NorthSec 2021

Cloud security
2021-05-21, 14:00–14:30, Main stream

Q&A and discussion for the cloud security block, hosted and moderated by Max Habra. Questions will be gathered from the audience during the three prior talks.


Workshops only: Would you like to stream the workshop to an additional (passive) audience? – no

Philippe is a security researcher working for GoSecure. His research is focused on Web application security. His past work experience includes pentesting, secure code review and software development. He is the author of the widely used Java static analysis tool OWASP Find Security Bugs (FSB). He is also a contributor to the static analysis tool for .NET called Security Code Scan. He built many plugins for Burp and ZAP proxy tools: Retire.js, Reissue Request Scripter, CSP Auditor and many others. Philippe has presented at several conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, NorthSec, and 44CON.

This speaker also appears in:

Renzon Cruz, a Filipino security professional living in Dubai who works as Digital Forensics & Incident Response in a FinTech company based in the UK. He previously worked as Senior Security Consultant as part of a National Cyber Security Agency in Doha, Qatar. Prior to working in Dubai, he was also assigned as Sr. Security Analyst & Incident Responder and was also a previous college instructor at New Era University, Philippines. He was also accepted to various international conferences as a speaker such as BSides Vancouver (2019), BSides London (2019), BSides Doha (2020), and ROOTCON Hacking Conference (2020). He is also a co-founder, course developer, and instructor of GuideM, a real-world cybersecurity training center based in the Philippines. He also holds different certifications such as GCFA GCFE, GCIH, eCTHP, eCDFP, eJPT, CFR. He is mainly interested in defensive strategy, threat hunting, digital forensics, and incident response, malware analysis, adversary simulation.

This speaker also appears in:

Magno Logan works as an Information Security Specialist for Trend Micro Cloud and Container Security Research Team. He specializes in Cloud, Container and Application Security Research, Threat Modelling, Red Teaming, DevSecOps, and Kubernetes Security, among other topics. He has been tapped as a resource speaker for numerous security conferences around the globe including Canada, USA, Portugal and Brazil. He is also the founder of JampaSec and a member of the CNCF SIG-Security team.

This speaker also appears in:

Evelyn Lam is an Identity and Access Management Lead Security Architect, Vice President at Morgan Stanley. She has over 16 years of IT experience managing enterprise-scale global projects for such industries as Wall Street Investment Banking, Retail Banking, and Big 4 Consultancy. She has nine years of experience in leading security teams, development teams in North America and Asia, and managing client relationships in North America, Europe, and Asia.

Evelyn specializes in strategic and architectural decision-making in authentication, identity management, cloud security, and data masking.

In addition to her Security Architect role, Evelyn has a track record of public speaking, tutoring, and mentoring since 2010. She was a speaker at Grace Hopper Conference 2020, a summer guild instructor in Women in Technology in New York 2019, a speaker and a panelist at security conferences. Evelyn has been an instructor of entry-level and advanced security classes teaching security architecture and threat modeling in her Firm since 2018. She is an active member of campus recruitment teams in North America. She is also a mentor in Rewriting the Code (RTC).

Evelyn is a Certified Information Security Manager with a Master's degree in Computer Science.

This speaker also appears in:

Lead Cloud Integrator for the Data Analytics & Innovation Team at Mouvement Desjardins, Max is a Security Consultant for Financial Services, specialized in cloud, application security and secure pipelines.