Find Expert Speakers

Cyber Security Engineer with 2 years combined experience in Software Engineering and hands-on experience across cloud security, identity & access management, and security governance. graduated with MSc in Cyber Security from University of Birmingham and B.Eng in Software Engineer from Kuala Lumpur University Science Technology.Kamil has interest in academia and professional topics, Currently working at a fintech environment focused on securing cloud-native workloads (GCP), including privileged access management (PAM) solutioning, IAM controls, and contributing to security policy and risk initiatives. Kamil work closely with platform and product teams to translate security requirements into practical, scalable controls.

Aditya Shankar is a cybersecurity professional with over 10 years of experience in infrastructure, cloud, and enterprise security. He currently works as a Senior Security Architect & Administrator, focusing on Azure security, infrastructure hardening, threat detection, and security automation across large-scale enterprise environments.His work spans security architecture, log analysis, identity hardening, and defensive engineering, with a growing focus on practical applications of AI in cybersecurity workflows. He actively experiments with AI-assisted reconnaissance, automation pipelines, and modern offensive-security tooling to explore how emerging technologies are reshaping both attack and defense strategies.Aditya holds the CISSP certification along with multiple Microsoft security certifications and is passionate about making complex security concepts practical, accessible, and operationally relevant for the community.

- Unveiling Digital identities: Device and Browser fingerprinting have been accepted at Blackhat MEA , Nullcon Goa, Bsides Bloomington, Connecticut, Sydney, Hackred Con 2024, Defcon Delhi 0x07 etc.- Ghost in the Machine: Exploiting Hardware & Network Fingerprints for Tracking Presented at Myhack Malaysia.- Reinventing Access Control: Fingerprinting for Credential Protection Presented at VulnCon 2025 and BSides Mumbai 2025.- Speaker at Defcon Delhi 0x06: Presented my research paper on analyzing the Mirai Botnet and its derivatives.

Alessandro Pisani is a software and security engineer at Meta, focusing on large-scale infrastructure defense and threat detection systems. With a strong background in software engineering and advanced malware research, he specializes in building resilient systems that bridge deep security telemetry with modern, high-throughput production environments. He holds an M.Sc. in Computer Engineering from Politecnico di Torino.

Offensive Security Lead and globally ranked security researcher with extensive experience in vulnerability research and red teaming. Recognized as Best Bug Hunter at Microsoft MVR (2023–2025) and acknowledged by leading organizations including Apple (2022) and Google (2021). Featured in the Hall of Fame of 300+ Fortune companies for responsible disclosures.Holds multiple industry certifications including CRTP, LPT, CPENT, eWPTXv2, CHFI, and CEH. Discovered and reported 5 CVEs. Active CTF player and public speaker, regularly sharing insights on offensive security, bug bounty methodologies, and advanced attack techniques at international conferences and universities.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

I am a Threat Researcher at SonicWall Capture Labs with over 10 years of hands-on experience in malware analysis and cybersecurity. I specialise in PDF and MS Office malware, with deep expertise in static and dynamic analysis, reverse engineering obfuscated binaries, and tracking adversarial evasion techniques used by threat actors.I started my career at Quick Heal, where I worked on file-infecting viruses, writing detection signatures and repair routines for infected PE files. At Symantec, I was part of the IDS/IPS team, focusing on network-level intrusion detection and threat hunting. For the past seven years at SonicWall Capture Labs, I have been researching document-based malware, reverse engineering malicious payloads, and tracking how threat actors evolve their delivery and evasion strategies.I hold an M.Tech. in Computer Science (Security) from BITS Pilani, where my research was focused on machine learning for malware detection.Speaking ExperienceI have delivered internal threat research presentations at SonicWall, sharing findings on emerging PDF malware campaigns and novel evasion techniques with engineering and threat intelligence teamsI have conducted knowledge-sharing sessions on malware analysis methodologies, reverse engineering workflows, and PDF structure analysisI have published five technical threat research reports on the SonicWall Capture Labs blog, communicating complex malware findings to a broad security audience

I have spoken at multiple international cybersecurity conferences and platforms, addressing both deeply technical audiences and early-career practitioners, with topics spanning AI security, detection engineering, and modern SOC evolution. At NDC Security 2026 Oslo, I shall deliver “Who Gave the Agent Admin Rights?! Securing Cloud & AI Machine Identities”, where I'll examine non-human identities, AI agents, and the emerging risks of autonomous privilege, focusing on governance, detection, and containment strategies in cloud environments. At BSides Pittsburgh and BSides Krakow, as well as at the Silicon Saxony Day (19th edition), I presented “Enhancing Open-Source IDS & SIEM Solutions into AI-Enabled XDR & SOAR Solutions in Cloud Environments”, focusing on extending open-source detection stacks with automation, ML-driven enrichment, and response orchestration to build scalable, analyst-effective security operations. In contrast, my session at BSides Buffalo, “From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out”, was designed for students and early professionals, offering actionable guidance on skill-building, differentiation, and navigating cybersecurity careers. Beyond conferences, I have appeared on the Distilled Security Podcast, where I discussed how deploying specialised, small language models locally can significantly improve efficiency, reduce operational friction, and make AI-assisted security workflows more practical and trustworthy.

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

EXPERTISE:- Experienced Cyber Security with a demonstrated history of working in the several industry. Skilled in Penetration testing, XDR, EDR, DFIR, Threat Hunting, and OSINT.- Advanced Ethical Hacking:Proficient in various hacking methodologies, including but not limited to network penetration testing, (web, API, Infra, mobile) application testing, wireless network exploitation, and social engineering.- Deep Knowledge of Security Frameworks: Expertise in industry- standard security frameworks such as OWASP, NIST, and PTES, with the ability to apply their guidelines effectively

Catalyst 💜 | Architect of Calm in Chaos | Secure-By-Design Advocate | Cloud Security, Responsible AI & Digital Trust | Researcher | Community Builder | #DTalk

Throughout his 25-year career in the IT field, Eric has sought out and held a diverse range of roles. Currently the Chief Identity Architect for Semperis; Eric previously was a member of the Security Research and Product teams. Prior to Semperis, Eric worked as a Security and Identity Architect at Microsoft partners, spent time working at Microsoft as a Sr. Premier Field Engineer, and spent almost 15 years in the public sector, with 10 of them as a technical manager.Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. His security research has also been recognized by Microsoft, most notably for his findings he dubbed “UnOAuthorized”. Eric is a strong proponent of knowledge sharing and spends a good deal of time sharing his insights and expertise at conferences as well as through blogging. Eric further supports the professional security and identity community as an IDPro member, working as part of the IDPro Body of Knowledge committee.

Jason Phang is a Principal Cybersecurity Analyst with extensive experience in threat hunting, incident response, and detection engineering. Before his current role, he served as CSIRT Lead at MoneyLion, leading incident response operations and cyber defense initiatives. He was previously a Threat Hunter at WithSecure, where he successfully uncovered and analyzed macOS malware families including AMOS, Frigid, and Cuckoo, and developed detection rules to protect enterprise customers. Earlier in his career, he worked as a SOC Analyst at Experian and Maybank, building a strong foundation in security operations and threat monitoring. His expertise lies in uncovering advanced threats and transforming forensic insights into actionable detections, with a particular focus on macOS malware hunting and defense.

Mr Santarsieri is a founder partner at Vicxer where he utilizes his 16+ years of experience in the security industry, to bring top notch research into the ERP (SAP / Oracle) world.He is engaged in a daily effort to identify, analyze, exploit and mitigate vulnerabilities affecting ERP systems and business-critical applications, helping Vicxer's customers (Global Fortune-500 companies and defense contractors) to stay one step ahead of cyber-threats.Jordan has also discovered critical vulnerabilities in Oracle, IBM and SAP software, and is a frequent speaker at international security conferences such as Black-Hat, Insomnihack, YSTS, Auscert, Sec-T, Rootcon, NanoSec, Hacker Halted, OWASP US, Infosec in the city, Code Blue and Ekoparty.

BSides BarodaBSides MumbaiMitre APACBluehat IndiaVulnconIdentity Shield Summit Cloud identity summit Germany

Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer with the FLARE team at Google, where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and other security related topics.

I do not have formal conference speaking experience yet, but I have led cybersecurity workshops as CyberSec Co-Lead at GDGC-ACE, where I taught students about VAPT, Python, and security concepts. I am comfortable explaining technical topics clearly and look forward to sharing my knowledge with a wider audience.

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.

Partho Alkesh Pandya (known online as Psychomong) is a cybersecurity professional from Patan/Ahmedabad, Gujarat, India. He currently serves as Cyber Security Manager at Decimal Point Analytics in Ahmedabad. He previously worked as a Cyber Security Analyst at Demmisto Technologies.Professional Bio & ExpertisePartho is a recognized ethical hacker, bug bounty hunter, digital forensics expert, and VAPT (Vulnerability Assessment and Penetration Testing) specialist. He holds over 100 certifications, including CEH v13 AI (Certified Ethical Hacker) and ISO 42001 Lead Auditor. He focuses on practical cybersecurity research, threat intelligence, AI-related risks, deepfakes, and digital safety awareness.He is an active public speaker, educator, and content creator. He has:Delivered 130+ workshops and seminars on cyber awareness, ethical hacking, and emerging threats at colleges, universities, conferences (IIT & IIMs)and educational platforms.Trained police personnel on cybersecurity topics.Served as a panelist/expert on news channels (e.g., Nirman News) discussing topics like OpenAI trends, digital vigilance, and business cybersecurity risks.Built a following through his Medium blog (Psychomong), LinkedIn, Instagram (@parthopandya), and YouTube, where he shares practical insights, research, and awareness content. His blogging and speaking journey started after encouragement from mentors to deepen his own expertise by teaching others.Claim to FameBug bounty discoveries: Notably found and reported vulnerabilities (including an XSS flaw) on high-profile sites such as NASA and RBI (Reserve Bank of India), earning recognition in the ethical hacking community.Public educator and speaker: Frequently invited for talks, workshops, and media appearances on real-world cyber threats, making complex topics accessible to students, professionals, and law enforcement.Community contributor: Known for promoting free, practical cybersecurity education and collaborating on learning resources.

Our team at CloudSEK has been revolutionizing threat intelligence by integrating AI-driven automations, significantly enhancing threat feeds and response times. My research has been acknowledged by top intelligence agencies for its impact on stealer malware understanding. We've empowered organizations worldwide through insightful presentations, fortifying their defenses against evolving cyber threats.

Rahul Binjve (c0dist) currently leads the Cyber Threat Intelligence (CTI) Engineering team at Fortinet. With over a decade of experience in aggregating and contextualizing various threats, he's a seasoned threat intelligence practitioner. Rahul has presented and conducted workshops at several international conferences, including Black Hat, Nullcon, PHDays, c0c0n, Seasides, and BSides. He's also contributed to multiple open-source security projects, such as the SHIVA spampot and Detux Linux sandbox. Rahul's passions lie in information security, automation, human behavior, and—of course—breaking things.

I am a cybersecurity professional with 1.5 years of work experience in DFIR and CTI. Recently, I have been researching into macOS threats and forensics since this topic is niche in Malaysia. I've also spent two years in the CTF scene, competing with the M53 and L3ak teams, where I had the opportunity to compete on a global stage and achieve multiple victories in CTF competitions and writeup contests. I now channel that same curiosity and rigor into professional development, pursuing certifications and exploring macOS research, RFID security, and blockchain security.

I am a long-time FSF developer and the current author and developer of many Python bytecode tools and debuggers. This includes a cross-version bytecode disassembler, decompilers, and debuggers for Python.I have been writing open-source software for 3 decades. You may even have some software I wrote on your computer, for example, if you have an open-source media player installed.I have written several debuggers for languages outside of Python, such as ones for Mathematica, bash, and GNU Make. Bits of this code can be found in commercial debuggers.I have worked at:IBM Research,NASA (as a government contractor),a university,a large financial firm,a large news organization (Associated Press),a large survey firm, andfar too many start-up companies, mostly in or near New York

Detection and Response Analyst focused on understanding how real-world attacks actually unfold beyond initial detection.- Experienced across endpoint, network, identity, and cloud investigations - Background in internal SOC and security engineering (IR, monitoring, detections) - Interested in OS behavior, execution flow, and abuse of trusted components - Tend to go beyond alerts, connecting signals and reconstructing attack chains - Outside work: travel, people, cultures, and adrenaline hits.