CSAW:THREADS Speakers

Dan Guido is a co-founder and CEO of Trail of Bits. His most recent research applied intelligence-driven defense to mass malware and demonstrated that, contrary to popular belief, only a very small number of vulnerabilities are used in these massive exploitation campaigns. Prior to Trail of Bits, Guido was a senior security consultant at iSEC Partners, where he provided application security and incident response services to a wide variety of clients in the technology, finance and media industries. He has worked for the Federal Reserve System, where he proposed and developed a centralized function for threat intelligence; the team used its expert knowledge of attacks in the wild to develop sophisticated, enterprise strategies to mitigate them. In addition to his professional work, Dan is a Hacker in Residence at NYU-Poly, where he oversees student research and teaches classes in application security and vulnerability analysis.

Dino Dai Zovi is a co-founder and CTO of Trail of Bits and has been working in information security for over a decade in red teaming, penetration testing, software security, information security management and cyber security R&D. Dai Zovi is also a regular speaker at information security conferences, presenting his independent research on memory corruption exploitation techniques, 802.11 wireless client attacks and Intel VT-x virtualization rootkits over the last 10 years at conferences around the world including DEFCON, BlackHat and CanSecWest. He is a co-author of the books The iOS Hacker's Handbook (Wiley, 2012), The Mac Hacker’s Handbook (Wiley, 2009) and The Art of Software Security Testing (Addison-Wesley, 2006). In 2008, eWEEK named him one of the 15 Most Influential People in Security. In 2012, NYU-Poly named him a Hacker in Residence, and he now leads research projects with NYU-Poly students. He is perhaps best known in the information security and Mac communities for winning the first Pwn2Own contest at CanSecWest 2007.

Mike Arpaia is a security researcher from New York. Mike's current research interests include mobile device security, cloud infrastructure security and secure protocols.

Collin Mulliner is a postdoctoral researcher in the Systems Security Lab at Northeastern University. Collin's main interest is the security and privacy of mobile and embedded devices with an emphasis on mobile and smart phones. Since 1997 Collin has developed software and did security work for Palm OS, J2ME, Linux, Symbian OS, Windows Mobile, Android, and the iPhone. In 2006 he p0wnd Windows Mobile using MMS and broke iOS, Android, and Windows Mobile with SMS in 2009. Collin's specifically interested in the areas of vulnerability analysis and offensive security.

Chris Rohlf is the principal and founder of Leaf SR. Prior to founding Leaf SR, Chris was a principal security consultant at Matasano Security in NYC. He has spent the last 10 years as a security researcher, consultant, developer and engineer for organizations including the US Department of Defense. Chris is also a member of the BlackHat Review Board. He has spoken at industry conferences including BlackHat Vegas 2009/2011 and 2012, guest lectured at NYU Poly in Brooklyn NY, has been published in IEEE Security and Privacy magazine and is occasionally quoted by various media outlets. He has discovered critical security vulnerabilities in every major web browser, operating systems and more.

Vincenzo Iozzo leads the collection and analysis of vulnerability intelligence at Trail of Bits. Prior to Trail of Bits, Vincenzo founded Tiqad, an information security consulting firm, worked as a penetration tester for Secure Network srl and was a reverse engineer for Zynamics GmbH. His specialized research in Mac OS X security, smartphone exploitation, and exploit payloads has been presented at information security conferences around the world including Black Hat, CanSecWest and Microsoft BlueHat. In 2008, he was selected to participate in the Google Summer of Code and developed a testing infrastructure for TrustedBSD, the Mandatory Access Control system that became the foundation for sandboxing technologies included in Mac OS X. Vincenzo serves as a committee member on the Black Hat Review Board and is a co-author of the "iOS Hacker's Handbook" (Wiley, 2012). He is perhaps best known for his participation in Pwn2Own, where he co-wrote the exploits for BlackBerryOS and iOS that won the contest in 2010 and 2011 and where he co-wrote exploits for Firefox, Internet Explorer, and Safari that placed second in 2012.

Jon Oberheide is the CTO of Duo Security, an Ann Arbor-based startup developing kick-ass two-factor authentication. In his free time, Jon dabbles in kernel exploitation, mobile security, and beer brewing.