2011 BASC Speakers

Revision as of 09:13, 30 September 2011 by Tom Conner (talk | contribs)

Jump to: navigation, search

2011 BASC: Home Agenda Presentations Speakers

Platinum Sponsors (Listed Alphabetically)

Core Security Technologies


SafeLight Security

Security Innovation

Source Conference

Gold Sponsors (Listed Alphabetically)



WhiteHat Security

Silver Sponsors (Listed Alphabetically)


Pwnie Express

Providence Web App Security Meeting Group

Stach & Liu

We kindly thank our sponsors for their support. Please help us keep future BASCs free by viewing and visiting all of our sponsors.
Sponsorships are still available.


We would like to thank our speakers for donating their time and effort to help make this conference successful.

Michael Anderson

Michael Anderson is a security consultant at NetSPI with experience in penetration testing, application security, computer forensics, network architecture, and code reviews. He has presented at DefCON 18 on cloud-based threats, and is currently engaged in research on threats to mobile infrastructure.

Josh Corman

Akamai Joshua Corman has more than a decade of experience with security and networking software, most recently serving as Principal Security Strategist for IBM Internet Security Systems. Corman’s research cuts across sectors to the core challenges of the industry, and drives evolutionary strategies toward emerging technologies and shifting economics. Corman is a candid and highly coveted speaker and has spoken at leading industry events such as RSA, Interop, ISACA, and SANS. His efforts to educate and challenge the industry recently lead NetworkWorld magazine to recognize him as a top innovators of IT for 2009. Corman also serves on the Faculty for IANS and is a staunch advocate for CISOs everywhere. In 2010, Corman also co-founded RuggedSoftware.org – a value based initiative to raise awareness and usher in an era of secure digital infrastructure.

Rob Cheyne

Safelight Security Advisors
Rob is the CEO of Safelight Security, a leading provider of both instructor-led and computer-based security training. He is a Boston-based information security expert who has taught information security training classes to over ten thousand students, including developers, architects, and managers for industry-leading organizations. He has 20 years of experience in the information technology field and has been working in information security since 1998. Over the years, he has played the role of software developer, systems integrator, security consultant and trainer. Rob was a co-founder of @stake, a highly regarded pioneer in information security consulting. In this role, he led and conducted secure architecture and design reviews, secure code reviews, application penetration tests, security assessments, and training for numerous Fortune 500 companies. Rob worked on @stake's SmartRisk Analyzer team, building software that automatically scans applications for vulnerabilities, and he was the author of LC4, a version of the award-winning L0phtCrack password auditing tool. @stake was acquired by Symantec Corporation in October 2004. Rob regularly speaks at security conferences, and frequently presents to the Boston OWASP chapter on a variety of security topics. His specialties are application security architecture and information security training.

Ming Chow

Lecturer at Tufts University Department of Computer Science
Ming Chow is a scholar of science and technology and a Lecturer at the Tufts University Department of Computer Science. His areas of interests are computer security, game development, web application security, and Computer Science in Education. Ming co-edited a special issue of IEEE Security & Privacy on securing online games with Gary McGraw of Cigital, Inc. published in May 2009. Ming is a frequent guest speaker, and have spoke at numerous organizations, including New England Association of Insurance Fraud Investigators (NEAIFI), and the New England Chapter of the High Technology Crime Investigation Association (HTCIA-NE), the Greater Boston Chapter of the Association of Certified Fraud Examiners (ACFE), John Hancock, and the Massachusetts Office of the Attorney General (AGO). Finally, Ming is a SANS GIAC Certified Incident Handler (GCIH).

Zach Lanier

The Intrepidus Group
Zach Lanier is a Principal Consultant with the Intrepidus Group,Group, specializing in network, mobile, and web application penetration testing. Prior to joining Intrepidus, Zach served as Senior Network Security Analyst at Harvard Business School, and Security Assessment Practice Manager at Rapid7. Zach likes Android, vegan food, and cats (but not as food).

HaoQi Li

HaoQi Li is a CS student at MIT. She interned on the Infrastructure Security Team at Mozilla this summer and created MozSecWorld under the mentorship of Michael Coates, an OWASP member.

Anirudh Ramachandran

Anirudh Ramachandran serves as Chief Technology Officer of Nouvou.

Christien Rioux

Christien Rioux, co-founder and chief scientist of Veracode, is responsible for the technical vision and design of Veracode’s advanced security technology. Working with the engineering team, his primary role is the design of new algorithms and security analysis techniques.

Before founding Veracode, Mr. Rioux founded @stake, a security consultancy, as well as L0pht Heavy Industries, a renowned security think tank. Mr. Rioux was a research scientist at @stake, where he was responsible for developing new software analysis techniques and for applying cutting edge research to solve difficult security problems. He also led and managed the development for a new enterprise security product in 2000 known as the SmartRisk Analyzer (SRA), a binary analysis tool and its patented algorithms, and has been responsible for its growth and development for the past five years

Roy Wattanasin

Roy Wattanasin is a information security professional working in the healthcare industry. He spends most of his time on leading and developing an organization's information security program and working on PCI-DSS compliance, privacy, regulatory efforts, education efforts and with other projects. He also teaches information security at Brandeis University.

Andrew Wilson

Trustwave SpiderLabs
Andrew Wilson is a Security Consultant at Trustwave. He is a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has over 9 years experience building, testing, and securing software in a variety of industries. Andrew specializes in application security assessment, penetration testing, and secure development life cycle. Andrew is an active speaker in the developer and security communities. Andrew is recognized as a Microsoft MVP in Windows Azure.

You can find out more about this conference at the BASC homepage: http://www.owasp.org/index.php/2011_BASC_Homepage.
Conference Organizer: Jim Weiler