Skip to main content

Office Hour with Stephen de Vries (ContinuumSecurity)

Stephen de Vries (ContinuumSecurity)
Office Hours
Location: Table A (Banquet Hall)

Bring all of your security-related questions to Stephen. He’ll be glad to help you with them, and talk about the following:

  • How to perform continuous automated security tests of web applications
  • How does security testing differ from quality testing
  • Using the BDD-Security testing framework
Photo of Stephen de Vries

Stephen de Vries


Stephen de Vries is founder of Continuum Security, where he leads product development of the IriusRisk threat modeling tool as well as the BDD-Security open source testing framework, which is used extensively in SecDevOps workflows. Stephen specializes in building software and providing services to secure the SDLC. He has a strong background in web application security, with an emphasis on automated security testing and risk assessment. Stephen has published numerous original research papers and presented at conferences including Blackhat USA/Europe, DevOps Connect, Devoxx, and OWASP, among others. Stephen’s 17 years’ experience in information security has included a broad range of disciplines from software development, security code reviews, and security assessment to risk management and architecture security reviews.