Find Expert Speakers

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

1. Guest Speaker at BINUS University (Indonesia) | 2024Topic: Cybersecurity Practices & The "Open Possible" SpiritDescription: Delivered a keynote during an overseas technical exchange, sharing insights on Taiwan Mobile's security strategies and fostering transnational internship opportunities.2. Internal Technical Seminar at Taiwan MobileTopic: Case Study: Exploiting Google Web Designer (Zip Slip Vulnerability)Description: A deep-dive presentation analyzing the root cause of a $7,500 Google VRP finding. Covered the discovery process, exploitation of the path traversal defect, and the final reporting methodology.3. Advanced Security Training Series (Internal)Topic: Offensive Security & Reverse EngineeringDescription: Conducted multiple technical sessions for internal engineering teams. Topics included:DLL Hijacking & Patch Diffing: Analyzing attack vectors in Windows environments.Reverse Engineering: Practical training using IDA Pro and Linux CTF challenges.Web Exploitation: Methodologies for identifying XSS and SQL Injection vulnerabilities

Talks within my organisationTech Talks: I have delivered over 10 internal technical presentations tailored to a wide range of audiences across multiple product development disciplines within my organisation(netskope).Hybrid Engagement: These sessions were conducted through both face-to-face and online formats, allowing me to interact with a significant number of colleagues and refine my ability to communicate complex technical topics to diverse teams.Knowledge Transfer: Beyond formal talks, I have led dedicated mentoring sessions and deep-dive technical walkthroughs to help ramp up team members on specialized security research.External Industry RecognitionBlackHat Europe (Arsenal): I was selected to present my research and open-source tool, IOCTL Hammer, at BlackHat Europe.Expert Engagement: This experience involved presenting to an international audience of cybersecurity experts, where I successfully managed high-traffic live interactions at the Arsenal booth.Communication Mastery: Preparing for and executing this talk helped me hone my skills in articulating the technical value and novelty of my work to an external, expert-level audience.

Vitaly Simonovich is a senior security researcher at Cato Networks and a member of Cato CTRL. Currently, Vitaly focuses on researching topics related to LLM security, with a particular emphasis on jailbreaks and prompt injections, as well as conducting vulnerability research across a wide range of technologies. In addition, he is actively involved in threat intelligence, analyzing emerging threats and attack trends to strengthen organizational defenses.Prior to joining Cato in 2023, Vitaly worked at Incapsula and Imperva, where he led teams of security analysts and researchers. With over nine years of experience in cybersecurity, Vitaly specializes in application security, data security, LLM security, vulnerability research, and threat intelligence.An active contributor to the cybersecurity community, Vitaly regularly publishes research blogs, hosts webinars, and presents at conferences. In addition to his professional work, he teaches cybersecurity at local colleges and enjoys solving CTF challenges in his free time to stay sharp and enhance his skills.