• Christian has pursued a successful career as a freelance Java software developer since 1997 and expanded it in 2005 to include the focus on IT security. His major areas of work are penetration testing, security architecture consulting, and threat modeling. As a trainer, Christian regularly conducts in-house training courses on topics like web application security and coaches agile projects to include security as part of their process by applying DevSecOps concepts. Christian regularly enjoys speaking and giving trainings on major national and international conferences.

  • The trainer of this course is a cybersecurity certified professional i.e. Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) with more than 12 years of work experience. He works in the field of cybersecurity for various domains such as cybersecurity research and threat intelligence, training for cybersecurity user awareness, cybersecurity policies/frameworks, and penetration testing. He has a passion of teaching and likes to share the knowledge obtained during job tasks. He has also conducted on premise classes as well as online sessions to deliver the lectures on Ethical Hacking to university students as visiting faculty.

  • Alper Basaran has over 15 years experience in penetraion testing and source code review. He has mainly worked with government agencies, military units and enterprise level software development companies. His company, Sparta Bilisim, provides cybersecurity consulting and penetration testing services throughout the Middle-East, North Africa, Europe and Central Asia.
    He is the OWASP Ankara Chapter leader and provides free trainings to universities and NGOs in cyber security awareness and penetration testing. Alper is a published author with 3 published books and a registered keynote speaker with the Celebrity Speakers Agency.

  • After 13 years in itsec and 20 in IT Abraham is now the CEO of 7ASecurity (, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Former senior penetration tester / team lead at Cure53 ( and Version 1 ( Creator of 'Practical Web Defense' - a hands-on eLearnSecurity attack / defense course (, OWASP OWTF project leader, an OWASP flagship project (, Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. He writes on Twitter as @7asecurity @7a_ @owtfp or Multiple presentations, pentest reports and recordings can be found at

  • SDLC Security Consultant, Threat model (trainer), OWASP Threat Model Project Leader
    Steven Wierckx is a software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. Steven spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON and delivered threat modeling trainings at OWASP AppSec USA and O’Reilly Security New York.

  • Bjoern Kimminich is responsible for Architecture Governance + Application Security at Kuehne + Nagel. On the side, he gives IT security lectures at the non-profit private university Nordakademie. Björn also is the project leader of the OWASP Juice Shop and a board member for the German OWASP chapter.

  • Ali Abdollahi a Cybersecurity consultant with over 8 years of experience working in a variety of security fields. Currently the cybersecurity division manager, Board of review, author and instructor at Hakin9, Pentest &eForensics magazine. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs, author books and some articles in the field of cybersecurity. Ali is a regular speaker and trainer at industry conferences and events.

  • AviD is a high-end, independent security architect and developer, with decades of experience implementing security requirements and protecting complex systems. He has been designing, developing, and testing secure applications for over 20 years, and is obsessed with maximizing value output from security efforts, since originally building threat models at Microsoft over a dozen years ago.
    Avi leads consulting at Bounce Security, where he supports organizations of all sizes in integrating security methodologies and products into their development processes, often providing training on secure coding and other security topics. We utilize various methodologies as circumstances demand, and adjust accordingly. Recently, our relentless drive to optimize security investment and threat modeling in particular, has led us to adapt the classic threat modeling methodology to a more agile workflow in order to empower developers and agile R&D teams.
    Mr. Douglen is a frequent trainer and speaker at industry conferences, such as OWASP, RSA, BSides, and Infosec, as well as developer conferences such as O’Reilly, DevSecCon, PyCon, and DevOpsDays. He has trained hundreds of developers on security, including secure coding, security architecture, threat modeling, and more.
    Avi also co-founded the OWASP Threat Modeling project, and is one of the project leaders. He also leads the OWASP Israel chapter, and created the successful AppSec Israel security conference. He volunteers as a high school tech teacher and mentor, and is also a community moderator on