Steve educates teams on the strategy and specifics of developing secure software.

He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive programming techniques to an audience of over 800 software engineers across 50 diverse teams in a global continuous security environment.

Steve is an open source advocate and is active in the OWASP community supporting several open source projects including OWASP Dependency-Check and Dependency-Track.