Find Expert Speakers

I am an active educator in the cybersecurity community and currently work as a Consultant in Offensive Security at Kroll. I have delivered technical workshops at multiple colleges across India. These sessions cover practical topics like ethical hacking, mobile application penetration testing, and Red Teaming.I am also an instructor on Udemy. I share my knowledge with a global audience by creating courses that help students learn complex security concepts. In addition to teaching, I contribute to the industry as a Subject Matter Expert for Hack The Box. I help the community understand the latest trends in offensive security.​I have been recognised for my skills by the NCIIPC as one of the top 15 hackers in India. I also participate in bug bounty programs and have received acknowledgements from various organisations. My goal is to make cybersecurity education accessible and practical for everyone.

I have delivered technical presentations at leading cybersecurity conferences worldwide, sharing vulnerability research and offensive security methodologies with international audiences:Featured Conference Appearances:HITB (Hack In The Box) – Technical deep-dive on vulnerability discovery methodologiesBlack Hat KSA – Offensive security research and exploitation techniquesBSides – Community-focused talks on practical security testingtenguCon – Advanced threat research and attack surface analysisAdditional platforms globally – Continuing to share research across diverse security communitiesSpeaking Style: accessible delivery, making complex vulnerability research understandable for both seasoned security professionals and those newer to offensive security. Presentations include live demonstrations, real-world case studies from 0-day discoveries, and actionable takeaways that audiences can implement immediately.

Aryan is a senior security researcher with nearly six years of focused experience in malware development, AV/EDR evasion, and low-level system programming. His work bridges deep technical research and practical offensive security, creating advanced tooling for red team engagements. He holds the CRTO certification and has led numerous adversarial simulations against mature defenses. His research also extends to implementing fuzzing frameworks and automation.Previous Speaking Engagements:WildWest Hackin' Fest - Presented research on advanced security evasion.The Hack Summit - Delivered a talk on modern malware techniques.CarolinaCon - Shared findings in offensive security research.BSides Ahmedabad - Led technical training sessions on red team tooling and methodologies.

Speaker at Bsides Kochi, BIOS meetup, SlashN and various other conferences.

Working since 15+y in telecom security, striving to move the industry to a more open and collaborative approach of critical infrastructure security. Today, leading POST Luxembourg TelcoSec team developing offensive & defense capabilities, research and building telecom security solutions to protect operators around the world. I have been previously publishing at Underground Economy, Chaos Computer Congres (CCC), Hack.lu, CTI-Summit, ETIS, GSMA FSAG, ENISA Telecom Security Forum, HITB, Troopers, TSD, HackitoErgoSum and many other private conference where we are invited to share our research.

Talks within my organisationTech Talks: I have delivered over 10 internal technical presentations tailored to a wide range of audiences across multiple product development disciplines within my organisation(netskope).Hybrid Engagement: These sessions were conducted through both face-to-face and online formats, allowing me to interact with a significant number of colleagues and refine my ability to communicate complex technical topics to diverse teams.Knowledge Transfer: Beyond formal talks, I have led dedicated mentoring sessions and deep-dive technical walkthroughs to help ramp up team members on specialized security research.External Industry RecognitionBlackHat Europe (Arsenal): I was selected to present my research and open-source tool, IOCTL Hammer, at BlackHat Europe.Expert Engagement: This experience involved presenting to an international audience of cybersecurity experts, where I successfully managed high-traffic live interactions at the Arsenal booth.Communication Mastery: Preparing for and executing this talk helped me hone my skills in articulating the technical value and novelty of my work to an external, expert-level audience.

Catalyst 💜 | Architect of Calm in Chaos | Secure-By-Design Advocate | Cloud Security, Responsible AI & Digital Trust | Researcher | Community Builder | #DTalk

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.

He is a security researcher at the 360 Vulnerability Research Institute. His research focuses on IoT/IoV security and system security, with particular interest in real-world attack surfaces and exploitation paths in embedded and automotive systems.He presented a talk at Xcon 2025 on automotive USB interface vulnerabilities, analyzing practical exploitation scenarios and underlying root causes in in-vehicle systems. His work has been publicly acknowledged by BlackBerry PSIRT for QNX-related security issues.

Instructor-led training and lectures in cybersecurity, bug bounty hunting, and blockchain development through Flowdiary. Regularly deliver technical walkthroughs, live exploitation demos, and vulnerability analysis sessions for learners and developers. Experience presenting complex security concepts clearly to both technical and non-technical audiences.

IdentityShield Summit 2026 (Pune): Co-presented "The Automata Architect: Scaling Bug Bounty Success to Enterprise Level Security."

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

•Vulnerability discovery and exploitation researcher at Qihoo 360•Focuses on iot vulnerability discovery. I have discovered multiple critical unauthorized RCE vulnerabilities in Cisco, qnap, netgear, zyxel, draytek, H3C, LILIN, Sophos Cyberoam, Intelbras, draytek, H264 DVR, etc., and obtained dozens of cves.

Ravi Rajput is a Manager of AI Cybersecurity at XBP Global and a long-time offensive security researcher focused on the collision point between artificial intelligence and cyber-physical systems. His current work centers on adversarial AI, model manipulation, data poisoning, and the abuse of machine-learning pipelines in safety-critical environments—especially connected vehicles and telecom infrastructure. Ravi studies how attackers weaponize AI to scale intrusion, evade detection, and influence automated decision systems that were never designed to withstand hostile inputs.At DEFCON 33, Ravi presented research on using LSTM-based machine-learning models to detect malicious activity on vehicle CAN networks—demonstrating how AI can serve as an intelligent defensive layer inside cars. In a separate DEFCON session, he revealed novel eSIM profile exploitation techniques that enable stealthy location tracking through weaknesses in the Android ecosystem and carrier provisioning flows.At HITB 2024, Ravi showcased a critical browser-level exploitation path within vehicle infotainment systems that could be leveraged to pivot across internal vehicle networks and disrupt airbag ECU functionality—highlighting the real-world danger of poorly isolated automotive software stacks.Earlier in his career, Ravi created AutoHackOS, a lightweight and widely adopted operating system built specifically for automotive penetration testing. The platform helped standardize tooling for researchers and OEM security teams, accelerating vulnerability discovery across telematics and embedded vehicle components.Ravi is also a core member of the DEFCON Telecom Village and has delivered technical talks at DEFCON, Black Hat, HITB, Nullcon, HITCON, and multiple Bsides conferences. His research consistently explores how emerging technologies—especially AI and connectivity—reshape the attack surface of modern vehicles and mobile ecosystems.His focus today is simple and urgent: understand how AI can be exploited before attackers do—and ensure intelligent systems do not become intelligent liabilities.

Xiaokun Huang is a security specialist with over six years of hands-on experience in threat detection, security operations, and AI-driven security innovation. He is a member of the Alibaba Cloud Security Team, where he focuses on designing and implementing robust strategies to mitigate emerging cyber threats at scale.Xiaokun is actively exploring the application of artificial intelligence in threat detection and security analysis, with the intention of building brilliant and automated security frameworks. He previously spoke at Black Hat Asia 2020, sharing his research and practical insights with the global security community.Passionate about staying at the forefront of cybersecurity innovation, Xiaokun is committed to advancing modern security defenses and collaborating with professionals dedicated to protecting the digital world.

Hello All.! I am Veerababu, better known as Mr-IoT, and the founder of the iotsrg.org community. My passion lies in transforming IoT security knowledge into open-source resources. Over the years, I have worked on developing ICE-Bite hardware microprobing, an IoT pentesting OS, curated lists, and insightful blogs, all aimed at advancing the field of IoT security since 2017. As a keynote speaker at BSides Dehradun, I have also had the privilege of delivering workshops, training sessions, and villages at events like c0c0n, BSides Bangalore, VulnCon, CracCon, and the Null/OWASP Bangalore communities. I have nurtured and grown the iotsrg.org community across platforms such as Reddit, Telegram, and Discord, creating a vibrant and engaging space for sharing knowledge and fostering innovation in IoT security.

My research interests encompass fundamental and applied research in judgment and decision-making within the context of threat intelligence.

Mirza Asrar Baig is the Founder and Chief Executive Officer of CTM360, and is the visionary behind developing the Digital Risk Protection stack that embodies the concept of the company. His focus remains on building a highly scalable platform with the vision “Build Locally, Scale Globally”, and he believes in empowering the Arab World to be recognized as a leader in technology research and development.Mirza is a Computer Science graduate from King Fahd University of Petroleum and Minerals (KFUPM - Dhahran, Saudi Arabia). His educational background underscores his deep commitment to research and innovation. With over 30+ years of experience serving the Information Technology and Cybersecurity requirements of the GCC Financial Sector and government bodies, he is playing an instrumental role in safeguarding the region's digital landscape.Mirza is actively contributing to the region through speaking engagements and providing invaluable insights into threats specific to GCC organizations. His passion for advancing cybersecurity in today’s digital age has left an indelible mark, reflecting his dedication to enhancing cybersecurity and resilience globally.CTM360’s technology platform is primarily data-driven and is on track to profile all organizations across the world leveraging public domain data. The technology enables aggregate analytics and real-time cybersecurity posture on industries, countries, and regions. Mirza is now on a mission to have his technology recognized as the go-to choice for regulators as well.

YIXILI is a cybersecurity engineer with Alibaba Cloud's threat detection team, primarily focused on AI attack and defense, malicious traffic detection, and honeypot system development.

I am a versatile Application Security Engineer dedicated to enhancing the security posture of both web and mobile applications. My primary focus is on implementing robust security measures through thorough assessments, comprehensive source code reviews, and the integration of security practices within the DevSecOps framework. I specialise in embedding security into Continuous Integration and Continuous Deployment (CI/CD) pipelines through various methods, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Mobile Application Security Testing (MAST). By driving effective threat modelling sessions, I identify and mitigate potential vulnerabilities early in the development lifecycle, ensuring that security is a fundamental component rather than an afterthought.Additionally, I work on building secure-by-default pipelines and guardrails tailored to the unique requirements of each project, fostering a culture of security awareness among development teams. My goal is to empower organisations to deliver secure applications without compromising on agility or performance.

Let's just say that I am a very motivated information security professional with about 15+ years of experience in various IT roles, driven by helping companies to improve their overall information security controls. I am currently ranked within the top 5 of the Bugcrowd platform.. so in other words I really like to break things.

Khalil is a cybersecurity MSc graduate from Eötvös Loránd University in Budapest and currently works as an offensive security engineer. Khalil is also interested in web application security, where he tries to gain new knowledge by playing CTFs and hunting for vulnerabilities on bug bounty platforms.

Prajwal is a Malware Analyst at Cloudsek, specializing in reverse engineering and threat intelligence. He focuses on uncovering new threats through malware research, with a background in Offensive Security and Windows Internals.

Sankar is a cybersecurity professional with over 10 years of experience spanning telecom, healthcare, product development, and banking industries. His expertise lies in vulnerability assessment, penetration testing, red team operations, and mobile application security for Android and iOS platforms. Currently at Aldar, Sankar leads security assessments across multiple organizational entities, helping strengthen enterprise defenses against evolving threats. He has responsibly disclosed critical vulnerabilities in major platforms including Salesforce (CVE-2023-22042) and Oracle, demonstrating his commitment to improving security across the industry. Beyond his professional role, Sankar actively participates in bug bounty programs and CTF competitions, and engages in Web3 security research through platforms like Immunefi. His current focus on AI-powered security automation and autonomous penetration testing frameworks reflects his dedication to advancing offensive security methodologies. Sankar holds a Postgraduate Diploma in Information Security from CDAC and regularly shares his insights through conference talks and technical presentations, contributing to both regional and global cybersecurity communities.