| || |
| || |
Revision as of 21:12, 11 November 2013
- 0–9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Back to Attendee List | Back to main Summit 2013 page
Add a bio using the page edit link; change a bio using the section edit link.
Sean has been in IT for 25 years, mostly working in development. He is a security analyst at Farm Credit Canada.
Serg is a co-founder and a CTO of Bugcrowd. Bugcrowd delivers ad-hoc, ongoing and objective-based bug bounties. Our clients can elect to engage the full crowd, or run a private bounty with just the top ranked testers. Our service let's you test web, mobile and client-side applications using our curated crowd of 3,500 security researchers and Crowdcontrol - our unique bug bounty management platform.
Serg is passionate about all things IT Security and Internet in general. And has spent most of his nerdy career in the Application Security space, working on a broad range of application security projects, from source code analysis and penetration testing to developing secure software development lifecycle processes and online fraud prevention platforms.
Simon Bennetts (a.k.a. Psiinon) has been developing web applications since 1997, and strongly believes that you cannot build secure web applications without knowing how to attack them. He works for Mozilla as part of their Security Team.
Some of the projects Simon works on:
OWASP Zed Attack Proxy project lead
Mozilla Zest poject lead
Bodge It Store project lead
OWASP Web Application Security Testing Cheat Sheet joint author
OWASP AppSensor contributor
OWASP Data Exchange Format project lead (currently inactive)
He is also started an co-leads the OWASP Manchester chapter. Simon has a B.Sc in Computing and Information Systems from Manchester University.
Currently CISO and Sr. VP of Enterprise Architecture at Paylocity Corporation where he has helped develop Software-as-a-Service (Saas) Payroll, HR, Time and Labor Management, and Online Benefits Enrollment solutions.
Software Engineer for 25+ years working on products like Great Plains Property Management, Borland Paradox, Niku (which was acquired by CA and rebranded as Clarity), and Paylocity Web Pay.
Member Representative for the IDESG Identity Ecosystem, OWASP Foundation.
Dinis Cruz is a Security Consultant based in London (UK) and specialized in: ASP.NET/J2EE Application Security, Application Security audits and .NET Security Curriculum Development.
For the past couple years Dinis has focused on the field of Static Source Code Analysis and Dynamic Website Assessments (aka penetration testing), and is the main developer of the OWASP O2 Platform which is an Open Source project that is focused on 'Automating Security Consultants Knowledge/Workflows' and 'Allowing non-security experts to access and consume Security Knowledge'. Dinis is currently focused on making the O2 Platform the industry standard for consuming, instrumenting and data-sharing between: the multiple WebAppSec tools, the Security consultants and the final users (from management to developers). Past industry experience include: running a small Software/Consultancy business, acting as CTO for a Portuguese University, being part of a Security Assessment team (Pentesting and Source Code Assessment) for a global Bank (ABN AMRO), taking the role of Directory of Advanced Technologies at Ounce Labs (acquired by IBM) performing Web Application security assessments on a large number of languages/technologies/frameworks and being a very active participant and enabler at OWASP.
Johanna has mainly worked in the area of C# and ASP.NET development, Testing and Quality Control. She is an experienced developer and understands different types of programming languages such as Java and PHP and different types of scripting languages. Johanna has ample experience in Microsoft Technologies and Security Engineering.
MSc. Information Technology with specialization in Security Engineering, University of Liverpool
BSc. Civil Engineering, University of the Netherlands Antilles
<div style=“text-align:justify”Tony DeLaGrange is a Senior Penetration Tester at Fidelity National Information Services, bringing over twenty-five years of information technology experience in the healthcare and financial services industries. For over the past decade, Tony has focused on information security within a leading Fortune 50 financial institution, providing the design of security reference architecture, development of information security policies, standards, and baselines, as well as the assessment and testing of emerging technologies. His experience includes managing large networking and messaging environments, assessing controls and establishing security requirements for large technology project implementations, driving change through leading an information security center of excellence, and influencing key technology and business stakeholders at all levels. Most recently, Tony led a penetration team that augmented the IT Audit program, providing a threat-based perspective to the standard general controls audit review process. For many years, Tony has had a keen interest in mobile security, specifically with mobile devices within a corporate environment, and is currently focused on the development of open source mobile testing tools.
As security project leader and information security officer for multiple customers I have built up extensive experience in Information Security related disciplines, both at strategic and tactical level.
I specialize in (Web) Application Security, combining both my software development and information security experience.
In the last 10 years I have performed several successful secure development lifecycle projects in the financial and utility sector, started up software security groups, supported customers in selecting and implementing Web Application Firewalls (WAF), delivered web application security training and closed a lot of audit findings regarding application security :-).
I started the Belgian OWASP Chapter Leader, am member of the OWASP Foundation Board and performed several public presentations on Web Application and Web Services Security. I also co-organize the yearly security & hacker BruCON conference and trainings in Belgium.
Prior to Bugcrowd Casey had 12 years experience in information security, servicing clients ranging from the very small to to the very large. He started off as a tech - penetration testing and so on - and gradually migrated to the business side. He has lots of experience in security strategy, compliance remediation and generally "adding value to infosec".
He has been active in the tech start-up space in a range of roles: CEO, CSO, mentor, go-to-market strategist, technical architecture adviser.
Simon Roses holds a B.S. from Suffolk University (Boston), Postgraduate in E-Commerce from Harvard University (Boston) and Executive MBA from IE Business School (IE, Madrid). Frequent speaker at security industry events including BLACK HAT, RSA, OWASP, SOURCE. DeepSec and Microsoft Security Technets.
Tobias Gondrom is CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.
Currently, he is a board member of the OWASP London and the CSA Hong Kong and Macau chapters and leads the OWASP CISO Report and Survey project. He is an ISC2 CSSLP and CISSP Instructor. Tobias has authored the Internet standards RFC 4998, RFC 6283 and RFC 7034, also co-authored the books „Secure Electronic Archiving“ and the OWASP CISO Guide and is a frequent presenter at conferences and publication of articles (e.g. AppSec, IETF, ISSE, ...).
Dennis Groves is a well known thought leader in application security who's work focuses on multidisciplinary approaches to information security risk management. He holds an MSc in Information Security from the University of Royal Holloway, University of London. He is currently a UK expert for the UK mirror of ISO subcommittee 27, WG4. I was also the first author and editor of the OWASP Guide.
Samantha Groves is the Project Manager at OWASP. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioural research projects, competitor analysis, event organisation and management, volunteer engagement projects, staff recruitment and training, and marketing department organisation and strategy implementation projects for a variety of commercial and not-for-profit organisations. She is eager to begin her work at OWASP and help the organisation reach its project completion goals.
Samantha earned her MBA in International Management with a concentration in sustainability from Royal Holloway, University of London. She earned her Bachelor's degree majoring in Multimedia from The University of Advancing Technology in Mesa, Arizona, and she earned her Associate's degree from Scottsdale Community College in Scottsdale, Arizona. Additionally, Samantha recently attained her Prince2 (Foundation) project management certification.
Jason Haddix is a security researcher and consultant at www.securityaegis.com. Jason is also the Director of Penetration Testing at Hewlett Packard and Fortify Software. Jason performs and trains internal candidates on mobile penetration testing, black box web application auditing, network/infrastructural security assessments, cursory mainframe security analysis, cloud architecture reviews, wireless network assessment, binary reverse engineering, and static analysis. He is also a semi-regular player on the capture the flag team Shellphish, an academic hacking group based out of the University of California, Santa Barbara.
Michael is a Software Developer Engineer based on San José, Costa Rica.He has been working in the banking area for the last 5 years and during that time, he was involved in different banking areas including investments and online systems. Michael is a researcher in Web technologies including JSON,Atom,RSS,Web Services, Rest, Jquery and Security. At OWASP Michael is the chapter leader in Costa Rica and he is a recurrent collaborator in the OWASP O2 Platfom lead by Dinis Cruz.
Carlos breaks things and builds them better. He is a math geek with security passion, looking for ways to make security easier and smarter. He makes applications more robust through security analytics, and moves away from password based only id.
Martin is an independent security consultant and owner of PervaSec (http://www.pervasec.nl
). His main working area is (software) security in general, from awareness to implementation. In his daily work, he is responsible for education in application security matters, advise and implementation of application security measures.
Martin got involved in OWASP in 2006. He became a member of the OWASP Netherland Chapter board in 2007. He has contributed to several OWASP projects and is co-organizer of the OWASP BeNeLux-Day conference since 2008. Martin has been chair of the Global Education Committee from 2008 until the ending of the Global Committees.
Martin is a frequent speaker at universities, hacker spaces and various conferences.
Jack Mannino is a managing partner at nVisium Security, a leading provider of mobile application and web application security services. At nVisium he is responsible for ensuring that all services are delivered at the highest levels of quality and with keen attention to detail. He focuses on mobile application security research (especially Android), and is the co-leader of the OWASP Mobile Security Project. In addition to the Mobile Security Project, Jack is also heavily involved with the OWASP Northern Virginia Chapter where he serves as the chapter leader.
Jack is the lead developer for the OWASP GoatDroid Project, and is a contributor to the OWASP RailsGoat Project.
As the chapter leader of OWASP Montreal, Jonathan manages most of the events and do the online community management. He is filling up the 2013 chapter's agenda with continuous events and bring new activities than just presentations the way we are used to: Workshops on OWASP projects, community mash-up with other programming related user groups, doing talks in various venues and online events using YouTube and Google Hangouts. He is also Advisor of the security track of ConFoo, a Web techno conference held each year in Montreal that gathers over 600 Web developers and enthusiasts.
Aside from OWASP participation, Jonathan is involved in many communities events in new technologies such as NorthSec, a technical computer security competition, where he is working on Web related exercises as a challenge designer. His main occupation is consulting in Web application security, but deep down he is a developer with a agnostic vision of programming languages. He holds a diploma in Software Engineering from Ecole de Technologie Superieure and have more than 10 years of experience in Information Technology and Security.
A seasoned security leader with over a decade of experience in the information, software, and network security industry. Very entrepreneurial and customer focused team player with excellent communication skills. The current senior manager in enterprise security at salesforce.com.
Abbas has spent considerable time in OWASP and deems himself one of the people who is pushing OWASP forward in every direction. He am also currently chapter leader of Iran in OWASP and has participated in OWASP Projects for more than 5 years :
OWASP TOP 10
He is leading OWASP PHP Security Project, OWASP RBAC Project and a handful of others and has plans for a lot more to come! On top of that he takes part in other open source communities, trying to improve the security aspects of every software.
Founder of AsteriskResearch, Inc. and OWASP Japan Chapter Leader.
Greek Chapter Leader and Senior Information Security Consultant/Team Leader at Voice@Net.
Director of Instructional Design at Union County College.
Academic Director Computer Science, University of Maryland University College.
Chris is currently the Project Leader for the OWASP ESAPI Projects and also serves on the OWASP Global Projects Committee. He has been involved with OWASP for 4 years and has spoken at many OWASP events about the benefits of the Enterprise Security API as well as participated in Leadership discussions amongst the organization.
During the day, Chris is an Application Security Engineer and Senior Software Engineer for Aspect Security where he has been since fall 2010. Prior to joining the team at Aspect Security he spent 5 years as 'Black Ops Beef' for ServiceMagic Inc with the official title of Software Engineer. Before getting involved in software professionally, Chris worked in hardware as a Senior Field Service Engineer providing hardware and software support for PC’s, Servers, Midrange Systems and Peripherals for 9 years.
Sasikumar is the Director of Information Security at ZohoCorp.
Experienced Application Security developer, OWASP ESAPI co-owner / committer, secure code reviews
Jess is the CEO of Aspect Security and has served as the volunteer Chair of the OWASP Foundation from 2003 to 2012. He has dedicated his life to trying to make the world’s software more secure, and so he create lots of free and open tools, libraries, guidance, and standards to try to change the status quo.
current summit 2013 team
see the Summit_2011_Attendee_Bios
page for more examples