Home
Home About Us Executive Profiles Dennis Moreau Please or register.
Careers Executive Profiles Customers Case Studies Contact Us
 
Dennis Moreau
 
  

Dennis Moreau, Ph.D.

As a Founder and the Chief Technology Officer for Configuresoft, Dennis Moreau specializes in the application of leading edge technologies to the solution of complex problems in the Information Technology management domain. His primary focus is in developing enterprise scale solutions to improve IT efficiency and effectiveness for systems management, security compliance and configuration optimization. He works actively with the National Institute of Standards and Technology (NIST) and MITRE on the development of security configuration policy compliance standards, serving on MITRE's OVAL Advisory Board. Dr. Moreau holds a doctorate in Computer Science and speaks regularly at IT management and security conferences worldwide.

gfx_arrowsYellow.gif Recent Speaking Engagements

  • Upcoming: Expert Panel with Jon Oberheide, Moderator, Steve Orrin, Moderator, Hezi Moore: "Virtualization Security Summit", Computer Security Institute CSI 2008, November 15-21, 2008, National Harbor, MD
  • Upcoming: Expert Panel with Brad Smith: "The Fate of the secure Operating System Summit", Computer Security Institute CSI 2008, November 15-21, 2008, National Harbor, MD
  • Upcoming: "Virtualization and Enterprise Security", NaSPA Online Conferences, November 4, 2008
  • "Virtualization and Security", Cyber Information Security Conference – CISCON 2008, October 21-24 2008, Helena, MN
  • "Virtualization and Security" Computer Security Institute Webinar with Sara Peters, October 16, 2008
  • Panel: "Achieving Regulatory Compliance in Virtualized Environments", VMworld 2008, September 15-18, 2008, Las Vegas, NV
  • "Virtualization: Resource Coupling and Security across the Stack", 2008 CERIAS Security Seminar, September 10, 2008, Purdue University, West Lafayette, IN
  • "Security Information Standards: Current Status and Future Directions", ISACA Security Conference 2008, September 9, 2008, Las Vegas, NV
  • Expert Panel: "Securing Virtual Environments", SANS Virtual Security Summit 2008, August 7, 2008, Washington, DC
  • "XEN and the Art of Virtualization Security Policy Compliance", Linux World 2008, August 4-7 2008, San Francisco, CA
  • "Virtualization and Security", Computer Security Institute – Security Exchange, Las Vegas, April 27-May 2, 2008
  • "Security Information Standards: Current Status and Future Directions" ISACA's 38th Annual North America Computer Audit, Control and Security Conference, 27 April-1 May 2008, Las Vegas, Nevada, April 27-May 2, 2008
  • "Virtualization and Security", University of Wisconsin E-Business Consortium’s Virtualization Security Event, April 23, 2008
  • "Securing Virtualization: CIS Consensus Benchmark", with Chris Farrow and Dave Shackleford, RSA 2008, San Francisco, April 4-7, 2008
  • Panelist: "Securely Virtual or Virtually Secure?", IX CERIAS 2008 Information Security Symposium, March 18, 2008, Purdue University, West Lafayette, IN
  • "Virtualization and Enterprise Security" Computer Security Institute Interview with Robert Richardson, Executive Director, Computer Security Institute
  • “Virtualization and Security Configuration Policy Compliance”, Core Competencies for Compliance and Data Protection, ISACA e-symposium, November 27, 2007
  • “Virtualization and Security”, CSI 2007, Computer Security Institute, Washington DC, November 5-8, 2007
  • “Virtualization and Security: Security Configuration Policy Compliance”, 2nd Annual IT Security Conference for the Oil & Natural Gas Industry”, American Petroleum Institute, Houston, Texas, November 6-7, 2007
  • “System Configuration Management: Security and Auditing Challenges”, MISTI 27th Annual Conference on IT Audit and Controls, Washington, DC, October 22, 2007
  • “Virtualization and Enterprise Security”, VMworld 2007, San Francisco, CA, September 11-13, 2007
  • “Virtualization and Security Configuration policy Compliance”, ISACA North America CACS, Grapevine, Texas, April 22-26, 2007
  • “Security Configuration Compliance and Emerging Information Standards”, ISACA North America CACS, Grapevine, Texas, April 22-26, 2007
  • “Virtualization and Security”, Panelist, RSA Conference 2007, San Francisco, CA., February 2-4, 2007
  • “System Configuration Management: Security and Auditing Challenges”, MIS Annual IT Audit Conference, Boston, MA, November 15-17, 2006
  • “Emerging Security Configuration Information Standards”, ISACA Network Security Conference, Amsterdam, Netherlands, November 12-15, 2006
  • “System Configuration Management: Security and Auditing Challenges”, IT Security World 2006, San Francisco, CA, September 25-27, 2006
  • Virtualization and Security Configuration Policy Compliance”, Network Security World Conference, Las Vegas, NV, September 26, 2006
  • Compliance and Emerging Information Standards”, 1st Annual ISACA Compliance Conference, Javits Center, New York, NY, June 27-29, 2006
  • Panelist: “Realizing Security in Virtualized Environments“, Microsoft ISV CTO Summit 2006, Seattle, WA, June 21-23, 2006.
  • “Security Information Standards”, InfoSecurity Europe 2006, London, UK, May 7-11, 2006
  • “Compliance and Emerging Security Information Standards”, 2006 North America Computer Audit, Control and Security Conference, Orlando, FL, May 7-11, 2006
  • “System Configuration Management: Security and Auditing Challenges”, InfoSec World 2006, Orlando, FL, April 3-5, 2006
  • “Technology Convergence: Emerging Security Issues”, U.S. Small Business Administration, Madison Square Gardens, New York, NY, January 31, 2006
  • “Security and Network Management Convergence”, IT Architect, 11/16/2005 Interview with Andrew Conroy-Murray
  • “Configuration Intelligence”, Rocky Mountain Windows Technology User Group, Colorado Springs, April 16, 2005
  • “Configuration Intelligence”, Rocky Mountain Windows Technology User Group, Denver, April 15, 2005
  • “Enterprise Configuration Management and Security”, Secure Convergence Journal/IT Defense, November 2005
  • “Stop an Attack Before it Cripples Your Network: Intrusion Prevention Strategies”, Panel Session, Ziff-Davis ZDNet, 9/15/2005
  • “Continuous Controls Monitoring: Compliance Effectiveness and Remediation Efficiency,” Information Systems Audit and Control Association International Conference, Oslo, NW, June, 2005
  • “Controlling Shadow IT,” Information Systems Audit and Control Association International Conference, Oslo, NW, June, 2005
  • “Configuration Intelligence: Beyond Patch Management,” ISSA Security Conference 2005, Hartford, CT, May 8, 2005
  • Panelist: “Enterprise Best Practices, Patch and Configuration Management,” Networld+Interop 2005, Las Vegas NV, May 4, 2005
  • “Network Split Personalities: Addressing Configuration Inconsistencies,” Information Technology Infrastructure Management Conference 2004 (ITIM), Las Vegas NV, October 12-14, 2004
  • “Network Split Personalities: Addressing Configuration Inconsistencies,” Information Systems Audit and Control Association: Information Security Management Conference, Las Vegas NV, September 13-15, 2004
  • “Network Split Personality: Leveraging Configuration Intelligence”, Air Force Information Technology Conference 2004, Montgomery AL, August 27-28, 2004
  • Vendor Technology Briefing: “Shift Drift and Shadows: Addressing Gaps in Configuration Intelligence” BlackHat USA 2004, Las Vegas NV, July 2004
  • Panelist: “United Nations Ministerial Roundtable Working Breakfast: E-Government and Information Security”, New York, NY June 29, 2004
  • Panelist: “Identity Federation and Identity Management,” Information Systems Audit and Control Association International Security Conference, Boston, MA, June 28, 2004
  • “Busting and Living with Shadow IT,” Information Systems Audit and Control Association International Security Conference, Boston, MA, June 30, 2004
  • Panelist: “Improving Information Security and Patch Management,” United Nations Conference on Information Security, New York, NY, June 2, 2004
  • “Keynote: Beyond Patch Management in Achieving Security,” United Nations Conference on Information Security, New York, NY, June 2, 2004
  • Panelist: “Improving Patch Management,” Secure World Exposition, Atlanta, GA, May 28, 2004
  • “Security Currency,” Secure World Exposition, Atlanta, GA, May 28, 2004
  • “Beyond Patch Management: Securing All Your Configurations,” SecureIT: 2nd Annual Information Technology Security Conference: , Las Angeles, CA, April 28-30, 2004
  • “Beyond Patch Management” Information Systems Audit and Control Association, Las Angeles, CA, April 27, 2004
  • “Beyond Patch Management”, Rocky Mountain Windows Technology User Group, Colorado Springs, April 21, 2004
  • “Beyond Patch Management”, Rocky Mountain Windows Technology User Group, Denver, April 20, 2004
  • Panelist: “The Future of Patch Management,” Secure World Exposition, Philadelphia, PA, April 14-15, 2004
  • “Security Currency,” Secure World Exposition, Philadelphia, PA, April 14-15, 2004
  • “Security Strategies Beyond Patch Management Technology,” AFCOM Data Center World and Exposition, Las Vegas, NV, April 5-8, 2004
  • “Software Configuration Management: Security and Auditing Challenges,” Information Security (InfoSec) World, Orlando, FL, March 22-25, 2004
  • Panelist: “Attaining Security Currency: Operational, Risk and Cost Efficiency Approaches to Patch Management,” RSA Security Conference, San Francisco, CA, February, 2004
  • Panelist: “Intelligence, Asset Management and Vulnerability Remediation,” RSA Security Conference, San Francisco, CA, February, 2004
  • “Beyond Patch Management: Securing All of Your Configurations,” Computer Security Institute, Washington, DC, November 2-6, 2003
  • “Security Checklist Assessment,” Workshop on Building Security Checklists for IT Products, National Institute of Standards and Technology, Baltimore, MA, September 25-26, 2003
  • “Patching the Holes in Change-Management Processes,” CeBIT America, New York, NY, June, 2003
  • “Configuration Change Management: Defending Against Known Vulnerabilities,” BAI ACE 2003, Las Vegas, NV, April, 2003
  • “Preventing Web Site Downtime: Configuration Management,” WebSec E-Security Conference 2003, San Francisco, July, 2003
   
  © 2008 Configuresoft, Inc. All Rights Reserved.