2016 BASC Speakers

Matt Cheung
Veracode Matt Cheung is a Quality Assurance Engineer for the static analysis engine at Veracode. His first practical introduction to modern cryptography was from an internship during grad school where he worked on additively homomorphic encryption and secure multiparty computation. In the years since, he has developed an interest in how cryptography does and doesn't work. Matt spoke last year at BASC on the topic of cryptography as well as presented this workshop at the Crypto and Privacy Village at DEFCON 24.

Bill Campbell
Predicatable Solutions Bill Campbell has managed technology operations, software development and security functions at companies including the MITRE Corporation, Union Bank, Fidelity Investments and Symantec, among others. He is a CISSP, and has served on the (ISC)2 Ethics Committee for 15 years. His career has focused on producing dramatic improvements in stability, reliability and efficiency by correctly identifying and then eliminating the root causes of negative influences, and addressing the fundamentals to achieve dramatic improvements.

Erik Dasque
Constant Contact A Sr Director at Constant Contact, I have recently lead the Docker Working Group here, built the Docker Bootcamp class and have been, on the app development side, pushing Docker & Application Level Metrics (statsd, Graphite, Grafana) to improve DevOps practices wherever I roam.

Casey Dunham
GuidePoint Security Casey Dunham is a Senior Security Consultant in the Application Security Practice at GuidePoint Security where he focuses on web application security, source code review, and developer training, where his 10 years of software development experience comes in handy. Other interests include bourbon, travel, exploit development, and OSINT. Casey holds a bachelor’s degree in Computer Science from the University of Southern Maine and is the current Chapter President of OWASP Maine.

Robert Hurlbut
Robert Hurlbut Consulting Services Robert Hurlbut, of Robert Hurlbut Consulting Services based in Enfield, CT, is a Microsoft MVP for Developer Technologies and Security and holds the (ISC)2 CSSLP security certification. Robert has 30 years of industry experience in software security, software architecture, and software development. He has served as a project manager, director of software development, and chief software architect for several projects. He speaks at user groups, national and international conferences, and provides training for many clients. You can follow Robert on his blog at https://roberthurlbut.com/blog and on Twitter at https://twitter.com/roberthurlbut and most recently co-hosting with Chris Romeo a new Application Security Podcast at https://www.appsecpodcast.org.

Dennis Hurst
Saltworks Security Mr. Dennis Hurst is on the HP team at Saltworks Security and is a highly respected security expert with unprecedented expertise in the area of application security and the integration of security into all aspects of the Software Development Lifecycle (SDLC). https://www.linkedin.com/in/dennishurst

Matt Morency
Pegasystems This bio is so short, it is already done.

Apoorv Munshi
Northeastern University
 * Candidate for Master of Science in Information Assurance at Northeastern University
 * Former application security intern at Cigital
 * Currently working at Genospace as an application security intern
 * Board member of the ISSA Northeastern University Chapter
 * Conducted a similar workshop at Northeastern University
 * Attendee at OWASP Boston, Boston security meetup, Blackhat USA 2015, DEFCON 23, CircleCityCon 2015, Appsec USA

Nivedita Murthy
Cigital Nivedita Murthy is a Security Consultant at Cigital. She has 7 years of experience in managing information security operations, including application security reviews, proxy and firewall security, infrastructure patch management, and incident response. Her current focus is on vulnerability remediation.

Chris Romeo
Security Journey Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring application security awareness to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to "build security in" to all products at Cisco. He led the creation of Cisco’s internal, end-to-end application security awareness program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris is a sought after conference speaker and holds the CISSP and CSSLP.

Roshan Thomas and Anurag Dwivedy
Northeastern University Roshan Thomas is a student of Northeastern University currently pursuing his Masters in Information Assurance. He has around 4 years of experience as an Information Security Consultant. He has performed Network, Application and Mobile Application Penetration tests and is also familiar with a number of Enterprise Network and Application security Solutions. He is a SANS GIAC Certified Incident Handler. He is also a bug bounty hunter recognized by IBM (http://www-01.ibm.com/support/docview.wss?uid=swg21987126) and Coinbase.

Anurag Dwivedy is a Masters student in Information Assurance at the Northeastern University. Prior to moving to information security he used to work as a software developer. He is experienced in C#, C, C++, PowerShell, SQL, Perl, x86 Assembly and is familiar with the common applications used in banking & financial infrastructure. He has been an integral part of the team which developed a web based MVC application to manage fraud Database and reconcilement of ATM transactions. He has also worked on an academic project which analyzed security mechanism in .NET and implemented countermeasures for OWASP Top 10 vulnerabilities.

Tania Ward and Kristen Pascale
EMC Corporation Tania Ward has worked as part of EMC Product Security Response Center for over 3 years. Prior to that, she had worked at Microsoft for just under 14 years working on products from SQL Server, Windows Live to Microsoft Office. In her spare time she volunteers as an EMT in her local town as well as a ski patroller at Wachusett Mountain Ski Resort.

Kristen Pascale has worked as part of the EMC Product Security Response Center for over 4 years. Prior to that, she worked at Fidelity Investments for 14 years supporting implementations and data management in the 401(k) retirement sector. She spends most of her spare time with her four boys. She is an avid runner and enjoys travelling with her family.

Jeff Williams
Contrast Security A pioneer in application security, Jeff Williams is the founder and CTO of Contrast Security, a revolutionary application security product. Contrast is an application agent that enables software to both report vulnerabilities and prevent attacks. Jeff has over 25 years of security experience, speaks frequently on cutting-edge application security, and has helped secure code at hundreds of major enterprises. Jeff served as the Global Chairman of the OWASP Foundation for eight years, where he created many open-source standards, tools, libraries, and guidelines - including the OWASP Top Ten.

Jim Weiler
Starwood Hotels Application Security Architect at Starwood Hotels for 9 years. Application security manager at Staples for 5 years. Boston OWASP Chapter leader for 12 years. Author and primary editor of OWASP cheatsheet Managing 3rd Party Javascript.