Find Expert Speakers

🎤 Public Speaking & Knowledge Sharing1️⃣ 🇮🇳 Nullcon Goa 2026 — “Why Did the Model Think That? Demystifying the Black Box with Explainable AI (XAI)” 🔗 Link: https://nullcon.net/talk/why-did-the-model-think-that-demystifying-the-black-box-with-explainable-ai-xai/2️⃣ 🇮🇳 OWASP AppSec Days Bangalore 2025 — “Unveiling the Risks of MCP Servers: An In-Depth Exploration” 🔗 Link: https://owaspappsecdaysbangaloreoct.sched.com/event/28Z5G/unveiling-the-risks-of-mcp-servers-an-in-depth-exploration3️⃣ 🇸🇬 OWASP AppSec Days Singapore 2024 — “The Dark Side of AI: Exploring Adversarial Threats” 🔗 Link: https://owaspappsecdayssingapore202.sched.com/event/1ir3T/the-dark-side-of-ai-exploring-adversarial-threats4️⃣ 🇮🇪 Security BSides Dublin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://www.bsidesdub.ie/speakers.php5️⃣ 🇩🇪 Nullcon Berlin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://nullcon.net/berlin-2024/speaker-into-the-abyss-adversarial-tactics-in-ai-security6️⃣ 🇮🇳 Seasides Infosec Conference 2023 — “Primer into SAP Penetration Testing & OWASP SAPKiln” 🔗 Link: https://www.bugbountyvillage.com/speakers7️⃣ 🇮🇳 c0c0n 15th Edition (2022) — “Hyperledger Fabric & Ethereum Apps: Security Deep Dive” 🔗 Link: https://india.c0c0n.org/2022/agenda8️⃣ 🇹🇳 OWASP Tunisia Chapter (2020) — “Blockchain Security” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=fRQrJttI5vI9️⃣ 🇮🇳 OWASP Kerala Chapter (2020) — “Pen Testing Blockchain Solutions (Ethereum Nodes & Smart Contracts)” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=ahZ_V6qdBjQ

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

As an ethical hacker, I equip enterprises with the advice and solutions to improve their digital security posture and their overall business growth. Throughout my career as an ethical hacker I’ve worked across several industries including:💥 Government💥 Advertising💥 Retail💥 Financial Services💥 Blockchain💥 Technology💥 Publishing💥 Non-Profit💥 And more!This has provided me the opportunities to gain a breadth of knowledge on all things security testing.

Instructor-led training and lectures in cybersecurity, bug bounty hunting, and blockchain development through Flowdiary. Regularly deliver technical walkthroughs, live exploitation demos, and vulnerability analysis sessions for learners and developers. Experience presenting complex security concepts clearly to both technical and non-technical audiences.

Topic:CTI: Dark Web Credential Monitoring Is Expensive Regret NotificationWhat processing 500GB of stealer logs daily taught me about threat intelligence. Credential monitoring is sold as early warning but often acts as late-stage notification.They Tested Everything Except What FailedDissecting the Rp 270 billion ($16.8M) Indonesian securities breach. Four firms compromised despite passing security audits.Google Cloud Armor Vulnerability DiscoveryFound a critical WAF bypass in Google Cloud Armor. Google patched it globally.Beyond SAST: Building a Multi-LLM JudgeUsing multiple LLMs as judges to cut through SAST false positives. Context-aware security analysis that actually finds real bugs.Strategic Detection Engineering at ScaleBuilding proactive threat detection for government platforms serving 50M+ users. Detection over reaction.

KaiJern (xwings). Founder of open source reverse engineering project, Qiling Framework (https://qiling.io). His research topic is mainly on developing cutting edge cross platform reverse engineering framework, embedded devices security, blockchain security, and various security topics.He presented his findings in different international security conferences like Blackhat, Defcon, HITB, Codegate, QCon, KCon, Brucon, H2HC, Nullcon, etc. He conducted hardware hacking courses in various conferences around the globe. He is also actively involved in Unicorn Engine (https://unicorn-engine.org), Capstone Engine (https://capstone-engine.org), Keystone Engine (https://keystone-engine.org) and hackersbage.com

Patrick Ventuzelo is a senior security researcher, CEO & founder of Fuzzinglabs. After working for the French Ministry of Defense, he specialized in fuzzing, vulnerability research, and reverse engineering. Over the years, Patrick has created multiple fuzzers, found hundreds of bugs, and published various blog posts/videos/tools on topics like Rust, Go, Blockchain, WebAssembly, and Browser security. Patrick is a regular speaker and trainer at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, RingZer0, PoC, ToorCon, hack.lu, NorthSec, SSTIC, and others.

Pratham Pawar is an IT engineering student at Vasantdada Patil Prathisthan’s College of Engineering and Visual Arts, Mumbai, and a cybersecurity researcher with professional experience in penetration testing and security analysis. His work focuses on applied cryptography, offensive security, secure protocol design, and AI-driven cybersecurity systems. He has authored multiple cybersecurity books, including Hacker’s Handbook: A Beginner’s Guide into Ethical Hacking, Python Pen-testing Unleashed: Techniques for Ethical Hacking with Python, and Secrets Unlocked – Hacking Ciphers with Python.His research contributions have been presented at IEEE and Springer conferences, with published work in cryptography and secure systems engineering. He also holds certifications including Certified Ethical Hacker (CEH) and Microsoft Certified Cybersecurity Analyst, and has worked on projects involving AI-powered penetration testing, post-quantum cryptography, and advanced network security systems.

Rahul is a security researcher with 7+ years in offensive security and red teaming. He specializes in malware development, AV/EDR evasion, and bypassing security controls in heavily defended environments. As a full-time red teamer, he's built tools and developed techniques that work against real-world security stacks.He currently works as Manager of Offensive Security and Threat Assessment with leading financial organizations across the Middle East, collaborating with red, blue, and purple teams to find and fix security gaps in enterprise infrastructure. He's spoken at international conferences including BlackHat, CONFidence, and HAcktivity.His expertise spans enterprise security and cloud infrastructure, with particular focus on identifying and exploiting design flaws in hardened environments.

ISACA Cybersecurity ConferenceDelivered an insightful session on Zero Trust Security, breaking down its practical implementation and its role in modern cyber defense architecture. His talk was well-received by industry professionals and highlighted the evolving nature of perimeter-less security models.CIO News Cybersecurity ForumPresented on the integration of offensive and defensive security practices, emphasizing collaboration over siloed efforts. His impactful delivery earned him an on-the-spot award for excellence in thought leadership and practical insight.Crypto Expo DubaiTook the stage at one of the largest blockchain and cryptocurrency platforms in Dubai, where he delivered a high-impact talk on “Hacking Crypto Wallets”. The session provided deep dives into real-world attack vectors and preventive mechanisms, drawing significant attention from global fintech and blockchain professionals.

I specialise in OffSec and AI Security and professionalise in Red Teaming, AppSec and Cloud. With my core expertise lying in Adversarial testing of modern AI-driven systems and LLMs and MCP servers I have also gotten my hands into much of Vuln research and ASM projects in the banking sector.I currently focus into breaking GenAI, AI and LLM models with deep research into Agentic AI systems exploit development as well for better security assessments. My frameworks are adopted by major MNCs in the Banking/Fintech industry for real world exploit devs across enterprise environments to assess security measures thoroughly. My  particularised intereste lies in bleeding border line emerging attack paths involving AI agents, APIs, cloud platforms, and identity systems to develop misconfigs and logic abuse scenarios in currently established AI practices in orgs.

With over a decade of experience in cybersecurity, I specialize as a Senior Security Researcher in application security, cryptography, and the security of decentralized applications. Throughout my career, I have assisted numerous organizations in enhancing their cybersecurity strategies.As an instructor and speaker, I have delivered security lectures at universities and conferences, sharing my expertise with the academic and professional communities. My current research focuses on formal verification within the cybersecurity field, aiming to advance the reliability and security of systems.

Currently pursuing an M.Sc. in Digital Forensics and Information Security at NFSU, building on a BCA background and a strong interest in cybersecurity, digital forensics, and the role of AI in national security. My academic journey and personal projects have consistently focused on understanding how digital systems function and more importantly, how to secure them. With a foundation in computer applications and practical, problem-solving experience, I’m now exploring deeper domains like threat detection, digital investigations, and intelligence-driven security systems. I’m particularly interested in how AI can be applied to surveillance, decision making, and cyber defense. My goal is to work on projects and research that bridge theoretical knowledge with real-world applications, especially in areas that contribute to critical infrastructure and national security.

Thanh Nguyen (@redragonvn) serves as the Founder of Verichains, leading a world-class security and cryptography research team to deliver cutting-edge solutions for a safer, more secure Web3 ecosystem.Verichains is renowned for its expertise in investigating and mitigating major Web3 hacks, having identified critical flaws within the core of Multi-Party Computation (MPC) and Zero-Knowledge Proofs (ZKP) implementations by major vendors, impacting billions of dollars across the industry.

Bio: Venkata Kiran Vemula Alli is a seasoned Technology Leader & Architect with 18+ years of experience specializing in Generative AI, Cloud solutions, and Enterprise architecture. Currently serving as Principal Engineer – Systems Architecture at Verizon Communications, he leads the driving innovation in Generative AI, with a focus on building enterprise-grade AI Conversational bots and agents using Retrieval-Augmented Generation (RAG), multi-agent systems, and Agentic AI architectures.His work involves leveraging advanced platforms such as Neural Seek, IBM Watson services, and the Google Agentic platform, like VertexAI and discovery engine, enabling the design and deployment of intelligent, domain-specific agents that solve complex business problems. Kiran has a proven track record of architecting scalable, secure solutions across diverse industries, including telecom, retail, finance, and HR. His expertise spans AWS, GCP, and Azure cloud platforms, containerized services with Kubernetes and Docker, and modern development frameworks. He holds a US Patent in Generative AI Innovation and is AWS Certified as both a Cloud Solutions Architect and Cloud Developer.With an MTech in VLSI Design and a BTech in Electrical and Electronics Engineering, Kiran combines deep technical knowledge with strong leadership skills, successfully managing global cross-functional teams and delivering high-impact projects. His experience ranges from building AI-driven chatbots and computer vision solutions to implementing enterprise-scale microservices architectures and DevOps automation.

Vinod has spent the past decade working in cybersecurity across financial services, government, and tech sectors. Currently a Staff Security Engineer at PIP Labs, he navigates the intersection of traditional enterprise security and the emerging world of Web3 and blockchain infrastructure.His journey has taken him through companies like Amazon, Zapier, and HackerOne, where he's gained hands-on experience in penetration testing, cloud security architecture, and application security. He works with AWS, GCP, and Azure environments, focusing on threat modeling and secure DevOps practices while approaching security as an enabler rather than a blocker.He shares his experiences and lessons learned through writing on Medium, breaking down complex security topics and exploring practical approaches to building security programs that work in real-world environments. Outside of his day job, he participates in bug bounty programs, mentors aspiring security professionals, and continues researching emerging threats and technologies in both traditional and Web3 security landscapes.