2018 Speakers List
CEO of the Innocent Lives Foundation
Chris possesses over 17 years of experience as a practitioner and researcher in the security field. He is the author of 3 (soon to be 4) books as well as 3 different training courses taught around the globe. Chris has trained and taught various branches of the US Government in the art and science of social engineering, including the FBI, SOCOM and others. Chris has been invited to the Pentagon to debrief 30+ general officers and government officials on social engineering and its effect on the United States.
Chris established the world’s first social engineering penetration testing framework at www.social-engineer.org, providing an invaluable repository of information for security professionals and enthusiasts. That site grew into a dynamic web resource including a podcast and newsletter, which have become staples in the security industry and are referenced by large organizations around the world.
Chris specializes in understanding how malicious attackers exploit human communication and trust to obtain access to information and resources through manipulation and deceit. His goal is to secure companies by educating them on the methods used by attackers, identifying vulnerabilities, and mitigating issues through appropriate levels of awareness and security.
Antonio A. Rucci
Director, InfoSec & Threat Intelligence, GRIDSMART Technologies, Inc.
Antonio A. Rucci is a retired Counterintelligence Special Agent and US Army Warrant Officer, with more than 34 years of technical security experience. Tony is the Director of Information Security & Threat Intelligence for GRIDSMART Technologies Inc, Knoxville, TN.
Tony ran technical espionage and computer crimes investigations for a good portion of his operational career. He served as the Counterintelligence Operations Officer at The White House, serving two administrations from 1998-2004. He led technical accreditation for a critical facility at one of the DOE National Labs before being recruited to move to Reno, NV to build a data center for one of the beltway bandits. Since then, Tony has started two of his own companies; served as the Chief Security Officer for two others; and built an InfoSec & Threat Intelligence vertical for another company before joining GRIDSMART earlier this year. Tony continues to serve national security efforts in his current capacities, stirring up the Transportation Industry by assessing and assisting smart/autonomous vehicle strategies along with their smart cities and traffic management support infrastructure, supporting both private sector and government interests. Twitter: @InsiderThreats
Architect at CISCO Systems and Security Researcher
Joseph Muniz is an architect at Cisco Systems and security researcher. He has extensive experience in designing security solutions and architectures for the top Fortune 500 corporations and US Government. Examples of Joseph’s research is his RSA talk titled Social Media Deception quoted by many sources found by searching “Emily Williams Social Engineering” as well as articles in PenTest Magazine regarding various security topics.
Joseph runs the Security Blogger website, a popular resource for security and product implementation. He is the author and contributor of several publications including titles on building security operations centers (SOC)s, CCNA cyber ops certification, web penetration testing and hacking with raspberry pi. Joseph’s next title, Digital Forensics for Network Engineers released on Cisco Press was released late February 2018. Follow Joseph at www.thesecurityblogger.com and @SecureBlogger.
Dr. Catherine J. Ullman
Senior Information Security Analyst, University at Buffalo
Dr. Catherine J. Ullman began her IT career over 20 years ago as a Technical Support Specialist for Corel Word Perfect. After gaining valuable experience, as well as several technical certifications while working for Ingram Micro and subsequently Amherst Systems, she was offered and accepted a position at UB as a Systems Administrator in 2000 in which she provided both server and workstation support for several departments within Undergraduate Education. While she enjoyed her support role, she began to specialize in computer security and computer forensics. As a result, Cathy was often utilized by the Information Security Office to assist in the investigation of security breaches. Ultimately, she was asked to join the Information Security Office full time in 2009. In her current role as a Senior Information Security Analyst, Cathy is responsible for performing computer forensic investigative services for compliance on potentially compromised machines as well as personnel issues. She also assists with incident management involving intrusion detection and analysis, as well as providing security awareness training to departments on campus upon request. In 2017 Cathy was given the honor of speaking at Defcon’s Wall of Sheep for the first time. In her (minimal) spare time, she enjoys researching death and the dead, and learning more about hacking things.
Senior Enterprise Security Consultant at Sword & Shield Enterprise Security, Inc.
Corey McReynolds is an Enterprise Security Consultant with Sword & Shield Enterprise Security. Corey graduated Carson-Newman University with Bachelor of Arts in communications. He then started his career with the United States Army where he worked on numerous operations as an Military Intelligence asset earning numerous commendations and the Combat Action Badge. He was Honorably Discharged as a Military Intelligence Officer from the United States Army Intelligence Center of Excellence at Fort Huachuca. He then transitioned to supporting security operations at a Department of Energy research and development facility, where he rebuilt the facilities complete security operations procedures and manual. During this time, he began working on additional technical degrees where he acquired three additional degrees in Information Technology, Programming, and Network Security & Forensics, while also earning all six of the Committee on National Security Systems (CNSS) Certifications meeting requirements for both the National Security Agency (NSA) and U.S. Department of Homeland Security (DHS). Corey also transitioned into a Senior Systems Engineer/Solutions Architect position for a data storage company. He designed and deployed four data centers capable of handling 500+ petabytes of data storage. After completion of the degrees Corey was offered a position at Sword & Shield Enterprise Security where he enjoys serving clients and solving problems with creative solutions.
Michael J. Masucci
Commissioner, Santa Monica Arts Commission Chair, Santa Monica Public Art Committee
Michael J. Masucci is an award-winning media producer, video-artist, writer, musician, curator and mediator. He also currently serves as an Arts Commissioner for the City of Santa Monica, where he chairs its prestigious Public Art Committee.
Masucci’s collaborations have been exhibited internationally, at venues such as the Museum of Modern Art (New York), the Institute of Contemporary Art (London), the American Film Institute (Los Angeles), the Autry National Center, on commercial television, as well as in festivals, galleries conferences and universities.
He is co-founder of Los Angeles’ seminal media art group EZTV (www.eztvmedia.com), which has received retrospective tributes by the American Film Institute, UCLA, SIGGRAPH, the University of Southern California (who also houses the EZTV Archives as part of its permanent collection) and was included in the Getty Museum’s Pacific Standard Time. Additionally, Masucci co-founded CyberSpace Gallery, one of the world’s first art galleries dedicated to digital art. He was also a founding member of the “LA Digilantes”, a group of artist-activists advocating for use of computing in the arts.
Masucci has taught at the Otis College of Art & Design and has done guest lectures at a number of institutions, including Changchun Film Studios (China) UCLA, USC, CalTech, Claremont College, the University of Helsinki, San Francisco Art Institute, American Film Institute, ICA (London), Long Beach Museum of Art, the School of Visual Arts (NYC) and New School/ Parsons. He has alos presented at conferences internationally, whose topics range from popular entertainment, Transhumanism, cyber-security, social justice, education and technology. His presentations in the field of Cybersecurity bridge together the worlds seemingly separate realms of art culture and IT.
His work has been profiled in a variety of media, including PBS, the Discovery Channel, the Los Angeles Times, Variety, Artweek and the Hollywood Reporter. His writings have appeared in the SIGGRAPH Journal, the Independent Film & Video Monthly, and in several books, including the pioneering “CyberArts-Exploring Art & Technology” (edited by Linda Jacobsen).
Masucci has a law degree and has completed graduate level training in mediation and conflict resolution and holds certificates in film, music, entrepreneurship and graphic design.
Principal Application Security Engineer, Software Solutions | NCR Corporation
Kaveh is employed in NCR Corporation as Principal Application Security Engineer and has provided many findings and assistance in the sector of IT-Security. His unique, self-written tools and knowledge of security audits and penetration testing has placed Kaveh in the Google Hall of Fame and acknowledgment by Microsoft, Adobe, Artweaver and Integraxor SCADA for his findings.
Kaveh hopes to give back to the IT-Security community by showcasing the tools he designed and he got 30 critical/high CVE’s in a year.
Senior Security Consultant, TrustedSec
Adam Compton has been a programmer, researcher, instructor, professional pentester, father, husband, and farmer. Adam has close to 2 decades of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam’s career, he has worked for both federal and international government agencies as well as within various aspects of the private sector.
Tyler Cohen Wood
CyberVista, Executive Director of Cyber Workforce Development
Tyler Cohen Wood is a cyber-authority with 18 years of highly technical experience, 13 of which were spent working for the Department of Defense (DoD). As a cyber, Intelligence, national security expert, author and public speaker, Tyler is relied on to provide unique insight into cyber threats, cyber warfare, mitigating cyber risk, national security, and ensuring industries have the tools they need to defend themselves in the digital world. Tyler sits on several cyber advisory boards, including CyberSat and The Internet of Things Consortium.
Before joining CyberVista as an Executive Director of Cyber Workforce Development, Tyler worked at AT&T as a Director of Cyber Risk Management in the Cyber Solutions Group where she used thought leadership and her cybersecurity expertise to develop new and inventive solutions to protect customers from hackers and the ever-increasing cyber threat landscape.
Prior to that, Tyler worked at the U.S. Defense Intelligence Agency (DIA) under the DoD, serving as a Senior Intelligence Officer, Deputy Cyber Division Chief of the Special Communications Division and the DIA Science and Technologies Directorate-selected Cyber Subject Matter Expert (SME). Along with providing day-to-day leadership for the division, she developed highly technical cyber solutions, and made recommendations and decisions significantly interpreting, developing and changing critical cyber policies and directives affecting current and future DoD and intelligence community programs. She has helped the White House, DoD, federal law enforcement, and the intelligence community thwart many threats to our country.
At DIA, Tyler was also responsible for developing and leading many interagency working groups and task forces to develop, assess and deconflict advanced technical capabilities and techniques currently being used by U.S. Special Forces and the intelligence community to conduct special operations and missions. Many of these capabilities are still in active use in the field today. In addition, she led the development of a digital data protection course that has been instituted as required training for many factions of Special Forces.
As a senior digital forensic analyst for the DoD’s Cyber Crime Center, Tyler used her expertise to conduct major crimes, intrusion and malware analysis. Her work directly led to many successful prosecutions, protecting the country from hackers, saving businesses millions of dollars, and put numerous online sexual offenders and those who have committed crimes against children behind bars.
Over her career she also provided her extensive expertise to NASA and technology stalwart IBM. Her latest book, Catching the Catfishers: Disarm the Online Pretenders, Predators, and Perpetrators Who Are Out to Ruin Your Life (2014, The Career Press), teaches the public how to safely and successfully navigate the online world, protect yourself, your children, your privacy, and learn how to be sure if someone is who they claim to be online. Previously, she co-authored the textbook, Alternate Data Storage Forensics (2007, Syngress), and was also featured in Best Damn Cybercrime and Digital Forensics Book Period (2007, Syngress).
Tyler’s expertise has made her a highly sought-after guest and writer for both national and local television, radio, print and online media. She has been featured on Good Morning America, FOX and Friends, CBS Evening News, ABC World News Tonight, Bloomberg, CNN, FOX, CBS, ABC, NBC, WGN, among others, and in The Wall Street Journal, Washington Post and Huffington Post.
She has given many successful presentations across the country in the technical, insurance, financial, healthcare and other industries at companies ranging from start-ups to Fortune 100s. Tyler has also presented to schools, universities, town halls and parenting groups and has been a keynote speaker at conferences such as RSA, Defcon/Blackhat, HTCIA, Bloomberg, DoD Cybercrime and many other intelligence community and law enforcement conferences.
With a passion for helping the average person understand the dangers and pitfalls of living in a digital world, Tyler is also called upon as a featured speaker to educate audiences of all demographics on the ever-growing and ever-changing digital landscape.
Chief of Security Testing for Titania Solutions Group
Gregory is the owner of GCE, LLC, Chief of Security Testing for Titania Solutions Group, on the Board of Directors of ATNA Systems, International Board of Advisors of the MacKenzie Institute and has his own radio show based on his book, Reverse Deception which is a popular curriculum book in IT and psychology departments nationwide which has been translated into four languages; Cyrillic, Arabic, Russian and Chinese. He has been a frequent guest on Fox News, ABC and SiriusXM and travels globally to speak on future technologies.
In his over 30 years of military and civil service he served in several capacities in the Infantry, Logistics, Medical Service and Military Intelligence branches. His key assignments included US Strategic Command and the National Security Agency.
Gregory holds a MS from Seton Hall University and a BS from Colorado Christian University and is a doctoral candidate studying in vivo bio-nanotechnology. He is a Certified Information Security Manager (CISM) is LEAN 6 Sigma Blackbelt trained, a licensed ISO 9000 Lead Auditor and has received numerous professional awards including the prestigious National Security Agency Military Performer of the Year.
Senior Director of Cybersecurity Research and Communications for CynergisTek
John Nye is Senior Director of Cybersecurity Research and Communications for CynergisTek and has spent the last decade working in Information Security, half that time working exclusively as a professional penetration tester. Besides testing and improving security, John has a passion for educating and informing the public. He accomplishes this by presenting regularly at industry conferences and groups (such as DEF CON, B-SidesLV, and HIMSS 2018). When he is not busy speaking he is writing blog posts for CynergisTek and industry publications. Nye’s specialties include social engineering, the human/computer interaction, wireless, web, and system penetration testing, user education, public speaking, information assurance, security auditing, writing, security research and analysis. Some of his industry certifications include CISSP, Licensed Penetration Tester (LPT) and Certified Ethical Hacker (CEH).
Head of Security Research at Protego Labs
Tal has 15 years’ experience in the information security field, specializing in security research and vulnerability assessment. Prior to being the Head of Security Research at Protego, Tal was a tech leader at AppSec Labs, leading and executing a variety of security projects for serverless, IoT, mobile, web, and client applications, as well as working for leading security organizations, such as Synack, CheckPoint, and RSA.
Tal is also a keen speaker; training DevOps and hackers around the world, as well as lecturing at major security conferences; and a neat developer, experimenting daily with offensive and defensive security.
Director, Talent Acquisition MAG Aerospace
Doug Munro has been embedded in Talent Acquisition for more than fifteen years, beginning in agency Recruiting before moving into corporate roles. His talent pool immersion has included Software Engineers, Database Developers and Administrators, Network Architects and Engineers, Executives, and Cybersecurity Specialists in multiple disciplines. His experience encompasses both private and public-sector customers, both actively recruiting professionals to fill key roles and leading teams of recruiters to elevate firms’ Talent Acquisition capabilities. Doug’s public-sector experience includes securing top security-cleared talent for mission-critical efforts across dozens of Department of Defense and Intelligence Community entities. He retains a significant focus in Cybersecurity, identifying talent in the areas of Risk and Vulnerability Assessment, Cyber Risk Advisory, Penetration Testing, and Cyber Engineering. As a proponent of community-based recruiting, Doug has participated in numerous events, speaking and offering resume and career advice at events like RecruitDC, BSidesLasVegas, BSidesDC, BSides Nashville, and the ISC2 Cyber Summit, among others.
Arnar S. Gunnarsson
CTO for Origo
Arnar has 15+ years experience with enterprise level IT and has been on the Ops side for most of that time but focusing on security for about 5 years – Arnar currently lead‘s Origo‘s Incident Response team.
He has worked on a large percentage of Iceland’s critical infrastructure and leads Origo’s security response team and has a seat on it’s security council.
Arnar has been speaking about security in Iceland and the rest of the world for a couple of years and has been working on increasing participation in the security community in Iceland by hosting talks, teaching classes and organizing conferences both with domestic and international participants
CISO at Kabbage, Inc
Nir Valtman heads the information security at Kabbage, an amazing unicorn FinTech company. Beforehand, Nir worked at NCR Corporation in several roles, including heading the application security across the software solutions portfolio and leading the divisional information security as the Retail CISO. Furthermore, as part of his previous positions, he was working in several security leadership, application security, penetration testing and systems infrastructure security positions.
Nir is a frequent speaker at leading conferences around the world, including Black Hat, Defcon, RSA, BSides, OWASP etc. Nir has a Bachelor of Science in Computer Science but his knowledge is mainly based on cowboy learning and information sharing with the techno-oriented communities.
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Muthoni Richards MSc specializes in the intersection of Regulatory Compliance (Global and Domestic), Business, Tech and People. She has numerous years of GRC experience starting with the heavily regulated Financial Services at a time when FS Regulation was growing in depth and intensity. She has experience with GLBA, KYC, AML and FCPA. Her experience also includes the implementation of standards and frameworks to include NIST, SANS, ISO27K and PCI DSS. She is currently engaged in supporting organizations understand and implement the EU GDPR. With its growing list of requirements, the GDPR has created turbulence in the GRC landscape especially here in the USA. Due to her vast experience, she is uniquely suited to bridge the gap between Business, Legal and IT, a challenge she thoroughly enjoys. In this position she also gets to engage her skills in conflict management, mediation and cultural competency. Muthoni’s other interests include writing, fitness and performance arts. She also engages with several emerging and existing non-profits with a focus on improving and increasing ICT access in underserved areas in East Africa. Organizations such as Valid Dreams Foundation seek to offer school age girls in Kenya the opportunity to engage with technology in ways that are often reserved for their male counterparts.
Founder, The Security Awareness Company
Winn Schwartau thinks asymmetrically and has been “Security” for almost 30 years. As he puts it, “I’ve been in security for about 30 years and I think, maybe, I’m just starting to understand it.” If you want originality in thought, writing, presentations or any aspect of Security, call Winn. In addition to being called, “The Civilian Architect of Information Warfare,” he is one of the country’s most sought after experts on information security, infrastructure protection and electronic privacy.
Aamir Lakhani is a leading security architect and runs the popular security blog Dr. Chaos at www.DrChaos.com. He is responsible to provide IT security solutions to major commercial and federal enterprise organizations. Lakhani has designed offensive counter defense measures for defense and intelligence agencies, and has assisted organizations in defending themselves from active strike back attacks perpetrated by underground cyber groups. Lakhani is considered an industry leader in support of detailed architectural engagements and projects on topics related to cyber defense, mobile application threats, malware and Advanced Persistent Threat (APT) research, and Dark Security.
CISSP-ISSMP, GSNA, GCIH
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own Blog and Podcast called Advanced Persistent Security. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.
Enterprise Application Security Architect at NCR
Jason Patterson is an Enterprise Application Security Architect at NCR, where he works on shaping the future by securing omni-channel and digital banking solutions. Jason has designed and implemented many of the security controls protecting online banking products used by over 700 financial institutions. Prior to working at NCR, Jason has held positions in application and infrastructure security at PwC, AIG and Apple. Jason has more than 15 years of experience working in the computer security space, and earned a Bachelor of Science degree in CIS from California State Polytechnic University, Pomona, in addition to CISSP and CSSLP certifications.
Threat Intelligence Analyst at Recorded Future
Allan Liska is a solutions architect at Recorded Future. Allan has more than 15 years experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.
Threat Researcher with LookingGlass Cyber Solutions
Marcelle Lee is a threat researcher with LookingGlass Cyber Solutions, an adjunct professor in digital forensics and network security, and she also provides security consulting and training services through her company, Fractal Security Group, LLC. She is involved with many industry organizations, working groups, and boards, including the Women’s Society of Cyberjutsu, the NIST Cyber Competitions Working Group, and the ISACA CSX Certification Task Force.
Marcelle has earned the CISSP, CSX-P, GCFA, GCIA, GCIH, GPEN, GISF, GSEC, GCCC, C|EH, CCNA, Security+, Network+, and ACE industry certifications. She holds four degrees, including a master’s degree in cybersecurity. In 2016 she received the Chesapeake Regional Tech Council Women in Tech (WIT) Award. Marcelle frequently presents at conferences and training events and is an active volunteer in the cybersecurity community. A list of her speaking engagements can be found at https://goo.gl/7pXpL8.
Frank S. Rietta, MSIS
Web Application Security Architect, Rietta, Inc.
Frank Rietta is a web application security architect, author, and speaker. He is a computer scientist with a Masters in Information Security from the College of Computing at the Georgia Institute of Technology and founder of the Atlanta-based security firm Rietta Inc (https://rietta.com/).
Rietta Inc is in the business of defensive security. Our business is built around the realization that security cannot be bolted on at the end of a development process, and thus if you want to build web applications capable of withstanding constant attack, you have to build security into the development process itself. This has become even more critical with the rise of cloud-based computing and the proliferation of mobile applications that communicate constantly with publicly accessible web-based API servers to function. In our industry, the security perimeter is no longer defined as a network firewall, but is instead wherever your servers make an authorization decision. This means ultimately all security depends on software security.
Sharon Smith, CISSP
Principal Cybersecurity Strategy and Advisory Consultant, Virtual CISO, speaker and author
Since 2005 Sharon Smith has worked globally providing cybersecurity consulting and advisory services. Her clients have included many large well-known retailers, banks and credit unions, payment processors, the US Navy, and many global organizations. Sharon is currently a CISSP and C|CISO and has held the CISA, CEH, CFE, and PCI-QSA certifications.
During her 13 years in consulting she has seen what works and what doesn’t work in implementing security and brings this depth and breadth to her clients. Sharon understands the challenges and adversity the security professional is up against, especially those encountered by the CISO and other security executives every day. She not only understands the technology they work with, but also the challenges in getting business buy in and support.
Sharon expanded her education as a professional coach and has a deep understanding of what is needed to keep a security team engaged and productive. She received her Bachelors in Accounting from Eastern Michigan University and her Masters in Forensic Science, High Technology Crimes from The George Washington University.
Manager with Rapid7
Price McDonald is a Manager with Rapid7. In his free time he enjoys spending time with his family, playing poker, competitive shooting, and golfing. Price’s areas of expertise include Hardware Hacking, Penetration Testing, Reverse Engineering and Security Architecture and Design.
CMO and Outreach Lead for CyberSecJobs.Com and ClearedJobs.Net
Kathleen Smith, in her capacity as CMO and Outreach Lead for CyberSecJobs.Com and ClearedJobs.Net has coached thousands of job seekers and employers on how to better connect and work together to achieve the mutual goal of employment. Kathleen presents at several security conferences each year on recruiting and job search. Some of the conferences she has presented at as a sole presenter or a moderator include BSidesLV, BSidesTampa, BSidesDE, FedCyber, Cyber912 and CyberSecureGov. Kathleen firmly believes that giving back is the best way to move forward and volunteers in many capacities; she is the Director, HireGround, BSidesLV’s two day career track; Women in Cybersecurity, National Conference Planning Committee, Cyber912 and Women in Cybersecurity Celebration Planning Committee. Finally, Kathleen is well respected within the recruiting community; is the co-founder and current President of recruitDC, the largest community of recruiters in the Washington DC area.
CTO, North America for Infosec Global
Richard Henderson is a writer, researcher, tinkerer, and regular presenter at conferences and events, and was lauded by a former US DHS undersecretary for cybersecurity as having an “insightful view” on the current state of cybersecurity. He is also a skilled electronics hacker and ham radio nerd: he was one of the first researchers in the world to defeat Apple’s TouchID fingerprint sensor on the iPhone 5S. Richard has taught workshops on Software Defined Radio at Defcons 25, 26, and Defcon China Beta.
Richard also helped edit colleague and friend Tyson Macaulay’s latest book on IoT Security: RIoT Control: Understanding and Managing Risks and the Internet of Things. He is currently co-authoring a 2nd edition of Cybersecurity for Industrial Control Systems. He is also working on a book on Ham Radio for Hackers.
Evan has 19 years of IT experience. He began with his first hosting and development company in 1999. Since then he has worked a variety of roles from Software Engineer, DBA, System Administrator III, Security Admin and Sr. Incident Responder. Some organizations include UCA.edu, Interop, Akamai, Seminole Gaming/Hard Rock and Walmart. He got started full time in security in 2013 when working for Prolexic DDoS mitigation and becoming exposed to CTF tournaments which have been a passion ever since. Evan has also been involved in the community and has presented for ISSA, OWASP, HackMiami and meetup groups.
Chief Scientist, Arxan Technologies
Aaron is the Chief Scientist at Arxan Technologies. He and the Advanced Threat Team analyze and catalog the application security threat landscape and drive the breadth and depth of Arxan’s application protection solutions. Aaron brings over 15 years of industry and academic experience in information security and cryptography. His expertise is in attack methodology, binary formats, reverse engineering, compilers, linkers, and operating systems. He holds a BS in Computer Science from The Ohio State University and a MS in Computer Science from Purdue University.
Zachary Hunsaker graduated from the University of Wyoming in 2014 with a degree in International Studies and intended to continue his education and become a translator. After college his plans changed when he landed a job as a Java Software Developer for a small company. He quickly moved into a systems administrator position and took on IT security issues for the company as well. He quickly fell in love with Security and began consulting for a company that had regulatory requirements.
He moved on to the National Center for Atmospheric Research (NCAR) as a Systems Administrator doing work related to the High Performance Computing Cluster. He was then hired as a Security Engineer for NCAR and has been one of the primary incident responders there since early 2017. He frequently performs pentests and Incident response work for both the private and public sector. He has written many tools to help aid his endeavors within these fields and prefers working in python whenever possible. He is a firm believer in processes and procedures and his efforts along with those of his coworkers at NCAR have more than halved the detection and response time at NCAR
Consulting Systems Engineer with FireEye
Tim Gallo is a Consulting Systems Engineer with FireEye, who has over 20 years’ experience in information security. Tim’s expertise is in Intelligence Guided Cyber Network Defense (IGCND). Today he spends his days helping clients understand the importance of Intelligence as a guiding principle for building out effective processes and leveraging technologies to build their cyber defense centers and security operations practices. As part of his current role Tim provides thought leadership in the areas of security strategy, intelligence initiatives, and threat and vulnerability management. In Tim’s previous roles he helped develop intelligence solutions for vendors that included Vulnerability and Threat Management and Adversary Intelligence, led the security practice for an leading industrial manufacturer, and delivered consulting services to clients around Security Operations and Compliance. He was there the day his employer decided that they needed people living in their NOCs for 48 straight hours during Y2K, and built the security practices to ensure this was possible.
VP of Strategy and Product Marketing for NopSec
Adrian is the VP of Strategy and Product Marketing for NopSec. He spent a decade building security programs and defending large financial firms. He also spent many years as a consultant, performing penetration tests, PCI audits and other security-related assessments. Adrian learned the business side of the industry as a research analyst for 451 Research, working closely with vendors and investors.
Prior to NopSec, Adrian co-founded Savage Security, an applied research and consulting firm dedicated to making it easier for defenders to succeed. He continues this mission at NopSec, who helps practitioners by prioritizing, cleaning and generally making sense of vulnerability data.
Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths or being proven wrong. Adrian loves to write about the industry, tell stories and still sees the glass as half full.
Diana Candela, a Cyber-Risk strategist who characterizes the alignment of Tech, Security, and Privacy. A mostly anonymous leading expert on multi-national IT Regulatory Compliance with over 20 years experience across a variety of public and private sectors including Manufacturing, Energy, Healthcare and Government. Diana promotes sound, risk-based decisions to drive security and privacy as by-products of compliance activities. Diana is also a cheery, public speaker and cyber security blog enthusiast, who casually avoids the tech lingo and loves to drive Governance, Risk, and Compliance (GRC) operational excellence topics to both technical and non-technical audiences alike.
When she’s not working, she loves indulging in her love for quality time with her family, playing with her dogs and working her way through every interesting recipe found on the Internet.
Diana holds multiple certifications including: CEH, ECSA, CNDA, LPT, CSSGB, ITIL, NIMS and has a MS in Computer and Information Systems Security/Information Assurance. Maybe one day she’ll finish her PhD.
CSO for Sequrit CSI
His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.
Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams. He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.
In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.