Program Overview

Jeroen van der Ham-de Vos (he/him) is associate professor at the University of Twente. His research currently focuses on vulnerability prioritisation and management, incdent response, the many developments in coordinated vulnerability disclosure and ethics of cybersecurity and computer science.

Jeroen is member of the editorial board of the ACM journal Digital Threats: Research and Practice, is an active member of the FIRST community, and was the co-editor of the Code of Ethics for Incident and Security Teams, and serves on several programme committees.

Dr. Benjamin Edwards is a principal research scientist working at Bitsight. An expert in ML and statistics, Ben synthesized security data into actionable insights. He has led research on a wide variety of security topics including vulnerability management, application security, human risk, Next-gen SIEM, nation state cybersecurity policy, and the security of ML models. He is an active member of the security community, contributing to open standards efforts including both EPSS and CVSSv4. His work has been published in leading industry and academic venues.

Angelo Punturiero is an Italian native who has recently moved to the enchanting city of Barcelona. He proudly serves as a Vulnerability Management Senior Specialist in the Nestle’ CSOC Vulnerability Management team. With a deep passion for cybersecurity and the art of fine cuisine, he has improved he's skills through years of experience at renowned IT consulting firms. This professional journey has led him to Nestle’, where he coordinates the process that determines the Corporate Rating of the daily published CVEs, ensuring that the appropriate stakeholders are promptly informed of any imminent risks. Additionally, he actively engages in matters related to Cloud Security and contributes to projects involving Generative AI in the realm of cybersecurity.

Jenifer Jiménez, native of Spain, is currently working as a Senior Vulnerability Management Specialist at Nestlé Global Services in Barcelona. She is vulnerability management orchestration platform lead architect. Prior to her current role, she was part of the team providing security services to global Hewlett-Packard customers, as well as managing the development of security platforms for the CSIRT at CaixaBank. With a deep passion for her work and a commitment to staying at the forefront of industry trends, she strive to make a positive impact in the field of cybersecurity. Her dedication to securing critical systems and her love for salsa dancing and family bring a unique blend of expertise and personal fulfillment to her life.

Martin Karel, a native of Slovakia, is currently leading the Nestlé global vulnerability management and offensive security team based in Spain. He has been a part of the Global CSOC since its establishment in 2016 and has played a crucial role in various key projects, including incident response, security monitoring, and the centralization and automation of vulnerability management processes. Prior to his current role, Martin led similar projects at HP Enterprise and SEAT, a car manufacturer within the VW group. In his leisure time, he is passionate about ballroom dancing and values spending quality time with his two daughters.

Éireann Leverett is the co-author of Solving Cyber Risk, and regularly writes about cyber risk perception, articulation, and quantification. He is a co-chair of the Ransomware SIG, and long time DFIR innovator and data scientist. When he's not working in cyber insurance and risk, he likes writing code, papers, and taking long walks in nature.

While his bio is serious; he hates writing bios in the third person, and once placed second in an Eireann Leverett impersonation contest.

Jay Jacobs is a Co-founder and Chief Data Scientist at Empirical Security and Chief Data Scientist Emeritus at Cyentia Institute. Jay is also the lead data scientist for the Exploit Prediction Scoring System (EPSS) and is co-chair of the EPSS special interest group at FIRST. He is also a co-founder of the Society for Information Risk Analysts (SIRA), a not-for-profit association dedicated to advancing risk management practices where he served on the board of directors for several years. Finally, Jay is a co-author of “Data-Driven Security”, a book covering data analysis and visualizations for information security professionals.

Éireann Leverett is the co-author of Solving Cyber Risk, and regularly writes about cyber risk perception, articulation, and quantification. He is a co-chair of the Ransomware SIG, and long time DFIR innovator and data scientist. When he's not working in cyber insurance and risk, he likes writing code, papers, and taking long walks in nature.

While his bio is serious; he hates writing bios in the third person, and once placed second in an Eireann Leverett impersonation contest.

Jeroen van der Ham-de Vos (he/him) is associate professor at the University of Twente. His research currently focuses on vulnerability prioritisation and management, incdent response, the many developments in coordinated vulnerability disclosure and ethics of cybersecurity and computer science.

Jeroen is member of the editorial board of the ACM journal Digital Threats: Research and Practice, is an active member of the FIRST community, and was the co-editor of the Code of Ethics for Incident and Security Teams, and serves on several programme committees.

Cédric Bonhomme is a seasoned computer scientist with a deep passion for computer security and privacy. From 2010 to 2017, he worked as an R&D Engineer at a research center, specializing in Multi-Agent Systems and Cybersecurity. Since 2017, he has been an integral part of CIRCL, actively contributing to CSIRT operations and the development of innovative open-source software projects. Currently, he serves as the lead developer of Vulnerability-Lookup, driving advancements in vulnerability research and management.

Art Manion spends a lot of time working on various aspects of cybersecurity vulnerabilities including coordinated disclosure, measurement, response prioritization, and public policy. Art has led and contributed to vulnerability-related efforts the Forum of Incident Response and Security Teams (FIRST), the CVE Program, ISO/IEC JTC 1/SC 27, and the (US) National Telecommunications and Information Administration (NTIA). Art is the is the Deputy Director of ANALYGENCE Labs where he works closely with the (US) Cybersecurity and Infrastructure Security Agency (CISA). Art previously managed vulnerability analysis at the CERT Coordination Center (CERT/CC).

Jay Jacobs is a Co-founder and Chief Data Scientist at Empirical Security and Chief Data Scientist Emeritus at Cyentia Institute. Jay is also the lead data scientist for the Exploit Prediction Scoring System (EPSS) and is co-chair of the EPSS special interest group at FIRST. He is also a co-founder of the Society for Information Risk Analysts (SIRA), a not-for-profit association dedicated to advancing risk management practices where he served on the board of directors for several years. Finally, Jay is a co-author of “Data-Driven Security”, a book covering data analysis and visualizations for information security professionals.

Dmitry Raidman is a visionary entrepreneur and cybersecurity innovator who has contributed to shaping the future of software supply chain security. Having held critical technology roles at leading companies like FLIR Systems and Sealights, as co-founder and CTO of Cybeats Technologies, he helped Fortune 500 companies to operationalize SBOM (Software Bill of Materials) management by inventing SBOM Studio in 2020. His groundbreaking work extends to AI security, where he co-leads SBOM implementation for AI systems and models and co-founded AISUF.org, the Open Framework for AI Security & Safe Use. A contributor to the NTIA's SBOM standards since 2018 and an active participant in critical security working groups, Dmitry brings over 25 years of expertise in application security, cloud architecture, and DevSecOps. His commitment to industry advancement extends beyond technology through co-founding the Security Architecture Podcast, where he shares insights on enterprise security solutions and architecture.

Art Manion spends a lot of time working on various aspects of cybersecurity vulnerabilities including coordinated disclosure, measurement, response prioritization, and public policy. Art has led and contributed to vulnerability-related efforts the Forum of Incident Response and Security Teams (FIRST), the CVE Program, ISO/IEC JTC 1/SC 27, and the (US) National Telecommunications and Information Administration (NTIA). Art is the is the Deputy Director of ANALYGENCE Labs where he works closely with the (US) Cybersecurity and Infrastructure Security Agency (CISA). Art previously managed vulnerability analysis at the CERT Coordination Center (CERT/CC).