Chris Wysopal is Co-Founder, Chief Technology Officer at Veracode, which he co-founded in 2006. He oversees technology strategy and information security. Prior to Veracode, Chris was vice president of research and development at security consultancy @stake, which was acquired by Symantec. In the 1990’s, Chris was one of the original vulnerability researchers at The L0pht, a hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the US Congress on the subjects of government security and how vulnerabilities are discovered in software. Chris received a BS in computer and systems engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing.
She is the founder and CEO of Grokability Inc., SaaS solutions for small business IT, including the open source project Snipe-IT. She was the Co-founder and CTO of Mass Mosaic. She was CTO of Noise. As a CTO of Noise, she had played a key role in technical and social strategy for clients such as Sunkist, GE, Intel, Chase, JP Morgan, Panasonic, CBS, University of California, Unilever, Coca-Cola, Amazon and vitaminwater — in addition to leading the noise social media strategy, managing our social networking accounts and spearheading a company blog.
Brian Honan is recognized as an industry expert on information security, providing consulting services to clients in various industry segments. Honan’s work also includes advising various Government security agencies and the European Commission on matters relating to information security. In 2008, he founded the Irish Reporting and Information Security Service (IRISS www.iriss.ie) which is Ireland’s first CERT (Computer Emergency Response Team). He has addressed a number of major conferences on information security. He is author of the book “ISO 27001 in a Windows Environment,” he has published a number of technical papers and he has been technical editor and reviewer of a number of industry recognized publications. He is also the European editor for the SANS Institute’s weekly SANS NewsBites.
Dr. Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. He is a recognized security expert in the field of SIEM, log management and PCI DSS compliance. He is an author of books “Security Warrior”, “PCI Compliance”, “Logging and Log Management” and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, honeypots, etc. His blog securitywarrior.org was one of the most popular in the industry.
Michał Zalewski, also known by the user name ‘lcamtuf’ is a “white hat” hacker, computer security expert and a former Google Inc. employee.He has been a prolific vulnerability researcher and a frequent Bugtraq poster since the mid-1990s, and has authored a number of programs for Unix-like operating systems. In 2005, Zalewski authored Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, a computer security book published by No Starch Press and subsequently translated into a number of languages. In 2011, Zalewski authored The Tangled Web: A Guide to Securing Modern Web Applications, also published by No Starch Press.For his continued research on browser security, he was named one of the 15 most influential people in security and among the 100 most influential people in IT. Zalewski was one of the original creators of Argante, a virtual open source operating system. Among other projects, he also created p0f and American fuzzy lop.
Shevirah founder and CTO Georgia Weidman is a serial entrepreneur, penetration tester, security researcher, speaker, trainer, and author. She holds a MS in computer science as well as holding CISSP, CEH, and OSCP certifications. She has presented or conducted training around the world including venues such as NSA, West Point, and Black Hat. Georgia founded Bulb Security LLC, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security culminating in the release of the open source project the Smartphone Pentest Framework (SPF). She founded Shevirah Inc. to create product solutions for assessing and managing the risk of mobile devices in the enterprise and testing the effectiveness of enterprise mobility management solutions. She is the author of Penetration Testing: A Hands-On Introduction to Hacking from No Starch Press. She was the recipient of the 2015 Women’s Society of CyberJutsu Pentest Ninja award. She is on the board of advisors of the angel backed security training startup Cybrary and the nonprofit Digital Citizens Alliance and is a member of the CyberWatch Center’s National Visiting Committee.
Wendy Nather is Director of Advisory CISOs at Duo Security. She was previously the Research Director at the Retail ISAC, as well as Research Director of the Information Security Practice at independent analyst firm 451 Research. Nather led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She speaks regularly on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues. Nather is Co-Author of The Cloud Security Rules, and was listed as one of SC Magazine’s Women in IT Security “Power Players” in 2014.
Jennifer Minella is currently VP of Engineering and Consulting CISO with Carolina Advanced Digital, Inc. In her engineering role, Minella leads strategic research and consulting for government agencies, educational institutions and Fortune 100 and 500 corporations. In addition to her normal business roles, Minella is a published Author, Editorial Contributor and trusted Adviser for information security topics to media. No stranger to public speaking, she’s presented at RSA Conference, NSA Trusted Computing Conference, Interop, Infosec World, Deep Sec, SecTor, CSI and many others.
Security industry veteran and Chief Digital Security Officer at Telefonica. He previously spent five years at ING working on security strategy for Spain and Portugal. Earlier roles include security-manager-whatever, at SIA, a security services and product company based in Madrid.
Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is a Chief Security Data Scientist at Rapid7. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), author (Data-Driven Security), speaker and regular contributor to the open source community (github.com/hrbrmstr). He currently serves on the Board of Directors for the Society of Information Risk Analysts, is on the editorial board of SANS Securing the Human program and was Co-chair of the 2014 Metricon security metrics/analytics conference. He holds a bachelor’s degree in computer science from the University of Scranton.
Theresa Payton is an authority on Internet security and intelligence, cybercrime and fraud. As the first female White House CIO, she managed the IT enterprise for the president and staff of 3,000 persons. Prior to her time at the White House, Payton was a senior executive in banking, spending 16 years providing solutions. Payton founded Fortalice in 2008 and lends her expertise to government and private sector organizations to help them improve their security posture. Payton was also featured as the Deputy Commander of Intelligence Operations in the hit show CBS’ Hunted. Security Magazine named her one of the top 25 “Most Influential People in Security,” and she was recently named as the fourth most influential global security expert by IFSEC Global.
Andrew Jaquith brings 20 years of IT and information security experience to Perimeter, most recently as a senior analyst with Forrester Research. At Forrester, Jaquith led team coverage for data, endpoint and mobile security topics and wrote 20 popular reports. Prior to Forrester, he was program manager in Yankee Group’s enabling technologies enterprise group, covering client security, digital identity and web application security. Before Yankee Group, he co-founded @stake, a security consulting pioneer, which Symantec acquired in 2004. He also held project manager and business analyst positions at Cambridge Technology Partners and FedEx. He holds a B.A. in Economics and Political Science from Yale University.
Zane Lackey is the Co-Founder/Chief Security Officer at Signal Sciences and serves on the Advisory Boards of the Internet Bug Bounty Program and the US State Department-backed Open Technology Fund. Prior to Signal Sciences, Lackey was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners. He has been featured in notable media outlets such as the BBC, Associated Press, Forbes, Wired, CNET, Network World, and SC Magazine. A frequent speaker at top industry conferences, he has presented at Black Hat, RSAC, USENIX, Velocity, Microsoft BlueHat, SANS, OWASP, QCon, and has given invited lectures at Facebook, Goldman Sachs, IBM and the Federal Trade Commission.
Jared Carstensen is an internationally recognized information and cyber security professional with broad experience in the design, implementation and governance of security controls, business strategies and frameworks across global organizations, spanning multiple sectors. For the past 13 years, he has been advising Fortune 500, law enforcement and intelligence agencies, government and state departments, manufacturing, pharmaceutical, telecommunications, utilities and financial services entities on all areas of information and cybersecurity. He is the CISO for a FTSE 100 company located in Dublin, Ireland. He is a member of the IT Governance Institute Expert Panel, and is an author of the book “Cloud Computing: Assessing the Risks.” He has spoken at over 100 events globally.
Jake Kouns is the CISO for Risk Based Security and oversees the operations of the Open Sourced Vulnerability Database (OSVDB.org). Kouns has presented at many well-known security conferences, including RSA, Black Hat, DEF CON, CISO Executive Summit, CanSecWest, SOURCE, FIRST and SyScan. He is the Co-Author of the books Information Technology Risk Management in Enterprise Environments (Wiley, 2010) and The Chief Information Security Officer (IT Governance, 2011). He holds both a bachelor of business administration and a master of business administration, with a concentration in information security from James Madison University. In addition, he holds a number of certifications including ISC2’s CISSP, and ISACA’s CISM, CISA and CGEIT.