Prior to starting TrustedSec, David was the Chief Security Officer (CSO) for Diebold Incorporated. He developed a global security program that tackled all aspects of information security and risk management. He started TrustedSec and Binary Defense Systems (BDS) with the vision in working with companies for information security. He is the founder of DerbyCon, a large-scale information security conference. He was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies which is also now adopted by the Payment Card Industry (PCI) Data Security Standard (DSS) Guidelines for Penetration Testing. He is the creator of several widely popular open-source tools including “The Social-Engineer Toolkit” (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. He is also a board of director for the ISC2 organization which is one of the largest security collectives which offers certifications such as the CISSP.
Jeremiah Grossman’s career spans nearly 20 years. He founded WhiteHat Security and is currently the Chief of Security Strategy at SentinelOne. Grossman possesses a unique combination of technology savvy, customer advocacy and personal passion for application security. A world-renowned web security expert, speaker and influential blogger, he brings a lifetime of information security experience, both homegrown and from his days as Yahoo!’s Information Security Engineer. The ultimate “WhiteHat,” he is also Founder of the Web Application Security Consortium and serves on the advisory board of Risk I/O and SD Elements. In his spare time, he practices Brazilian jiu-jitsu and has earned a black belt.
Katie Moussouris is a noted authority on vulnerability disclosure and bug bounties, and Founder and CEO of Luta Security, a company that specializes in process improvement for handling vulnerabilities. She created Microsoft’s bug bounty programs and started Microsoft Vulnerability Research. She is also a Subject Matter Expert for ISO standards in vuln disclosure (29147), vuln handling processes (30111) and secure development (27034). She is a Visiting Scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow and Harvard Belfer Affiliate. She is also part of the official US Wassenaar delegation. She is on various CFP review boards and is an adviser to the Center for Democracy and Technology.
In the past 8 years, Nicolas worked at Kaspersky Lab as a Principal Malware Researcher. His responsibilities included analyzing targeted attacks , APT and complex malwares as well as managing Kaspersky Technical Trainings. Prior to joining Kaspersky Lab, Nicolas worked as a senior virus researcher for Websense Security Labs, and as the head of software security at Digital River/Silicon Realms when he was in charge of the anti-reverse engineering techniques used in the Armadillo protection system. Nicolas started reverse engineering 20 years ago, when he was 15. Over the last 17 years, Nicolas has authored numerous articles and papers on reverse engineering and presented at various security conferences such as RECON, ToorCon, SSTIC, Virus Bulletin, Hacker Halted, RuxCon, TakeDownCon, Pacsec etc.
Josh is currently Co-Founder and Chief Product Officer at IDRRA. Prior to joining IDRRA, Josh served as VP, CTO – Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Josh is an experienced cyber security analyst who applies his analytical methodology to help organizations build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security posture. Josh has worked with numerous clients in both the public and private sectors at both the strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT), where he built from the ground up and subsequently ran the network, media, and malware analysis/forensics capabilities for US-CERT.