My name is Joe Basirico. I’m the SVP of Engineering at Security Innovation where I head up three teams of engineering including AppSec services, development efforts for our CMD+CTRL CyberRange and a team that helps secure the US Courts. I’ve been in the security industry for more than fifteen years now and have helped dozens of companies and individuals learn more about software security.

I’m a proud father and husband to my amazing kids and wife, Katherine Sather.

I started a non-profit called Technically Learning that merged with code.org. Technically Learning was very successful in helping to get girls and minorities excited about the STEM fields. Between 2006 and 2013, Technically Learning had reached approximately 4,500 students across 25 schools and community organizations in the Puget Sound area.

code.org differs slightly from TL’s original mission, but is an incredible organization nonetheless. code.org’s mission is to bring Computer Science, as a core requirement, to every public school in the US. They will make sure the students of tomorrow are equipped to use the computers that will be infused into their every action to their fullest potential.

When not working on software security problems or trying to inspire kids to learn to program I find myself programming frequently. You can see the projects that I’ve built on my projects pages. I write code, but I also write a blog, you can see my thoughts on all things (security, privacy, philosophy, management, productivity, etc.) on the blog

Media/Conferences/Talks

I try to keep this section up to date. Many conferences don’t record or make their videos publicly available, but I’ll post what I can here.

ReThink Security

I launched Rethink Security with a friend as a free resource to provide insights drawing from my 18 years of experience in the security industry. I post new articles there frequently and have a monthly newsletter to share what I’ve read.

ReThink Security

Security Innovation Blog

Application and Cybersecurity Blog | Joe Basirico

Podcasts

Brakeing Down Security Podcast | Download

Videos

CSNP - How an Attacker ‘Audits’ Your Software Applications

Interview With Security Innovation’s Joe Basirico

Owasp appsec USA

1. https://youtu.be/JMzhyf2UxQ8
2. https://youtu.be/WPv7dUZoNuw
3. https://youtu.be/L1W0gWhf27o
4. https://youtu.be/HwyMj28C4lU

Conferences / Webcasts

• An engineers guide to staying secure online
• Architecture secure web applications
• The Roadmap to a Vulnerability Disclosure Program for QASIG
• Reducing the cost of security
• If CI and CD can find time for security so can you
• Understanding your software vulnerabilities
• Buzz about fuzz

Videos Kept For Posterity

• How to break software security (old)
• Writing secure code in .net (old)

Software & Tools Development

• TeamMentor - led initial development for the company’s secure development guidance system
• YASAT – static analysis tool that uses regular expression based rules on a code base to quickly find potential security vulnerabilities
• WhatTheFuzz – an open-source, easy to use and operate fuzzer for Web sites
• Transform – an open-source, easy to use encoder/decoder
• RegexMatcher – a simple regular expression matcher and tester

Images

Many of my images come from free websites or I’ve taken myself.

I wish to thank the following websites for putting this content together:

Skuawk.com

Pixabay

Unsplash.com