend against modern application attacks. From 2010 through 2013 Coates was at Mozilla where he built and lead the security assurance program to protect nearly half a billion Firefox users, and Mozilla web applications and infrastructure. Prior to 2010 he maintained a diverse set of technical security roles assessing the security posture of banks, governments and enterprises.
Malik Mesellem is an IT security professional with over 15 years of experience. Malik has always had a passion for Ethical Hacking and Penetration Testing… obsessed with Windows and Web Application (in)Security. In 2010, he started his own company, MME BVBA. MME is specialized in IT Security Audits, User Awareness Campaigns, Vulnerability Assessments, Penetration Testing and Security Training. Malik gives master classes, lectures and workshops on conferences and for several institutions. Malik is an OWASP ZAP evangelist and used to be a mentor for the SANS Institute, mentoring the SANS ‘SEC560 – Network Penetration Testing and Ethical Hacking’ course. Malik is also the founder and developer of bWAPP. bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. It helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web vulnerabilities! It covers all major known web bugs, including all risks from the OWASP Top 10 project. It has 100.000+ downloads worldwide.
A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As Chief Technology Officer and Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. Cornell is an active member of the development community and a sought-after Speaker on topics of web application security, speaking at international conferences including TEDx, RSA Security Conference, OWASP AppSec USA and EU and Black Hat Arsenal.
Mark Goodwin is a software engineer and a security specialist. Mark currently works for Mozilla, makers of the Firefox web browser, where he shapes web standards and builds browser features that protect users and their data. Mark is a frequent speaker on web and application security topics.