September 13 2023


We are updating this page regularly –> please keep checking!

Brook SchoenfieldBrook Schoenfield

Books by Brook S.E. Schoenfield include Building In Security At Agile Speed (Auerbach, 2021, co-authored with James Ransome), Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). He co-authored The Threat Modeling Manifesto (2020), Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017). He has taught 100’s of security architects, and 1000’s have attended his threat modelling trainings. He technically led five AppSec/software security programs and 4 consulting practices. Currently, Mr. Schoenfield works with organizations and technical leaders to improve their software security practices as CTO and Chief Security Architect at Resilient Software Security. He also teaches at the University of Montana. He regularly speaks at conferences and appears in podcasts/webinars. Please see or for details.

Taiye LamboTaiye Lambo

Taiye Lambo is a Serial Entrepreneur, Cybersecurity, and Risk Management Pioneer. He co-founded HISPI, eFortresses, CloudeAssurance, and recently
He is a Self-Published Author of Attribution: Social and Cyber Spaces, a fictional novella available on Amazon and the HISPI think tank for Safe and Secure AI –
He has 33 years of experience in the area of Information Technology across 4 continents – including 26 years of experience assisting organizations to build robust, comprehensive, effective, and sustainable information security programs through the integration of internationally accepted best practices.
Taiye has held executive leadership roles (Deputy CIO, CISO, Director) for the City of Atlanta, John H. Harland (now Harland Clarke), as well as the Atlanta Federal Reserve Bank.
Taiye received his Bachelors in Electrical Engineering from the University of Ilorin, Nigeria, and Masters in Business Information Systems from the University of East London, United Kingdom.

Rahim JinaRahim Jina

Rahim is the Co-Founder & COO of edgescan™, a Fullstack Vulnerability Management and Penetration Testing SaaS.Rahim is responsible for operational excellence and has extensive experience delivering pen testing services to a wide range of organizations globally.Prior to this, Rahim was Head of Product & Operational Security for Fonality, a VOIP provider based in Los Angeles and was also a senior security consultant for a ‘Big 4’consultancy firm for many years.
With prior involvementinOWASP (Open Web Application Security Project)as acontributor and volunteer since 2007, Rahim helped run theDublin chapter for a number of years. Rahim graduated in 2002 from Trinity College Dublin (Ireland) with a Bachelor’s degree in Computer Science, completed an M.Sc in Security & Forensic Computing from Dublin City University (Ireland) in 2006 and has been a CISSP (Certified Information Systems Security Professional) since 2008

Allen WestAllen West

Allen West is a Security Researcher on Akamai’s Security Intelligence Response Team who loves investigating threats and building tools. He is currently pursuing his Master’s in Information Security and Assurance from Carnegie Mellon University, received his undergraduate in Cyber Security from Northeastern University, and is a Marine Corps Veteran. During his free time, Allen loves traveling, flying drones, hiking, swimming, or really anything outdoors and adventurous.

Dustin LehrDustin Lehr

Before shifting into cybersecurity leadership, Dustin Lehr spent 13 years as a software engineer and application architect in a variety of industries, including retail, DoD, and even video games. This background has helped him forge close partnerships with development teams, engineering leaders, and software security advocates to design application security programs that maximize engagement. He is the Sr. Director of Platform Security at Fivetran plus the Co-founder and Chief Solutions Officer at Katilyst Security, which helps companies build security culture and security champion programs. He also co-hosts the open discussion remote meetup “Let’s Talk Software Security!” ( and authored The Security Champion Program Success Guide (

Dan ShanahanDan Shanahan

Dan Shanahan is a Principal Field Security Specialist at GitHub where he helps customers conceptualize and build strategies to enable developer-first security. Over the past decade, Dan has held many roles in the security space, but found his “happy place” in application security.

Richard GreenbergRichard Greenberg

Richard Greenberg, CISSP is a well-known Cyber Security Leader and Evangelist, CISO, Advisor, and speaker.
Richard brings over 30 years of management experience and has been a strategic and thought leader in IT and Information Security. His Project Management, Security Management and Operations, Policy, and Compliance experience has helped shape his broad perspective on creating and implementing Information Security Programs.
Richard has been a Chief Information Security Officer (CISO) for 15 years, Director of Surveillance and Information Systems, Chief of Security Operations, Director of IT, and Project Manager for various companies and agencies in the private and public sectors.
You may have heard Richard’s interview as a Cyber Security expert on Will Ferrell’s Ron Burgundy podcast:
Richard is the Founder and CEO of Security Advisors LLC, which offers fully-managed security assessments and network and software penetration testing services that allows organizations to continuously assess their internal and external cyber risk posture, and helps companies with compliance issues. He is also the CEO of Layer 8 Masters, which has been putting on the content-rich Planet Cyber Sec conferences and CISO-CIO Forums.

Richard is an Information Systems Security Association (ISSA) Distinguished Fellow, one of only 64 worldwide, and has received their Honor Roll designation (only 55 worldwide). He has also been selected as a finalist for both the (ISC)2 Americas Information Security Leadership Award in the Senior Information Security Professional category and the Los Angeles Business Journal CIO of the Year in Security.
Richard has served on the OWASP Global Board of Directors, leads the OWASP LA Chapter, and has been Co-Chair of the highly successful AppSec California conferences. Richard also is President of the Information Systems Security Association Los Angeles Chapter and is Chair of their widely recognized annual Security Summit and CISO Forum.
Richard is dedicated to diversity in our field. He started and chairs the annual Women in Security Forum, and supports creating a more open and welcome community. Richard’s reach in the Southern California region is extensive. He has worked diligently to bring together the various Southern California IT and InfoSec organizations to enhance their collaboration efforts, to help reach new IT and InfoSec professionals.
Richard has been a published author and has spoken worldwide on Information Security, individually and on panels.

Francesco CipolloneFrancesco Cipollone

Francesco is a seasoned entrepreneur, CEO of the Contextual-based vulnerability management platform from code to cloud Phoenix Security, author of several books, host of multi-award Cyber Security & Cloud Podcast, speaker and known in the cybersecurity industry and recognized for his visionary views. He currently serves as Chapter Chair UK&I of the Cloud Security Alliance. Previously, Francesco headed HSBC’s application and cloud security and was Senior Security Consultant at AWS. Francesco has been keynoting at global conferences and has authored and co-authored several books. Outside of work, you can find me running marathons, snowboarding on the Italian slopes, and enjoying single malt whiskeys in one of my favourite London clubs.

Kalyani PawarKalyani Pawar

Kalyani Pawar is the AppSec Tech Lead at Zipline, where she leverages her extensive background in cybersecurity to safeguard drone technology and infrastructure. She holds an MS in Cybersecurity from Johns Hopkins University, which underpins her expertise in adversary emulation, AI-models for detecting cyber threats, and application security. She is also recognized as an RSA, GHC, and WiCyS Scholar. When not in front of her laptop, you can find her building Lego sets or painting mandalas.

Sean PorisSean Poris

Sean Poris leads the Cyber Resilience pillar inside Yahoo’s information security organization, affectionately dubbed “The Paranoids.”
He’s passionate about providing the bedrock of security solutions that ensure the protection of the company’s critical consumer and company data that nearly one billion people around the world entrust to Yahoo.
Sean’s team – which includes Vulnerability Management Operations and Engineering; Cloud Security; and Bug Bounty, among half a dozen other functions – builds solutions that drive the delivery of resilient products and infrastructure.
Prior to Yahoo, Sean was the Senior Director of Software Security at The College Board, which enables students in their collegiate journeys throughout the world.
There, his team equipped software development groups with the critical training, tools, and processes needed to address information security holistically throughout the development lifecycle.
Sean currently serves on the Board of the Northern Virginia Chapter of OWASP. And in that capacity, he worked as the 2019 Global OWASP AppSec DC conference’s co-chair.

Dan KuykendallDan Kuykendall

Dan Kuykendall – Leader + Investor + Advisor
Industry leader in Application Security for 25 years, with a total of 30 years in tech.
Co-founder and CEO of NT OBJECTives until acquired by Rapid7 in 2015 where he served as Senior Director of Application Security Products until 2023. Recently started incubation on a new startup to guide software development leadership.

Cortez FrazierCortez Frazier

Cortez Frazier Jr. is the product lead for FOSSA’s SaaS and on-premises enterprise applications. FOSSA is a developer tool (in the software composition analysis category) for managing open source license compliance and security vulnerabilities.

Before joining FOSSA, Cortez served as product lead for all of Puppet’s SaaS-based products, primarily within the CSPM (Cloud Security Posture Management) domain.

Earlier, Cortez worked as a Senior Cybersecurity Architect for GE Power within the application security space. At GE Power, Cortez was responsible for ~1800 devs and ~600 applications and focused on building and scaling enterprise vulnerability management programs.

Aaron GuzmanAaron Guzman

Aaron Guzman co-authors “IoT Penetration Testing Cookbook” and is a Senior Security leader with Cisco Meraki, protecting millions of networks and end users. He’s led open-source initiatives that provide awareness of IoT security defensive strategies as well as lower the barrier of entry into IoT hacking under OWASP’s IoT and Embedded Application Security projects.

Aaron co-chairs Cloud Security Alliance’s IoT Working Group and is a technical reviewer for several IoT Security books. He has extensive public speaking experience delivering conference presentations, trainings, and workshops globally.

Mike SmithMike Smith

Mike Smith is a Senior Sales Engineer at Orca Security where he has been for almost 2 years. Prior to Orca he spent 6 years at Puppet helping organizations transform and adopt cloud, devops, and infrastructure as code successfully and at scale. He has helped and advised every type of organization from small startups to the fortune 10 over the last 20 years.

Austin SteffesAustin Steffes

Austin Steffes is a Sales Engineer at Sonatype, dedicated to driving innovation and solving organizational challenges. With a keen interest in supply chain security, he leverages his understanding of current business processes to develop technical solutions. Prior to Sonatype, Austin held positions in Software Engineering and NLP Engineering.

John HeenanJohn Heenan

John Heenan is a Cloud Security Solutions Architect at Palo Alto Networks. Day-to-day, he helps customers understand and secure their cloud infrastructure, with a goal of driving security while helping companies maintain their release timelines. His previous experience includes digital forensics, incident response, and consulting around cybersecurity and business risk. In his personal time, John enjoys scuba diving, motorcycles, and travel.