Sebastien Deleersnyder (Seba) is the CTO, co-founder of Toreon and COO of Data Protection Institute. With a strong background in development and extensive experience in cybersecurity, Seba has trained numerous developers on how to create more secure software. He is also the founder of the Belgian OWASP chapter and a former member of the OWASP Foundation Board. Through his work leading OWASP projects like OWASP SAMM, Seba has made a significant impact in improving the overall security of the world. Currently, he is focused on adapting application security models to the rapidly changing landscape of DevOps and promoting the importance of threat modeling to a broader audience.
Abhay Bhargav is the Founder of the Chief Research Officer of AppSecEngineer, an elite, hands-on online training platform and we45 a specialized AppSec Company. Abhay started his career as a breaker of apps, in pentesting and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOps He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His training programs have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on. He has authored two international publications on Java Security and PCI Compliance as well.
After 15 years in itsec and 22 in IT Abraham is now the CEO of 7ASecurity, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Co-Author of the Mobile, Web and Desktop Electron app 7ASecurity courses. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. Former senior penetration tester / team lead at Cure53 and Version 1. Creator of Practical Web Defense, a hands-on eLearnSecurity attack / defense course, OWASP OWTF project leader, an OWASP flagship project - owtf.org, Major degree and Diploma in Computer Science, some certs - CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE-Security, MCSA-Security, Security+. As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. He writes on Twitter as @7asecurity. Multiple presentations, pentest reports and recordings can be found at 7asecurity.com/publications
Harold Blankenship is an open source cybersecurity aficionado who likes to see the proliferation of good open source solutions to everyday application security problems. As the previous Director of Technology and Projects at OWASP, Harold is knowledgeable in and has been a staunch supporter of the various OWASP projects used in this training. Harold is now the Director - Community & Customer Success with DefectDojo, Inc. and is also Vice chair of the OWASP Events Committee and OWASP project leader for Developer Guide. Harold received his Bachelor of Science degree in Computer Science from Texas State University and his Master of Science in Cybersecurity from New York University
Matt Tesauro is a DevSecOps and AppSec guru who specializes in creating security programs, leveraging automation to maximize team velocity and training emerging and senior security professionals. When not writing automation code in Go, Matt is pushing for DevSecOps everywhere via his involvement in open-source projects, presentations, trainings and new technology innovation. As a versatile engineer, Matt’s background spans software development, primarily web development, Linux system administration, penetration testing and application / cloud security. He thrives on tackling industry defining technical problems. Currently, as a Founder and CTO at DefectDojo Inc, Matt is making an already great vulnerability management platform even better. Matt is also on the OWASP Global Board of Directors helping to progress open source AppSec. Previously, he delved deep into API Security at Noname Security and rolled out AppSec automation at USAA. Early in his career, Matt served as Director of Community and Operations at the OWASP Foundation, Senior AppSec Engineer at Duo Security, Senior Software Security Engineer at Pearson and Senior Product Security Engineer at Rackspace.
Sven is living in Austria and is a Pricipal Security Consultant at Crayon, specialized in Cloud Security. He has extensive experience in offensive security engagements like Penetration Testing and Application Security by supporting and guiding software developement projects for Mobile and Web Applications during the whole SDLC to build security in from the start. Besides his day job, Sven is one of the core project leaders and authors of the OWASP Mobile Application Security Testing Guide, MASTG, and OWASP Mobile Application Security Verification Standard, MASVS. Sven is giving talks and workshops about Mobile Security worldwide to different audiences, ranging from developers to students and penetration testers.
Fabio delivered this training to thousands of developers and security professionals. He also regularly delivers training to technical audiences on various topics such as application security, cloud security, and information security. Here is a reference from one attendee of his courses, Fabio is an excellent instructor. I was lucky enough to attend one of the courses where he was the instructor. He was able to present the subject matter in an interesting way and at an appropriate pace. He encouraged interaction and was able to answer questions with ease by leveraging his extensive experience in the industry. Fabio Cerullo is an official certified instructor for (ISC)², the global leader in information security education and certification. Fabio has over 15 years of experience in the information security field gained across a diverse range of industries ranging from financial and government institutions to software houses and start-ups. He regularly trains professionals from different backgrounds in application security, cloud security, and information security. He is a regular speaker at events organized by OWASP, ISACA and (ISC)² among others; and provides commentary and written articles for specialized industry media (Computer Weekly, Infosecurity Magazine, SiliconRepublic.com, etc). He holds an MSc in Computer Engineering from UCA and the SSCP, CISSP, CSSLP & CCSP certifications from (ISC)².