Rohit Sethi

Rohit Sethi, Director of Professional Services, Security Compass, is a specialist in threat modeling, application security reviews, and building security controls into the software development life cycle (SDLC). Rohit is a SANS course developer and instructor on Secure J2EE development. He has spoken and taught at FS-ISAC, RSA, OWASP, Shmoocon, CSI National, Sec Tor, Infosecurity New York and Toronto, TASK, the ISC2’s Secure Leadership series conferences, and many others. Mr. Sethi has written articles for Dr. Dobb’s Journal, TechTarget, Security Focus and the Web Application Security Consortium (WASC), and he has been quoted as an expert in application security for ITWorldCanada and Computer World. He also leads the OWASP Design Patterns Security Analysis project. At Security Compass, Rohit has taught hundreds of students various topics on web applications security in cities across North America. He has also managed and performed extensive threat analysis, source code reviews, and penetration testing for clients in financial services, utilities, telecommunications and healthcare. He is often consulted for his dual expertise in information security and software engineering. Prior to joining Security Compass, Rohit was a consultant at a Big Four consulting firm’s risk practice. He performed application security reviews; security governance strategy; threat risk assessments; Sarbanes-Oxley general computer controls and Payment Card Industry audits and remediation; identity management strategy; customer data privacy assessments; and segregation of duties analysis and remediation. Rohit holds an Honors Bachelor of Science degree in Computer Science with Software Engineering Specialization from the University of Western Ontario. Rohit is also a Certified Information Systems Security Professional (CISSP), a Certified Secure Software Lifecycle Professional (CSSLP), and a Sun certified Java programmer.


Posts by Rohit Sethi

Domain-Driven Security

Monday, January 24th, 2011