We focus on helping you deliver secure software through deliberate practice while maintaining the speed of your business.
Headquartered in Toronto, Security Compass is a leading application security firm specializing in solving root application security problems for Fortune 500 companies. Security Compass rapidly unifies application security with business goals. Our goal is to help you build secure software by seamlessly unifying your application security needs through eLearning, Security Requirements and Verification.
Security is elaborate and continuously changing. Masking security problems will not solve the problem - we believe in solving the problem.
Security is not one-size-fits-all; every company requires a unique security blueprint. Building this blueprint is a company-wide experience that must be clearly understood.
Conquering security risks together will help achieve the organization’s mission without compromising usability.
Nishchal Bhalla, is a noted expert, speaker and a published author who has been in the information security field for two decades. Over the past 10 years he has been primarily focused on guiding the Advisory, SD Elements and Training teams at Security Compass. He spends most of his time managing and giving direction to the company and vicariously enjoying security testing through the Advisory team.
Rohit Sethi joined Security Compass as the second full-time employee. As COO, Rohit is responsible for setting and achieving corporate objectives, company alignment and driving strategy to execution. Previous to this role, he managed the SD Elements team. Rohit specializes in building security into software, working with several large companies in different organizations. Rohit has appeared as a security expert on television outlets as such as Bloomberg, CNBC, FoxNews, and several others. He has also spoken at numerous industry conferences s and/or written articles on major websites such as CNN.com, the Huffington Post and InfoQ.
Sahba Kazerooni is an accomplished information security professional who oversees Security Compass's DDoS Strike division, offering safe and controlled DDoS assessment services to large fortune 500 organizations. Prior to launching DDoS Strike, Sahba held various roles within Security Compass's Advisory team, from Consultant to most recently Managing Director of the division.
In addition to his leadership roles at Security Compass, Sahba is an active contributor to the security community, most recently as the lead of OWASP's flagship ASVS project. He is also an internationally renowned speaker on security topics, and has delivered presentations at reputable security conferences around the world such as BlackHat, IDC WebSec, and RSA Conference. Sahba has also been recognized as an expert in information security by publications such as IT World Canada and the Information Security Media Group. He has a B.Sc. in Computer Science with Software Engineering specialization from the University of Western Ontario.
Chris Faciana has more than 15 years of experience in direct sales and sales management for small to mid-sized software security companies. He has been the top producing sales associate at the majority of companies he has worked for including, and most recently, Cenzic Inc. He was also the top producer and Director of Inside sales at Solsoft, Director of Sales at RiskWatch Inc. and the #1 sales rep at PGP Inc. Mr. Faciana holds an MBA from Arizona State University, writes mystery novels and is actively learning to speak Spanish and Italian.
David Rea has an extensive background and a track record of success in finance, strategic planning, operations, human resources, administration and legal matters that spans 25 years. He began his work life with almost seven years at PwC (previously Cooper & Lybrand) in the Business Assurance practice, where he developed the foundation of his technical and managerial skills. During this time, David obtained his MBA from the University of Toronto and became a Chartered Accountant. He then took the role of Director of Finance for Netcom Canada, a profitable mid-sized ISP that was ultimately acquired and became the Internet arm of AT&T Canada. After a couple of other brief engagements, David spent the next four years as the Director of Finance for Bell Sympatico.
After leaving Bell, he took on a broader role as CFO and eventually also VP Operations at TELoIP, a small GTA-based company with patented technology servicing the telecom industry. Here he spent the next seven years helping the company grow its top line revenue, build processes, policies, reports and governance structures, before stepping into his current position as CFO of Security Compass.
Ehsan Foroughi is an application security expert with 8+ years of management and technical experience in security research. He led the Vulnerability Research Subscription Service for TELUS Security Labs. As an entrepreneur, he has also served as the founder and CTO of TELTUB, a successful telecommunication startup. Ehsan holds a M.Sc. from the University of Toronto in Computer Science, a B.Eng. from Sharify University of Technology, as well CISM and CISSP designations.
Michelle has a master's degree in Information Management and is a certified PMP (Project Management Professional). Prior to joining Security Compass, Michelle was an independent consultant leading, designing, and implementing training projects for private, public and non-profit clients. In her role as the Director of Training, Michelle is responsible for the creation, management and execution of the Training business units' strategy. While leading the Training team Michelle has launched the SSP program in partnership with (ISC)2 and seen year-over-year growth of 168%.
Oliver leads the Advisory practice at Security Compass, helping bring our consultants and customers together, to drive successful security programs. He is responsible for the strategic direction and oversight of all Security Compass Advisory regions.
Oliver has 10 years of experience in the cybersecurity space, starting his career at BlackBerry (Research in Motion) as a software developer for enterprise applications. His experience with software development led him into professional services at the Enterprise Risk practice of Deloitte where he developed his risk management expertise with Fortune 500 companies. Later, he worked as a management consultant serving the public sector, advising and creating their vulnerability management program across numerous areas of government. Before leading the Advisory practice, Oliver was the Director of Training at Security Compass in Hong Kong. He was responsible for launching the Training team and Security Compass's leading eLearning product, Secure Software Practitioner Suites with (ISC)2.
Oliver has been involved in the security community throughout his career, developing open-source tools such as ExploitMe Mobile, speaking at AppSec USA, and providing Security Compass's OWASP Top 10 course as a security awareness resource for the broader community. He is a Biomedical Computing graduate from Queen's University and currently holds CISSP, CISM, and CISA credentials.