CfT/CfP Reviewers



Abhinav Khanna
Having 3 years of experience in Application Security. Currently working as Security Engineer at NotSoSecure.

Social Links:

Allison Shubert
Allison Shubert has over 22 years of experience in information technology. She has spent over 15 years focusing on application security, security architecture, and risk management. She holds a master of science degree in information assurance. She is CISSP and CSSLP certified and serves as a subject matter expert on the exams.

Social Links:

Dennis Awer Mensah
A Data Analyst with years of experience in Power BI, Microsoft Excel, Tableau and Python for Data Science with keen interest in data visualizations. Highly interested in Threat-Informed Defense, Cyber Threat Intelligence and General Data Protection Regulations (GDPR) and has 10 years’ experience in public speaking and communication in French and English languages. Dennis has over 2 years’ work experience teaming with international healthcare travel agencies. Vast experiences and being multilingual has made Dennis a strong team member in any organization with the ability to add value when assigned to manage diverse clientele.

Social Links:

Erez Yalon
Erez Yalon is the VP of Security Research at Checkmarx. Yalon oversees Checkmarx’s research team comprising analysts, pen testers, security engineers, and bug bounty hunters. He brings vast experience to his position and his efforts to empower today’s developers and organizations to deliver more secure applications. Yalon is the Founder of the DEF CON AppSec Village and co-leads the OWASP API Security Project. Over the years, Yalon has been invited to speak at prominent events including RSAC, Black Hat, DEF CON, and OWASP’s global conferences, while also being featured in news outlets such as Fortune, Forbes, Wired, TechCrunch, and Dark Reading.

Social Links:

Gaspard Baye
I am currently a Ph.D. student and Research Assistant at the University of Massachusetts Cybersecurity lab, A NSA/DHS designated Center of Academic Excellence in Cyber Defense Research(CAER). My research focuses on applying Machine Learning techniques like reinforcement learning or support vector machines to improve security operations by speeding up vulnerability detections and mitigations.

Social Links:

Hariprasad KA
Cyber Security Enthusiast, with expertise in Web application security and Penetration Testing. Overall 7 years of experience in Cyber Security. Currently associated with Loginsoft Pvt Ltd as Security Researcher.

Social Links:

Izar Tarandach
Long-time security practitioner, currently Principal Security Architect at Squarespace, previously a Sr. Security Architect at a leading investing company, Lead Product Security Architect at Autodesk, Product Security Office at DellEMC. In the past, member of the SAFECode Technical Leadership Council and founding member of the IEEE Center for Secure Design. Holds a masters degree in Computer Science/Security from Boston University and has served as an instructor in Digital Forensics at Boston University and in Secure Development at the University of Oregon. Author, Threat Modeling:A Practical Guide For Developer Teams, O'Reilly 2020, and pytm, the Pythonic way of Threat Modeling as code.

Social Links:

Jaspreet Kaur
Myself (Jaspreet Kaur), a security professional as researcher, faculty, blogger as well as consultant. Broadly my working domains are blockchain security, network security, application security, IoT Security but eager to work on the rest of the cyber security area. I have experienced approx 7 years in the cyber security field. I have a various roles as guest lecturer at Sardar Patel University of Police, Security and Criminal Justice, Jodhpur (IN), phd scholar at Indian Institute of technology Jodhpur (IN), Blogger at William and Mary Blockchain Lab, Hackernoon, Medium, Cybrary. I am also a member of various research communities such as N2women, ACM-W and many more. and wrote various articles in conferences and journals in this domain. I also got various academic awards and scholarships. I highly believe in exchanging or sharing ideas. If anyone wants to share your thoughts or need any help in cyber security then feel free to reach me via various online platforms.

Social Links:

Jessy Ayala
Jessy Ayala is currently an Associate Cybersecurity Engineer at Insulet Corporation and Graduate Student Researcher at New York University. At Insulet, he is a member of the product security team where he ensures the safety of Omnipod products. At NYU, he is a member of the mLab research group where he investigates security and privacy concerns of consumer-facing technologies such as IoT devices.

Social Links:

John Menerick
Award-winning, global proactive information security thought leader whose qualifications include comprehensive knowledge of enterprise information security, architecture, engineering, cloud-native techniques, influencing without authority operator and over 15 years experience in the development and deployment of security solutions protecting networks, systems, and information for diverse, hypergrowth companies and organizations.

Social Links:

Josh Grossman
Josh has worked as a consultant in IT/Application Security and Risk for 15 years now as well as a Software Developer. In that time he has seen the good, the bad and the stuff which is sadly/luckily still covered by an NDA. He is currently Chief Technology Officer for Bounce Security where he spends his time helping organisations improve and get better value from their Application Security processes and providing specialist Application Security advice. In his spare time he co-leads the OWASP Application Security Verification Standard project and is on the OWASP Israel chapter board. (CfP Review only)

Social Links:

Loredana Mancini
Mrs. Loredana MANCINI is an expert and practitioner in the IT area. She has been directly involved for the last 25 years in different projects connected with infrastructure and security for important customers, she covered different roles from engineering to marketing, management, consulting, innovation programs definition. Loredana Mancini has held executive management positions in national and international companies. She is an active member of coaching and standardization groups. She is one of the founders of the Italian Chapter on Cloud Security Alliance, founder of the Italian Metric Association. Furthermore, she is CCSK, CSA STAR, CRISC, COBIT, ITIL, ISO2000, ISO27001, ISO22301 and CGEIT certified. She is Vice Chair of the Committee of Women in Application Security, Diversity & Inclusion in OWASP (OWASP/WIA, Diversity & Inclusion), she is the Italian Chapter leader for the Infosecgirl group, Central Italy Ambassador for Women 4.0 Community, Founding member of the BlockChainLadies Community, member of the SheLeadsTech ISACA community. She belongs to the Women4Cyber organization. She organized many events at national and international levels, with high level keynote speakers. She was also involved and coordinated European Horizon2020 funded projects, i.e.: “VisiOn”, “Defend”, “Selis”, “Eutravel”, “CharIOT”. Co-author of the book “Visual Privacy Management: Design and Application of a Privacy-Enabling Platform” from Springer, co-author of the Women 4.0 Manifesto.

Social Links:

Martin Knobloch
Martin Knobloch, Global AppSec Strategist with CyberRes, a Micro Focus line of business, is a long-time security leader with more than 15 years of experience in the field. With a background in software development and architecture, his focus is on software security. Martin is actively involved in OWASP where he is a frequent contributor to various projects and initiatives, as well as a member of the Board of Directors. During his career, Martin has been a recognized teacher, guest lecturer at various universities and invited speaker and trainer at local and international software development, testing and security conferences throughout the world.

Social Links:

Mauricio Harley
Maurício is enrolled in a Masters in Computer Science with Cyber Security, researching ransomware effects in the cloud. He has a Bachelor of Science in Electrical Engineering and a Technologist Degree in Telematics. For years, he was a contributor on the knowledge sharing project called Rau-Tu Linux, hosted by the Unicamp – Universidade de Campinas, Brazil, when he was awarded the 4th more relevant collaborator. He maintains a personal blog (called itHarley), where he publishes articles about Information Security, Data Center / Cloud Computing and Computer Networks. He regularly writes for PenTest Magazine and Hakin9, notably with articles in the domain of offensive security. He is the founder of an OWASP chapter. He has more than 25 years of combined experience in Information Technology, involving projects in areas such as network security and forensic analysis. He holds a number of certifications including: (ISC)2 CISSP, CCIE Routing & Switching, CCIE Service Provider, AWS Certified Solutions Architect Associate, AWS Certified Security Specialty, VMware VCP Data Center Virtualization, VMware Implementation Expert NSX. He has been awarded the VMware vExpert recognition for the fourth consecutive year. He gave talks in various Brazilian, European and Latin American in-person and virtual events, such as RootDay, RootSec, AWS LATAM Security Talks, AWS Security Workshops, EMEA AeroSpace Smart Factory and OWASP LATAM @ Home. He currently works as a senior consultant at AWS (Amazon Web Services) in France, participating in initiatives in the EMEA region (Europe, Middle East and Africa). He has worked on projects on different verticals in the following countries: Angola, Austria, Bahrain, Brazil, Finland, France, Germany, Netherlands, Spain, South Africa and the United Kingdom. His research is split between Cloud Security, Incident Response and Vulnerability Analysis.

Social Links:

Meghan Jacquot
Meghan Jacquot is a Cyber Threat Intelligence Analyst with Recorded Future and is a curious lifelong learner with a commitment to sharing what she has learned. She is passionate about helping others, speaking at conferences to increase cyber awareness, and is particularly interested in cloud security, threat intelligence, and ethical AI. She is the President of WiCyS Mid-Atlantic Affiliate, the Research Board Advisory Member for BBWIC, and a CFP Reviewer for OWASP and SANS and a SANS CTF creator. She’s happy to connect with others on LinkedIn, Twitter, and on her YouTube channel CarpeDiemT3ch https://www.youtube.com/c/CarpeDiemT3ch.

Social Links:

Milan Singh Thakur
Milan is a community driven Security enthusiast who has been keen to explore and create new ways of learning Cyber Security space.

Social Links:

Mordecai Kraushar
https://www.linkedin.com/in/mkraushar/

Social Links:

Nabeela Bukhari
A Security Consultant by profession with close to 4 years of experience in Application and Mobile Security.

Social Links:

Ragashree M C
Nokia 2021 Ada Lovelace Honoree, Ragashree M C is a Cloud Security Specialist at Nokia responsible for managing the security of one of the world’s largest private cloud’s SaaS, PaaS, DBaaS, and IaaS services. She is also an active contributor to various security communities such as CNCF TAG Security, OWASP, CSA etc. She is currently serving as the Technical Lead and Community Manager at CNCF TAG Security, and also as the Co-Lead of Cloud Native Security Con, a KubeCon + CloudNativeCon Europe 2022

Social Links:

Sagar Bhure
I am an experienced Software Engineer with a demonstrated history of working in the computer software industry after graduation from IIT Kanpur. Skilled in Computer Vision, Computer Graphics, Convolutional Neural Networks, Android HAL, and Computer Networks, Network Security, Cloud Security, Pen Testing. I am a competitive programmer who loves to solve real-life problems using conceptual coding.

Social Links:

Sean Matthiesen
Sean Matthiesen is a security architect at Bloomberg, where he is responsible for product security automation. Prior to joining Bloomberg, he worked with multiple companies in various application security consulting roles. Sean started his career as a software developer and became interested in application security in 2007 when penetration testing results landed in his inbox as a team lead at a large payroll and benefits company. After fixing the vulnerabilities, he was asked to join the company's security team, which he ended up transferring to in the following year.

Social Links:

Shay Gover
Shay is an Innovation manager. Specializing in promoting innovation in IT infra (DevOps, System), AppSec and software development teams. Inspires people to do better and implement new software, preferably Open Source. Also an Open Source advocate.

Social Links:

Wias Issa
Wias Issa has twenty years of experience in the cybersecurity industry with a concentration in threat response countermeasures. This provides him with a deep understanding of how the threat landscape has evolved from (mostly) benign attacks to those that directly impact national security and the safety and well-being of people around the world. Wias is hugely passionate about tipping the balance of power in favor of the good guys and ensuring cybersecurity is top of mind for organizations. Wias is currently with Ubiq Security, an API-first encryption-as-code platform that is on a mission to simplify and modernize encryption for developers and security teams across the globe. Prior to Ubiq Security, Wias held senior positions at FireEye, Mandiant, and Symantec, where he led security analysis and response teams defending global Fortune 100 companies.

Social Links: