Steve Kosten

Steve Kosten is a Principal Security Consultant at Cypress Data Defense and an instructor for the SANS DEV541 Secure Coding in Java/JEE: Developing Defensible Applications course. He’s previously performed security work in the defense and financial sectors and led the security department for a financial services firm. At Cypress, Steve performs secure code review assessments, vulnerability assessment, penetration testing, and risk management reviews. He is also the Open Web Application Security Project (OWASP) Denver chapter leader, and presents security talks at various conferences. Steve holds a bachelor of science in Aerospace Engineering from the Pennsylvania State University and a Master of Science in Information Security from James Madison University. He currently maintains GSSP-JAVA, GWAPT, CISSP, and CISM certifications.