Mark Dowd

Mark Dowd (Australia) has been part of the ISS X-Force research and development team for the past 6 years. At X-Force he has uncovered a number of vulnerabilities in major widely-used software applications. A few examples include buffer overflows in Sendmail, Microsoft Exchange, OpenSSH, Internet Explorer, Mozilla, Checkpoint VPN, and Windows Encryption software.

John McDonald

John McDonald (Jacksonville Beach, FL) has worked in code auditing for 8 years. McDonald has published numerous vulnerabilities in the past including remote compromises in OpenSSL, BIND, and globbing vulnerabilities in various FTP implementations. He currently works at Neohapsis where he does code auditing privately for companies. He, along with Mark Dowd, speak at Blackhat, where they have demonstrated a number of ways to completely subvert Checkpoint Firewall-1, and have also published a number of papers in the past discussing innovative new techniques for various applications. Internet Security Systems, Inc. (ISS) was founded in 1994 and provides security products and services that preemptively protect enterprise organizations against Internet threats.

Justin Schuh

Justin Schuh is a senior consultant with Neohapsis, where he leads the Application Security Practice. As a senior consultant and practice lead, he performs software security assessments across a range of systems, from embedded device firmware to distributed enterprise web applications. Prior to his employment with Neohapsis, Justin spent nearly a decade in computer security activities at the Department of Defense (DoD) and related agencies. His government service includes a role as a lead researcher with the National Security Agency (NSA) penetration testing team–the Red Team.