Find Expert Speakers

I’m currently working as a Security Analyst, with experience in both red team and blue team operations. My current focus is on red team engagements, zero-day research, and malware analysis.

Aamiruddin Syed is Cybersecurity Professional with over decade in years of experience in the industry. He specializes in DevSecOps, Shift-Left Security, cloud security, and internal penetration testing. He authored book title "Supply Chain Software Security-AI,IoT,Application Security " with Apress/Springer .He has extensive expertise in automating security into CI/CD pipelines, developing security automation, and building security into infrastructure as code. He has worked on securing cloud platforms by applying security best practices to infrastructure provisioning and configuration. Leveraging his penetration testing skills, he routinely conducts targeted internal assessments of critical applications and systems to proactively identify risks. He excels at bridging the gap between security and engineering teams to enable building security directly into products. Aamiruddin Syed holds Dual Master’s degree in Cybersecurity from Northeastern University and Jadavpur University. A recognized advocate for secure development, Aamiruddin is a frequent speaker and session chair at leading industry conferences including RSA Conference, DEFCON, and Black Hat.

Hi, My name is Aftab Sama! 👋I'm a cybersecurity researcher. I graduated from Rashtriya Raksha University with a degree in Computer Science and Engineering with specialization in Cyber Security. My interest in Capture the Flag (CTF) competitions helped me secure my first internship at KPMG India, as I was among the top performers in a national CTF competition organized by the KPMG Cyber Security Team. I secured an on-campus internship at Quick Heal, where I had the opportunity to shadow various malware cases and learn about the investigation process. I validated Indicators of Compromise (IoC) for physical samples from CertIN and OTX, and I utilized my Python skills to automate some daily tasks. I also ranked among the top 100 in TCS HackQuest Season 7 Capture the Flag (CTF) competition, which led to an employment opportunity with TCS, where I am currently working as Penetration Tester.My passion for offensive security and penetration testing led me to obtain certifications such as CAPenX, BSCP, CNPen, CAPen, and CEH Practical, among others. I plan to enroll in further offensive security courses in the future.In my free time, I actively participate on HackTheBox and CTFTime and have taken part in several prestigious CTF competitions, winning multiple prizes. Besides my interest in security, I enjoy reading about stoicism and philosophy.You can read my blogs and writeups at https://aftabsama.com.

Alfonso De Gregorio is a globally recognised cybersecurity technologist, Founding Director and Principal Investigator at Pwnshow, and CEO at Zeronomicon, Italy. He is a featured speaker at 25+ peer-reviewed international events across 5 continents, such as NATO's Conference on Cyber Conflict, RSA Conference, and the leading hacker conferences. His work focuses on the intersection of artificial intelligence, cyber threats, and regulatory landscapes. High-performance organisations engage him to spearhead relentless innovation across disciplines and fields, accelerate asymmetric advantage, and achieve peak confidence in today's interconnected operational environment—establishing Alfonso as a key figure shaping the discussion and practice of cybersecurity.

Speaker at multiple International Security conferences: NullCon, AVAR Singapore, AVAR Chennai, Bsides Delhi. Did first lock picking workshop in India with Nullcon in 2012 and multiple lock picking workshops in Nullcon , Hackers conference.  Did workshop on Arduino in NullCon hackers conference and created first ever Hardware badge in India for Hackers conference.

Amey Parab is a seasoned Staff Software Engineer and Tech Lead with over 14 years of comprehensive software development experience, specializing in frontend architecture and high-performance web applications. Currently serving as a Staff Software Engineer and Tech Lead at Magnit Global, Amey leads the development of cutting-edge AI-powered workforce management platforms that streamline complex business processes.Amey's expertise lies in architecting scalable frontend solutions that significantly accelerate feature delivery and boost overall team velocity. He has a proven track record of building foundational components and frameworks that serve as the backbone for enterprise-level applications across multiple industries, including workforce management, financial services, healthcare, and digital media. As a technical leader, Amey has consistently driven innovation through the development of reusable Angular frameworks and UI component libraries that promote consistency and maintainability across large-scale applications.Throughout his career, Amey has made significant contributions to various sectors. In workforce management, he is leading the architectural foundation for Magnit Platform's modern AI-powered solutions. In financial services, he developed comprehensive digital investment platforms and financial planning tools at Prudential Financial. His healthcare technology work includes creating advanced analytics platforms and high-content analysis solutions for medical research, while his digital media experience encompasses building interactive video recording and content management systems.Amey specializes in Angular framework development, TypeScript, and modern web technologies, with extensive experience in creating responsive, accessible, and cross-browser compatible applications. His technical toolkit includes expertise in UI/UX implementation, REST API integration, unit testing frameworks, and cloud deployment strategies. His collaborative approach with cross-functional teams, including product managers, designers, and backend developers, has resulted in robust RESTful API architectures and seamless user experiences.Amey is passionate about mentoring development teams and establishing best practices that ensure the delivery of maintainable, scalable, and high-quality code. His approach combines technical excellence with strategic thinking, enabling organizations to build robust digital solutions that meet evolving business needs. He holds a Bachelor of Management Studies from the University of Mumbai and has completed an Advanced Programme in Software Development. He is a Microsoft Certified Professional Developer with specializations in .NET Framework applications, demonstrating his commitment to continuous learning and professional development.Based in the Bay Area, Amey continues to drive innovation in frontend development while contributing to the advancement of modern web application architectures.

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

Armaan Pathan is a Senior Security Engineer with extensive experience in application security, penetration testing, and bug bounty hunting. He has reported vulnerabilities at leading tech organisations such as Google, Facebook, Apple, and Microsoft.With a Master’s in Information Technology and credentials like OSCP, he has excelled in both offensive security and mentoring teams. Armaan frequently shares his research by writing blogs and driving awareness of emerging threats and best practices.

Arun Kuna is a highly accomplished and results-driven QA Architect and SDET with over 15 years of experience in the Information Technology industry, specializing in Quality Assurance, Test Automation Engineering, Database Testing, and Cloud-native application validation. With a proven track record across Fortune 25 enterprises and innovative startups, he has led large-scale QA initiatives spanning Web, Mobile, Cloud, and Enterprise Client/Server applications. Arun possesses deep expertise in designing and implementing scalable, reusable test automation frameworks leveraging Hybrid, BDD, TDD, and Page Object Model methodologies with tools such as Selenium WebDriver, TestNG, JUnit, and Python. His technical skill set extends to cloud-based testing on AWS, Azure, and GCP, with hands-on experience in integrating automation pipelines within CI/CD ecosystems like Jenkins, GitLab CI, and Azure DevOps. He excels in microservices and API test automation using Rest Assured, Postman, and SOAP UI, as well as performance engineering through JMeter, LoadRunner, and Grafana-enabled dashboards. Arun has demonstrated leadership in driving DevOps and Agile transformations, building containerized testing environments with Docker and Kubernetes, and implementing AI/ML-powered testing accelerators to enhance efficiency and coverage. His career highlights include leading enterprise-wide QA strategy and framework architecture for mission-critical mortgage and financial applications at Fannie Mae and Freddie Mac, optimizing cloud-based QA operations, and mentoring teams to embrace modern quality engineering practices. With advanced proficiency in SQL, PL/SQL, ETL validation, and backend data testing, coupled with strong cross-functional collaboration and governance skills, Arun continues to be a catalyst for delivering robust, scalable, and high-performing software solutions across dynamic business landscapes.

Passionate about ensuring the reliability and performance of networking solutions, I specialize in protocol qualification, test automation, and validation for cutting-edge telecommunications and networking technologies. With a strong foundation in networking protocols, software testing, and automation frameworks, I thrive on optimizing test processes and driving continuous improvements in network quality.At Nokia, I focus on verifying and qualifying networking protocols to meet the highest industry standards, leveraging automation to enhance efficiency, accuracy, and scalability in testing. My expertise spans across routing, switching, network security, and cloud-native networking solutions, ensuring seamless integration and deployment.Key strengths:✔ Protocol Qualification & Network Testing – Expertise in evaluating routing and switching protocols, ensuring interoperability and compliance.✔ Test Automation & Scripting – Proficient in developing test suites that streamline validation processes.✔ Troubleshooting & Performance Analysis – Skilled in debugging complex network issues and optimizing system performance.✔ Collaboration & Innovation – Work closely with cross-functional teams to enhance test strategies and improve product quality.Always eager to explore emerging technologies, improve testing methodologies, and contribute to the evolution of next-generation networking solutions. Let’s connect and discuss innovations in networking and test automation!

I’m a results-driven Principal SecOps Engineer with over 15 years of proven expertise spanning across multiple organisations in various service sectors in architecting and delivering world-class security programs for global software organizations. I’ve spearheaded transformational automation initiatives, reducing report-generation times by over 95% and built unified multi-cloud compliance frameworks that consistently pass rigorous audits and compliances. I've created AI-powered attack surface platform earned international hackathon recognition, and I’ve presented SecOps deep dives at VULNCON, top engineering colleges, and industry forums.As Cloud Security Lead and Principal Engineer at Perforce, I’ve led high-impact teams to operationalize continuous monitoring, vulnerability management, and incident response at scale.A CISSP-certified mentor and community advocate, I actively contribute to open-source security projects and share expertise through workshops, and local meetups empowering the next generation of security professionals.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 150+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

Balazs Bucsay is the founder & CEO of Mantra Information Security that offers a variety of consultancy services in the field of IT Security. With decades of offensive security experience he is focusing his time mainly on research in various fields including red teaming, reverse engineering, embedded devices, firmware emulation and cloud. He gave multiple talks around the globe (Singapore, London, Melbourne, Honolulu) on different advanced topics and released several tools and papers about the latest techniques. He has multiple certifications (OSCE, OSCP, OSWP) related to penetration testing, exploit writing and other low-level topics and degrees in Mathematics and Computer Science. Balazs thinks that sharing knowledge is one of the most important things, so he always shares it with his peers. Because of his passion for technology he starts the second shift right after work to do some research to find new vulnerabilities.

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

I'm a developer (Firefox) and bug hunter for browsers.

Captain, founder of LOONG Community, is an independent security researcher. He focuses on hardware security researches, penetration test, incidents response and digital forensics analysis. He was the first and the only Asian leading a group of white-hat hackers to hold an in-depth, hands-on hardware hacking village in BLACK HAT and DEFCON. He is also a frequent speaker and trainer in different top-notch security and forensics conferences including SANS, HTCIA, DFRWS, GCC, CodeBlue, HITB, SINCON, AVTokyo and HITCON.

Carlos Gómez Quintana is a Security Consultant at IOActive, specializing in Red Team operations and offensive security. As one of the youngest professionals to join the firm, he conducts advanced penetration testing, adversarial simulation, and security research across diverse enterprise environments.At IOActive, Carlos focuses on cutting-edge security research, including automotive security where he has developed novel attack techniques such as rollback agnostic replay attacks against vehicular systems. He regularly conducts Red Team engagements that simulate real-world adversarial scenarios for enterprise clients.Carlos is an active security researcher and contributor to Maldev Academy, where he has contributed to the phishing section and active research on malware development.

Chiao-Lin Yu (Steven Meow) currently serves as a Red Team Cyber Threat Researcher at Trend Micro. He holds numerous professional certifications including OSCE³ , OSEP, OSWE, OSED, OSCP, CRTP, CARTP, CESP-ADCS, LPT, CPENT, GCP ACE. Steven has previously presented at events such as DEFCON Main Stage, IoT Village, Car Hacking Village, Security BSides Tokyo, HITCON Bounty House, and CYBERSEC. He has disclosed 30+ CVE vulnerabilities in major companies like VMware, D-Link, and Zyxel. His expertise spans red team exercises, web security and IoT security.

Chi-en “Ashley” Shen is a Security Research Engineering Technical Leader at Cisco Talos, specializing in emerging threat research—ranging from nation-state attacks to financially motivated crimes and spyware campaigns. Before joining Cisco, she worked at Google’s Threat Analysis Group, where she hunted zero-day exploits and tracked botnets. Prior to that, she was part of Mandiant’s Global Research Team, where she co-authored the APT41 report and published research on ICEFOG campaigns. In Taiwan, Ashley co-founded Team T5 and served as a senior threat analyst with a focus on targeted attacks in APAC. A passionate advocate for women in cybersecurity, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan, and she currently organizes Rhacklette, a security community for FINTA in Switzerland. She has presented her research at a range of conferences, including Black Hat, HITB, HITCON, FIRST, Pivotcon and CODE BLUE. In her free time, she supports the community by offering training sessions and serving on the review boards for Black Hat, HITCON, and HITB.

Chris Carlis is an unrepentant penetration tester with an extensive background in network, wireless and physical testing. Across his career, Chris has worked to expand the value offensive testing provided via open communication and goal driven engagements. Additionally, Chris has presented at a variety of conferences, including Thotcon, Hushcon, Hackfest, ShowMeCon, DeepSec, CypherCon and various B-Side events. He is a perennial feature at the Thotcon conference in his native Chicago, USA and helps to organize “BurbSec”, the best attended Information Security monthly gatherings in the country. 

Christian Herrmann – RFID Hacker | Co-Founder of AuroraSec & RRG | MCPD Enterprise ArchitectChristian Herrmann, better known in the hacker community as “Iceman”, is a co-founder ofAuroraSec and RRG, and has helped develop many of today’s most widely used RFIDresearch tools, including the Proxmark3 RDV4 and the Chameleon Mini. He is a well-knownRFID hacking and Proxmark3 evangelist, serving the community as both a forumadministrator and a major code contributor alongside other developers since 2013.Christian has spoken at hacker conferences around the world, including Troopers, Black HatAsia, DEF CON, Hardwear IO, SSTIC, NullCon, Pass-the-Salt, BSides Tallinn, BlackAlps, and SaintCon. He also runs a YouTube channel where he shares his knowledge of RFID hacking with the public.With over 14 years of experience in bespoke software development, Christian specializes in.NET platforms and is a Certified MCPD Enterprise Architect.He possesses near-unmatched expertise in the Proxmark3 architecture and various RFIDtechnologies, and has served as an instructor for Red Team Alliance (RTA), including trainingsessions at Black Hat.

A pioneering figure in the cybersecurity realm, Chris began his illustrious career as an original vulnerability researcher at the renowned hacker think tank, L0pht. From 1992 to 2000, he was an integral member of this group, contributing to its groundbreaking research. One of his earliest notable disclosures was a vulnerability he identified in the Windows NT networking stack. This discovery revealed that regular users could intercept packets before they reached host firewalls or system processes. Chris's research skills led him to this finding using a tool he developed, named Netcat for NT. Chris was instrumental in the development of L0phtCrack, the pioneering Windows password cracking tool. Recognizing the need for a more collaborative approach to cybersecurity, Chris was a driving force in transitioning the security community from an anarchistic full disclosure model to a more coordinated disclosure approach. This involved forging partnerships between the L0pht and major software vendors, including Microsoft, in the late 1990s. His unwavering commitment to elevating security standards and his impactful vulnerability research did not go unnoticed. In 1998, Chris, alongside 6 of his L0pht colleagues, testified before the U.S. Senate on matters of U.S. govt cybersecurity. His expertise was again sought in 2003 when he testified to the U.S. House, elucidating the intricacies of software vulnerability discovery during a period when internet worms were a significant threat to businesses and government entities. A staunch proponent of the "secure by design" philosophy, Chris took on the role of VP of Research at the security consultancy, @stake, in the early 2000s. Here, he collaborated closely with Microsoft, integrating robust security processes into their Software Development Life Cycle (SDLC). This included the introduction of threat modeling, code review, fuzzing, and application penetration testing. Drawing from his extensive experience consulting with software vendors, Chris authored "The Art of Software Security Testing", published by Addison-Wesley in 2006. In 2006, with a vision to revolutionize software security, Chris founded Veracode. Under his leadership as CTO, Veracode offers a SaaS solution that automates the "secure by design" approach, leveraging a myriad of appsec testing techniques. Today, Veracode serves 1000s of customers worldwide. For 18 years Chris was at the helm of its security research, product security, info security, & compliance teams. Today he speaks to the public and to customers as Chief Security Evangelist.

OSINT, APT, Digital Forensics in the Asia-PacificCEH, CHFI, ISO 17025, MCFE, EnCE(Training)Previously taught at universities and research institutionsEnthusiastic about cybersecurity research, reverse engineering, cats, and tea.

Feel free to email me on basically anything on computing or history