Security Masters Dojo
Instructors/Sensei
Dave Aitel
Dave Aitel is CEO and founder of Immunity Inc., and his past includes stints at @Stake, and the National Security Agency. As a long-time security researcher Dave has a long and visionary history of warning the industry about major security vulnerabilities. Dave is recognized world authority on attack techniques, and is the author of many famous tools including SPIKE, Spike proxy, and sharefuzz. He is co-author of two books ("The Hacker's Handbook" from Aurbach Press and "The Shellcoder's Handbook" from John Wiley and Sons) and is a frequent presenter of technical papers at conferences.
Andrea Barisani
Andrea Barisani is a system administrator and security consultant. His professional career began 8 years ago but all really started when a Commodore-64 first arrived in his home when he was 10. Now, 16 years later, Andrea is having fun with large-scale IDS/Firewalls deployment and administration, forensic analysis, vulnerability assessment, penetration testing, security training and his Open Source projects. He eventually found that system and security administration are the only effective way to express his need for paranoia. He's currently involved with the Gentoo project managing infrastructure server security being a member of the Gentoo Security and Infrastructure Teams along with distribution development. Being an active member of the international Open Source and security community he's maintainer/author of the tenshi, ftester and openssh-lpk projects and he's been involved in the Open Source Security Testing Methodology Manual, becoming a ISECOM Core Team member. Outside the community he has been a security consultant for Italian firms and he's now the co-founder and Chief Security Engineer of Inverse Path Ltd.
Philippe Biondi
Philippe Biondi is a research engineer and security expert working at the IT security lab of EADS Corporate Research Center. He is a member of the French Honeynet Project. He was co-author of LIDS. He is the author of Scapy and Shellforge and a lot of other tools. His Scapy tutorial at CanSecWest/core05 was rated one of the best talks of the conference by attendees.
Cédric Blancher
Cédric Blancher has spent the last 7 years working in netwo security field, performing audits and penetration tests. In 2004, he joined EADS Innovation Works and now runs the Computer Security Research Lab in Suresnes, France. His research focuses on network security, especially wireless links. He is an active member of Rstack team and French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He delivered technical presentations and trainings worldwide, and written papers and articles on network security. Cédric's website: http://sid.rstack.org/
Crispin Cowan
Crispin Cowan has been in the computer business for 25 years, and security for 10 years. He was the CTO and founder of Immunix, Inc., acquired by Novell in 2005. Dr. Cowan is now the Security Architect for SUSE Linux, and applications that Novell offers for Linux. Dr. Cowan developed several host security technologies under DARPA funding, including prominent technologies like the StackGuard compiler defense against buffer overflows, and the LSM (Linux Security Modules) interface in Linux 2.6. Dr. Cowan also co-invented the "time-to-patch" method of assessing when it is safe to apply a security patch. Prior to founding Immunix, he was a professor with the Oregon Graduate Institute. He is the program co-chair for the 2007 and 2008 Network and Distributed System Security conferences. He holds a Ph.D. from the University of Western Ontario and a Masters of Mathematics from the University of Waterloo, and yellow belts in 3 different styles of Aikido.
Renaud Deraison
Renaud is the Chief Research Officer at Tenable Network Security. Founder and the primary author of the open-source Nessus vulnerability scanner project. He has worked for SolSoft, and founded his own computing security consulting company, 'Nessus Consulting S.A.R.L.' Nessus detects network vulnerabilities and is in use at more than 50,000 worldwide organizations. Under Renaud's leadership, the Nessus project has won numerous awards, including the 2002 Network Computing 'Well Connected' award and PC Magazine's 2003 'Open Source Product of the Year' award. Mr. Deraison also is an editorial board member of the Common Vulnerabilities and Exposures Organization, has presented at a variety of security conferences and has had his work published in several magazines and books.
Maximillian Dornseif
Maximillian Dornseif has studied laws and computer science at the University of Bonn, Germany where he wrote his PhD Thesis about the "Phenomenology of Cybercrime". He has been doing IT security consulting since the mid nineties and today focuses mostly on penetration-testing. In early 2004 he joined the Laboratory for Dependable Distributed Systems at RWTH Aachen University where he bootstrapped the computer forensics education program and the German honeynet project and the now famous "Summerschool Applied IT-Security". Since Fall 2005 he works as a post-doc researcher at the University of Mannheim. Dornseif is a sought after speaker at international security conferences and has published in the legal and computer science fields on a wide range of topics.
Sinan "noir" Eren
Sinan Eren is a reverse engineer and a casual exploit developer. At Immunity Inc, he performs code/binary audits and exploit development for the CANVAS platform. Architectures and platforms of interest include x86/Win32, Unix on any cpu flavor and popular 3rd party applications (MTAs, HIPS, AV, VPN, Remote Desktop etc.). He recently gave auditing courses for the RPC layer of the Windows OS to several audiences around the USA.
Guillaume Valadon
Guillaume is security engineer and researcher at the French Network and Information and Security Agency. He obtained his Ph.D. on optimizations of the Mobile IPv6 protocol. From fall 2004 to fall 2006, he was doing research at the University of Tokyo where he worked on the security of the Mobile IPv6 protocol, and co-authored the IPv6 extension for Scapy. He gave technical presentations, classes and live demonstrations, and wrote research papers for conferences and magazines.
Nico Fischbach
Nico is a Senior Manager, in charge of the European Network Security Engineering team at COLT Telecom, a leading pan-European provider of end-to-end business communications services.
He holds an Engineer degree in Networking and Distributed Computing and is a recognized authority on Service Provider infrastructure security and denial-of-service attacks mitigation.
Nicolas is co-founder of Securite.Org a French speaking portal on computer and network security, of eXperts and mystique, an informal security research group and think tank, and of the French chapter of the Honeynet project.
He has presented at numerous technical and security conferences, teaches networking and security courses at various universities and engineering schools, and is a regular contributor to the french security magazine MISC. More details and contact information on his homepage.
Fyodor
Fyodor authored the popular Nmap Security Scanner, which was named security tool of the year by Linux Journal, Info World, and the Codetalker Digest. It was also featured in the hit movie "Matrix Reloaded" as well as by the BBC, CNet, Wired, Slashdot, Securityfocus, and more. He also maintains the Insecure.Org and Seclists.Or g security resource sites and has authored seminal papers detailing techniques for stealth port scanning, remote operating system detection via TCP/IP stack fingerprinting, version detection, and the IPID Idle Scan. He is a member of the Honeynet project and a co-author of the books "Know Your Enemy: Honeynets" and "Stealing the Network: How to Own a Continent".
Halvar Flake
Originating in the fields of copy protection and digital rights management, he gravitated more and more towards network security over time as he realized that constructive copy protection is more or le ss fighting windmills. After writing his first few exploits he was hooked and realized that reverse engineering experience is a very handy asset when dealing with COTS software. With extensive experience in reverse engineering, network security, penetration testing, and exploit development, Halvar consults on reverse engineering and is a graduate student of mathematics in Germany.
Martin Herfurt
Martin Herfurt is the founder of the trifinite.group. He completed his Telecommunications Engineering Degree at the Salzburg University of Applied Sciences and Technologies in 2001. Alongside his study Martin was involved in numerous industry projects, providing him with commercial programming practice. In 2000 Martin followed up his formal study with a four-month internship at the telecommunications institute of TELCOT institute in San Ramon, California, USA. Since the second half of 2000 Martin has been working as a full time researcher at an Austrian Research facility. His project responsibilities there were ranging from the co-ordination of a European IST project with a total budget of over 5 million Euro to software agents development. Together with a colleague, Martin began giving a class on mobile data services at the Salzburg University of Applied Sciences and Technologies in the summer of 2003. In February 2004, Martin discovered a major security loophole in several popular cellphones which is referred to as BlueBug in the media. As part of his fascination with the rapid development in computer programming Martin has become a regular participant in the Chaos Communication Congress which is a yearly meeting of the German hacker association CCC.
Marcel Holtman
Marcel Holtmann is the maintainer and the core developer of the official Linux Bluetooth stack which is called BlueZ. He started working with the Bluetooth technology back in 2001. His work includes new hardware drivers, upper layer protocol implementations and the integration of Bluetooth into other subsystems of the Linux kernel. In January 2004 he overtook the maintainer role from the original developer Max Krasnyansky. Together with Jean Tourrilhes he maintains the OpenOBEX project. He is also responsible for the IrDA and Bluetooth integrations of the Gnokii project.
Thorsten Holz
Thorsten Holz is a Ph.D. student at the Laboratory for Dependable Distributed Systems. He is one of the founders of the German Honeynet Project and has extensive background in the area of honeypots and bots/botnets. His research interests include the practical aspects of secure systems, but he is also interested in more theoretical considerations of dependable systems. In addition, he is the editor-in-chief of the German IT-security magazine MISC.
Doug Hoyte
Doug is a prolific Nmap developer who authored the asynchronys DNS subsystem and greatly improved the version detection system for Nmap 4.00. He wrote the open source Anti-Web httpd server as well as other projects that he hosts at hcsw.org.
Adam Laurie
Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company which rapidly grew to become Europe's largest specialist in that field (A.L. downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and, with help from his brother Ben, wrote the world's first CD ripper, 'CDGRAB'. At this point, he and Ben became interested in the newly emerging concept of 'The Internet', and were involved in various early open source projects, the most well known of which is probably their own'Apache-SSL'which went on to become the de-facto standard secure web server. Since the late Nineties they have focused their attention on security, and have been the authors of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of re-using military data centres (housed in underground nuclear bunkers - http://www.thebunker.net) as secure hosting facilities. Adam has been a senior member of staff at DEFCON since 1997, and also acted as a member of staff during the early years of the Black Hat Briefings.
James "Professor" Messer
James "Professor" Messer is the founder of ProfessorMesser.com and NetworkUptime.com, online resources for network and security professionals. His twenty years of experience in the computer and networking industry have taken him from liquid nitrogen-cooled supercomputers to enterprise network analysis and security solutions. His published works include articles on WorldVillage.com, Lockergnome.com, his own online "Nmap Secrets" training course and his book, "Secrets of Network Cartography: A Comprehensive Guide to Nmap." He also maintains the comp.dcom.lans.ethernet and comp.dcom.lans.token-ring Frequently Asked Questions (FAQ) files.
James holds a Bachelor's degree in Business Management from Florida State University, and his technology interests revolve around security, networking, and electronic privacy. James resides in Tallahassee, Florida, with his wife and three children.
H D Moore
HD Moore is the director of security research at BreakingPoint Systems, where he focuses on the content and security testing features of the BreakingPoint product line. Prior to BreakingPoint, HD spent seven years providing vulnerability assessments, leading penetration tests, and developing exploit code. HD is the founder of the Metasploit Project and one of the core developers of the Metasploit Framework, the leading open- source exploit development platform. In his spare time, HD searches for new vulnerabilities, develops security tools, and contributes to open- source security projects.
Laurent OUDOT
Laurent is a French senior IT Security consultant, who founded TEHTRI-Security in 2010. Last 15 years, he has been hired as a security expert to protect and pentest networks and systems of highly sensitive places like the French Nuclear Warhead Program, the French Ministry of Defense, the United Nations, etc. He has been doing research on defensive technologies and underground activities with numerous security projects handled, and he was a member of the team RstAck and of the Steering Committee of the Honeynet Research Alliance. Laurent has been a frequent presenter and instructor at computer security and academic conferences like Cansecwest, Pacsec, Black Hat USA-Asia-Europe, US DoD/US DoE, Defcon, Hope, Honeynet, PH-Neutral, Hack.LU, as well as a contributor to several research papers for SecurityFocus, MISC Magazine, IEEE, etc.
Gerardo 'gera' Richarte
Gera is widely regarded as one of the world's most brilliant "shellcode ninjas" and responsible for countless innovations in technique. A short look at his famous "Insecure Programming by Example" page at the Insecure Programming site should convince you that he is about 31337 as you get. Gera is one of the technical wizards at Core Security Technologies.
Martin Roesch
Marty is a respected authority on intrusion detection technology and forensics, and today works at Sourcefire where he is the founder and CTO. Martin, who has 17 years industry experience in network security and embedded systems engineering, is also the author and lead developer of the Snort Intrusion Detection System.
Over the past eight years, Martin has developed various network security tools and technologies, including intrusion detection systems, honeypots, network scanners, and policy enforcement systems for organizations such as GTE Internetworking, Stanford Telecommunications, Inc., and the Department of Defense. He has applied his knowledge of network security to penetration testing and network forensics for numerous government and large corporate customers. Martin has been interviewed as an industry expert in multiple technology publications, as well as print and online news services such as MSNBC, Wall Street Journal, CNET, ZDNet, and numerous books. Snort has been featured in Scientific American, on A&E's Secret Places: Inside the FBI, and in several books, such as Network Intrusion Detection: An Analysts Handbook, Intrusion Signatures and Analysis, Maximum Security, Hacking Exposed, and others.
Martin holds a B.S. in Electrical and Computer Engineering from Clarkson University.
Saumil Shah
Saumil Shah is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker and instructor, having regularly presented at conferences like Blackhat, RSA, CanSecWest, PacSec, EUSecWest, Hack.lu, Hack-in-the-box and others. He has authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".
Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world and taking pictures.
Nicolas Waisman
Nicolas Waisman is a Senior Security Researcher at Immunity, Inc. Nico is one of the driving forces behind the CANVAS exploit framework. The majority of his recent work has focused on win32 vulndev, specifically reliable heap exploitation. He also likes to sneak in the odd reverse engineering project from time to time. His most current passion is implementing MOSDEF for the PPC architecture.
Matthew Watchinski
Mr. Watchinski is presently the Director of Vulnerability Research at Sourcefire. In 1998 Mr. Watchinski started his career in security at a up and coming company called Hiverworld (later named nCircle). There he was responsible for network penetration tests, physical security audits, and security related professional services. Additionally Mr. Watchinski was responsible for exploit development, IDS signature development, and code audits. In 2000 Mr. Watchinski moved on to became the Manager of Professional Services for farm9, Inc. Where he was responsible for all ongoing security professional services engagements. This included security audits, code reviews, exploit development, and custom IDS signature development. In 2003 Mr. Watchinski came on board at Sourcefire to eventually become the Director of Vulnerability Research. His responsibilities at Sourcefire include; managing the development of snort rules, code audits, and additional security related research. Mr. Watchinski's entire career has been heavily focused on security research, exploit development, and the development of effective security measures that work in large enterprise environments.
Nicolas Bareil
Nicolas Bariel is a 26 years old french security researcher working at EADS Innovation Works (between Cédric Blancher and Philippe Biondi :) He is in charge of pentesting networks, application audits (blackbox/whitebox), training and research. His interests are OS hardening, network security, VoIP and sandboxing. He is also a free software developper, authored a few security tools (ilty, a phone interception system on Cisco VoIP; ipt_scrub, a Linux implementation of OpenBSD's scrub) and takes part in several projects (scapy, Linux kernel, Debian packages). Furthermore, he is in the organization and program committee of the SSTIC conference (the biggest event in France about computer security) since 2007. He also gives classes in engineering schools and college where I enjoy giving them "Capture the flag" exercises
James Lee
James Lee is a software developer for Rapid7 where he works as Open Source Project Manager and a core developer for the Metasploit Framework. Before coming to Rapid7 to work on Metasploit, he was a Cybersecurity researcher for Idaho National Laboratory where he discovered numerous vulnerabilities in SCADA and Industrial Control Systems.
Guillaume Delugre and Jean-Baptiste Bedrune
Guillaume Delugre and Jean-Baptiste Bedrune are security researchers working at the Sogeti ESEC R&D lab. Guillaume has been working on the PDF file format security issues for some time and is the lead developer of Origami, a Ruby framework for malicious PDF analysis and creation. His researchs on PDF security have been presented to several conferences including PacSec, HITB, Hack.lu... Jean-Baptiste has analyzed targeted attacks involving malicious documents for the last 3 years. He also gives reverse engineering and computer virology courses in several engineering schools in France.
Yoann Guillot
Yoann Guillot works in the field of computer security for the french R&D lab of Sogeti/ESEC. They have given presentations on binary deobfuscation in a few ITsec conferences. Yoann is the main author of the Metasm framework.
Scott Lambert
Scott Lambert is the manager of TippingPoint's Digital Vaccine group which is responsible for conducting security research and generating high-quality Digital Vaccine security content. Much of Scott's current research centers around binary reverse engineering frameworks that leverage a combination of both static and dynamic binary instrumentation, taint analysis and SMT solvers to aid in vulnerability analysis and signature development.
Prior to joining HP TippingPoint, Lambert developed, maintained and supported numerous computer security applications ranging from Vulnerability Assessment and Risk Management software to Network and Host-Based Intrusion Detection/Prevention Systems and related technologies for companies such as L-3 Network Security, Veridian Information Solutions, Symantec Corporation and Microsoft.
Jason Geffner
Jason Geffner joined Next Generation Security Software Ltd. in June of 2007 as a Principal Security Consultant. Jason focuses on performing security reviews of source code and designs, reverse engineering software protection methods and DRM protection methods, penetration testing web applications and network infrastructures, and developing automated security analysis tools. Prior to joining NGS, Jason spent three years as a Reverse Engineer on Microsoft Corporation's Anti-Malware Team, where his work involved analyzing malware samples, deobfuscating binaries, and writing tools for analysis and automation. Jason was the Security Research & Response owner of the Windows Malicious Software Removal Tool (MSRT). He chose which new malware families for the MSRT to detect and clean each month based on his analysis of the telemetry and trends of the underground malware community. Jason authored tens of thousands of malware signatures and dozens of malware analyses based on static and dynamic analyses of obfuscated binaries. His work on the MSRT helped hundreds of millions of Windows users each month keep their computers safe and secure. While at Microsoft, Jason was recognized for his reverse engineering skills and for his efforts to drive awareness of reverse engineering practices throughout the company by being given the formal job title "Reverse Engineer"; Jason was the only Microsoft employee with this title.
Jason holds several patents in the fields of reverse engineering and network security. He is a Program Committee member of the Reverse Engineering Conference (REcon) and of the International Conference on Malicious and Unwanted Software, is a regular trainer at Black Hat and other industry conferences, is often credited in industry talks and publications, and has been actively reverse engineering and analyzing software protection methods since 1995.
Alexander Sotirov
Alexander Sotirov is an independent security researcher with more than ten years of experience with vulnerability research, reverse engineering and advanced exploitation techniques. His recent work includes exploiting MD5 collisions to create a rogue Certificate Authority, bypassing the exploitation mitigations on Windows Vista and developing the Heap Feng Shui browser exploitation technique. His professional experience includes positions as a security researcher at Determina and VMware. Currently he is working as an independent security consultant in New York. He is a regular speaker at security conferences around the world, including CanSecWest, BlackHat and Recon. Alexander served as a program chair of the USENIX Workshop on Offensive Technologies and is one of the founders of the Pwnie Awards.
Matthieu Suiche
Matthieu Suiche is a security researcher who focuses on reverse code engineering and volatile memory analysis. His previous researches/utilities include Windows hibernation file, Windows physical memory acquisition (Win32dd/Win64dd), Mac OS X Physical Memory Analysis and LiveCloudKd which is an utility that makes possible to dump the memory and to debug an Hyper-V Virtual Machine from the Host even if the debug mode is not activated. Matthieu has been a speaker at various security conferences such as PacSec, BlackHat USA, EUROPOL High Tech Crime Meeting, Shakacon, CanSecWest etc. Prior to starting MoonSols in 2010 (a computer security and kernel code consulting and software company), Matthieu worked for companies such as E.A.D.S. (European Aeronautic Defence and Space Company) and the Netherlands Forensics Institute of the Dutch Ministry of Justice.
Marc "van Hauser" Heuse
Marc "van Hauser" Heuse is performing security research since 1993, having found vulnerabilities in software like firewalls, DNS servers, SAP middleware, etc. and is the author of various famous security and pentest tools like hydra, amap, THC-Scan, secure_delete, SuSEFirewall and many more.
He is performing security research on IPv6 since 2005 and has spoken on many conferences on this topic since then, among these are the CCC congress (Germany), Cansecwest (Canada), PacSec (Japan) and many more international conferences, and additionally has programmed the solely available pentest toolkit for ipv6: the thc-ipv6 protocol attack suite.
In 1995 he founded the renowned security research group "The Hacker's Choice", which was the first group to e.g. crack A5 GSM in 2006 within a minute. Since 1997 he is working as a security consultant in the top-5 enterprise consultant companies, since 2007 he is working as an independant security consultant.
Sebastian Porst
After finishing his Masters degree in Computer Science in 2007, Sebastian joined zynamics GmbH as lead developer of the reverse BinCrowd, and the malware PDF analysis tool PDF Inspector. After four years of working at zynamics, Sebastian moved on to become a vulnerability researcher on a joint project between Microsoft and Adobe that focuses on improving the security of Adobe products. Sebastian has been a speaker at various IT security conferences including CanSecWest, SOURCE Barcelona, RECon, Hack in the Box, and hack.lu.
Mariano Nunez Di Croce
Director of research and development for Onapsis.
Mark Schoenefeld
Speaker at Conferences since 2002, *SecWest, Blackhat , RSA, HITB, Dimva, etc. Trainer for Java Security Regular Security Bug committer since 2002, in 2010 researched and reported critical flaws in Java, Microsoft Windows, OSX, Mozilla Firefox, Safari, Google Chrome, Opera, etc.
Joseph Karpenko
Joseph Karpenko is a senior engineer in the Security Research and Operations organization at Cisco and has more than a decade of expertise in networking, security, data center, wireless, and systems administration fields. He is currently responsible for developing security solutions that deter, detect, and prevent existing, current, and emerging threats and attacks and has had the opportunity to speak at and deliver training at multiple conferences on various security topics. During his career, Joseph has worked with customers on the design and implementation of large-scale internetworks and data center security architectures. Prior to joining Cisco, Joseph worked as a system administrator and senior escalation engineer handling and troubleshooting complex security and network incidents.
Randy Ivener
Randy Ivener, CCIE No. 10722, is a Sr. Security Engineer with the Cisco Applied Intelligence team. He is a CISSP and ASQ CSQE. Randy has spent many years as a network security consultant helping companies understand and secure their networks. Before becoming immersed in information security, he spent time in software development and as a training instructor. Randy graduated from the U.S. Naval Academy and holds an MBA.
Peter Silberman
Peter Silberman works at MANDIANT on the research and development team. For a number of years, Peter has specialized in offensive and defensive kernel technologies, reverse engineering, and vulnerability discovery. He enjoys automating solutions to problems in the domain of reverse engineering and analysis. Although he is college educated, Peter does not believe formal education should interfere with learning.
Jamie Butler
Jamie Butler is a highly respected member of the information security community with over a decade of experience in Windows operating system security. Mr. Butler is a Director at MANDIANT and leads the agent team on the MIR product. Prior to joining MANDIANT, Jamie was the CTO of Komoku, Inc. His experience also includes Windows Host Intrusion Detection development at Enterasys Networks and over five years experience at the National Security Agency. Mr. Butler is also co-author of the bestseller, "Rootkits: Subverting the Windows Kernel." (Addison-Wesley, 2005). In addition, Jamie has authored numerous papers and is a frequent speaker at computer security conferences. He is the co-author and instructor of the popular courses Advanced 2nd Generation Digital Weaponry, Offensive Aspects of Rootkit Technology, and Advanced Memory Forensics in Incident Response.
Nicolas Bareil
Nicolas Bareil is a research security engineer at EADS Innovation Works. He is the author of many layers in scapy. He likes contributing patches in security tools and in the Linux kernel.
Dino Dai Zovi
Dino Dai Zovi, currently an independent security consultant and researcher, has been working in information security for over 9 years with experience in red teaming, penetration testing, software security, information security management, and cybersecurity R&D. Mr. Dai Zovi is also a regular speaker at information security conferences having presented his independent research on memory corruption exploitation techniques, 802.11 wireless client attacks, and Intel VT-x virtualization rootkits over the last 10 years at conferences around the world including DEFCON, BlackHat, and CanSecWest. He is a co-author of the books "The Mac Hackers Handbook" (Wiley, 2009) and "The Art of Software Security Testing" (Addison-Wesley, 2006). In 2008, eWEEK named him one of the 15 Most Influential People in Security. He is perhaps best known in the information security and Mac communities for winning the first PWN2OWN contest at CanSecWest 2007.
Michael Eddington
Michael is a senior security consultant with over ten years providing security services to Fortune 500 companies in the United States. Michael has extensive expertise in many areas of computer security, including application security, network security, threat modeling, and fuzz testing. Michael is an industry expert who routinely speaks and provides training at the top industry technical conferences including Blackhat and RSA.
Michael has worked for some of the leading security companies, including Leviathan Security Group and ISAG. Michael also founded the security services practice for IOActive, Inc. and co-founded the Security Services Center for Hewlett-Packard's services division.
Michael is an accomplished software architect and developer. Michael has worked on shipping products, from trading applications to designing and building numerous commercial web applications. Michael has also participated in a number of open-source security development projects ranging from threat modeling (such as the Trike threat modeling conceptual framework) to fuzzing (e.g. The Peach Fuzzer Framework).
Michael's research is currently heavily focused on fuzzing (fuzz testing), in which he is considered one of the foremost experts, having developed the industry leading open source fuzzing platform Peach. Peach is used by many top technology companies and most security consultancies to perform fuzzing. Michael is currently engaged in pushing fuzzing to the next level with new tools and techniques.
Aaron Portnoy
Aaron Portnoy is the Manager of the Security Research Team at TippingPoint Technologies. His group is responsible for reverse engineering vulnerability submissions to the Zero Day Initiative program, discovering new 0day vulnerabilities in enterprise software, developing tools to aid in these processes, and architecting competitions such as Pwn2Own. Aaron has discovered critical exploitable vulnerabilities affecting a wide range of vendors including, but not limited to: Microsoft, Adobe, RSA, Novell, Symantec, HP, IBM, SAP, and VMware. He has presented original research in the areas of reverse engineering and vulnerability discovery at conferences such as BlackHat, CanSecWest, BlueHat, RSA, and RECon. Additionally, Aaron has been an invited speaker at the National Security Agency, has been referenced in several published books, and guest lectures on reverse engineering at the Polytechnic Institute of NYU each fall.
Zef Cekaj
Zef Cekaj is a security researcher specializing in vulnerability reversing and discovery. He has reversed and documented hundreds of vulnerabilities and has a history of vehemently arguing with vendors over email regarding exploitability of bugs in their products. Consequently, he enjoys winning such arguments by demonstrating exploits on live systems. His primary interests are in the exploitation of server side vulnerabilities and mitigation circumvention. He is currently researching identified vulnerabilities in popular sandboxing implementations so that he may contribute to The Movement to Liberate Shellcodes (freetheshellcodes.net), of which he is a founder.
Mike Murray
A managing partner of MAD Security and the lead instructor of The Hacker Academy. Mike has focused his career on the offensive side of security, having started as a penetration tester and vulnerability researcher during the dot-com boom of the 1990s. In more than a decade in the industry, he has lead penetration testing, vulnerability research and social engineering teams in engagements against some of the largest and most advanced clients in the industry. His expertise in building penetration test teams and delivering large-scale and highly technical penetration tests will lead students in this class to understand far more about the process of penetration testing than they ever thought possible.
Stephen A. Ridley
Stephen A. Ridley is a security researcher with more than 10 years of experience in software development, software security, and reverse engineering. Before becoming an independent researcher, Mr. Ridley served as Senior Researcher at Matasano. Prior to that: Senior Security Architect at McAfee, and before that he was a founding member of ManTech International's Security and Mission Assurance (SMA) where he did vulnerability research and reverse engineering in support of the U.S. intelligence community. He has spoken about reverse engineering and software security at BlackHat, ReCon,EuSecWest, Syscan and others. Mr. Ridley currently lives in Manhattan and frequently guest lectures at New York area universities such as NYU and Rensselaer Polytechnic Institute.
Stephen Lawler
Stephen Lawler is the Founder and President of a small computer software and security consulting firm. Mr. Lawler has been actively working in information security for over 7 years, primarily in reverse engineering, malware analysis, and exploit development. While working at Mandiant he was a principal malware analyst for high-profile computer intrusions affecting several Fortune 100 companies.
Prior to this, as a founding member of ManTech International's Security and Mission Assurance (SMA) division he discovered numerous 0-day vulnerabilities in COTS software and pioneered several exploitation techniques that have only been recently published.
Prior to his work at ManTech, Stephen Lawler was the lead developer for the AWESIM sonar simulator as part of the US Navy SMMTT program.
