Moderator: Matt has been involved in the Information Technology and application development for more than 10 years. He is currently working at Rackspace in the Cloud product’s application security team. Prior to joining Rackspace, Matt spent time as a application security consultant and spent several years as the “appsec guy” at a government agency. Matt's focus has been in application security including testing, code reviews, design reviews and training. His background in web application development and system administration helped bring a holistic focus to Secure SDLC efforts he's driven. He has taught both graduate level university courses and for large financial institutions. Matt has presented and provided training a various industry events including DHS Software Assurance Workshop, Agile Austin, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil.
Robert Hansen (CISSP) is the Director of Product Management at WhiteHat Security. He's the former Chief Executive of SecTheory and Falling Rock Networks which focused on building a hardened OS. Mr. Hansen began his career in banner click fraud detection at ValueClick. Mr. Hansen has worked for Cable & Wireless doing managed security services, and eBay as a Sr. Global Product Manager of Trust and Safety. Mr. Hansen contributes to and sits on the board of several startup companies.
Matt Johansen is a Sr. Manager for the Threat Research Center at WhiteHat Security where he manages a team of Application Security Specialists, Engineers and Supervisors to prevent website security attacks and protect companies’ and their customers’ data. Before this he was an Application Security Engineer where he oversaw and assessed more than 35,000 web applications that WhiteHat has under contract for many Fortune 500 companies across a range of technologies.
Matt Konda has given numerous industry talks including the following: WindyCityRails - September 2013 - Insecure Expectations; Secure360 - May 2013 - Agile Security by Example; ChicagoRuby - April 2013 - Hack Night with brakeman, burp and secure_headers; OWASP Chicago Meeting - January 2013 - Rails Pitfalls; ChicagoRuby - December 2012 - Rails Security in the Wild; OWASP MSP Meeting - November 2012 - Builders Vs. Breakers; OWASP AppSec USA - October 2012 - Builders Vs. Breakers; Defcon SkyTalks - July 2012 - Builders Vs. Breakers; BSidesChicago - April 2012 - Builders Vs. Breakers; BSidesChicago - April 2011 - Builders Vs. Breakers. Those with slides are here: https://speakerdeck.com/mkonda. Matt provides training as part of his work, and is providing training as part of Lone Star Ruby: Lone Star Ruby - July 2013 - Attacking Rails, Defending Rails. Matt also lead the collaborative effort to produce the OWASP Rails Security Cheat Sheet.
Jim Manico is an author and educator of developer security awareness trainings. He is a frequent speaker on secure software practices and is a member of the JavaOne "rockstar hall of fame". He has a 17 year history building software as a developer and architect. Jim is also a Global Board Member for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several secure coding projects. Jim is currently working on a book with McGraw-Hill and Oracle-Press on Java Web Security. For more information, see http://www.linkedin.com/in/jmanico.
Mano 'dash4rk' Paul
Christian, CyberSecurity Advisor and Strategist, Author, Shark Biologist, Entrepreneur, Security Trainer, Speaker, HackFormer, yada yada yada ... | Ask a resident of Hawaii what Mano means and they would say that it is one of the above. Do you know which one?
Josh Sokol, CISSP, graduated from the University of Texas at Austin with a BS in Computer Science in 2002. Since that time, he has worked for several large companies including AMD and BearingPoint, spent some time as a military contractor, and is currently employed as the Information Security Program Owner at National Instruments. In his current role, Josh manages all compliance, security architecture, risk management, and vulnerability management activities for NI. Josh holds a CISSP certification and has spoken on dozens of security topics including the much hyped "HTTPSCan Byte Me" talk at BlackHat 2010.
Jeff Williams is a co-founder and CTO of Contrast Security, the world's fastest and most accurate application security technology. Previously, Jeff was a founder and CEO of Aspect Security. He also served as Global Chairman of the OWASP Foundation where he created many open-source standards, tools, libraries, and guidelines – including the OWASP Top Ten, WebGoat, ESAPI, XSS CheatSheet, ASVS and more. Jeff welcomes hearing from you and may be reached directly at [email protected]