2014 BASC Presentations

Jack Mannino
nVisium Jack is the CEO at nVisium and loves solving problems in the field of application security. With experience building, breaking, and securing software, he founded nVisium to invent new and more efficient ways of protecting software. Jack is a huge fan of contributing to open source projects, and leads the OWASP Northern Virginia chapter. In his spare time, he loves to kick around new frameworks and technologies, especially things that run Android and code written in Scala. He’s also an optimistic New York Mets fan, although that optimism slowly fades away every summer.

Geller Bedoya
nVisium Geller Bedoya is a senior application security at nVisium. Geller graduated from Georgia Tech with a degree in Electrical Engineering. As a undergraduate student Geller tackled a range of security challenges from memory forensics to botnet research. After graduation, he promptly put his security knowledge to work at a financial brokerage where he aided in design and implementation of security throughout the SDLC. He performs security code reviews and application security testing of products. Outside the office, he finds peace of mind by cycling and running.

Collin Mulliner
Northeastern University Collin Mulliner is a postdoc researcher at SECLAB at Northeastern University. Collin's main interest is in the area of security and privacy of mobile and embedded devices with an emphasis on mobile and smart phones. Since 1997, Collin has developed software and did security work for Palm OS, J2ME, Linux, Symbian OS, Windows Mobile, Android, and the iPhone. In 2006, he published the first remote code execution exploit based on the multimedia messaging service (MMS). Collin's most recent projects are in the area of vulnerability analysis and offensive security.

Michael Weissbacher
Northeastern University

Jeff Williams
Contrast Security Jeff Williams is the founder and CTO of Contrast Security, bringing the power of instrumentation and real time analytics to secure your application portfolio. Previously, Jeff was a founder and CEO of Aspect Security. He also served as Global Chairman of the OWASP Foundation where he created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten, WebGoat, ESAPI, XSS CheatSheet, ASVS and more. Jeff welcomes hearing from you and may be reached directly at [mailto:jeff.williams@contrastsecurity.com jeff.williams@contrastsecurity.com].

Walt Williams
Lattice Engines Walt Williams, CISSP®, SSCP®, CEH, CPT has served as an infrastructure and security architect at firms as diverse as GTE Internetworking, State Street Corp, Teradyne, The Commerce Group, and EMC. He has since moved to security management, where he now manages security at Lattice Engines. He is an outspoken proponent of design before build, an advocate of frameworks and standards, and has spoken at Security B-Sides on risk management as the cornerstone of a security architecture.

Mr. Williams' articles on security and service oriented architecture have appeared in the Information Security Management Handbook, and is the author of Security for Service Oriented Architecture by CRC press, 2014. He sits on the board of directors for the New England ISSA chapter and is a member of the program committee for Metricon. He has a master’s degree in Anthropology from Hunter College.

George Ehrhorn
MathWorks This talk is about how MathWorks uses the OCTAVE Allegro Framework to model application risks and countermeasures.