Wendy Knox Everette has more than 15 years of experience as a software developer, software
quality assurance engineer and information security professional. She has been involved in all
aspects of the System Development Life Cycle (SDLC) from requirements definition through
implementation and operation as well as compliance gap analysis and risk assessment.
She is currently a Senior Security Advisor at Leviathan Security group, and has experience
guiding organizations in preparing for FedRAMP audits, meeting DISA SRG standards, and
HITRUST audits, as well as extensive experience building security programs at startups. Her
experience includes working in a consumer-protective role at federal agencies, helping to
develop industry norms around digital security and vulnerability disclosure, and representing
technology companies on consumer privacy matters.
As an information security consultant, she has guided clients through FedRAMP, DISA SRG, and
HIPAA/HITRUST audits, along with assisting both technical and nontechnical personnel to meet
the challenges of regulatory compliance. Wendy is a Certified Information Systems Security
Professional (CISSP) and is admitted to the practice of law in Washington State and the District
of Columbia, and teaches as an adjunct professor at the George Mason University School of Law.
Wendy graduated with honors from the George Mason School of Law, with a concentration in
National Security Law was a Fellow in privacy and computer security law at ZwillGen PLLC. She
has spoken at a variety of security conferences, including Black Hat, ShmooCon, BSides Las
Vegas, the DEF CON SkyTalks and DEF CON’s Crypto and Privacy Village. She has published law
review articles on the evolution of legal technology as well as two papers on computer security,
Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security Standards
at NDSS 2002 and It Lurks Within: A Look at the Unexpected Security Implications of Compliance
Programs in IEEE Security & Privacy Volume 18 Issue 6.