Sean Barnum

Sean Barnum is a Principal and Cyber Threat Intelligence Community Lead at The MITRE Corporation where he acts as a thought leader and senior advisor on information security topics to a wide variety of players within the US government, commercial industry and the international community. He has over 25 years of experience in the software industry in the areas of architecture, development, software quality assurance, quality management, process architecture & improvement, knowledge management and security. He is a frequent contributor, speaker and trainer for regional, national and international information security and software quality publications, conferences & events. He is very active in the Information Security community and acts as a community leader and technical architect for numerous knowledge standards-defining efforts including the Structured Threat Information eXpression (STIX), the Cyber Observable eXpression (CybOX), the Common Attack Pattern Enumeration and Classification (CAPEC), the Malware Attribute Enumeration and Characterization (MAEC), the Common Weakness Enumeration (CWE), the Software Assurance Findings Expression Schema (SAFES). He is coauthor of the book "Software Security Engineering: A Guide for Project Managers", published by Addison-Wesley. He is involved in the information security related standards efforts of ISO, OMG and IETF, among other international standards bodies. He also acted as the lead technical subject matter expert for design and implementation of the Air Force Application Software Assurance Center of Excellence (ASACoE).