Stacy Thayer, Founder and Executive Director, SOURCE Conferences
Prior to founding SOURCE Conferences, Stacy was employed as a Research Analyst for Linkage, Inc, a Fortune 500 company, where she worked with other Fortune 500 organizations to examine best practices in leadership development, training, and business practices. Stacy first entered the computer fray in 1994, when she began calling local BBSes and attending Boston 2600 meetings. After several years of software consulting during college, she went on to graduate school where she examined online communication behaviors and internet psychology. During this time she also had an award winning interactive website, and was one of the first web developers to utilize chat-rooms, web cams, message boards, blogs, and other interactive media. Her site was used as example of online interpersonal interactions in several university classrooms, including Massachusetts Institute of Technology. She recently completed her PhD in Business Psychology.

SOURCE Advisors

Andrea Barisani, Chief Security Engineer of Inverse Path Ltd (SOURCE Barcelona)
Andrea Barisani is a security researcher and consultant. His professional career began 8 years ago but all really started when a Commodore-64 first arrived in his home when he was 10. Now, 17 years later, Andrea is having fun with large-scale IDS/Firewalls deployment and administration, forensic analysis, vulnerability assessment, penetration testing, security training and his Open Source projects. He eventually found that system and security administration are the only effective way to express his need for paranoia. Being an active member of the international Open Source and security community he's maintainer/author of the tenshi, ftester projects as well as the founder and project coordinator of the oCERT effort, the Open Source Computer Emergency Response Team. He has been involved in the Gentoo project, being a member of the Gentoo Security and Infrastructure Teams, and the Open Source Security Testing Methodology Manual, becoming an ISECOM Core Team member. Outside the community he has been a security consultant for Italian firms and he's now the co-founder and Chief Security Engineer of Inverse Path Ltd.  He has been a speaker and trainer at PacSec, CanSecWest, BlackHat and DefCon conferences among many others, speaking about SatNav hacking, 0-days, LDAP and other pretty things.

Reto Baumann, IT Security Specialist at IBM Switzerland (SOURCE Barcelona)
Reto is deployed as IT Security Architect or IT Specialist acting as technical lead and interface to the customer on most projects. He consults with the customer to cover business requirements for designing the best technical solution matching the customer’s needs. Reto gained in depth knowledge about security technologies during several years of active participations in projects in and around Switzerland covering all sectors. Reto is a subject matter expert in the areas of Ethical Hacking and Security Architectures with a broad knowledge of technologies used to secure modern information technology infrastructures. He today consults with clients (mostly CIO's or CISO's) on a regular basis regarding their network or software security designs and implementations, their policies and processes as well as their overal IT architecture. As an IT Architect Reto acts as the link between the business and the information technology.

Cedric Blancher, Head of Computer Security Research Lab at EADS Innovation Works (SOURCE Barcelona)
Cédric Blancher has been working in the field of network security for the last 7 years, first as a security consultant, performing audits, penetration tests and trainings, then as research engineer at EADS Innovation Works since 2004. His research focuses on network security, especially wireless links. He is an active member of Rstack team, having worked on honeypots, network traffic diversion, segregation and analysis. He's been delivering presentations, workshops and trainings worldwide, and writing papers and articles on network and wireless security.

Ero Carrera, Reverse Engineer at zynamics GmbH (was SABRE Security) (SOURCE Barcelona)
Ero Carrera is currently a reverse engineering automation researcher at zynamics GmbH (was SABRE Security Gmbh), home of BinDiff and BinNavi. Ero has previously spent several years as a Virus Researcher at F-Secure where his main duties ranged from reverse engineering of malware to research in analysis automation methods. Prior to F-Secure, he was involved in miscellaneous research and development projects and always had a passion for mathematics, reverse engineering and computer security. While at F-Secure he advanced the field of malware classification introducing a joint paper with Gergely Erdelyi on applying genomic methods to binary structural classification. Other projects he’s worked on include seminal research on generic unpacking. Additionally, Ero is a habitual lurker on OpenRCE and has contributed to miscellaneous reverse engineering tools such as pydot, ida2sql, Pythonika and the broadly used pefile.
 

Rob Cheyne, CEO of Safelight Security Advisors (SOURCE Boston)

Rob Cheyne is founder and chief executive officer of Safelight Security Advisors, a leading security education and consulting company in the Boston Area. He is a strong advocate for proactively addressing security issues and he has taught information security training classes to thousands of developers, architects and managers over the past four years. Rob has 17 years of experience in the information technology field and has been working in the information security field since 1998. He has played the role of software developer, systems integrator, security expert, consultant, trainer and entrepreneur, which gives him a unique and balanced blend of business and technical expertise. Rob was one of the founding employees of @stake, a highly regarded pioneer in information security consulting. He helped develop application security assessment methodologies that are still in use today and led @stake's Application Security Center of Excellence for two years. He has led and conducted secure architecture and design reviews, secure code reviews, application penetration tests, and various types of specialized security audits for Fortune 500 companies. Rob was also a co-author of the award-winning L0phtCrack password auditing software and he worked on @stake's SmartRisk Analyzer team, which was eventually spun-off as Veracode.

John Cran, Practice Manager at Rapid7 (SOURCE Boston)

Jonathan Cran (jcran) is the Professional Services practice manager and security consultant with the Boston-based firm, Rapid7. He has been with Rapid7 for two years and specializes in network penetration testing and application assessment. In previous lives, he was a developer and network administrator at Iowa State University.  He is an active leader in the Boston security community. In his spare time, he enjoys producing music and replacing his job with small shell scripts. He runs a blog at http://www.0x0e.org.

Vicente Diaz, Intelligence eCrime at S21sec (SOURCE Barcelona)
Vicente has been working on security for 7 years. Holds a degree on Computers Science from UPC and joined the Artificial Intelligence phD program 4 years ago. Now leads the intelligence eCrime group at S21sec, fighting against internet fraud and malware. He also cooperates in the Master of Security of the UOC as professor. Cofounder of Edge-security team and in the directive board of FIST conferences, has been speaker at several conferences like NcN, Imaginatica and FIST. Participates in several anti-fraud efforts, like OWASP projects and Team-Cymru Dragon research force.

Chris Eng, Director of Security Research at Veracode (SOURCE Boston and Barcelona)
Chris Eng leads Veracode's application security research lab and is primarily responsible for driving innovation and thought leadership.  Drawing on nearly a decade of professional experience in information security, he works closely with the CTO to ensure Veracode's technology and strategy are industry relevant and aligned.  He monitors attack trends, analysis techniques, and other advances in application security to keep Veracode's efforts focused on timely and emerging threats.  Additionally, he provides guidance to engineering and service delivery to maximize the accuracy and consistency of Veracode's security analysis service.

 




Jamie Fullerton, Attack & Penetration Team Lead, Microsoft Corporation (SOURCE Boston)
Jamie Fullerton is an expert in the field of Information Security with over a decade of experience conducting penetration tests and vulnerability research. The core mission of his team at Microsoft Corporation is to research and prototype new effective network security controls that monitor the state of critical business assets across Microsoft's global network infrastructure. Jamie's goal for the team is to maintain a healthy research environment for solving hard security problems. Jamie has strong ties to the Boston area Hacker community and feels fortunate to have enjoyed many years surrounded by highly intelligent, talented computer hackers as friends and colleagues.

Christian Martorella, Security Services Team at S21Sec (SOURCE Barcelona)
Christian Martorella has been working in the field of information security for the last 10 years, starting his career in Argentina IRS as security consultant, now he's leading a Security Services team at S21sec in Spain, where he performs penetration tests, web application assessments, security audits and forensic analysis for a wide range of industries including Financial services, Telecommunications, utilities and government. He is cofounder an active member of Edge-Security team, where security tools and research is released. He has been speaker at What The Hack!, NoConName, FIST Conferences, OWASP Summit 2008 and OWASP Spain IV. Christian has contributed with open source assessment tools like OWASP WebSlayer and Metagoofil. He likes all related to Information Gathering and Penetration testing. Chrisrtian currently holds the President position at the FIST Conferences board, and in the past teached Ethical Hacking at the Security Master of La Salle University.

Raffael Marty, Founder of PixlCloud (SOURCE Boston and Barcelona)
Raffael Marty is the founder of PixlCloud. His research interests span anything related to IT data visualization. He has held various positions in the log management space at companies like Splunk, ArcSight, and IBM research where he also earned his masters in computer science. His book, Applied Security Visualization, and the SecViz portal are the primary resources for information related to security visualization. The Data Analysis and Visualization Linux (DAVIX), as well as AfterGlow are two of his past projects that have helped form the security visualization space.

Simon Roses Femerling (SOURCE Barcelona)
Simon Roses Femerling works at ACE Services from Microsoft providing security services across Europe. Former PriceWaterhouseCoopers and @Stake. He has many years of security experience where he has authored and cooperated in several security Open Source projects and advisories as OWASP Pantera. Mr Roses is natural from Mallorca Island in the Mediterranean Sea.  He holds a postgraduate in E-Commerce from Harvard University and a B.S. from Suffolk University at Boston, Massachusetts.

Val Smith, Founder of Attack Research (SOURCE Boston)
Val Smith has been involved in the computer security community and industry for over ten years. He currently works as a professional security researcher on a variety of problems in the security community. He specializes in penetration testing, reverse engineering and malware research. He works on the Metasploit Project as well as other vulnerability development efforts. Most recently Val Smith founded Attack Research which is devoted to deep understanding of the mechanics of computer attack. Previously Val Smith founded a public, open source malware research project.

Ollie Whitehouse, Manager of Security Research and Assessment, EMEA, Research in Motion (SOURCE Barcelona)
Ollie Whitehouse is a Senior Researcher for Research In Motion's Security Research Group and is based in the United Kingdom. Ollie has over twelve years experience working in I.T. ten of which have been in information security. Before joining RIM Ollie was a member of Symantec Security Response’s Advanced Threat Research team, specializing in mobile and wireless technologies for two years. Prior to becoming a full-time researcher Ollie also spent over six years as a consultant for companies such as Symantec and @stake working in a variety of industries including financial services, telecommunications and central government. He is a frequently published author of research on the security of mobile telecommunication networks, mobile devices, and Bluetooth. In addition, he has discovered numerous security vulnerabilities in a wide range of desktop and server applications including Microsoft's Windows Vista.

Dov Yoran, Co-Founder of MetroSITE Group (SOURCE Boston)
Dov is a co-founder of MetroSITE Group, a firm that provides information security market services to F500 security decision makers and to emerging technology companies.  He has held a number of leadership roles in security firms such as Solutionary, Symantec, and Riptech.  At Symantec he had global responsibility for creating, launching and managing the Service Partner Program. Dov came to Symantec as part of the Riptech acquisition, the leading Managed Security Services Provider at the time. Initially, he began his career with Accenture (formerly Anderson Consulting) focusing on strategy and process engagements in the Financial Services Industry. Dov is a founding member of the Cloud Security Alliance and participates on a number of advisory boards.  He regularly speaks at industry events and has been quoted in numerous publications.  Dov holds an MS in Engineering Management and Systems Engineering with a concentration in Information Security Management from GWU and is a cum laude graduate with a BS in Chemistry from Tufts University.