Lockdown 2009
Speakers
Jared DeMott
Jared DeMott is a Senior Security Researcher for the Crucial Security programs area of Harris Corporation. Crucial provides state-of-the-art technical engineering and security services to the most elite branches of the Federal Government’s law enforcement and intelligence communities, engineering solutions to meet their demanding requirements. Mr. DeMott previously worked for the NSA and currently teaches computer security at university and professionally. He has spoken at security conferences such as Black Hat, Defcon, ToorCon, and Shakacon. This background provides an ideal blend of skills for teaching cutting edge security material, in a fun and instructive manner.
Akshay Dua
Akshay Dua is a Ph.D. student at Portland State University. He
received his B.S. in Computer Science from University of Saskatchewan,
Canada (2002) and M.S. in Computer Science from Portland State
University (2005). He spent 3 years working in industry, most of which
were at Peribit Networks, Santa Clara, CA (now owned by Juniper
Networks, Sunnyvale, CA) in the application acceleration domain for
Wide Area Networks. His current research focuses on developing new
security mechanisms for the specific needs of participatory sensing
applications.
James C. Foster, President & CEO, Ciphent, Inc.
James C. Foster is the Chief Executive Officer of Ciphent. Ciphent is a cyber security pure play firm that was founded in 2006. Today, Ciphent has consultants and engineers in thirteen states and offers security consulting, training, and managed services services for 42 of the Fortune 100. Foster has 14 years of software development and information security experience to include working as the Director of Research and Development for Foundstone, Scientist and Advisor at Guardent, Deputy Director of Global Security Solutions for Computer Sciences Corporation, and a Security Research Specialist for the United States Navy. Mr. Foster has gained global recognition for his accomplishments in the IT Security and Software Development arenas, as evidenced by his residence on the Mitre OVAL Board of Directors. Mr. Foster serves as a Contributing Editor at both Information Security Magazine (acquired by TechTarget) and SearchSecurity.com and is a well published author with over fifteen published books, multiple reaching best seller status - to include, without limitation: Snort 2.0, Snort 2.1, Buffer Overflow Attacks, Sockets, Shellcode, Porting, and Coding, Ultimate Programming Security Desk Reference, and Writing Security Tools and Exploits.
Deral Heiland
Deral Heiland CISSP, serves as a Senior Security Assessment Engineer for CDW, where he is responsible for security assessment and consulting for corporations and government agencies. Deral is also founder of Ohio Information Security Forum a non-profit organization focused on information security training and education. In his spare time Deral conducted vulnerability research under the group Layered Defense Research and has published multiple security advisories. Deral has also presented at numerous security conferences including CarolinaCon, ShmooCon, Defcon, Information Security Summit and AFCEA InfoTech. With over 15 years of work in the Information Technology field, Deral has held several security positions included serving as a senior security analyst for a global fortune 500 manufacturer where he was responsible for delivering security guidance and leadership in the area of risk and vulnerability management.
Prajakta Jagdale
Prajakta Jagdale is a Research Engineer with the HP Web Security Research Group. She focuses on automated discovery of Web application vulnerabilities and crawling technologies. Her current research efforts are concentrated towards identifying security risks associated with RIA technologies. This research involves developing innovative techniques to enable automated web assessment tools to crawl and analyze RIA applications through the use of both static source code analysis and dynamic runtime analysis. She has been invited to speak at various conferences including Blackhat Federal, RSA Europe and Shmoocon.
Frank Kim
Frank Kim is a SANS author and instructor and co-founder of Think
Security Consulting (www.thinksec.com). He has been developing,
designing, and securing web applications for over ten years. He
currently focuses on integrating security into the SDLC by doing
architecture reviews, security assessments, code reviews, penetration
testing, and training.
Joseph Klein, CISSP CISM CISA NSA-IAM/IEM
Joe Klein is a 25-year veteran of the IT and IA industry. He has extensive experience in DoD, US Government and commercial sectors, focusing on information assurance, network security and IPv6. Mr. Klein is often requested to speak at professional security venues and routinely participates in high-level government working groups as an expert on secure implementation of IPv6.
Working at Command Information as the Senior IPv6 security engineer, Mr. Klein has applied his extensive knowledge of information assurance (IA)/information operations (IO) and security life cycle management to the problem of securely implementing IPv6. Additional efforts include:
- Contributing to dozens of security policies, practices and guidance documents, published by NIST, DoD, US Government, IPv6 Task Force and compliance standards.
- Developing training classes and labs for "IPv6 for Administrators," "IPv6 for Security Professionals," "IPv6 for IA Professionals," "IPv6 for Architects," and "Securing, Hacking and Defending IPv6."
- Identifying vulnerabilities and assisting developers to ‘quietly’ mitigate IPv6 "problems," He also follows "responsible disclosure" to force unwilling vendors to mitigate the problems.
- Performing security testing of major IA products including firewalls, IDS/IPS/DPI, assessment tools, scanners and forensics tools.
- Assisting product vendors in the development of security IPv6-enabled products. This includes a soon-to-be released Deep Packet Inspection (DPI) product that specializes in identifying IPv6 tunneled over IPv4, covert channels. dual-stack and IPv6-only vulnerabilities.
Prior to Command Information, Mr. Klein was Sr. Security Consultant and Team Lead for Honeywell Technology Solutions, Inc., performing DITSCAP, DIACAP, FISMA C&A, penetration testing, incident handling and forensics for DoD and other Federal customers.
When not focused on IPv6 security and working on a book on the same topic, Mr. Klein is an avid photographer, and marathon runner-in-training.
Richard Perlotto
Shadowserver: Richard Perlotto is one of two directors running the Shadowserver Foundation, an all volunteer watchdog group of security professionals that gather, track, and report on malware, botnet activity, and electronic fraud.
Mr. Perlotto runs the technology and operational side of the organization with a focus on streamlining the processes and information gathering techniques.
Personal: Richard Perlotto is an Information Security Adviser for Cisco Systems providing assistance and guidance on Information, Internet Risks and Threats to Cisco and their Customers. Previously he ran Security Operations worldwide for all of Cisco for almost four years. He is a ten-year Cisco veteran.
David Plonka
David Plonka is a consultant, research assistant, and graduate student pursuing a Ph.D. in the Computer Sciences department at the University of Wisconsin-Madison. David's CV
Dave Russell
Dave Russell (CISSP, CSSLP) is a security engineer with CDW, and a former application developer. He has created several open-source tools widely used in the security community, and sometimes even manages to update them. His focus is primarily application security these days, and has given presentations to a variety of customers on application security topics. He's seen applications coded in a wide variety of languages, including C/C++, Java, C#, Java, VB, PHP, ColdFusion and even (*shudder*) RPG. He has experience disassembling malware and reverse engineering all manner of code as well. He is also a lousy golfer,.