Event Keynotes



John Steven
For two decades, John led technical direction at Cigital, where he rose to the position of co-CTO. He founded spin-off Codiscope as CTO in 2015. When both firms were acquired by Synopsys in 2016, John transitioned to the role of Senior Director of Security Technology and Applied Research. His expertise runs the gamut of software security—from threat modeling and architectural risk analysis to static analysis and security testing. John is keenly interested in using orchestration and automation to provide security governance at the cadence of modern development. As a trusted adviser to security executives, he uses his unparalleled experience with a broad range of security tools to build and mature security programs. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine and as the leader of the Northern Virginia OWASP chapter. John is regularly invited to speak, including keynotes at AppSecUSA and BSIMM.


Masha Sedova
Masha Sedova is an award-winning people-security expert, speaker, and trainer focused on engaging people to be key elements of secure organizations. She is the co-founder of Elevate Security delivering the first people-centric security platform that leverages behavioral-science to transform employees into security superhumans. Before Elevate, Masha Sedova was a security executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners, and customers. In addition, Masha has been a member of the Board of Directors for the National Cyber Security Alliance and regular presenter at conferences such as Blackhat, RSA, ISSA, Enigma, and SANS.


Coleen Coolidge
Coleen Coolidge is the CISO at Segment in San Francisco, building holistic security and trust programs to protect customer data. Previously, she did the same at Twilio (pre-IPO and post-IPO) as Sr Director of Trust and Security. She's also served in security-leadership positions at more traditional, enterprise companies like First American Title and CoreLogic in Southern California. Coleen's goal is to advance the security culture past “just having some infrastructure people do it” to creating a comprehensive program where everyone in the company takes ownership to improve the company’s security posture every year.


Andrew Schafer
Always fascinated with the dynamics of high performing individuals and organizations, Andrew Clay Shafer has a long history helping people deliver systems with better tools and processes. Andrew evangelized devops before devops was a word and helped to organize the devops community since the earliest days of the movement. Gravitating to Agile methods as a competitive advantage for software development at startups in the early 2000s, Andrew pioneered new ways of working to automate systems which evolved into practices that are now mainstream. While the tools and practices continue evolving, Andrew is still focused on helping organizations change their behavior to improve their technology outcomes.