Keynote Speakers

Jim Manico

Author and Educator

Jim Manico is an author and educator of developer security awareness trainings. He is a frequent speaker on secure software practices and is a member of the JavaOne “rockstar hall of fame”. He has a 17 year history building software as a developer and architect. Jim is also a Global Board Member for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several secure coding projects. Jim is currently working on a book with McGraw-Hill and Oracle-Press on Java Web Security. For more information, see


Jen Ellis

VP of community and public affairs, Rapid7

Jen Ellis is Rapid7’s Vice President of Community and Public Affairs. She believes security practitioners are the guardians of Society’s trust in technology, and works extensively with security professionals, technology providers/operators, and various Government entities to promote better collaboration. She believes this is our best path to reducing cybercrime and protecting consumers and businesses. To this end, Jen also provides free skills training to security professionals so they can get greater buy-in and achieve more positive security outcomes. She has testified before Congress and spoken at numerous security industry events.


Runa A. Sandvik
Runa A. Sandvik

Privacy and Security Researcher

Runa Sandvik is the Director of Information Security at The New York Times. Her primary focus over the past year has been the newsroom and helping reporters better understand the challenges they are facing. Runa loves to travel and has spoken at numerous conferences around the world.

She is a former developer with The Tor Project, a technical advisor to the Freedom of the Press Foundation and a member of the review board for Black Hat Europe. She tweets as @runasand.

   John Steven

Chief Technology Officer at Cigital

John Steven is the Internal Chief Technology Officer at Cigital, with over a decade of hands-on experience in software security. Mr. Steven’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, Mr. Steven has provided strategic direction as a trusted adviser to many multinational corporations. Mr. Steven’s keen interest in automation keeps Cigital technology at the cutting edge. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine, speaks with regularity at conferences and trade shows, and is the leader of the Northern Virginia OWASP chapter. Mr. Steven holds a B.S. in Computer Engineering and an M.S. in Computer Science both from Case Western Reserve University.