 |
|||
|
Practical Security: Solutions for challenging times |
|||
|
|||
|
|||||||||||||||||||||||||||
| Nitesh Dhanjani, Senior Manager, Ernst & Young | |||||||||||||||||||||||||||
| Nitesh Dhanjani is a well-known security researcher, author, and speaker. Dhanjani is currently senior manager at Ernst & Young, where he advises some of the largest corporations around the world on how to establish enterprise-wide information security programs and solutions. Dhanjani is also responsible for evangelising brand new technology service lines around emerging technologies and trends such as cloud computing and virtualisation.
Prior to his current job, Dhanjani was senior director of application security and assessments at a major credit bureau, where he spearheaded brand new security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews and threat modelling, and managed the Attack & Penetration team. Dhanjani is the author of Network Security Tools: Writing, Hacking, and Modifying Security Tools (O'Reilly) and HackNotes: Linux and Unix Security (Osborne McGraw-Hill). He is also a contributing author to Hacking Exposed 4 (Osborne McGraw-Hill) and HackNotes: Network Security. Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON. |
|||||||||||||||||||||||||||
| Check out these sites for more information on Nitesh: http://dhanjani.com/ http://securitystreams.tv/ |
|||||||||||||||||||||||||||
| Joe Grand, President, Grand Idea Studio | |||||||||||||||||||||||||||
| Joe Grand is an American electrical engineer, inventor, and hardware hacker, known in the hacker community as Kingpin. He achieved mainstream popularity with the release of Prototype This, a Discovery Channel television show. He is also president of Grand Idea Studio, a San Francisco-based research and development firm. Joe was involved in electronics since the age of seven. He was a member of the Boston, Massachusetts-based hacker group L0pht Heavy Industries. Grand has authored several books, and is on the technical advisory board of MAKE Magazine. He also holds a B.S.E.E. from Boston University. | |||||||||||||||||||||||||||
| Check out these sites for more information on Joe: http://www.grandideastudio.com/ http://dsc.discovery.com/tv/prototype-this/prototype-this.html http://www.kingpinempire.com/ |
|||||||||||||||||||||||||||
| Jeremiah Grossman, CTO and Founder, WhiteHat Security | |||||||||||||||||||||||||||
| Jeremiah Grossman is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events, including the Black Hat Briefings, RSA, CSI, HiTB, OWASP, ISSA, and a number of large universities. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in major media publications such as SC Magazine, CSO Magazine, InfoWorld, USA Today, Dark Reading, SecurityFocus, and more. Prior to WhiteHat, Grossman was an information security officer at Yahoo. | |||||||||||||||||||||||||||
| Check out these sites for more information on Jeremiah: http://www.whitehatsec.com http://jeremiahgrossman.blogspot.com/ |
|||||||||||||||||||||||||||
| Felix “FX” Lindner, Owner, Recurity Labs and Computer & Network Security Consultant | |||||||||||||||||||||||||||
| Felix “FX” Lindner is the technical and research lead of Recurity Labs, with 18 years’ computer technology experience, almost all of them in consulting for large enterprise and telecommunication customers. He possesses a vast knowledge of computer sciences, telecommunications and software development. His background includes managing and participating in a variety of projects with a special emphasis on security planning, implementation, operation and testing using advanced methods in diverse technical environments. Lindner is well known in the computer security community and has presented his and Phenoelit's security research on Black Hat Briefings, CanSecWest, PacSec, DEFCON, Chaos Communication Congress, MEITSEC and numerous other events. His research topics include Cisco IOS, HP printers, SAP and RIM BlackBerry. He is co-author of the book: The Shellcoder’s Handbook, which describes how to find security holes in any operating system or application, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista. It also features the first-ever published information on exploiting Cisco's IOS. | |||||||||||||||||||||||||||
| Check out these sites for more information on FX: http://www.recurity-labs.com/ http://www.phenoelit.net/lablog/ |
|||||||||||||||||||||||||||
| Moxie Marlinspike, Independent Computer Security Researcher | |||||||||||||||||||||||||||
|
Moxie Marlinspike carries out independent research into computer security. His published research tends to deal with secure protocols, particularly SSL/TLS. He does security consulting and penetration testing and offers training on designing secure protocols. He is the author of the sslstrip tool presented at Black Hat DC 2009, which demonstrates how HTTPS Web sites are vulnerable to a man-in-the-middle attack if the connection starts out as a HTTP connection before being redirected to HTTPS, as is nearly always the case. He is also the author of sslsniff, a general purpose SSL/TLS man-in-the-middle attack tool that was originally written to exploit the BasicConstraints vulnerability that he published in 2002. |
|||||||||||||||||||||||||||
| Check out these sites for more information on Moxie: http://www.thoughtcrime.org/ http://twitter.com/moxie |
|||||||||||||||||||||||||||
| Dr Charlie Miller, Principal Analyst, Software Security, Independent Security Evaluators | |||||||||||||||||||||||||||
| Charlie Miller is a computer security researcher with the consulting firm Independent Security Evaluators. Prior to his current employment, he spent five years working for the National Security Agency. Miller has demonstrated his hacks publicly on products manufactured by Apple. He presented the full details of discovering a vulnerability in the iPhone and creating the exploit at Black Hat in 2007. In 2008, he won a $10 000 cash prize at a hacker conference in Canada for being the first to find a critical bug in the MacBook Air – deploying an exploit in two minutes. In 2009, he also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. This year he has co-authored the book: The Mac Hacker’s Handbook. | |||||||||||||||||||||||||||
| Check out this site for more information on Charlie: http://securityevaluators.com/ |
|||||||||||||||||||||||||||
| Saumil Shah, CEO & Founder, Net-Square Solutions, India | |||||||||||||||||||||||||||
| Saumil Shah's focus is on researching vulnerabilities with various e-commerce and Web-based application systems, system architecture for Net-Square's tools and products, developing short-term training programmes, providing information security consulting services to Net-Square's clients, ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Shah has had more than 10 years’ experience with system administration, network architecture, integrating heterogeneous platforms, and information security and has performed numerous ethical hacking exercises for many significant companies in the IT area. Shah is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc. Shah is a co-author of Web Hacking: Attacks and Defence (Addison Wesley, 2002) and is the author of The Anti-Virus Book (Tata McGraw-Hill, 1996). | |||||||||||||||||||||||||||
|
Check out these sites for more information on Saumil: |
|||||||||||||||||||||||||||
| Dino Dai Zovi, Independent Security Researcher | |||||||||||||||||||||||||||
| Dino Dai Zovi got an early start in computers, using bulletin boards in second grade and accessing the Internet through a computer running VAX at 13. He taught himself to program and got a computer science degree from the University of New Mexico. While still in college, Dai Zovi worked for the Information Design Assurance Red Team at Sandia National Laboratories, which performs security assessments for the government, military, and commercial industry. Since then he's worked for consultancies @Stake and Matasano Security, Bloomberg, and been director of security at a hedge fund in New York. | |||||||||||||||||||||||||||
| Check out these sites for more information on Dino: http://trailofbits.com http://www.theta44.org/ |
|||||||||||||||||||||||||||
|
|
|
