Keynote Speakers

Tanya JancaCEO and Founder, WeHackPurple.com

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia).

Tanya JancaCEO and Founder, WeHackPurple.com

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia).

closepopup
Nicole BeckwithAdvanced Security Engineer, Kroger

Ms. Beckwith is a former state police officer, and federally sworn U.S. Marshal. She worked as a financial fraud Investigator and digital forensic examiner for the State of Ohio and a Task Force Officer for the United States Secret Service in their Financial and Electronic Crimes division. Ms. Beckwith works as an Advanced Security Engineer for the Kroger Technology Automation and Tools team. In this role she is responsible for the planning, design and build of security architectures to ensure a strong security posture, compliance with regulations, and safeguard customer’s data.

Nicole BeckwithAdvanced Security Engineer, Kroger

Ms. Beckwith is a former state police officer, and federally sworn U.S. Marshal. She worked as a financial fraud Investigator and digital forensic examiner for the State of Ohio and a Task Force Officer for the United States Secret Service in their Financial and Electronic Crimes division. Ms. Beckwith works as an Advanced Security Engineer for the Kroger Technology Automation and Tools team. In this role she is responsible for the planning, design and build of security architectures to ensure a strong security posture, compliance with regulations, and safeguard customer’s data.

closepopup

Breakout Speakers

Ursula CowanSenior Threat Research Analyst, Mandiant

Ursula Cowan, is a Senior Threat Research Analyst at Mandiant Security Validation, focusing on researching adversaries’ tactics, techniques, and procedures (TTPs), breaking them down to the smallest behaviors, for the purpose of replicating them within the Mandiant Security Validation Platform.

Ursula’s career started as a police detective investigating cyber-crime, death, and online exploitation. She later added computer forensics examiner to her list of job duties. Her training in computer forensics was at the U.S. Secret Service’s National Computer Forensic Institute (NCFI), she also holds a Bachelor of Science in Applied Psychology from the Florida Institute of Technology, and a Master of Science in Digital Forensics from the University of Central Florida.

Ursula CowanSenior Threat Research Analyst, Mandiant

Ursula Cowan, is a Senior Threat Research Analyst at Mandiant Security Validation, focusing on researching adversaries’ tactics, techniques, and procedures (TTPs), breaking them down to the smallest behaviors, for the purpose of replicating them within the Mandiant Security Validation Platform.

Ursula’s career started as a police detective investigating cyber-crime, death, and online exploitation. She later added computer forensics examiner to her list of job duties. Her training in computer forensics was at the U.S. Secret Service’s National Computer Forensic Institute (NCFI), she also holds a Bachelor of Science in Applied Psychology from the Florida Institute of Technology, and a Master of Science in Digital Forensics from the University of Central Florida.

closepopup
Jessica LeeThreat Response Analyst, CrowdStrike

Jessica Lee is a threat hunter on a 24/7/365 global managed threat hunting team, where she has the opportunity to disrupt and defend against today's most sophisticated adversary groups. She has over seven years of experience in the field and began her career as a cybersecurity consultant helping commercial clients transform their Security Operations Center. She has also helped to build threat intelligence capabilities from the ground up at two Fortune 250 companies in the Oil and Gas and Financial Services industries. Jessica holds the Global Certified Forensic Analyst (GCFA), Global Certified Intrusion Analyst (GCIA), Global Cyber Threat Intelligence (GCTI), and GIAC Security Essentials (GSEC) certifications from GIAC Certifications.

Jessica LeeThreat Response Analyst, CrowdStrike

Jessica Lee is a threat hunter on a 24/7/365 global managed threat hunting team, where she has the opportunity to disrupt and defend against today's most sophisticated adversary groups. She has over seven years of experience in the field and began her career as a cybersecurity consultant helping commercial clients transform their Security Operations Center. She has also helped to build threat intelligence capabilities from the ground up at two Fortune 250 companies in the Oil and Gas and Financial Services industries. Jessica holds the Global Certified Forensic Analyst (GCFA), Global Certified Intrusion Analyst (GCIA), Global Cyber Threat Intelligence (GCTI), and GIAC Security Essentials (GSEC) certifications from GIAC Certifications.

closepopup
Sunny JamwalSenior Security Consultant, MNP

Sunny Jamwal is a Senior Security Consultant for MNP’s Cyber Security team. With over 10 years of experience, Sunny has extensive knowledge of information security, networking, and related information technologies allowing him to quickly and knowledgeably inspect system architectures, identify vulnerabilities, assess risks and recommend safeguards to reduce and mitigate risk to information assets. Sunny has acted as the primary technical lead and subject matter expert on numerous Cyber Security Assessments for various private and public organizations in government and industries such as retail, finance, insurance, manufacturing, computer, communication, utilities, healthcare, and business services.

Sunny JamwalSenior Security Consultant, MNP

Sunny Jamwal is a Senior Security Consultant for MNP’s Cyber Security team. With over 10 years of experience, Sunny has extensive knowledge of information security, networking, and related information technologies allowing him to quickly and knowledgeably inspect system architectures, identify vulnerabilities, assess risks and recommend safeguards to reduce and mitigate risk to information assets. Sunny has acted as the primary technical lead and subject matter expert on numerous Cyber Security Assessments for various private and public organizations in government and industries such as retail, finance, insurance, manufacturing, computer, communication, utilities, healthcare, and business services.

closepopup
GS McNamaraSenior Application Security Engineer, Okta

GS is a cyber security and intelligence professional who brings his software development background to the table, qualifying him as a purple team member advocating and understanding both the attack and defense sides of application security. He has worked in environments as fast as startups, as small as a sole proprietorship, as large as a Fortune 50, and as challenging as DARPA.

GS McNamaraSenior Application Security Engineer, Okta

GS is a cyber security and intelligence professional who brings his software development background to the table, qualifying him as a purple team member advocating and understanding both the attack and defense sides of application security. He has worked in environments as fast as startups, as small as a sole proprietorship, as large as a Fortune 50, and as challenging as DARPA.

closepopup
Adrien de BeauprePrincipal Instructor, SANS

Today, in addition to being a prolific SANS instructor and course author, Adrien is an independent penetration tester in both the Government and private sectors around the world.

A sought-after instructor known for his engaging, straight-forward style, professionalism, and real-world experience and examples, Adrien has taught a plethora of SANS courses. Thus showing his depth and breadth of knowledge in penetration testing, vulnerability assessment, incident handling, and intrusion detection. He is the co-author of two SANS courses; SEC460 Enterprise Threat and Vulnerability Assessment and SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques. Adrien designs, implements and runs Capture the Flag exercises in each of his classes.

To Adrien, teaching at SANS is an opportunity to pay forward the investment his mentors and teachers made to him throughout his career. This is a chance to share his knowledge and experience while learning from the research he does to teach the material covered in a SANS course. “And, it’s rewarding to see a student who was struggling, finally understand what rooting a box feels like,” he says. “I love what I do, I am either hacking or teaching how to hack!”

Adrien has taught SANS SEC504 Hacker Tools, Techniques, and Incident Handling; SEC460 Enterprise Threat and Vulnerability Assessment (course co-author and lead instructor); SEC560 Network Penetration Testing and Ethical Hacking; SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques (course co-author and main instructor); SEC542 Web App Penetration Testing and Ethical Hacking.

Adrien contributed to the OSSTMM3, Hacking Exposed Linux (3rd Edition), Security Incident Handling Step-by-Step Guide (SANS), the Security Incident Management Capability Maturity Model (Bell) and other vulnerability assessment and security management frameworks as well as methodologies such as SANS courseware.

A long-term volunteer member of the SANS Internet Storm Center, where he performs incident handling and threat analysis, Adrien also holds GSEC, GPEN, GWAPT, GCIA, GCIH, GXPN, OPSA, OPST, MCSE and CISSP certifications.

When he’s not teaching or consulting, you’ll find Adrien hacking in his personal time…both computers and through his practice of Karate.

Adrien de BeauprePrincipal Instructor, SANS

Today, in addition to being a prolific SANS instructor and course author, Adrien is an independent penetration tester in both the Government and private sectors around the world.

A sought-after instructor known for his engaging, straight-forward style, professionalism, and real-world experience and examples, Adrien has taught a plethora of SANS courses. Thus showing his depth and breadth of knowledge in penetration testing, vulnerability assessment, incident handling, and intrusion detection. He is the co-author of two SANS courses; SEC460 Enterprise Threat and Vulnerability Assessment and SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques. Adrien designs, implements and runs Capture the Flag exercises in each of his classes.

To Adrien, teaching at SANS is an opportunity to pay forward the investment his mentors and teachers made to him throughout his career. This is a chance to share his knowledge and experience while learning from the research he does to teach the material covered in a SANS course. “And, it’s rewarding to see a student who was struggling, finally understand what rooting a box feels like,” he says. “I love what I do, I am either hacking or teaching how to hack!”

Adrien has taught SANS SEC504 Hacker Tools, Techniques, and Incident Handling; SEC460 Enterprise Threat and Vulnerability Assessment (course co-author and lead instructor); SEC560 Network Penetration Testing and Ethical Hacking; SEC642 Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques (course co-author and main instructor); SEC542 Web App Penetration Testing and Ethical Hacking.

Adrien contributed to the OSSTMM3, Hacking Exposed Linux (3rd Edition), Security Incident Handling Step-by-Step Guide (SANS), the Security Incident Management Capability Maturity Model (Bell) and other vulnerability assessment and security management frameworks as well as methodologies such as SANS courseware.

A long-term volunteer member of the SANS Internet Storm Center, where he performs incident handling and threat analysis, Adrien also holds GSEC, GPEN, GWAPT, GCIA, GCIH, GXPN, OPSA, OPST, MCSE and CISSP certifications.

When he’s not teaching or consulting, you’ll find Adrien hacking in his personal time…both computers and through his practice of Karate.

closepopup
Karen WalshFounder, Allegro Solutions

Karen Walsh, CEO and Founder of Allegro Solutions, is a lawyer and former internal auditor turned subject matter expert in cybersecurity and privacy regulatory compliance. She provides consulting and content services for cybersecurity startups, translating technology features into business-oriented solutions. She believes that securing today’s data protects tomorrow’s users. Karen has been published in the ISACA Journal, Dark Reading, HelpNet Security, NextGov, and Security Magazine.

Karen WalshFounder, Allegro Solutions

Karen Walsh, CEO and Founder of Allegro Solutions, is a lawyer and former internal auditor turned subject matter expert in cybersecurity and privacy regulatory compliance. She provides consulting and content services for cybersecurity startups, translating technology features into business-oriented solutions. She believes that securing today’s data protects tomorrow’s users. Karen has been published in the ISACA Journal, Dark Reading, HelpNet Security, NextGov, and Security Magazine.

closepopup
Mark StanislavVP, Information Security, Gemini

After nearly 20 years in information security & technology roles, I continue to be excited by the chance to use a growth-oriented mindset to mix deep technical expertise with a passion for solving complex business problems in a sustained, measurable manner.

Whether it’s creating a greenfield security architecture, advising on a corporate security program, speaking at industry conferences, testifying before the government, or mentoring a student, I am always ready to maximize the return on the professional investments from across my career.

I firmly believe that careers are meant to be challenging, meaningful, and dynamic. A great employee is not the one you keep the longest, but the one who is there every day to make a forward-looking contribution to the vision & mission of their team. Whether as a people leader, or an individual contributor, I focus not on what’s there today, but what should be in place for the team after me.

Mark StanislavVP, Information Security, Gemini

After nearly 20 years in information security & technology roles, I continue to be excited by the chance to use a growth-oriented mindset to mix deep technical expertise with a passion for solving complex business problems in a sustained, measurable manner.

Whether it’s creating a greenfield security architecture, advising on a corporate security program, speaking at industry conferences, testifying before the government, or mentoring a student, I am always ready to maximize the return on the professional investments from across my career.

I firmly believe that careers are meant to be challenging, meaningful, and dynamic. A great employee is not the one you keep the longest, but the one who is there every day to make a forward-looking contribution to the vision & mission of their team. Whether as a people leader, or an individual contributor, I focus not on what’s there today, but what should be in place for the team after me.

closepopup
Lee NeelySecurity Professional, Lawrence Livermore National Laboratory

Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 30 years of experience. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Lee has worked with securing information systems since he installed his first firewall in 1989.

Lee NeelySecurity Professional, Lawrence Livermore National Laboratory

Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 30 years of experience. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Lee has worked with securing information systems since he installed his first firewall in 1989.

closepopup