Rob Slade may be an information security and management consultant from North Vancouver, British Columbia, Canada, or he may be an artificial intelligence program gone horribly wrong, and hooked up to various email addresses, and probably encrypted in some weird way. More information than anyone would want to know about him is available at: http://en.wikipedia.org/wiki/Robert_Slade.
Jeevan Singh is a Security Engineering Manager at Segment, where he is embedding security into all aspects of the software development process. Jeevan enjoys building security culture within organizations and educating staff on security best practices. Jeevan is responsible for a wide variety of tasks including: architecting security solutions, working with development teams to resolve security vulnerabilities and building out security features. Before life in the security space, Jeevan had a wide variety of development and leadership roles over the past 15 years.
Aarti Gadhia has dedicated her entire career to breaking down barriers and boundaries to achieve equality for underrepresented groups in STEM and in leadership. She founded Standout to Lead to empower women in cybersecurity to join corporate boards and is proud to share that 30 cyber security women in Western Canada have begun their board journey. She founded SHE (Sharing Her Empowerment) with the mission to be a collective voice within the organization to influence a change and close the gender diversity gap. The outcome has been a 50% increase in the number of women being hired.
Aarti was born in Kenya and moved to the UK as a young woman away from her family to pursue a degree in Financial Economics. Aarti then immigrated to Vancouver Canada and entered the cybersecurity industry working with prestigious companies including Sophos, Trend Micro, Carbon Black (VMware) and currently at Bugcrowd. She recently was appointed as a Board Director for ObserveID, a start-up which is an identity intelligence and automation platform.
Aarti volunteers for the OWASP Vancouver Board, ISACA Vancouver She Leads Tech Board and WiCYS Western Canada Board. She was recently quoted in Canadian Security Magazine as she shared her views on the importance of soft skills to break down barriers in traditional hiring.
Aarti received the Top 20 “Women in Cyber Security” Award in Canada. She recently was a judge for the African Women in Security Network. This year she was featured in "The Rise of the Cyber Women: Volume Two" as she shared her Safari of experiences to be a change agent and pave the path for future generations.
Due to her international background, she loves to travel and learn different cultures. If you’ve seen her post on LinkedIn titled Phulka Roti, you’ll know that she enjoys cooking.
Farah Hawa is from Mumbai, India. She is an application security team lead at Bugcrowd. She’s a part-time bug bounty hunter and also creates technical content for bug bounty hunters & web application pentesters for her YouTube channel with more than 30000 subscribers.
Selina is a Cyber Security Analyst responsible for mitigating IT Security threats, responding to incidents and assessing the risk landscape across her organization. She has a passion for data analysis and cyber threat hunting. Outside of work, you will find her hiking, surfing, snowboarding and drinking wine. She is an advocate for building a strong pipeline of security professionals to combat the growing cyber threats businesses and individuals face. She dedicates her time to support others through mentorship and ISACA's SheLeadsTech. SheLeadsTech empowers women to enter into tech careers and become strong female leaders.
Iman is an Application Security Lead at Forward Security who is passionate about all things code. He has more than 8 years of cybersecurity and software related experience and is also a PhD candidate in Computer Science with more than 1000 citations on his cybersecurity related publications in top journals and conferences. In his spare time, he researches and invests in crypto and blockchain technologies.
Mrigakshi is passionate about speaking for cyber and following best practices to create a cybersafe world. She is currently working at Bugcrowd as an Associate Application Security Engineer at Bugcrowd and has completed her masters in Cybersecurity in Vancouver recently, she also has past experience in the IT industry of about six years. She believes that reconnaissance is a part of cybersecurity that should come hands-on to not only cybersecurity professionals but to everyone using applications and it's necessary to update our recon skills as often as possible.
Lalithya Malyala is a Cybersecurity Graduate, where she gained a vast knowledge of topics related to security. Lalithya did her internship with Bugcrowd as Associate Application Security Engineer in triaging and collaborating with ethical hackers and the customer. As Appsec testing being her major area of focus, Lalithya worked as a graduate teaching assistant in teaching web application testing to students. Lalithya has been an active board member of the OWASP Vancouver chapter for the past 1.3 years. Before entering into the field of Cybersecurity, she was experienced in Quality Assurance in automating test scripts with Selenium-Java for E2E functional testing.
Penny Le is a Security Engineer in Sydney, Australia. After graduating from university last year with a bachelor degree in Computer Science, she started working as a pentester for one year before changing to the blue team at Google. Her main interest in security is purple team, so she likes learning and doing both attacking and defending tasks. Besides work, she enjoys playing CTFs with friends during free time.
Vivek Ponnada is the Director of ICS Security for ICI Electrical Engineering, focusing on securing Industrial Control Systems in Critical Infrastructure across Canada. Previously, he has been a Service, Sales & Business development manager (Control system upgrades and Cybersecurity solutions) for GE in North America. Prior to that, Vivek started his career as a Controls technician then progressed to a Field Engineer commissioning turbine controls systems in Europe, Africa, Middle-East and South-East Asia. He is passionate about ICS/OT Security and enjoys learning & contributing to the security community.
Jason Maynard has been architecting, designing, and deploying security technologies that secure the most complex computing environments for almost 20 years.
His understanding of technologies, people, and process enable him to deliver effective, comprehensive security solutions that align to an organizations security goals and strategic imperatives. Jason is adept at addressing a range of risk profiles across industry verticals; skills he has cultivated as an end-user security practitioner, integrator, and now manufacturer as Senior Technical Solutions Architect, Cybersecurity for Cisco Systems. Jason is also active in the direct community speaking at BC Aware, Privacy and Security Conference, and has delivered multiple sessions at BSides. Jason also holds over 75+ designations across a variety of products and technologies including the CCIE designation.
Salman, Khwaja has served professionally for over 10 years in Pakistani IT Industry as a Technical Content Writer / Author, Quality Assurance professional, Information Systems Auditor / Process Consultant and is now serving as a Manager Application Security in TPS Pakistan Pvt. Limited.
He has been implementing (SecDevOps) Security Automation in Financial Industry and has been the instrumental in providing
- Consultations in Application Security
- Vulnerability Assessments
- Systems Hardening
- Automation of VA / PT / Systems Hardening
- providing Technical Security Training
He is also leading the PA-DSS Assessments of TPS Products and providing the training for Secure Software Framework.
Tanya SheHacksPurple Janca
Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.
Advisor: Nord VPN, Cloud Defense, NeuraLegion, ICTC PAC
Founder: We Hack Purple, OWASP DevSlop, #CyberMentoringMonday
The sheer pervasiveness of applications, their associated software engineering process and therefore the variance of application security quotient across software teams is what drives Rahul’s primary role as an AppSec Advocate at we45.
Having worked on both the building and breaking sides of product engineering, Rahul appreciates both the constraints and the opportunities of imbibing security within the software lifecycle. This understanding created a natural segue for we45’s custom security solution engineering and enhanced AppSec service delivery models for its global customers.
As an active DevSecOps Marketer, Rahul works closely with the offices of CTOs and CIOs in the setting up of cross functional skill building and collaboration models between engineering, QA and security teams to build and manage software security maturity frameworks.
Rahul is Certified Information Systems Auditor (CISA) and is a regular speaker at global conferences, seminars and meetup groups on the following topic areas:
1. Application Security Automation and DevSecOps
2. AppSec Tooling
3. Threat Modeling in Agile Engineering
4. QA: Security Mapping
5. Automation ROI Modelling
6. AWS Security
7. Secure Software Maturity Models
Consultant and Researcher in Information Security / CEH
Stay Safe Podcast Founder
Post Graduated in Business Strategic Management, Innovation and Teaching
Founder - Vale Security Conference - Brazilian Conference
Consultant Member - Brazilian Comission of High Tech Crime (OAB / SP)
Coordinator and Teacher in IT area
SJC Hacker Space President
Speaker (CNASI, AppSec California, GrrCon, BalCCon2k14, BSides Augusta, H2HC, Angeles Y Demonios, Silver Bullet, Seginfo, ITA, INPE)
Mani Keerthi Nagothu
Mani Keerthi Nagothu is a cybersecurity professional with work experience starting in India, London, Bermuda and Canada. She worked with consulting firms before her current role as Security Lead at Ballard Power systems. Her experience comprises building cybersecurity strategies, developing security initiatives, incident response, risk assessments, and adopting a holistic approach to security at an enterprise level. Her varied experience across different locations helped her to understand different cultures and working environments. She holds a bachelor of technology in Electronics and Communication and an MBA in Information Security. She is an active member of ISACA and has certifications - CISA, CRISC,CISM,CDPSE to her name.
Ochaun (pronounced O-shawn) Marshall is an application security consultant. In his roles at Secure Ideas, he works on ongoing development projects utilizing Amazon Web Services and breaks other people's web applications. When he is not swallowing gallons of the DevOps Kool-Aid, he can be found blasting J Cole while hacking, blogging, and coding. He covers everything he does with the signature phrase: I code; I teach; I hack.
Ryan Henry is an Assistant Professor in the Department of Computer Science at the University of Calgary. His research focuses on the intersection between software systems and applied cryptography, with an emphasis on using advanced cryptographic techniques to build secure systems that protect the privacy of their users.
Joel Reardon is an Assistant Professor in the Department of Computer Science at the University of Calgary. His research focuses on cybersecurity, an area in which he holds extensive domain knowledge, particularly as it relates to smartphones. In 2018, he co-founded AppCensus Inc., incorporated in California. This company provides privacy analytics as a service and is directly spun out of Dr. Reardon’s own research along with collaborators. AppCensus’ AppSearch service analyzes free publicly-available Android apps, and reports the private and personally identifying information that different apps access and share with other parties over the Internet.
Khalilov Mo is Head of Security Assessment and R&D team working in the industry of information security for last 9+ years. Currently specializes in security research and fuzzing on open source products both on thin and thick client application.
Author of Infernal wireless hacking suit and author of over 30+ zero days ranging from Linux to WP/ Joomla CMS solutions. A big fan of Marvel Cinematic Universe.
Bryan Davies has worked on commercial software projects for over 20 years as a programmer, manager and director. Currently, Bryan is the Director, Product Development at enSift. Along the way Bryan has found and corrected his fair share of insecurity written code. Aside from fixing code, Bryan, has worked on some pretty cool projects including a machine vision system which performed visual quality control on partially assembled Nortel office phones.
Ali Abdollahi is a technologist with 9 years of experience working in a variety of fields. In addition, He is an instructor, author and board of review at Hakin9 company and official trainer at OWASP AppSecDays . Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. Ali is a regular speaker and trainer at industry conferences like: DEFCON (Aerospace, Red Team and AppSec villages), OWASP AppSec Days, c0c0n XII, Confidence Conference 2020, BSides Budapest, BSides Toronto, Texas Cyber Summit, TyphoonCon (SSD Secure Disclosure), YASCon, NoNameCon 20, COUNTERMEASURE|2020, and DragonCon.
Avanish is an information security researcher working as a Lead Security Engineer managing complete end-to-end information security. He loves to break application logic and find vulnerabilities in them, and has been acknowledged by various MNCs like Google, Yahoo, NASA, Vmware, MongoDB, and other top companies. He am also an active blogger where he writes about interesting vulnerabilities that he finds on hisbug bounty journeys, data privacy issues, and everything security.
Some of his articles and interviews have been published in various security magazines, newspapers, and newsletters like Forbes, BBC, Techcrunch, Economic times, Huffingtonpost, Hindustan times, ZDNet, Hakin9, Hackerone, etc. He is also a cybersecurity speaker, where he lovesto share his views on various infosec threads.
Imdadullah Mohammed is currently working as a Security Engineer with Grab, Singapore. He has extensive experience in performing end-to-end security assessments of Web Applications, Web services, Thick Client, Mobile Application, IoT device & Network. Also as a security engineer, he has been responsible for secure code reviews, security training, implementation of security standards, and various other application security initiatives.
Shiv Sahni is currently working as a Senior Associate at JP Morgan Chase, Singapore. He’s a contributor in the OWASP MSTG project and is also the author of a whitepaper titled 'The Grey Matter of Securing Android Applications. He also worked as a guest lecturer for the 'Post-Graduation Diploma Cyber Security '(PGDCL) course at the University of Delhi. His credentials include OSCP, CREST-CRT, CREST-CPSA, ISO 27001-LA, AWS-CSA, and a Gold Medal from the University of Delhi for outstanding academic performance. His research has identified multiple vulnerabilities in organizations including Microsoft, Intel, ING Bank, Sony, Stack Exchange, Intel, and AT&T, etc. Shiv has trained over 200 people in application security.
Josh Sokol, CISSP, graduated from the University of Texas at Austin with a BS in Computer Science in 2002. Since that time, he has worked for several large companies, including AMD and BearingPoint, spent some time as a military contractor, and recently left a ten year career as the Information Security Program Owner at National Instruments in order to pursue a full-time role as the Creator, CEO, and CISO of the free and open source risk management tool named SimpleRisk. Josh has spoken on dozens of security topics, including the much-hyped “HTTPSCan Byte Me” talk at Black Hat 2010, and served for four years on the OWASP Global Board of Directors.
"Mr. Blais is a multi-discipline certified IT professional, cleared to Secret with over 30 years of experience in the IT industry. His career spans numerous disciplines in IT including application development; design, build and operations of internetworking environments; design, construction/maintenance of information security architectures; governance, risk and compliance consulting; enterprise risk management; and strategic security leadership as Alberta’s shared Chief Information Security Officer through Cybera.
Mr. Blais has provided services to every level of government and held numerous positions in the private sector including Board of Director appointments for privately held corporations and a non-profit. In conjunction with his multiple certifications in networking, security and risk, Mr. Blais holds a master’s degree in Leadership and Organizational Change from Royal Roads University; is the author/creator of a Risk-based Information Security Model; graduated from Harvard’s Cyber Risk Management; and is currently working on a book manuscript on Information Security Leadership.
Some Career highlights for Mr. Blais include being a founding leader of TELUS Security Solutions; interaction with the US State Department for security presentation material; project work for the Royal Bank of Scotland; one of three people approached by the US Army at the Pentagon to provide a quote on Network Based Anomaly Detection services; Co-chair of a Provincial Higher Education working group participating in the development of a Cyber Security Framework for Alberta PSI’s; and, services as a virtual CISO through Alberta’s premier technology accelerator Cybera for multiple higher learning institutions.
Mark Leads the Cyber Security Operations, Governance, Risk and Compliance, and Architecture teams centrally @UCalgary.
Rob is a cyber security professional with 25+ years of experience in the IT industry. Governance, control frameworks, policies and procedures are his key strengths. He's also successfully implemented vulnerability management programs, security awareness programs, phishing programs and overall security programs. Working in higher education is a rewarding and challenging opportunity that keeps him on his toes.
Frank Nadon is the Director of IT Infrastructure & Security at Mount Royal University(MRU). He brings over 20 years of experience in the various disciplines of information technologies now focusing primarily on cyber security and risk management.
Frank is a graduate of SAIT's Bachelor of Applied Information systems in Network Management program and holds various professional qualifications including CISSP, CISM, SABSA, TOGAF, PCI ISA. Prior to working at MRU, Frank managed the Network Operation Centre at Shaw Communications and had an 18 year career as an Avionics and Flight Simulator technician in the Canadian Armed Forces.
Charles Smith is currently the Chief Information Security Officer at MacEwan University. While relatively new to the information security field, he has over 20 years of experience in IT, primarily as a software developer. Most of Charles' experience to date has been in the private sector until 6 years ago when he moved into the exciting and challenging world of higher education IT. Having quickly learned how important collaboration and information sharing are for success in both cyber security and higher education, he attempts to be an active participant in both the local Alberta Cybera SecureIT cybersecurity working group and the national CUCCIO Information Security Special Interest group. During 2020/2021, he also completed the CUCCIO (Canadian University Council of Chief Information Officers) Leadership Development Program.
Taimoor Ali Danish
Taimoor is a software developer with expertise in Android app development. He has been working at it since 2016. During this time he's worked in technologies like Node.js mainly in Firebase and Symfony (.php) to complement the back-end development of his Android projects. Currently he's doing his Masters in Information Systems Assurance and researching on privacy implementations in Android contact tracing applications.
Stefan Myroniuk is the IT Manager and Chief Information Security Officer at the Real Estate Council of Alberta (RECA) with 17 years of industry experience. Stefan has managed several key strategic projects including the award-winning myRECA program (2016 PMI-SAC Business Innovation and Technology award), the RECA Building development project (in 2018), and the adoption of RECA’s information security program. Stefan is an active member with the Project Management Advisory Committee at Mont Royal University and the security community in Calgary.
Rodolpho (ROd0X) Concurde
Brazilian, certified C|EH, having begun his studies about Information Security 13 years ago, and passed 11 years has realized projects of Application/Infrastructure Penetration Test, Security Analysis, Code Review and Hardening for industries such as: Telecommunications, Aviation, Financial Institutions, Information Technology and Mining.
In his free time he likes to research and practice new techniques of Attack and sometimes of Reverse Engineering.
Speaker at many countries as: UAE, Spain, USA, Germany and Greece.
From SEH Overwrite to get a shell – Pentest Magazine
Covert Channel Technique Explained - Pentest Magazine
From Fuzzing to Get a Shell – Pentest Magazine
Stack Overflow - Hakin9 Magazine
Doug Leece has been an active member of the Calgary infosec community before anyone knew to call it that. Doug has worked for a number of different Canadian security firms over the years, consulted or hands on keyboard for many projects, penetration tests, intrusion responses, defensible architectures, risk assessments and even the occasional policy.
One of two, almost famous, 'self professed grumpy security guys', Doug is a strong proponent of testing technical infrastructure and applications for assurance, followed up with pragmatic guidance that balances credible risks with business objectives.
Mike Melo, CISO is an award-winning experienced cybersecurity leader and technology advisor who is the current CISO of LifeLabs Medical Laboratory Services. Melo is well respected for his security thought leadership, risk analysis/management abilities, technical knowledge, problem-solving skills, and sound decision-making capabilities. Mike mentors CISOs, CIOs, and senior executives to further develop the alignment of security programs and business outcomes. He iis part of the Toronto Evanta CISO governing body and contributes in a leadership capacity at quarterly gatherings including; talking panels and individual presentations. Melo presents talks and participates at other various security industry meetups and conferences such as C3X, Sheridan College Information Security forum, TASK, Various CISO advisory boards, SecureCISO, SecTor, Blackhat, and RSAC. Melo was recently published in Toggle Magazine’s Fall edition (2020) recognizing his leadership and capabilities in the cybersecurity industry. Melo was also awarded CISO of the Year in 2020 by Siber X.
Sourya is a Technical Director at NCC Group, the largest pure play security consulting firm in the world. he has 16+ years of experience in Information Risk and Security, as both an operator and a consultant and has several articles on cloud computing available online and served as technical editor for an authoritative textbook on the subject. He holds an undergrad degree in Information Technology from IIIT Calcutta and an MBA from the University of Notre Dame and is a certified CISSP, CCSP, CISA, CISM, CRISC, CGEIT, PMP and also have several ITIL Intermediate certifications. His speaking credits include Geek Week, BSidesSF, SOURCE Boston and InfoSec World.
That's all about his second job. His first job is being a father to two adorable and naughty munchkins, 4 and 3 years old.
Harshit Agrawal is currently working as a Radio Security Researcher. He is enthusiastic about Sigint, Drone Pentesting, and IoT Security. He presented his research at Security conferences like RSAC USA, HITB Cyberweek, HITB Amsterdam, etc. Previously, he was President at CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts, giving him a good insight into cybersecurity and increased his thirst to explore more in this field.
Armed with over 20 years of experience in various security roles, Stephen is an esteemed security practitioner, boasting expert level knowledge of operating system and network internals enabling him to architect, implement, support and manage a wide variety of security solutions. A strong believer in maximizing existing solutions and capabilities before seeking new technology solutions, Stephen uses all the tools at his disposal to help enterprise clients reduce business risk and improve their security posture.
His experience leading both operational and architectural security teams while securing and segregating industrial control networks in a sizeable oil and gas environment has given him a strong understanding of real-world security challenges. With many additional years of experience helping organizations assess and improve their security programs, Stephen understands the many ways in which an organization can be compromised and continues to work with clients to enhance their visibility, detect and respond to threats.
Stephen holds many cyber security certifications and is currently an educator in the field as a Certified SANS Instructor.
Hyma Pandyaram is an Identity management specialist at Nulli Secundus Inc., Calgary. As a professional consultant, she has been providing identity management solutions to various industry sectors in Canada and the US. She serves as a director on the board of (ISC)2 Alberta chapter and chairs their education, training and certification committee. She also leads the chapter’s Safe and Secure Online program. She has conducted numerous Cyber Safety presentations at schools, senior centres and non-profit organizations.
For her efforts to promote Cyber Safety, she was recognized by (ISC)2 with their Global Achievement Award. She has a bachelor’s degree in engineering and is a CISSP.
Crane Hassold is the Director of Threat Intelligence at Abnormal Security, where he leads an intelligence team responsible for researching enterprise-focused phishing threats. Prior to moving to the private sector in 2015, Crane served as an Analyst at the FBI for more than 11 years, spending most of his career in the Behavioral Analysis Units, providing support to intelligence community and law enforcement partners against national security adversaries and serial criminals. In 2012, Crane helped create the FBI’s Cyber Behavioral Analysis Center, which takes an asymmetric approach to examining cyber threats by combining the traditional behavioral concepts used for decades in the violent crime world with technical expertise to gain a holistic understanding of threat actor TTPs.