Computing at UW-MadisonDivision of Information Technology
Students Faculty/Staff Services Services A through D Services E through L Services M through R Services S through Z Help Desk Tech Store About DoIT   

Lockdown 2007

Speakers

(Information on this page will be continuously updated)

Nick Davis:
Nicholas Davis works in the Middleware group at the UW-Madison, Division of Information Technology, with primary responsiblity for the Public Key Infrastructure program. He also performs other work in the ares of authentication, authorization, identity management and is currently involved in a project to modernize the UW-Madison campus ID card. Prior to working for the University of Wisconsin, Mr. Davis spent 7 years working in the private sector in the areas of Information Technology support, strong authentication systems, encryption and identity management. He holds an MBA degree in Information Systems and undergraduate degrees in both Journalism and French language, all from the University of Wisconsin-Madison.

Kevin Mandia:
Mr. Mandia is an internationally recognized expert in the field of information security. He has over fifteen years experience, beginning in the military as a computer security officer at the Pentagon. He has assisted attorneys, corporations, and government organizations with matters involving information security compliance, complex litigation support, computer forensics, expert testimony, network attack and penetration testing. Mr. Mandia established Mandiant specifically to bring together a core group of industry leaders in this field and solve client’s most difficult information security challenges.

Prior to forming Mandiant, Kevin built the computer forensics and investigations group at Foundstone from its infancy to a multi-million dollar global practice that performed civil litigation support and incident response services. As technical and investigative lead, Mr. Mandia responded on-site to dozens of computer security incidents yearly. He assisted numerous financial services and large organizations in handling and discretely resolving computer security incidents. He also led Foundstone’s computer forensic examiners in supporting numerous criminal and civil cases. He has provided expert testimony on matters involving theft of intellectual property and international computer intrusion cases.

During his career, Mr. Mandia has become an extremely experienced instructor. He has developed specialized classes for the Federal Bureau of Investigations, and personally trained over four-hundred FBI agents in investigating computer crime. He has also developed specialized training for the United States Attorney’s Office, United States Secret Service, United States Air Force, State Department, the Royal Canadian Mounted Police, and other government agencies. He has trained at the FBI Academy, the National Advocacy Center, and the Federal Law Enforcement Training Center. He developed classes approved by the Continuing Legal Education (CLE) boards in the States of Virginia, New York, and California, and has trained hundreds of attorneys in the technical aspects of computer forensics and network intrusions. In addition to training law enforcement and attorneys, Kevin has provided on-site training at numerous Fortune 500 organizations. He has been a professorial lecturer at Carnegie Mellon University and currently teaches courses at The George Washington University.

Mr. Mandia is co-author of Incident Response: Performing Computer Forensics (McGraw-Hill, 2003) and Incident Response: Investigating Computer Crime (McGraw-Hill, 2001). He has also written articles for SC Magazine and The International Journal of Cyber Crime. As a noted expert and author, Mr. Mandia is frequently invited to speak at a variety of forums, from legal conferences to technical security forums. He is regularly scheduled to present at Black Hat, Networld+Interop, TechnoSecurity, and the High Technology Crime Investigators Association. Mr. Mandia continues to advance the state-of-the-industry by presenting well-received articles and books.

Kevin holds a Master of Science in Forensic Science from The George Washington University. He is a Certified Information Systems Security Professional, and has held government security clearances at the Top Secret and higher levels.

Jermiah Grossman:
Jeremiah Grossman is the founder and CTO of WhiteHat Security, considered a world-renowned expert in Web security, co-founder of the Web Application Security Consortium, and recently named to InfoWorld's Top 25 CTOs for 2007. Mr. Grossman is a frequent speaker at industry events including the BlackHat Briefings, ISACA, CSI, OWASP, Vanguard, ISSA, Defcon, and a number of large universities. He has authored of dozens of articles and white papers, credited with the discovery of many cutting-edge attack and defensive techniques, and co-author of XSS Attacks. Mr. Grossman is frequently quoted in major media publications such as InfoWorld, USA Today, PCWorld, Dark Reading, SC Magazine, SecurityFocus, C-Net, SC Magazine, CSO, and InformationWeek. Prior to WhiteHat he was an information security officer at Yahoo!

Matt Luallen:
Matt Luallen is a well-respected professional with a unique background encompassing several facets of information assurance and related business and technical controls. Mr. Luallen currently serves as the President and Principal Consultant of Sph3r3, LLC. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. He has extensive consulting and instructing experience within the governmental and commercial sectors including a multi-client base of corporations, financial institutions and healthcare organizations. A graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana. This unique coupling has provided an underlying framework to directly correlate core business functions and requirements with computer security and architectural solutions.

AAron Walters:
AAron Walters is currently an independent consultant based in the Washington, D.C. area. He has over 8 years of development and security research experience supporting both government and commercial customers. For the past 6 years, his research has focused on the area of virtual memory management and analysis, developing demand paging subsystems, rootkit detection systems, and supporting digital investigations. AAron was formerly the Director of Forensics at Komoku, Inc. responsible for consulting, research, development, and training projects in the area of volatile memory forensics. Prior to joining Komoku, AAron was the Section Lead of the BAE Advanced Detection research group and a founding member of 4tphi Research. AAron was co-developer of the Forensic Analysis ToolKit (FATKit) framework and VolaTools. While a research assistant at the Center for Education and Research in Information Assurance and Security (CERIAS), he started working in the area of digital forensics. During this time he supported Purdue's Security and Privacy group, which handles campus incident response and compliance auditing. He holds a M.S. in Computer Science and Information Assurance from Purdue University and a B.S. in Computer Engineering from the University of Notre Dame. AAron has authored several peer-reviewed publications and given briefings in areas of digital forensics, distributed systems, and intrusion detection.

James C Foster:
James C. Foster is the President and Chief Scientist of Ciphent. Mr. Foster is a well known entrepreneur and has had the honor of holding executive management roles with several successful start-up companies to include Foundstone (acquired by McAfee), Guardent (acquired by Verisign), and Information Security Magazine (acquired by Tech Target Media.) Prior to his tenure with Ciphent, Mr. Foster was responsible for the business development channel program, vendor management, and global service operations for CSC's Managed Information Security Services and Solutions. As Deputy Director of Global Security Solution Development, James played a pivotal role in the instantiation of a business development sales channel program. James has 14 years of software development and security experience to include working as the Director of Research and Development for Foundstone, Chief Scientist and Advisor for Guardent, Deputy Director of Global Security Solution Development for Computer Sciences Corporation, and a Security Research Specialist for the US Navy.

Mr. Foster has gained global recognition for his accomplishments in the IT Security and Software Development arenas, as evidenced by his residence on the Mitre OVAL Board of Directors. Mr. Foster serves as a Contributing Editor at Information Security Magazine (acquired by TechTarget) and SearchSecurity.com and is a well published author with over fifteen published books, multiple reaching best seller status to include Snort 2.0, Snort 2.1, Buffer Overflow Attacks, Sockets, Shellcode, Porting, and Coding, Ultimate Programming Security Desk Reference, and Writing Security Tools and Exploits. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference.

Mr. Foster graduated from Capitol College with a Bachelors of Science in Software Engineering. He holds an MBA, PP in Globalization from Northeastern University and is a Post-Graduate Fellow in International Business and Global Operations from the Wharton School of Business at the University of Pennsylvania. Mr. Foster has also attended Harvard, Yale, and resided in the Wireless Security Research Forum at the Massachusetts Institute of Technology.

Walter Conway:
Walt Conway is an ecommerce consultant bringing 30-years of payment system and technology management experience, including 11 years with Visa and two years as president of an Internet-based payment processor. He was selected by NACUBO to represent Higher Education at the PCI Security Standards Council. Walt co-edits the Treasury Institute for Higher Education’s PCI blog and contributes to other PCI blogs and forums. He is a frequent speaker on PCI DSS and ecommerce topics at NACUBO, Commonfund, Treasury Institute, and other professional conferences. Walt recently co-authored Why Banks View Campuses as High Risk Merchants, an examination of computer security breaches published by the Association of Financial Professionals. Walt consults with education institutions on planning, implementing, and managing their ecommerce systems including PCI DSS compliance. Walt and his wife live in San Francisco.

Dr Jose Nazario:
Dr. Jose Nazario is a Senior Security Researcher within Arbor Networks' Arbor Security Engineering & Response Team (ASERT). In this capacity, he is responsible for analyzing burgeoning Internet security threats, reverse engineering malicious code, software development, developing security mechanisms that are then distributed to Arbor's Peakflow platforms via the Active Threat Feed (ATF) threat detection service. Dr. Nazario's research interests include large-scale Internet trends such as reachability and topology measurement, Internet-scale events such as DDoS attacks, botnets and worms, source code analysis tools, and data mining.