OWASP Academic Summit for Information Security
Join us at the University of Washington, Bothell campus for OASIS, the OWASP Academic Summit for Information Security! This is a one day workshop devoted to cyber security and it's various disciplines. Come prepared to learn from industry leaders about the various roles they play in the field, engage in hands on workshops led by these professionals to learn the skills they use every day, and network with our local security community.
Please bring a working laptop. Some of these sessions will be hands on sessions, and you dont want to miss out! We will provide software, so nothing to worry about except for your own machine.
Date: Saturday, May 13, 2017
Time: 9:45 AM — 6:00 PM
Check in Time: 9:00 AM.
University of Washington Bothell
18115 Campus Way Northeast
Discovery Hall room 061
Bothell, WA 98011
Auditing: Sania HussainSenior Program Manager, Microsoft
Sania Hussain is a Senior Program Manager at Microsoft. She has worked in both private enterprise and the government sector providing security operations, engineering, and auditing consultation. Currently Sania leads the FedRAMP audit program for the Office 365 SaaS offering from Microsoft. Sania likes to explore the interface of science, society, politics, and privacy as a civil right.
Forensics: Brandon LeathaLeatha Consulting LLC
Brandon Leatha, the Founder and Managing Director of Leatha Consulting LLC, is an expert in digital forensics, e-Discovery, and data analytics. With over 17 years of consulting experience in the litigation support industry, he advises clients on digital forensics investigations, e-Discovery, and cybersecurity. Mr. Leatha has extensive experience with enterprise software including both on premise and cloud based email, database, line of business applications, and custom software solutions. He has performed forensic investigations on hundreds of devices ranging from modern cellphones and computers to some unusual systems including medical devices, wearable technology, and the internet of things (IOT).
Incident Response: Joe ConiglioSecurity Engineer, Zillow Group
Joe Coniglio is a former systems administrator and current Security Engineer. His passion for information security goes back 10 years to his position at a video game company - he was tasked with banning cheaters from a massively multiplayer online game. Fast forward several years, Joe began his IT career performing help desk duties; this evolved into Systems Administration in mixed Linux and Windows environments, and finally into a full-time Security career. Incident Response is a big part of Joe's workload, as well as configuring, deploying, and maintaining security infrastructure.
Penetration Testing: Jason TsangSecurity Engineer, Microsoft
Jason Tsang is a penetration tester, security consultant and security researcher. He has extensive experience in penetration testing of various cloud infrastructures, Web applications, programs and services, physical environments, networks and systems. He also has experience in information security policy development and audit, vulnerability assessments, threat modeling, vulnerability management and risk management. Additionally, he has experience in software and security tools development as well as exploit development and malware analysis. In his free time he performs security research, including finding vulnerabilities in existing systems and services leading to responsible disclosure and developing security tools and solutions for existing problems in the industry.
Cybersecurity Career Panel
Tab Pierce is the founder and President of Caliber Security Partners and a founder and advisor to 3P&T Security Recruiting. He has nearly 20 years of information security knowledge and is highly connected throughout the United States security community. If you need to find someone in security chances are Tab knows them or he can get an introduction quickly. He's the former founder of The Zyon Group and co-founder of Mindpoint.net. He's held executive positions within information security service providers as well as IT companies. Work and security are his passions, but if he's not doing that check one of the lakes, rivers, or the Puget Sound, because he's probably out fishing.
Vanessa is currently VP and CISO for DocuSign helping to lead the company in providing an industry leading security program to its customers. Vanessa formally worked with US Bank as the Senior VP responsible for Enterprise Information Security and a team of over 120 people. She also was the CISO at Expedia and has held senior level security roles with Washington Mutual, Cingular and AT&T Wireless. She has held numerous other roles specifically within the wireless arena including Network Planning, Architecture & Engineering, Technical Sales, and Product Development. She holds GSEC, CRISC, CISM and CISSP security certifications. Additionally, she holds the CIPP/E Privacy certification.
Ravila White is currently a Deputy Director of Enterprise Security Architecture at a global healthcare company. She has over 15 years of experience in Information Technology and Information Security with a career spanning non-profit, healthcare, e-commerce and educations sectors. She has experience as a whitehat, strategist, architect, auditor, incident handler and various leadership roles. She applies reverse engineering and logic-based information modeling to her work. Ravila carries CISSP, CISM, CISA, CIPP, GCIH and ITIL v3 certifications along with a MSc information Security from the University of Royal Holloway. She regularly presents at local and national events on information assurance topics and is published on a national and global level. She is also a member of the PacCISO and Agora.
Andrew Walenstein is the Director of Security Research and Development at BlackBerry, and leads the Center for High Assurance Computing Excellence (CHACE). The CHACE team works on advanced security research with diverse teams both within BlackBerry and in collaboration with companies and universities. The team publishes academic research, builds advanced prototypes, and directly supports transition from research to products and services. They also build and run the BlackBerry Guardian suite of automated app security vetting services. Before joining BlackBerry, Andrew was a professor of computer science at the University of Louisiana at Lafayette and has about 14 years of experience in cybersecurity research.