This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

2019 BASC Speakers

Revision as of 14:28, 13 September 2019 by Laberdale (talk | contribs) (Added Morning Workshop Leaders)

Jump to: navigation, search
Home | Agenda | Code of Conduct | Presentations | Workshops | Speakers | Twitter 32.png

Platinum Sponsors

NCC Group Ordr WhiteHat

Gold Sponsors

Auric Checkmarx HackerOne Netsparker Sonatype Tala

Silver Sponsor


Individual Sponsor: Justin Olin

Please help us keep BASC free by viewing and visiting all of our sponsors.

Mansour Ahmadi

Northeastern University
Mansour Ahmadi is a research associate at Northeastern University. Before coming to Northeastern, he obtained a PhD in Computer Engineering from the University of Cagliari in 2017. His research is mainly focused in applying machine learning methods for systems security problems, especially malware detection and classification, and vulnerability discovery. He co-authored over 10 scientific papers. Also, He is the lead developer of IntelliAV, which is the first on-device machine learning-based mobile malware detector.

Joel Carlson

Secure Code Warrior
Joel Carlson is a security professional with 15 years of experience in the security industry. Joel has a long history of connecting businesses with security tools to help them ensure a secure environment. He joined Secure Code Warrior earlier this year after previous success at Veracode, Dell and Bitsight.

Chris Chagnon

UXDM Lab at Worcester Polytechnic Institute
Chris Chagnon is an ITSM Architect and developer who designs, develops, and maintains award-winning experiences for managing and carrying out the ITSM process. Chris has a Master of Science in Information Technology, and a bachelor’s degree in Visual Communications. In addition, Chris is a PhD Candidate studying Information Systems with a focus on user and service experience. As A Top 25 Thought Leader in ITSM, and an ALE IT Vanguard, Chris speaks nationally about the future of ITSM, practical applications of artificial intelligence and machine learning, gamification, continual service improvement, and customer service/experience. Follow Chris on Twitter @Chagn0n.

Madison Cool

Madison Cool is an associate AppSec engineer at TraceLink, delivering a secure platform for the Pharmaceutical Supply Chain. She works with the TraceLink team to make "TraceLink = Trusted" by ensuring that customers, partners and internal engineering can meet and exceed best security practices. Their goal is to make security accessible and understandable by both the security-minded and the security-unaware.

Kristin Dahl

Kristin Dahl is a cyber security consultant with IBM X-Force IRIS and former research staff member at MIT Lincoln Laboratory. Kristin’s experience includes investigative research, policy development, threat assessment, and security operations across the defense sectors, critical systems, academia, and private industry. Kristin has worked collaboratively with multiple stakeholders and federal agencies, including the Department of Defense, the Department of Homeland Security, and the Department of Energy.

Kristofer Duer

Kristofer Duer is the Lead Cognitive Researcher for AppScan Source. He has worked in the application security field for the last 8 years in the world of Static Application Security Testing (SAST) and researching language specific attack surfaces. His particular specialty deals with applying machine learning to solve some of the impossible problems which occur naturally in the world of SAST - namely Intelligent Finding Analytics (IFA) and Intelligent Code Analytics (ICA).

Outside of work he enjoys the gym, Disc Golf (super fun!) and spending time with his wife and two kids.

Reza Mirzazade Farkhani

Northeastern University
Reza Mirzazade Farkhani is pursuing a PhD in Cybersecurity at Northeastern University. His research interests span a wide range of topics in systems security with a particular focus on software vulnerability detection, exploit mitigation techniques and binary analysis. Currently, Reza is focusing on developing novel techniques to protect applications against memory safety vulnerabilities. He is especially interested in new security features in ARM architecture to accelerate the performance and security of the current systems.

Brian Fox

Co-founder and CTO, Brian Fox is a member of the Apache Software Foundation and former Chair of the Apache Maven project. As a direct contributor to the Maven ecosystem, including the maven-dependency-plugin and maven-enforcer-plugin, he has over 20 years of experience driving the vision behind, as well as developing and leading the development of software for organizations ranging from startups to large enterprises. Brian is a frequent speaker at national and regional events including Java User Groups and other development related conferences.

Gabrielle E. Hempel, CHTI

Black Mirage
Gabrielle is a graduate of the University of Cincinnati, where she studied Neuroscience and Psychology. She worked for an institutional review board in regulatory pharmaceutical and medical device compliance, and led specialized committees targeting Phase I research and emergency research. She moved to IT consulting in 2018, and currently works as a penetration tester for Black Mirage while pursuing a certificate in Advanced Computer Security at Stanford. She continues to serve as a genetic scientist for NIH-regulated recombinant genetic studies, and serves as an instructor and mentor for a student cohort of cybersecurity analysts through Cybrary. She recently obtained her Certified Human Trafficking Investigator (CHTI) credentials through the McAfee Institute, and works with various law enforcement groups and task forces in order to combat human trafficking through digital forensics and analysis. Her area of expertise lies in GDPR/HIPAA/regulatory compliance and medical device security.

Kitty Huang

Communications Trainer and Relationship Coach
Kitty Huang is an award-winning speaker who has led several fun and effective communication workshops at MIT, Harvard University, and corporate training events. She has worked as a copywriter at advertising agencies, a screenwriter for a television situation comedy, and a newspaper journalist. Her perceptive mind and creative approaches have successfully helped many individuals to solve problems in professional relationships and personal relationships.

Prateek Jain

UXDM Lab at Worcester Polytechnic Institute
Prateek Jain is a UX researcher currently pursuing Ph.D. in Innovation with User Experience at Worcester Polytechnic Institute. His Ph.D. research focuses on User Experience. His research interests are augmented reality, internet of things (IoT), accessibility and persona development. He is working on multiple research projects focusing on the use of augmented reality and IoT to improve the user experience of products and services. Along with that, he is also working on developing and testing different persona frameworks to help organizations make effective design decisions.

Ryan LaMarche

UXDM Lab at Worcester Polytechnic Institute
Ryan LaMarche is a digital transformation and design thinking expert that brings ideas to life with a focus on user experience, and smart system design. When Ryan isn’t building systems, he spends his time as a dual-enrolled Bachelor’s and Master’s student at Worcester Polytechnic Institute studying Computer Science and Innovation with UX. Ryan is also a founding member and CTO of Seldom Technologies where he works with companies to develop systems, applications, and websites and consult on process improvement in the ITSM space.

Tal Melamed

Protego Labs

Omid Mirzaei

Northeastern University
Omid Mirzaei is a postdoctoral research associate in the Systems Security (SecLab) and the Research in Software and Systems Security (RiS3) Labs at Northeastern University, working with Prof. Engin Kirda and Dr. Long Lu. Prior to this, Omid was an assistant professor in Universidad Carlos III de Madrid. Also, he spent around 4 years at COmputer SECurity lab (COSEC) as a PhD student and he received his PhD degree in Computer Science from the same university. Omid's thesis was mainly focused on Android malware analysis and triage. Generally speaking, Omid is working and conducting research in computer and cyber security. However, he is particularly interested in mobile security, malware analysis, reverse engineering and applied machine learning in security. In addition, he is eager to tackle security issues from a multi-objective perspective, i.e. trying to deal with such problems by consuming the least possible amount of in hand resources. Previously and as an undergraduate student, Omid worked in a wide range of areas, from advanced software engineering to Artificial Intelligence (AI). Omid also developed several intelligent systems and passed different AI-related courses, including machine learning, pattern mining, fuzzy systems, evolutionary computation and optimization, neural networks and image processing.

Carson E. Owlett, OSCP CEH

Black Mirage
Carson is a graduate of Connecticut College, where he studied Computer Science and Slavic Studies. After graduating, he obtained his OSCP and CEH and did a brief stint doing research for DARPA. He then founded Black Mirage in 2019, where he serves as the CEO and Assessment Team Lead for penetration tests, and he has been working to implement programs for offensive security education.

Rashmi Patil

Rashmi is passionate about software engineering and applying it to solve complex problems in day to day life. She has a diverse set of work experience through past research, internships and full-time work experience that has really helped others in understanding the broader picture. In her free time, she volunteers and conducts educational workshops to teach young high school girls about the importance of Cybersecurity and encourage them to pursue a career in Computer Engineering.

Chris Romeo

Security Journey
Chris Romeo is CEO and co-founder of Security Journey where he creates and deploys security culture influencing training, consults, and speaks. His passion is to bring security culture change to all organizations large and small through the creation and design of gamified security education. He was the Chief Security Advocate at Cisco for five years, where he empowered engineers to shift security left in all products at Cisco and led the creation of Cisco’s security belt program. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP certifications. Find Chris on Twitter, @edgeroute, or on LinkedIN,

Luke Tucker

Luke Tucker is the Senior Director of Community at HackerOne — the leading hacker-powered security platform with the largest community of hackers in the world. A seasoned community engagement professional, he is passionate about helping identify and nurture what makes people and communities tick, so understanding how hackers feel and how they are seen is his bread and butter. He is the Creator and Editor of the Zero Daily Newsletter, which provides daily application security, hacker and bug bounty news. Previously at HackerOne, Luke oversaw all B2B content marketing efforts, brand voice and social media management, and educational content development for the growing community of hackers. Prior to HackerOne, he served in several creative roles including Captricity and Sultan Ventures.

Paulina Valdivieso

Bennington College
Paulina Valdivieso is a senior undergrad in Computer Science and Public Policy, studying the intersections between Cybersecurity, Law and Politics. Interested in hacking, information security, programming and general electronic shenanigans, she recently started to apply all of this knowledge into the workplace, centering on network and application security. She is an advocate for open access and privacy, using and committing to open source tools whenever possible and making sure people understand the implications and dark side of the tools they use everyday.

Roy Wattanasin

Information Security Professional
Roy Wattanasin is a healthcare information security professional. You can find him on @wr0

You can find out more about this conference at the 2019 BASC Homepage
or by emailing
Twitter 32.png