Richard Thayer has been in IT for over 35 years. From his early beginnings of working on IBM’s 8086XT system(s), to designing robust security architectures for Fortune 50 companies; Mr. Thayer has consulted for vertical markets within Finance, Energy, Manufacturing, Retail, Insurance, and DoD & Civilian Government.
Three Worlds of Application / Cloud Security
Application / Cloud security goes hand in hand in our ever-changing IT environments. With the cloud actually “being” an application, we need to look at three areas of Application Security that encompass what goes into the cloud, the cloud itself, and how to secure its communications and workloads.
This discussion will start to the extreme “far left” in the security lifecycle, all the way to the developer’s keyboards. Then we will explore the DevSecOps security process, based on the “Defense in Depth” theory of security. Then finally we will address the workloads in the cloud, with some of the public cloud’s native functionality to protect itself, and how we can use additional toolsets to enhance them.
Companies need to identify not only the tools, but when to use them, and how to automate them.
Come see Richard at RVAsec! Register now.
John Behen is the Vulnerability Management Lead for Newport News Shipbuilding, in Newport News, VA. He has been an IT professional for 25 years at a diverse range of companies including Newport News Shipbuilding, The Martin Agency and Procter & Gamble. Outside of Information Security, John enjoys spending time with his family and competitive offshore yacht racing.
The 
Karl is a business technologist through experience and a private pilot by fascination. While spending most work days in “the Cloud”, weekends are often spent flying below the cloud deck.
Caleb Mattingly is the CEO and founder of Secure Cloud Innovations, a cybersecurity consulting firm. Prior to starting SCI, Caleb worked in defense contracting supporting the Army, Navy, Air Force, and DISA. Caleb’s highest level of education is a MS in Cybersecurity from Liberty University.
We are pleased to announce that Chris Tignor will be keynoting RVAsec 2020!
As a Director with Cherry Bekaert Digital, Steve Holliday assists clients with improvement, helping organizations to use resources more effectively and efficiently, and to enable growth, by understanding the current state, identifying performance gaps and developing and executing improvement strategies.
As an Azure Networking Engineer, Thor Draper Jr works on the rapid response team that assists clients with immediate remediation of Infrastructure as a Service issues. Thor is also a cyber security instructor with Trilogy Education Services and has taught at cohorts held at universities across the country. His key skills are in information technology, information security, management, and sales. His passions lie in networking and relationship building.
Josh is the practice lead of Strategic Application Security Services at GuidePoint Security. He has 18 years of real world experience in developing applications and helping organizations across all sectors integrate security into their SDLC. Josh has worked extensively with financial services organizations helping to scale their large AppSec programs as the development organizations increasingly adopt Agile and DevOps. He is passionate about all things AppSec. In his free time, Josh enjoys hiking, playing guitar, and spending time with his wife and three children.
Jeff has been working in IT since 1998 and graduated from Virginia Commonwealth University (BS-IS 2012, MS-CISS 2014) and the SANS Technology Institute (PGC Ethical Hacking & Penetration Testing). Jeff also enjoys research and educating on Technical Information Security Topics including Network Security Monitoring and Advanced Persistent Threats. In addition to recently passing the CCSP exam, Jeff holds the CISSP, GCIH, GPEN, GWAPT, GXPN and VMware NSX: Micro-Segmentation certificates.