Trainers



  • Christian has pursued a successful career as a freelance Java software developer since 1997 and expanded it in 2005 to include the focus on IT security. His major areas of work are penetration testing, security architecture consulting, and threat modeling. As a trainer, Christian regularly conducts in-house training courses on topics like web application security and coaches agile projects to include security as part of their process by applying DevSecOps concepts. Christian regularly enjoys speaking and giving trainings on major national and international conferences.

  • Tanya Janca, also known as ‘SheHacksPurple’, is the founder, security trainer and coach of SheHacksPurple.dev, specializing in software and cloud security. Her obsession with securing software runs deep, from starting her company, to running her own OWASP chapter for 4 years in Ottawa, co-founding a new OWASP chapter in Victoria, and co-founding the OWASP DevSlop open-source and education project. With her countless blog articles, workshops and talks, her focus is clear. Tanya is also an advocate for diversity and inclusion, co-founding the international women’s organization WoSEC, starting the online #CyberMentoringMonday initiative, and personally mentoring, advocating for and enabling countless other women in her field. As a professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science’ of computer science.

  • I work as a penetration tester with over 8 years of experience and as a trainer with over 14 years (5 in the security field).
    Certifications: OSCP, CEH, ECSA, CHFI, ISO 27001, CREST CRT, CREST CPSA, etc.
    Penetration testing customers: over 15 companies in different areas: retail companies (Metro/Makro, Real, Carrefour), banking and insurance and IFN (Raiffeisen, BRD, Orange Money, NN, Ergo, etc.), ride-sharing companies
    Penetration testing areas: Web and mobile, code review, infrastructure, Wi-Fi and Social Engineering
    Trainer for:CEH, CHFI, ECSA, Custom security training ( Secure Development, Ethical Hacking, Social Engineering), CNA, CCNA Security

  • The trainer of this course is a cybersecurity certified professional i.e. Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) with more than 12 years of work experience. He works in the field of cybersecurity for various domains such as cybersecurity research and threat intelligence, training for cybersecurity user awareness, cybersecurity policies/frameworks, and penetration testing. He has a passion of teaching and likes to share the knowledge obtained during job tasks. He has also conducted on premise classes as well as online sessions to deliver the lectures on Ethical Hacking to university students as visiting faculty.

  • Alper Basaran has over 15 years experience in penetraion testing and source code review. He has mainly worked with government agencies, military units and enterprise level software development companies. His company, Sparta Bilisim, provides cybersecurity consulting and penetration testing services throughout the Middle-East, North Africa, Europe and Central Asia.
    He is the OWASP Ankara Chapter leader and provides free trainings to universities and NGOs in cyber security awareness and penetration testing. Alper is a published author with 3 published books and a registered keynote speaker with the Celebrity Speakers Agency.

  • After 13 years in itsec and 20 in IT Abraham is now the CEO of 7ASecurity (7asecurity.com), a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Former senior penetration tester / team lead at Cure53 (cure53.de) and Version 1 (www.version1.com). Creator of 'Practical Web Defense' - a hands-on eLearnSecurity attack / defense course (www.elearnsecurity.com/PWD), OWASP OWTF project leader, an OWASP flagship project (owtf.org), Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. He writes on Twitter as @7asecurity @7a_ @owtfp or https://7asecurity.com/blog. Multiple presentations, pentest reports and recordings can be found at https://7asecurity.com/publications

  • SDLC Security Consultant, Threat model (trainer), OWASP Threat Model Project Leader
    Steven Wierckx is a software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. Steven spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON and delivered threat modeling trainings at OWASP AppSec USA and O’Reilly Security New York.

  • Ali Abdollahi a Cybersecurity consultant with over 8 years of experience working in a variety of security fields. Currently the cybersecurity division manager, Board of review, author and instructor at Hakin9, Pentest &eForensics magazine. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs, author books and some articles in the field of cybersecurity. Ali is a regular speaker and trainer at industry conferences and events.

  • AviD is a high-end, independent security architect and developer, with decades of experience implementing security requirements and protecting complex systems. He has been designing, developing, and testing secure applications for over 20 years, and is obsessed with maximizing value output from security efforts, since originally building threat models at Microsoft over a dozen years ago.
    Avi leads consulting at Bounce Security, where he supports organizations of all sizes in integrating security methodologies and products into their development processes, often providing training on secure coding and other security topics. We utilize various methodologies as circumstances demand, and adjust accordingly. Recently, our relentless drive to optimize security investment and threat modeling in particular, has led us to adapt the classic threat modeling methodology to a more agile workflow in order to empower developers and agile R&D teams.
    Mr. Douglen is a frequent trainer and speaker at industry conferences, such as OWASP, RSA, BSides, and Infosec, as well as developer conferences such as O’Reilly, DevSecCon, PyCon, and DevOpsDays. He has trained hundreds of developers on security, including secure coding, security architecture, threat modeling, and more.
    Avi also co-founded the OWASP Threat Modeling project, and is one of the project leaders. He also leads the OWASP Israel chapter, and created the successful AppSec Israel security conference. He volunteers as a high school tech teacher and mentor, and is also a community moderator on https://Security.StackExchange.com/.

  • Mehul is an engineer who loves digging technology, and public speaker currently living in India. His interests range from technology to innovation. He is also interested in teaching, writing scripts, and safe programming.
    Mehul holds a Masters in Computers Science and has been working and contributing towards the open-source community in all ways he can.
    Currently, Mehul is a Founder of the Internauts Foundation, writing frequently at TechnoPanti, Ambassador at Auth0, Mentor at Mozilla Reps, Campus Advisory Committee at Mozilla, and Organizer of Google Developer Group - Nashik. Moreover, He is the initiator of Rust Hacks - the super safe system programming language of course.
    List of key talks and publications: https://bit.ly/2BGZBz1