Find Expert Speakers

Cyber Security Engineer with 2 years combined experience in Software Engineering and hands-on experience across cloud security, identity & access management, and security governance. graduated with MSc in Cyber Security from University of Birmingham and B.Eng in Software Engineer from Kuala Lumpur University Science Technology.Kamil has interest in academia and professional topics, Currently working at a fintech environment focused on securing cloud-native workloads (GCP), including privileged access management (PAM) solutioning, IAM controls, and contributing to security policy and risk initiatives. Kamil work closely with platform and product teams to translate security requirements into practical, scalable controls.

- Unveiling Digital identities: Device and Browser fingerprinting have been accepted at Blackhat MEA , Nullcon Goa, Bsides Bloomington, Connecticut, Sydney, Hackred Con 2024, Defcon Delhi 0x07 etc.- Ghost in the Machine: Exploiting Hardware & Network Fingerprints for Tracking Presented at Myhack Malaysia.- Reinventing Access Control: Fingerprinting for Credential Protection Presented at VulnCon 2025 and BSides Mumbai 2025.- Speaker at Defcon Delhi 0x06: Presented my research paper on analyzing the Mirai Botnet and its derivatives.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

I have spoken at multiple international cybersecurity conferences and platforms, addressing both deeply technical audiences and early-career practitioners, with topics spanning AI security, detection engineering, and modern SOC evolution. At NDC Security 2026 Oslo, I shall deliver “Who Gave the Agent Admin Rights?! Securing Cloud & AI Machine Identities”, where I'll examine non-human identities, AI agents, and the emerging risks of autonomous privilege, focusing on governance, detection, and containment strategies in cloud environments. At BSides Pittsburgh and BSides Krakow, as well as at the Silicon Saxony Day (19th edition), I presented “Enhancing Open-Source IDS & SIEM Solutions into AI-Enabled XDR & SOAR Solutions in Cloud Environments”, focusing on extending open-source detection stacks with automation, ML-driven enrichment, and response orchestration to build scalable, analyst-effective security operations. In contrast, my session at BSides Buffalo, “From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out”, was designed for students and early professionals, offering actionable guidance on skill-building, differentiation, and navigating cybersecurity careers. Beyond conferences, I have appeared on the Distilled Security Podcast, where I discussed how deploying specialised, small language models locally can significantly improve efficiency, reduce operational friction, and make AI-assisted security workflows more practical and trustworthy.

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

EXPERTISE:- Experienced Cyber Security with a demonstrated history of working in the several industry. Skilled in Penetration testing, XDR, EDR, DFIR, Threat Hunting, and OSINT.- Advanced Ethical Hacking:Proficient in various hacking methodologies, including but not limited to network penetration testing, (web, API, Infra, mobile) application testing, wireless network exploitation, and social engineering.- Deep Knowledge of Security Frameworks: Expertise in industry- standard security frameworks such as OWASP, NIST, and PTES, with the ability to apply their guidelines effectively

Catalyst 💜 | Architect of Calm in Chaos | Secure-By-Design Advocate | Cloud Security, Responsible AI & Digital Trust | Researcher | Community Builder | #DTalk

Throughout his 25-year career in the IT field, Eric has sought out and held a diverse range of roles. Currently the Chief Identity Architect for Semperis; Eric previously was a member of the Security Research and Product teams. Prior to Semperis, Eric worked as a Security and Identity Architect at Microsoft partners, spent time working at Microsoft as a Sr. Premier Field Engineer, and spent almost 15 years in the public sector, with 10 of them as a technical manager.Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. His security research has also been recognized by Microsoft, most notably for his findings he dubbed “UnOAuthorized”. Eric is a strong proponent of knowledge sharing and spends a good deal of time sharing his insights and expertise at conferences as well as through blogging. Eric further supports the professional security and identity community as an IDPro member, working as part of the IDPro Body of Knowledge committee.

Jason Phang is a Principal Cybersecurity Analyst with extensive experience in threat hunting, incident response, and detection engineering. Before his current role, he served as CSIRT Lead at MoneyLion, leading incident response operations and cyber defense initiatives. He was previously a Threat Hunter at WithSecure, where he successfully uncovered and analyzed macOS malware families including AMOS, Frigid, and Cuckoo, and developed detection rules to protect enterprise customers. Earlier in his career, he worked as a SOC Analyst at Experian and Maybank, building a strong foundation in security operations and threat monitoring. His expertise lies in uncovering advanced threats and transforming forensic insights into actionable detections, with a particular focus on macOS malware hunting and defense.

Mr Santarsieri is a founder partner at Vicxer where he utilizes his 16+ years of experience in the security industry, to bring top notch research into the ERP (SAP / Oracle) world.He is engaged in a daily effort to identify, analyze, exploit and mitigate vulnerabilities affecting ERP systems and business-critical applications, helping Vicxer's customers (Global Fortune-500 companies and defense contractors) to stay one step ahead of cyber-threats.Jordan has also discovered critical vulnerabilities in Oracle, IBM and SAP software, and is a frequent speaker at international security conferences such as Black-Hat, Insomnihack, YSTS, Auscert, Sec-T, Rootcon, NanoSec, Hacker Halted, OWASP US, Infosec in the city, Code Blue and Ekoparty.

BSides BarodaBSides MumbaiMitre APACBluehat IndiaVulnconIdentity Shield Summit Cloud identity summit Germany

Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer with the FLARE team at Google, where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and other security related topics.

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.

Our team at CloudSEK has been revolutionizing threat intelligence by integrating AI-driven automations, significantly enhancing threat feeds and response times. My research has been acknowledged by top intelligence agencies for its impact on stealer malware understanding. We've empowered organizations worldwide through insightful presentations, fortifying their defenses against evolving cyber threats.

Rahul Binjve (c0dist) currently leads the Cyber Threat Intelligence (CTI) Engineering team at Fortinet. With over a decade of experience in aggregating and contextualizing various threats, he's a seasoned threat intelligence practitioner. Rahul has presented and conducted workshops at several international conferences, including Black Hat, Nullcon, PHDays, c0c0n, Seasides, and BSides. He's also contributed to multiple open-source security projects, such as the SHIVA spampot and Detux Linux sandbox. Rahul's passions lie in information security, automation, human behavior, and—of course—breaking things.

I am a cybersecurity professional with 1.5 years of work experience in DFIR and CTI. Recently, I have been researching into macOS threats and forensics since this topic is niche in Malaysia. I've also spent two years in the CTF scene, competing with the M53 and L3ak teams, where I had the opportunity to compete on a global stage and achieve multiple victories in CTF competitions and writeup contests. I now channel that same curiosity and rigor into professional development, pursuing certifications and exploring macOS research, RFID security, and blockchain security.

I am a long-time FSF developer and the current author and developer of many Python bytecode tools and debuggers. This includes a cross-version bytecode disassembler, decompilers, and debuggers for Python.I have been writing open-source software for 3 decades. You may even have some software I wrote on your computer, for example, if you have an open-source media player installed.I have written several debuggers for languages outside of Python, such as ones for Mathematica, bash and GNU Make. Bits of this code can be found in commercial debuggers.I have worked at:IBM Research,NASA (as a government contractor),a university, a large financial firm,a large news organization (Associated Press),a large survey firm, andfar too many start-up companies, mostly in or near New York

Syaiful Andy earned his Bachelor’s degree in Electrical Engineering from Institut Teknologi Bandung (ITB) in 2016. He then pursued a fast-track Master’s program at ITB, specializing in Information Security Engineering and Management, and graduated in 2017.Syaiful has contributed to the cybersecurity field through several scientific publications (papers and journals), with a current total of approximately 290 citations. He is currently working at Telkom Indonesia as a Security Analyst.He holds various professional certifications, including CCNA, CyberOps, DevNet, CCNP Enterprise, CEH, CHFI, CySA+, CISA, CISM, CFR, CSC, CertNexus Authorized Instructor, SAL1, CCOA, CCD, CDSA, and others.In addition to his professional role, Syaiful is actively involved in community and knowledge-sharing initiatives through organizations such as CDEF and ISACA. He also serves as a mentor, trainer, and guest lecturer at several universities, delivering sessions on Data Science and Cybersecurity.

For the world is an exciting place, for creating stuff from nothing is challenging, for hacking everything is the way to live, stay hungry, stay curious, and keep hacking. For the world is an exciting place, for creating stuff from nothing is challenging, for hacking everything is the way to live, stay hungry, stay curious, and keep hacking.

Vinod has spent the past decade working in cybersecurity across financial services, government, and tech sectors. Currently a Staff Security Engineer at PIP Labs, he navigates the intersection of traditional enterprise security and the emerging world of Web3 and blockchain infrastructure.His journey has taken him through companies like Amazon, Zapier, and HackerOne, where he's gained hands-on experience in penetration testing, cloud security architecture, and application security. He works with AWS, GCP, and Azure environments, focusing on threat modeling and secure DevOps practices while approaching security as an enabler rather than a blocker.He shares his experiences and lessons learned through writing on Medium, breaking down complex security topics and exploring practical approaches to building security programs that work in real-world environments. Outside of his day job, he participates in bug bounty programs, mentors aspiring security professionals, and continues researching emerging threats and technologies in both traditional and Web3 security landscapes.

Vitaly Simonovich is a senior security researcher at Cato Networks and a member of Cato CTRL. Currently, Vitaly focuses on researching topics related to LLM security, with a particular emphasis on jailbreaks and prompt injections, as well as conducting vulnerability research across a wide range of technologies. In addition, he is actively involved in threat intelligence, analyzing emerging threats and attack trends to strengthen organizational defenses.Prior to joining Cato in 2023, Vitaly worked at Incapsula and Imperva, where he led teams of security analysts and researchers. With over nine years of experience in cybersecurity, Vitaly specializes in application security, data security, LLM security, vulnerability research, and threat intelligence.An active contributor to the cybersecurity community, Vitaly regularly publishes research blogs, hosts webinars, and presents at conferences. In addition to his professional work, he teaches cybersecurity at local colleges and enjoys solving CTF challenges in his free time to stay sharp and enhance his skills.

I have spoken at DEF CON 30 (mainstage), various BSides (London, New York City, Rome, Prishtina, Dublin), and many other conferences such as HackCon Norway, Wild West Hackin' Fest @ Mile High, Nullcon Goa, Disobey Helsinki, SANS DFIR Summit and MITRE ATT&CK EU Community.You can find some recordings here: https://www.youtube.com/results?search_query=%22Wietze+Beukema%22

Xiaokun Huang is a security specialist with over six years of hands-on experience in threat detection, security operations, and AI-driven security innovation. He is a member of the Alibaba Cloud Security Team, where he focuses on designing and implementing robust strategies to mitigate emerging cyber threats at scale.Xiaokun is actively exploring the application of artificial intelligence in threat detection and security analysis, with the intention of building brilliant and automated security frameworks. He previously spoke at Black Hat Asia 2020, sharing his research and practical insights with the global security community.Passionate about staying at the forefront of cybersecurity innovation, Xiaokun is committed to advancing modern security defenses and collaborating with professionals dedicated to protecting the digital world.

Yuan Yudistira is the Head of Information Security at Siloam Hospitals Group, where he leads enterprise cybersecurity and digital risk strategy across 41 hospitals. He works closely with executive leadership to enable secure digital health transformation, secure cloud adoption, data protection, and operational resilience in large, complex healthcare environments.With over 12 years of experience spanning information security leadership, cloud architecture, and risk governance, Yuan has led initiatives aligned with NIST Cybersecurity Framework and ISO 27001 to strengthen cyber resilience, protect sensitive health data, and support scalable, cloud-first healthcare operations. He is a CISSP and CISM certified professional and a published book author on practical cybersecurity and risk management for organizations.