2011 BASC: Home Agenda Presentations Speakers
Platinum Sponsors (Listed Alphabetically)
Gold Sponsors (Listed Alphabetically)
Silver Sponsors (Listed Alphabetically)
We kindly thank our sponsors for their support. Please help us keep future BASCs free by viewing and visiting all of our sponsors.
Sponsorships are still available.
We would like to thank our speakers for donating their time and effort to help make this conference successful.
Michael Anderson is a security consultant at NetSPI with experience in penetration testing, application security,
computer forensics, network architecture, and code reviews. He has presented at DefCON 18 on cloud-based
threats, and is currently engaged in research on threats to mobile infrastructure.
Joshua Corman has more than a decade of experience with security and networking software, most recently serving as Principal Security Strategist for IBM Internet Security Systems. Corman’s research cuts across sectors to the core challenges of the industry, and drives evolutionary strategies toward emerging technologies and shifting economics. Corman is a candid and highly coveted speaker and has spoken at leading industry events such as RSA, Interop, ISACA, and SANS. His efforts to educate and challenge the industry recently lead NetworkWorld magazine to recognize him as a top innovators of IT for 2009. Corman also serves on the Faculty for IANS and is a staunch advocate for CISOs everywhere. In 2010, Corman also co-founded RuggedSoftware.org – a value based initiative to raise awareness and usher in an era of secure digital infrastructure.
Safelight Security Advisors
Rob is the CEO of Safelight Security, a leading provider of both instructor-led and computer-based security training. He is a Boston-based information security expert who has taught information security training classes to over ten thousand students, including developers, architects, and managers for industry-leading organizations. He has 20 years of experience in the information technology field and has been working in information security since 1998. Over the years, he has played the role of software developer, systems integrator, security consultant and trainer. Rob was a co-founder of @stake, a highly regarded pioneer in information security consulting. In this role, he led and conducted secure architecture and design reviews, secure code reviews, application penetration tests, security assessments, and training for numerous Fortune 500 companies. Rob worked on @stake's SmartRisk Analyzer team, building software that automatically scans applications for vulnerabilities, and he was the author of LC4, a version of the award-winning L0phtCrack password auditing tool. @stake was acquired by Symantec Corporation in October 2004.
Rob regularly speaks at security conferences, and frequently presents to the Boston OWASP chapter on a variety of security topics. His specialties are application security architecture and information security training.
Lecturer at Tufts University Department of Computer Science
Ming Chow is a scholar of science and technology and a Lecturer at the Tufts University Department of Computer Science. His areas of interests are computer security, game development, web application security, and Computer Science in Education. Ming co-edited a special issue of IEEE Security & Privacy on securing online games with Gary McGraw of Cigital, Inc. published in May 2009. Ming is a frequent guest speaker, and have spoke at numerous organizations, including New England Association of Insurance Fraud Investigators (NEAIFI), and the New England Chapter of the High Technology Crime Investigation Association (HTCIA-NE), the Greater Boston Chapter of the Association of Certified Fraud Examiners (ACFE), John Hancock, and the Massachusetts Office of the Attorney General (AGO). Finally, Ming is a SANS GIAC Certified Incident Handler (GCIH).
The Intrepidus Group
Zach Lanier is a Principal Consultant with the Intrepidus Group,Group, specializing in network, mobile, and web application penetration testing. Prior to joining Intrepidus, Zach served as Senior Network Security Analyst at Harvard Business School, and Security Assessment Practice Manager at Rapid7. Zach likes Android, vegan food, and cats (but not as food).
HaoQi Li is a CS student at MIT. She interned on the Infrastructure Security Team at Mozilla this summer
and created MozSecWorld under the mentorship of Michael Coates, an OWASP member.
Anirudh Ramachandran serves as Chief Technology Officer of Nouvou.
Roy Wattanasin is a information security professional working in the healthcare industry. He spends
most of his time on leading and developing an organization's information security program and working
on PCI-DSS compliance, privacy, regulatory efforts, education efforts and with other projects. He also
teaches information security at Brandeis University.
Andrew Wilson is a Security Consultant at Trustwave. He is a member of Trustwave's SpiderLabs - the
advanced security team focused on penetration testing, incident response, and application security. He has
over 9 years experience building, testing, and securing software in a variety of industries. Andrew specializes
in application security assessment, penetration testing, and secure development life cycle. Andrew is an
active speaker in the developer and security communities. Andrew is recognized as a Microsoft MVP in
You can find out more about this conference at the BASC homepage: http://www.owasp.org/index.php/2011_BASC_Homepage.
Conference Organizer: Jim Weiler