Speakers - 2011

SecTor 2011 was pleased to announce sessions from the following speakers:

Founding member of SecTor and TASK and Senior Security Strategist, Microsoft Corp

Joe Grand is the President of Grand Idea Studio, where he specializes in the invention, design, and licensing of consumer product. Joe was a co-host of Prototype This! on Discovery Channel, an engineering entertainment show that has aired around the world and followed the process of four people building crazy, one-of-a-kind prototypes.

Joe is a former member of the legendary hacker collective L0pht Heavy Industries and has testified before the United States Senate regarding homeland computer security. He has spent almost two decades finding security flaws in hardware devices and educating engineers on how to increase the security of their designs.

A successful entrepreneur, Joe has been involved in electronics since the age of seven, holds four granted patents, is the author of multiple books, and is on the Technical Advisory Board for MAKE Magazine. His work has been featured in worldwide media outlets, such as CNN, Wired, The New York Times, and Forbes.

Joe holds a Bachelor of Science degree in Computer Engineering from Boston University and a Doctorate of Science in Technology (Honorary) degree from the University of Advancing Technology. He lives in San Francisco with his wife and young son. On occasion, he escapes his laboratory and appears in the outside world as a competitive runner.

Mikko Hypponen is based in Helsinki, Finland. He has been analysing computer viruses for more than 20 years and has written on his research for publications such as Scientific American and CNN.com. According to information leaked by Wikileaks, the US Government has classified Mr. Hypponen as an infosec rock star (true story). He doesn't often speak publicly, but when he does, it's in venues like DEF CON, Rubicon Detroit or TED. He's also the oldest child genius on the planet. And every time he swims, dolphins appear.

Brian Krebs is editor of krebsonsecurity.com, a daily blog dedicated to in-depth cyber security news and investigation. Most recently, Krebs was a reporter for The Washington Post, where he covered Internet security, cyber crime and privacy issues for the newspaper and the Web site.

Krebs got his start in journalism at The Post in 1995, and has been writing about computer security, privacy and cyber crime for more than a decade. Earlier this year at the RSA Security Conference, KrebsOnSecurity.com was named the blog that best represents the security industry. At the 2010 RSA Conference, KrebsOnSecurity.com was voted the best non-technical security blog. Also last year at RSA, Krebs was named the number one cyber security journalist in America in a peer-review contest.

Areg brings over 13 years of business skills and technical acumen to product development, product management, business development, and entrepreneurial problem-solving challenges. Throughout his career, he has developed and delivered innovative telecommunications and information security products and solutions enabling converged network infrastructures for enterprises and service providers around the world. Areg has held progressively influential technology and management roles at industry leaders such as 3Com, Symmetricom, Radialpoint and Azimuth Systems – a leading provider of wireless and broadband test equipment which Areg co-founded in 2002, raising $5.8M in VC funding. He has accrued significant experience with broadband wireless technologies, consumer and enterprise security, social networking, and helped develop telecommunications and networking standards within IEEE/IETF consortiums. Areg co-authored numerous technical papers and IEEE ratified standards including 802.11i Medium Access Control (MAC) Security Enhancements and is a frequent speaker and presenter at technology events.

James Arlen, CISA, is Principal at Push The Stack Consulting providing security consulting services to the utility and financial verticals. He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for more than 15 years. James is also a contributing analyst with Securosis, founder of the think|haus hackerspace and has a recurring column on Liquidmatrix Security Digest. Best described as: "Infosec geek, hacker, social activist, author, speaker, and parent." His areas of interest include organizational change, social engineering, blinky lights and shiny things.

Kai Axford (MBA, CPP, CISM, CISSP, ACE, CHFI), is the National Manager for the Information Risk Management & Security practice at Accretive Solutions and he is board certified in security management. In his current role he leads a team of penetration testers that conduct exploitation testing, facility breach exercises, vulnerability assessments, and other security exercises. Kai has delivered over 300 security presentations on a variety of topics, including computer espionage, digital forensics, security management, and incident response around the world. Kai holds an MBA in Information Assurance, is a Certified Protection Professional (CPP), an AccessData Certified (Forensics) Examiner and a graduate of the FBI Citizen's Academy. He is a member of ISSA, ISACA, Infragard, and the North Texas Electronic Crimes Task Force. He currently serves on the academic advisory board for the University of Dallas' graduate program in cybersecurity.

Mr. Barlow has over 15 years of experience in the IT field, the majorly of it in the IT Security realm. He is the founder of the Atlantic Security Conference and the Halifax Area Security Klatch and is has been recognized by Digital Nova Scotia as an Industry Leader. When he is not performing penetration testing or other security related work Travis is an avid sportsman and angler and also enjoys whitewater kayaking, and extreme winter survival camping.

Ed is the CEO of HoneyApps Inc, a vulnerability management Software as a Service that centralizes, correlates and automates the entire stack of security vulnerabilities and remediation workflow. Prior to HoneyApps, Ed served as the Chief Information Security Officer for Orbitz, the well known online travel agency where he built and led the information security program and personnel for over 6 years. Ed has over 18 years experience in information security and technology.

He is a frequent speaker at information security events across North America and Europe. Past talks have included venues such as IANS Security Forum, SaaScon, AppSec DC, BlackHat, CSO Perspectives, MIS Institute, and several others. Additionally, Ed is a contributing author to the book Beautiful Security by O'Reilly and a blogger on CSO Online.

Corey is a Principal Consultant with the Intrepidus Group, specializing in mobile application security. He has performed code reviews and conducted mobile application penetration tests for numerous Fortune 500 clients on a multitude of platforms, such as Android, BREW, RIM, and iOS. He has worked with nationwide telecommunication companies to help ensure the security of wireless architectures, systems, and applications. Prior to joining Intrepidus Group's professional services team, Corey served as a Senior Consultant at Foundstone. During his tenure at Foundstone, he was an integral part of their assessments practice, and played a key role in developing and teaching their training courses.

Sean is an active senior threat research analyst at Damballa. He specializes in the analysis of signatures and behaviors used by the botnets and the cyber-criminal community. Sean focuses his time learning tools, techniques, and procedures behind attacks and intrusions related to various persistent threats. Sean has worked in several Information Systems Security roles for various firms and customers over the past decade across United States. Most notably he has spent several years performing black box penetration testing, incident response, and intrusion and intruder analysis for Fortune 100 companies, the Defense Department, and 'other' Federal Agencies. Sean has shared numerous accounts of his findings at various industry conferences relating to the inner-workings of advanced persistent threats (APTs). Sean has lectured at industry conferences including Bluehat, Defcon, Defcon Skytalks, Hacker Halted, TakeDownCon, PhreakNIC, DC3, NW3C, NSA, DHS Annual Security Symposium, Pentagon Security Forum, and Carnegie Mellon CERT discussing his interest in analyzing and manipulating the minds and morale of persistent threats without their knowledge.

Sean has focused his research over the past several years on developing systems that enable the analysis of attackers through various advanced machine learning and enterprise platforms mixed of various public and private Honeynet technologies. Sean co-authored "Hacking Exposed: Malware and Rootkits (the definitive Computer Security book series)" with McGraw-Hill in 2009. Sean is currently working on another book "Spy Hunters: Countering Advanced Persistent Threats," a comprehensive manual that illustrates how to employ various methods of counter-intelligence, disinformation, and deception against active threats in order to learn the 'who' and 'why' behind the breach of your enterprise.

Stephan Chenette is a principal security researcher at Websense Security Labs, specializing in research tools and next generation emerging threats. In this role, he identifies and implements exploit and malcode detection techniques. Stephan has released public analyses on various vulnerabilities and malware. Prior to joining Websense, Stephan was a security software engineer working in research and product development at eEye Digital Security.

Jack Daniel recently joined the product management team at Tenable Network Security, bringing more than 20 years of IT security expertise bear. In addition to his position at Tenable, Daniel is co-Founder of Security Bsides and Director of the National Information Security Group (NAISG), a non-profit organization focused on promoting IT security awareness. Before joining the company , he served as Community Development Manager at Astaro AG, a Sophos company, where he grew Astaro's partner and customer, and IT and security communities.

Adrien de Beaupré is a senior IT Security Consultant in Ottawa, experienced in security testing and incident response. He has performed many vulnerability assessments and penetration test engagements of network hosts and web based applications for both Government and private sector clients. He has also been involved in incident response, incident management, and digital forensics engagements. Mr. de Beaupré holds the ISC2 CISSP, GWAPT (GIAC Web Application Penetration Tester), GPEN(GIAC Penetration Tester), GCIH (GIAC Certified Incident Handler) GSEC (GIAC Security Essentials), OPST (OSSTMM Professional Security Tester), OPSA (OSSTMM Professional Security Analyst, and MCSE (NT4.0 and 2K). He is also a certified OSSTMM instructor. As a volunteer member of the SANS Internet Storm Center (isc.sans.edu) he performs incident handling and threat analysis.

Nicholas (Kizz MyAnthia) Donarski is an Infosec specialist whose qualifications include an indepth understanding of security principals and practices; C|EH, MCSE+Security designations; and detailed knowledge of security tools, technologies and development. Nicholas has seven years of security experience in the creation and deployment of solutions protecting networks, systems and information assets for diverse companies and organizations, with over 10 years overall in the industry.

Mr. Garcia provides Audit, Security, Logging and SIEM solutions to fortune 500 companies around the globe. Mr. Garcia possess over 10 years of IT Security Infrastructure design and development experience. He has also developed deep risk and threat analysis expertise while building and managing an Enterprise Wide SOC. Mr. Garcia has deep insights into detecting threats using real-time monitoring solutions while working with a number global customers to develop and create compliance reports, security incident reports and real time assessment of critical threats.

Michael J. Graven is a director at Mandiant, a leading incident response firm for Fortune 500 companies, governments and financial institutions. Michael has worked on internetwork and system security since 1989, in environments as large as AT&T and Netscape and as small as twenty-person start-ups. He earned degrees at Northwestern University and Stanford University. He likes Belgian waffles and Minnesota beer, is a native Californian and a snowboarder, but he does not surf.

Seth Hardy is a Senior Security Analyst at the Citizen Lab, Munk School of Global Affairs, University of Toronto. Prior to the Citizen Lab, he worked for a large anti-virus vendor. Seth has worked extensively on analysis of document-based malware and AV evasion methods. Other areas of experience include: provably secure cryptography, random number generators, and network vulnerability research. Seth has spoken at a number of security conferences including Black Hat, DEF CON, SecTor, and the CCC. He holds degrees from Worcester Polytechnic Institute in Mathematics and Computer Science.

Havelt brings over two decades of experience in computer security to SpiderLabs. As Director of SpiderLabs Penetration Testing Practice, he oversees all aspects of network and infrastructure security testing. This includes various internal and external attack scenarios, as well as wireless network testing and best practices.

At age 13 Dave Hull was inspired by David Lightman to pursue a career in information security. Puberty had other plans. Years later after giving up his dream of being a foreign correspondent in Soviet Russia and having just failed a course in Pascal, Hull took a job as a Delphi developer for a wholesale liquor distributor, the company parties were apparently amazing, no one can remember. After a year of coding and boozing, Hull went to work at a research university where he spent the next 12 years. During that time he survived the worm wars learning incident response the hard way. Today he hunts evil on Fortune 500 networks and performs computer forensic investigations in support of incident response, civil and criminal matters.

Jibran Ilyas is a Senior Forensic Investigator at Trustwave's SpiderLabs. He is a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has investigated some of nation¹s largest data breaches and is a regular contributor for published security alerts through his research. Jibran and his research has been featured by many news organizations including Dark Reading, Infoworld, Threatpost, IT World and SearchSecurity. He has 9 years of experience and has done security research in the area of computer memory artifacts. Jibran has presented talks at security conferences (DEFCON, Black Hat, SecTor, SOURCE Barcelona) in the area of Computer Forensics and Cyber Crime. Jibran is also a regular guest lecturer at DePaul and Northwestern University. Prior to joining SpiderLabs, Jibran was part of Trustwave's SOC where he helped Fortune 500 clients with their Security Architectures and deployments.

Jibran holds a Bachelors of Science degree from DePaul University and Masters Degree in Information Technology Management from Northwestern University.

A Generalist SME in the Information Security field and an Open Source evangelist, Jason has been working in IS industry for over 15 years, holding certification for CE|H, GIAC GCFA, GREM, GWEB and LPIC-1. Formally, a lead developer for Joomla!, and still an active member with the Joomla! Security Strike team. In his current tenure(role) with one of the top 5 Canadian financial institution, Jason has been instrumental in the setup and configuration of various IS systems including the IDS/IPS and various security event reporting systems along with leading the investigations into said security events, and preparing for the next wave of possible cyber attacks.

Zach is a Principal Consultant with the Intrepidus Group, specializing in network and web application penetration testing. He has performed security assessments for numerous clients, including Fortune 500 companies and higher education institutions. Prior to joining Intrepidus Group's professional services team, Zach served as Senior Network Security Analyst at Harvard Business School, and Security Assessment Practice Manager at Rapid7. Zach has also presented at ShmooCon, the MIS Training Institute's InfoSec World, IT Security World, and FinSec conferences, as well as Boston-area security conferences, on topics such as mobile application security, open source security tools, security in virtualized environments, and vulnerability disclosure.

Troy Larson is the Senior Forensic Investigator in Microsoft's IT Security Group. Prior to joining Microsoft, Mr. Larson worked as a private computer forensics consultant, including two years with the Ernst & Young National Computer Forensics and Incident Response Team. Mr. Larson is a graduate of the University of California, Berkeley, and Boalt Hall School of Law.

Grayson Lenik is a Security Consultant at Trustwave and a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has over 12 years of System Administration experience including 6 years with American Express/IBM Global Services at one of the largest data centers in the world. Prior to his career in IT he was an Aviation Electronics Technician in the United States Navy forward deployed on board the USS Kitty Hawk and USS Independence. Grayson is a Microsoft Certified Systems Engineer (MCSE), a GIAC Certified Forensic Analyst (GCFA) and a Qualified Security Assessor (QSA). He is working towards the CISSP certification and a Bachelor's in Information Security. Grayson authors the computer forensics blog "An Eye on Forensics".

Ryan Linn is a Senior Security Consultant with Trustwave's SpiderLabs who has a passion for making security knowledge accessible. In addition to being a columnist with the Ethical Hacker Network, Ryan has contributed to open source tools including Metasploit, Dradis and the Browser Exploitation Framework (BeEF).

Cricket Liu is the co-author of all of O'Reilly's Nutshell Handbooks on the Domain Name System, DNS and BIND, "DNS on Windows NT," DNS on Windows 2000, DNS on Windows Server 2003, DNS & BIND Cookbook, and DNS & Bind on IPv6 and was the principal author of "Managing Internet Information Services."

TBA

Jason Mical is a network forensic specialist for AccessData. In this role Jason is responsible for the global management of AccessData's Network Forensic solutions and assists AD's customers with the assessment of IT risk reduction in such areas as electronic intercepts, intrusion analysis, virus detection, incidence response, privacy, asset management, policies, standards and guidelines. Jason also offers his expertise and consulting services to customers and other audiences on issues of electronic, computer, and physical security investigations.

Dave Millier is well-known in the Canadian High-Tech marketplace, where he's been helping customers with their security and networking needs for over 15 years. His career has taken many interesting turns; he has operated numerous businesses including a successful consumer ISP, a retail computer operation, a data hosting facility and business ISP, a boutique consulting firm, and most recently his organization Sentry Metrics, where as the co-founder he created and brought to market industry-leading Security and Risk Compliance Dashboard theSentry.

Rodrigo "Sp0oKeR" Montoro is certified LPI, RHCE, SnortCP with 13 years experience deploying open source security software (firewalls, IDS, IPS, HIDS, log management) and hardening systems. At Trustwave, Rodrigo works in the SpiderLabs Research division where he focuses on IDS/IPS Signatures, Modsecurity rules, and new detection research ( PDFScore and now working on HTTP Header Research). He is currently coordinator and Snort evangelist for the Brazilian Snort community and OWASP Brazilian chapter member. Rodrigo has spoken at a number of open source and security conferences (OWASP, Toorcon, H2HC, CNASI ) and serves as a coordinator for the creation of new Snort rules, specifically for Brazilian malware.

TBA

Currently Scott Moulton runs a data recovery company called MyHardDriveDied.com as well as classes teaching his techniques to both the public and private sectors. Scott focuses his efforts on dispelling the myths of data recovery by showing how you can rebuild your own hard drives, perform data recovery for investigations or as business venture. Scott Moulton began his forensic computer career with a specialty in rebuilding hard drives for investigation purposes and has rebuilt hard drives for many many investigations. Many times working on a case, Mr. Moulton will be given hard drives that had already failed in an effort to *blame* the opposition or to slow down the work and cost the opposing forces more money. To combat the *blame* scenario, Mr. Moulton developed a skill at rebuilding hard drives and recovering data. In the five years since its inception, Mr. Moulton has handled many complex cases that include homicide, embezzlement, theft, divorce, child pornography and corporate fraud and continues to combat dead hard drives to this day.

Shawn Moyer is a Managing Principal Research Consultant with Accuvant Labs. Shawn has written on emerging threats and other topics for Information Security Magazine and ZDNet, and his research has been featured in the Washington Post, BusinessWeek, NPR, and the New York Times. Shawn is an eight-time speaker at the BlackHat Briefings, and has been an invited speaker at other notable security conferences in the US, China, Canada, and Japan.

Ben is a consultant with the Intrepidus Group, specializing in network and application penetration testing. Ben has performed security assessments for a diverse client base, including S&P 500 corporations, US government entities, and public utilities. Prior to joining Intrepidus Group's professional services team, Ben performed consulting services for both corporate and government organizations, providing security engineering, incident response, and security assessment services. In his spare time, Ben is active in the application security community, volunteering with OWASP and speaking regularly at local application security events in the Washington D.C. Metro area.

Gunter Ollmann is VP for Research at Damballa and is an advisory board member for IOActive. Prior to joining Damballa, Gunter held several strategic positions at IBM Internet Security Systems (IBM ISS) with the most recent being the Chief Security Strategist. In this role he was responsible for predicting the evolution of future threats and helping guide IBM's overall security research and protection strategy, as well as being the key IBM spokesperson on evolving threats and mitigation techniques. He also held the role of Director of X-Force as well as the former head of X-Force security assessment services for EMEA while at ISS (which was acquired by IBM in 2006). Prior to joining ISS, Gunter was the professional services director of Next Generation Security Software (NGS), a vulnerability research and attack-based consulting firm. Gunter has been a contributor to multiple leading international IT and security focused magazines and journals, and has authored, developed and delivered a number of highly technical courses on Web application security. He is a well-known industry speaker worldwide and is often invited to present at various international security conferences. Gunter is also highly regarded in the press as an expert source on security threats and is a frequently quoted by the international media.

Nicholas Percoco, Senior Vice President and Head of SpiderLabs at Trustwave With more than 14 years of information security experience, Percoco is the lead security advisor to many of Trustwave¹s premier clients and assists them in making strategic decisions around security compliance regimes. He leads the SpiderLabs team that has performed more than 1000 computer incident response and forensic investigations globally, run thousands of penetration and application security tests for clients, and conducted security research to improve Trustwave's products. Percoco and his research has been featured by many news organizations including: The Washington Post, eWeek, PC World, CNET, Wired, Hakin9, Network World, Dark Reading, Fox News, USA Today, Forbes, Computerworld, CSO Magazine, CNN, The Times of London, NPR and The Wall Street Journal.

Paul is the Director for Solutions Strategy for Symantec (Canada) Corporation and has the primary responsibility of engaging with Director to C-level executives in discussions focused on Symantec's strategy and vision as a global leader in infrastructure and security software.

Chris Pogue, Senior Investigator, SpiderLabs Incident Response and Digital Forensics team.

Having served as a US Army Signal Corps Warrant Officer, he worked on digital forensic investigations and as Cyber Security Instructor. Pogue joined the IBM Internet Security Systems (ISS) X‐Force after leaving the military. As a Penetration Tester and Forensic Investigator with IBM, he performed over 300 penetration test and 50 investigations for IBM internal contracts, as well as third party customers.

The world of mister Rocheser is one of laced with heroic events. People can often be heard making comments after his presentations: "Wow!/", "Epic!/", and "Bomb". Listening to him speak on the topics of deforestation and tootsie pop density can be enlightening. Over 1 millions people have witnessed his brilliance. Going further, Valiant is one of the first 200 people who have traveled to the planet Arachnid. Surely or perhaps you have heard of him. Don't feed the bears. We have never seen him cry nor laugh, but he alwayss smiles. Communication is important. / Please follow him at 1X59Q. He likes to tweet his wisdom and has over a million followers. His Twitter account is his life and he always makes sure to laugh.

Bill Roth joined LogLogic in 2009 from BEA, where he served as Vice President of the BEA Workshop Business Unit. Prior to BEA, Roth was Chief Technical Evangelist at Epiphany. With over 20 years in this industry, Roth has played numerous product marketing, product management and engineering roles at companies like Sun Microsystems, Morgan Stanley, and GSI Commerce. Roth is also Editor-At-Large for Sys-Con Publications, and was recently named to the "Top 30 Cloud Computing Bloggers" list world-wide. Roth has an M.S. in Computer Science from the University of Wisconsin.

Mike Rothman, Analyst & President, Securosis Mike's bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike specializes in the sexy aspects of security, like protecting networks and endpoints, security management, and compliance. Mike is one of the most sought after speakers and commentators in the security business and brings a deep background in information security. After 20 years in and around security, he's one of the guys who "knows where the bodies are buried" in the space.

Starting his career as a programmer and a networking consultant, Mike joined META Group in 1993 and spearheaded META's initial foray into information security research. Mike left META in 1998 to found SHYM Technology, a pioneer in the PKI software market, and then held senior roles at CipherTrust and TruSecure -- providing experience in marketing, business development, and channel operations for both product and services companies.

After getting fed up with vendor life, he started Security Incite in 2006 to provide the voice of reason in an over-hyped yet underwhelming security industry. After taking a short detour as Senior VP, Strategy and CMO at eIQnetworks to chase shiny objects in security and compliance management, Mike joins Securosis with a rejuvenated cynicism about the state of security and what it takes to survive as a security professional.

Mike published "The Pragmatic CSO" in 2007 to introduce technically oriented security professionals to the nuances of what is required to be a senior security professional. He also possesses a very expensive engineering degree in Operations Research and Industrial Engineering from Cornell University. His folks are overjoyed that he uses literally zero percent of his very expensive education on a daily basis. He can be reached at mrothman (at) securosis (dot) com.

Ben Sapiro is an independent consultant currently working with one of North America's largest mining corporations to improve and expand their information security program. Prior his consulting work Ben was a research director at TELUS Security Labs and helped publish multiple studies on Canadian IT Security practices. Ben's currently working on bringing an easy to use risk assessment technique to the IT Security community to aid them in their conversations with business.

Nick Selby was sworn as a police officer in 2010. He has been an information security analyst and consultant for nine years, and has worked in physical security and intelligence consulting in various roles since 1993. In 2005 he established the information security practice at industry analyst firm The 451 Group, and from 2006-2011 served on the faculty of IANS Research. Since 2008 he has focused on law enforcement intelligence. He is the technology columnist for Law Officer Magazine, and co-founder of Police Led Intelligence and CSG Analysis.

Gal Shpantzer is a trusted advisor to CSOs of large corporations, tech startups, universities and non-profits. Gal has been involved in multiple SANS Institute projects, including co-editing the SANS Newsbites from 2002-2008, revising the E-Warfare course and presenting SANS@Night talks on cyberstalking, CAPTCHAs and endpoint security. In 2009, Gal founded the privacy subgroup of the NIST Smart Grid cybersecurity task group, resulting in the privacy chapter of NIST IR7628. He is a co-author of the Managing Mobile Device Security chapter in the 6th ed. Vol 4 of the Information Security Management Handbook (2010). Most recently Gal collaborated with Dr. Christophe Veltsos to present the Security Outliers project, focusing on the importance of leadership development in the security community.

Max is a security consultant with Intrepidus Group. He has a BS in Computer Science and a BE in Computer Engineering and is interested in RF communication, NFC, Linux administration, and mobile security.

Patrick Szeto is a Security Consultant with a strong background in information security spanning over a decade. He is a specialist in application security reviews, penetration tests, source code analysis and secure coding methodologies. Prior to the information security field, Patrick's experience included software development in the telecommunications and energy markets. Patrick has performed extensive application security assessments for various Fortune 500 clients in the information technology, financial services, data management, telecommunications, national retail and health care sectors. Patrick has also developed vulnerability signature detection tools and application security testing tools and served as a trainer and advisor for an independent vulnerability research team. Patrick holds an Honors Bachelor of Mathematics in Computer Science from the University of Waterloo, Waterloo Ontario. Patrick is also a Certified Secure Software Lifecycle Professional with the ISC2.

Dr. Stacy Thayer has a Ph.D. in Business Psychology from Suffolk and Capella University. Her dissertation explored the factors that contribute to employee engagement and job satisfaction in the technology sector and she is a strong advocate for positivity in the workplace. Stacy has been working in the security industry as the Founder of SOURCE Conferences in Boston, Seattle, and Barcelona.

Schuyler Towne is a competitive lockpicker and mechanical security researcher. Lately he has been studying lock development in Europe and the US in the latter half of the 19th century, but recently he turned his attention to disc detainer locks of various types as they have begun to flood into the North American market.

John Trollinger is a passionate network security professional with over a decade of experience building and marketing security products and solutions, with companies such as HP and Cisco. John is currently an HP Network Security Solutions Marketing Manager, helping customers meet the business and security challenges that their organizations face. John believes a singular philosophy is the basis of success; Listen to the customer and the market – and solve real-world problems. John has been quoted in several magazines and papers, as well as appeared on industry television shows. John also speaks at security seminars globally. Prior to working in network security, John worked with the U.S. Department of Defense, deploying military software programs, and training staff, in tri-service base clinics and hospitals, world-wide. John is a 4th Generation Texan, living, working, and playing in Austin, Texas. In his off-time, John enjoys travel, weightlifting, lake-time, home renovation, good food, good friends, and good debate. John's next project will be to restore a 43 Chevy pick-up truck.

Nicholas (Nic) Wetton who graduated from the University of London, London and the Ross School of Business, Michigan, has worked in Information Technology for over 20 years and for the past 10 years in the area of Information Security and Risk. Nic has primarily focussed in the area of Financial Services and helping organizations address the ever changing regulatory, risk and security landscapes facing them.

Kent Woodruff, CISSP, GAWN is currently Chief Security Analyst with Motorola AirDefense. He is responsible for wireless security research and technical support and guidance for the Motorola AirDefense sales team. Mr. Woodruff applies a keen understanding of industry trends and technology, leveraging his experience in demonstrating the vulnerabilities of wireless networks, as well as how such vulnerabilities can be mitigated. Mr. Woodruff has over 24 years experience in the IT field, with a wide variety of technologies including software development for embedded systems; wireless security assessments and mobile device management; vulnerability management; and network assurance, security and compliance.

Rob VandenBrink is a consultant with Metafore in Canada, specializing in Networking, Security and Virtualization. He has large clients in manufacturing, finance and entertainment with locations in almost every time zone. He holds several industry certifications, as well as a Master's degree with the SANS Technology Institute. Rob is also an Incident Handler with the Internet Storm Center - look for Rob's posts at http://isc.sans.edu !

Maxim Veytsman is a Security Consultant with Security Compass. Maxim has performed security assessments for clients in the financial, resource management, and public sectors. He specializes in web penetration testing and mobile security reviews. Maxim leads development of mobile training at Security Compass. Prior to joining Security Compass, Maxim worked in web development and in the gaming industry. Maxim studied Computer Science and Mathematics at the University of Toronto.