Speakers & Trainers
Grady Summers (@GradyS) - As Senior Vice President and Chief Technology Officer, Grady oversees the global CTO team that supports R&D and product engineering. He joined FireEye through its acquisition of Mandiant in 2014. At Mandiant, Grady led the company’s strategic consulting and customer success divisions. Prior to Mandiant, Grady was a partner at Ernst & Young, responsible the firm's information security program management practice. Before E&Y, Grady was the Chief Information Security Officer (CISO) at General Electric, overseeing a large global information security organization. Grady holds an MBA from Columbia University and a B. S. in computer systems from Grove City College in Pennsylvania.
Rob Fuller (@mubix) - Senior Red Teamer. Mubix's professional experience starts from his years as an active duty United States Marine. He have worked with devices and software that run gambit in the security realm. He has a few certifications, but the titles that he holds above the rest is FATHER, HUSBAND and United States Marine.
Lorrie Faith Cranor (@lorrietweet) is a Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS) and co-director of the MSIT-Privacy Engineering masters program. She is also a co-founder of Wombat Security Technologies, Inc. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005). In 2003 she was named one of the top 100 innovators 35 or younger by Technology Review magazine and in 2014 she was named an ACM Fellow for her contributions to usable privacy and security research and education. In 2012-13 she spent her sabbatical year as a fellow in the Frank-Ratchye STUDIO for Creative Inquiry at CMU where she worked on fiber arts projects that combined her interests in privacy and security, quilting, computers, and technology. She practices yoga, plays soccer, and runs after her three children.
Dmitri Alperovitch (@DmitriCyber) is the Co-Founder and CTO of CrowdStrike Inc., leading its Intelligence, Labs and Product teams. A renowned computer security researcher, he is a thought-leader on cybersecurity policies and state tradecraft. Prior to founding CrowdStrike, Dmitri was a Vice President of Threat Research at McAfee, where he led company’s global Internet threat intelligence analysis and investigations. In 2010 and 2011, Alperovitch led the global team that investigated and brought to light Operation Aurora, Night Dragon and Shady RAT groundbreaking cyberespionage intrusions, and gave those incidents their names. With more than a decade of experience in the field of information security, Alperovitch is an inventor of 23 patented technologies and has conducted extensive research on reputation systems, spam detection, web security, public1key and identity1based cryptography, malware and intrusion detection and prevention. Alperovitch holds a master's degree in Information Security and a bachelor's degree in Computer Science, both from Georgia Institute of Technology.
Liam Randall (@hectaman) is CEO of Critical Stack, a security consulting and training company focused on best of breed open source technology (http://www.criticalstack.com/). A long-time security consultant, trainer, open-source contributor and member of the Bro core development team he frequently speaks and consults on advanced high speed network intrusion detection systems. He has spoken at Shmoocon, Derbycon, BsidesDC, NoVA Hackers, MIRcon, the Bro Exchange, and has been a feature guest on shows such as PaulDotCom, Healthy Paranoia, Securabit and more. Liam is the happily married father of three presently residing in Cincinnati, OH; he holds a degree in Computer Science from Xavier
Sean Mason (@SeanAMason) Sean is the Director of Incident Response Services for Cisco. After serving his commitment to the US Air Force, Sean has spent his career with Fortune 500 companies (Cisco, GE, Monsanto, Harris & CSC) where he has worked in a variety of IT & industry verticals, including software development, auditing, information security, Defense, Aviation, Finance, Energy, Technology, Biotechnology, and Healthcare. Sean served as the Defense Industrial Base (DIB) representative for Harris from 2009-2011, served as Director of Incident Response for GE, and currently leads Cisco's Incident Response Practice. Sean also serves as a Subject Matter Expert for ISC2, helping to design credentials’ common body of knowledge and exam questions as well as sitting on the ISC2 Application Security Advisory Council (ASAC).
Georgia Weidman (@georgiaweidman) is a penetration tester, security researcher, and trainer. She holds a MS in computer science as well as holding CISSP, CEH, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has provided training at conferences such as Blackhat USA, Brucon, and Security Zone to excellent reviews. Georgia founded Bulb Security LLC, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security culminating in the release of the open source project the Smartphone Pentest Framework (SPF). She is the author of Penetration Testing: A Hands-on Introduction to Hacking from No Starch Press.
Vinny Troia (@vinnytroia) breaks into businesses for a living -- and he loves his job. While that may be alarming to hear, Troia’s work as CEO of Night Lion Security is always controlled and authorized, and stems from years of experience in IT security as a Certified Ethical Hacker, and Hacking Forensic Investigator.Troia has 15+ years of IT security and software development experience, having spent the past 7 working on Military and Department of Defense projects. During which time he’s been certified as both an Ethical Hacker and Computer Hacking Forensic Investigator. Troia is an expert in website and network security and digital forensics investigations, and is currently pursuing a PhD in Information Security from Capella University.
Rafal Los (@Wh1t3Rabbit), Director of Solutions Research and Development within the Accuvant Office of the CISO, leads a team developing research-backed guidance addressing the key challenges for enterprise security leaders. His team brings together diverse, researched perspectives to develop strategy guidance coupled with maturity and operational models from leading practices to drive meaningful security program action.
David Bianco (@DavidJBianco) Before coming to work as a Security Architect and DFIR subject matter expert at Sqrrl, David led the hunt team at Mandiant, helping to develop and prototype innovative approaches to detect and respond to network attacks. Prior to that, he spent five years helping to build an intel-driven detection & response program for General Electric (GE-CIRT). He set detection strategies for a network of nearly 500 NSM sensors in over 160 countries and led response efforts for some of the company’s the most critical incidents. David stays active in the community, speaking and writing on the subjects of Incident Detection & Response, Threat Intelligence and Security Analytics. He is also a member of the MLSec Project (http://www.mlsecproject.org). You can follow him on Twitter as @DavidJBianco or subscribe to his blog, "Enterprise Detection & Response" (http://detect-respond.blogspot.com).
Robert M. Lee (@RobertMLee) - United States Airforce Cyber Warfare Ops Officer | PhD candidate @KingsCollegeLon | Co-Founder @DragosSecurity | SANS ICS 515 author | Lecturer @UticaCollege | SCADA and Me author
Kyle Maxwell (@kylemaxwell) is a private-sector threat intelligence analyst and malware researcher working with incident response and security operations. He is a GPL zealot, believes in UNIX uber alles, and supports his local CryptoParty. Kyle holds a degree in Mathematics from the University of Texas at Dallas.
Scott J Roberts (@sroberts) works for GitHub and makes up his title every time he's asked, so we'll say he's the Director of Bad Guy Catching. He has worked for 900lbs security gorillas, government security giants & boutiques, and financial services security firms and done his best to track down bad guys at all these places. He's released and contributed to multiple tools for threat intelligence and malware analysis. Scott is also really good at speaking in the 3rd person.
Tim MalcomVetter (@malcomvetter) is a decade-and-a-half security veteran, currently employed as a security consultant in Optiv’s Software Security practice, where he performs penetration tests and code reviews on web apps, web services, mobile apps, point of sale systems, fuel pumps (yes, fuel pumps!) and loves testing anything called “legacy” (a.k.a. treasure troves). Tim has worked with Fortune 500 clients and found vulnerabilities in big name commercial software products with CVE credits to his name. To his non-technical friends, Tim likes to explain how he has stolen credit cards by memory-scraping Point of Sale systems of merchants where they’ve shopped (that usually gets their attention).
Gary Harbison, as the CISO for Monsanto, leads the Information Security Office with global ownership of information security, IT risk management and protection of Monsanto’s critical data. Harbison has 19 years of overall IT experience, with 17 years focused in information security. This has included experience with multiple global Fortune 500 companies and the U.S. Department of Defense. Harbison received his BBA from Webster University. Harbison is also an adjunct professor in the cybersecurity master’s program at Washington University in St. Louis.
Jason Batchelor is a security researcher at Emerson and primary author of the recently open sourced File Scanning Framework. Jason has a passion for intelligence analysis, reverse engineering, and developing new ways to meet today’s threats. He graduated from the Rochester Institute of Technology with a masters in Networking and Systems Administration. Jason has spoken at several venues and has both private and public industry experience. He is a great proponent of empowering analysts to drive capabilities forward, and innovate past their limitations, rather than being solely driven by them.