2012 BASC Speakers

Michael Anderson
NetSPI Michael Anderson is a security consultant at NetSPI with experience in penetration testing, application security, computer forensics, network architecture, and code reviews. He has presented at DEF CON 18 on cloud-based threats, and is currently engaged in research on threats to mobile infrastructure.

Ray Cote
Appropriate Solutions, Inc.

John Dickson
Denim Group John Dickson, CISSP, has over 15 years in the information security field including hands-on experience with intrusion detection systems, network security, and software security in the commercial and government sectors. In his current position as a Principal at Denim Group, he helps chief security officers of Fortune 500 clients and federal organizations launch and expand successful software security initiatives. John regularly speaks on the topic of application security at industry venues such as the RSA Security Conference and the Computer Security Institute’s (CSI) conferences.

Ehsan Foroughi
SD Elements Ehsan Foroughi is an application security expert with 8+ years of management and technical experience in security research. He has an extensive development and reverse engineering background. He led the Vulnerability Research Subscription Service for TELUS Security Labs (called Assurent before being acquired by TELUS). Under his management, the Vulnerability Research Service went through being a startup product to a service used by over 80% of the major security vendors. As an entrepreneur, he has also served as the founder and CTO of TELTUB, a successful telecommunication startup. Ehsan holds a M.Sc. from the University of Toronto in Computer Science, a B.Eng. from Sharify University of Technology, as well CISM and CISSP designations.

Rohit Sethi
SD Elements Rohit Sethi is a specialist in building security controls into the software development life cycle (SDLC). He has helped improve software security at some of the world's most security sensitive organizations in financial services, software, ecommerce, healthcare, telecom and other industries. Rohit has built and taught SANS courses on Secure J2EE development. He has spoken and taught at FS-ISAC, RSA, OWASP, Secure Development Conference, Shmoocon, CSI National, Sec Tor, Infosecurity, CFI-CIRT, and many others. Mr. Sethi has written articles for InfoQ, Dr. Dobb's Journal, TechTarget, Security Focus and the Web Application Security Consortium (WASC), has appeared on Fox News Live, and has been quoted as an expert in application security for ITWorldCanada and Computer World. He also created the OWASP Design Patterns Security Analysis project.

Roy Wattanasin
Roy Wattanasin is a information security professional working in the healthcare industry. He spends most of his time on leading and developing an organization's information security program and working on PCI-DSS compliance, privacy, regulatory efforts, education efforts and with other projects. He also teaches information security at Brandeis University.