Dave Ferguson, Veracode
Global Principal Solutions Architect & AppSec SME
Dave Ferguson is a Global Principal Solutions Architect & AppSec SME at Veracode where he focuses on helping developers write secure code and use safe open source components. After developing applications for more than a decade, Dave has worked in application security for the last 16 years in a variety of roles including Principal Consultant at FishNet Security (now Optiv), running the AppSec program at Sabre Corporation, and directing the Web Application Scanning product line at Qualys. He is credited with discovery of CVE-2006-4763 and CVE-2006-6537 as well as highly-publicized CSRF vulnerabilities in the Netflix website. Dave is the original author of the OWASP Forgot Password Cheat Sheet and holds CISSP and CSSLP certifications.