Find Expert Speakers

Speaker at Bsides Kochi, BIOS meetup, SlashN and various other conferences.

Abhijeet is a security researcher specializing in adversary simulations that mimic advanced threat actors, by crafting multi stage attack chains, from initial foothold to stealthy persistence and data exfiltration. With extensive hands-on experience, he has engineered and executed offensive engagements targeting CI/CD pipelines, Kubernetes clusters, Active Directory environments, cloud infrastructures (AWS, Azure, GCP), and *NIX systems. In his spare time he runs a homelab where he recreates adversary TTPs, toys with new tech, and dissects emerging threats. He’s also an avid reader, enthusiastic foodie, and weekend time home chef.

Alon Friedman is a Principal Security Architect at Microsoft 365 Defender, with extensive experience in application security and penetration testing. He focuses on defining application security standards and researching threat landscapes. His background includes leading secure software development at Salesforce and managing application vulnerabilities at PayPal. Alon is a recognized researcher, credited with CVE-2014-4246 and the creation of the SCIP OWASP ZAP extension

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

Passionate about ensuring the reliability and performance of networking solutions, I specialize in protocol qualification, test automation, and validation for cutting-edge telecommunications and networking technologies. With a strong foundation in networking protocols, software testing, and automation frameworks, I thrive on optimizing test processes and driving continuous improvements in network quality.At Nokia, I focus on verifying and qualifying networking protocols to meet the highest industry standards, leveraging automation to enhance efficiency, accuracy, and scalability in testing. My expertise spans across routing, switching, network security, and cloud-native networking solutions, ensuring seamless integration and deployment.Key strengths:✔ Protocol Qualification & Network Testing – Expertise in evaluating routing and switching protocols, ensuring interoperability and compliance.✔ Test Automation & Scripting – Proficient in developing test suites that streamline validation processes.✔ Troubleshooting & Performance Analysis – Skilled in debugging complex network issues and optimizing system performance.✔ Collaboration & Innovation – Work closely with cross-functional teams to enhance test strategies and improve product quality.Always eager to explore emerging technologies, improve testing methodologies, and contribute to the evolution of next-generation networking solutions. Let’s connect and discuss innovations in networking and test automation!

I’m a results-driven Principal SecOps Engineer with over 15 years of proven expertise spanning across multiple organisations in various service sectors in architecting and delivering world-class security programs for global software organizations. I’ve spearheaded transformational automation initiatives, reducing report-generation times by over 95% and built unified multi-cloud compliance frameworks that consistently pass rigorous audits and compliances. I've created AI-powered attack surface platform earned international hackathon recognition, and I’ve presented SecOps deep dives at VULNCON, top engineering colleges, and industry forums.As Cloud Security Lead and Principal Engineer at Perforce, I’ve led high-impact teams to operationalize continuous monitoring, vulnerability management, and incident response at scale.A CISSP-certified mentor and community advocate, I actively contribute to open-source security projects and share expertise through workshops, and local meetups empowering the next generation of security professionals.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

Bikram Sadhukhan is a cybersecurity enthusiast and final-year M.Tech student at NFSU, specializing in DevSecOps, VAPT, and digital forensics. He has hands-on experience as a Security QA Engineer and Security Analyst, building secure systems and automating workflows. A multiple hackathon winner, he develops innovative solutions in blockchain, AI, and post-quantum cryptography. Bikram actively contributes to research, security awareness, and real-world cybersecurity implementations.

Drijesh Patel is an Engineering Manager and AI security practitioner with extensive experience building and securing large-scale cloud and AI-driven systems. His work sits at the intersection of Generative AI, cybersecurity, and modern software engineering, where he focuses on identifying and mitigating real-world risks introduced by LLMs, AI agents, and automated development workflows.Over the years, he has led engineering teams delivering high-impact platforms across enterprise environments, with a strong emphasis on secure architecture, DevSecOps, and AI adoption. His recent work explores adversarial techniques against LLM-powered applications, including prompt injection, data exfiltration, and supply chain risks in AI-assisted development.Drijesh is also an active speaker and community leader, regularly conducting workshops and talks for developers and security professionals on AI, secure system design, and emerging threat landscapes. He has been recognized by Google Developer Communities for his contributions and continues to drive conversations around building secure, human-centric AI systems.

I spoke at about a dozen conferences so far, mostly always about Software Supply Chain Security / Application Security. I am a regular guest on several podcasts on the same topic as well. I spoke in front of small (a few dozen) and large audiences (several hundreds) both locally and internationally (North America and Western Europe). I spoke at BlackHat SecTor, OWASP Global AppSec, NorthSec, Linux Foundation's OpenSSF event, Munich Cyber TTP, etc.

IdentityShield Summit 2026 (Pune): Co-presented "The Automata Architect: Scaling Bug Bounty Success to Enterprise Level Security."

Haakon is currently a security consultant working for Binary Security in Oslo, focusing mostly on WebApps and backend security. He has a strong background in Cybersecurity, with expertise in analyzing and securing applications and operating systems. His experience includes working at the Norwegian National Defense Research Establishment (FFI), where he conducted in-depth security assessments. Additionally, his background as a mathematician has equipped him with the skills to analyze and understand complex systems effectively.

I am a security-focused systems and cloud engineer with hands-on experience across infrastructure monitoring, security operations, DevSecOps automation, cloud security, and offensive security testing.I began my career in 24×7 infrastructure and application monitoring, ensuring high availability and reliability using tools like Zabbix and Grafana, where I handled alert triage, incident escalation, operational dashboards, and root cause analysis. This foundation gave me strong operational discipline, SLA awareness, and real-world incident handling experience.Currently, I work as an Associate System Administrator with a strong security engineering focus, where I operate at the intersection of SecOps, DevSecOps, and cloud security. My work includes web and API penetration testing, identifying authentication, authorization, business logic, and access control vulnerabilities through manual testing using Burp Suite, Postman, and cURL, supported by source code review aligned with OWASP Top 10.I actively implement shift-left security by integrating SAST, SCA, container, and Kubernetes security controls into CI/CD pipelines, using tools such as SonarQube, OWASP Dependency Checkmarx, Kubebench, Trivy, and Kubescape, ensuring vulnerabilities are detected early and remediated before reaching production.On the cloud security side, I secure and monitor Microsoft Azure environments, focusing on identity security, network hardening, storage security, WAF tuning, and Kubernetes (AKS) security. My responsibilities include Azure Entra ID Conditional Access and MFA enforcement, Key Vault access reviews, NSG and firewall baseline analysis, Azure Front Door WAF tuning, TLS enforcement, logging coverage improvement, and Defender for Containers runtime monitoring.I also support Kubernetes security and operations, reviewing cluster configurations, pod security contexts, container images, and runtime logs across both AKS and on-prem Kubernetes environments, ensuring secure configurations, version compliance, and visibility for incident investigation.My work aligns closely with NIST SP 800-53 Rev.5 controls and Zero Trust principles, focusing on least privilege, continuous verification, and secure-by-design cloud architectures.I am particularly interested in roles that involve SecOps, DevSecOps, Cloud Security Engineering, and Blue Team security, where I can combine offensive security thinking, automation, and defensive monitoring to reduce real-world risk and strengthen security posture.Speaker at InfraSec Village, Cybersurksha & Gujarat University. 4X Acknowledged by Apple - 2025Acknowledged by Apple - 2026Acknowledged by Redbull, Microsoft, Tesla, Substack, etc.

Frequent speaker on secure software development, AI security, and innovative security practices at leading industry conferences, demonstrating thought leadership and innovation aligned with industry-leading organizations. Below are some of the recent topics I have shared:• “The Code You Didn’t Write: Invisible Threats in Modern Software Development”• "Security From the Start - The Financial and Operational Gains of Secure Software Development"• "Navigating the AI Landscape - Balancing Benefits and Risks of AI for Business Processes"• “Cybersecurity Controls That Fail: Lessons from History”• "Cyber Adversary Modeling - Bridging Gaps in Imperfect Data"

Jyoti Raval serves as Director of Cyber Security Engineering at Baker Hughes, where Jyoti is responsible for ensuring end-to-end product security and actively contributes across multiple phases of the security lifecycle. Jyoti is the author of Phishing Simulation and MPT tools, and has delivered presentations at leading security conferences, including InfosecGirls, Nullcon, DEF CON 27, Black Hat Asia, HITB Singapore, OWASP New Zealand, Shecurity, DEF CON 32, and Black Hat London. Additionally, Jyoti leads the OWASP Pune Chapter.

I'm an engineer from Turkey, who is interested with biotechnology, computer science and digital gaming.So far, I made over 2million$ from bug bounty on multiple platforms like Synack, Bugcrowd and HackerOne combined.

Nitin Sharma | Product Security Lead at Salesforce IndiaNitin is a seasoned security practitioner with deep expertise across Cloud Security, AI/GenAI Security, Kubernetes, Container Security, and DevSecOps. He is passionate about building trust through security research, community engagement, and public speaking. He has authored the book - Securing Docker the Attack Defense ways listed on Amazon that also appeared as one of the Top Docker books.Certifications & CredentialsAWS Certified Security – SpecialtyAWS Solutions ArchitectGCP Professional Cloud ArchitectGCP Cloud Security Engineer ProfessionalGIAC GCSAOxford Executive Leadership Program Alumnus Salesforce AccelerateAlumni

Over 14 years of experience in the security domain, specializing in Penetration Testing, Application Security, Cloud Security, Architecture and Forensics Investigation.Leading an Offensive Security (OffSec) and Security Architecture team with a passion for Red Teaming and Security Research.Reported multiple vulnerabilities in products and applications, recognized with CVEsHolds prestigious certifications including GIAC Cloud Penetration Tester (GCPN), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Certified Red Team Operator (CRTO), among othersPresented at prominent conferences such as Bsides Budapest, Bsides Milano, Hacktivity, VulnCon 2024, Hacker Halted, CyberSec Asia, Identity Shield, Microsoft BlueHat 2025, PHDays 2025, VulnCon 2025, OWASP AppSec Days 2025, Hacker Halted 2025.

AI Security Architect, and Founder of Novus Aegis AI and ReconPro. He specializes in building autonomous, AI-driven Security Operations (AI SOC) platforms that detect, triage, and respond to cyber threats in real time.With over a decade of hands-on experience in cloud security, DevOps, and cyber defense, Chris has designed and secured enterprise-scale infrastructures by embedding security into CI/CD pipelines and infrastructure-as-code. His expertise includes vulnerability management (SCA, SAST, DAST), red teaming, APT simulation, and SOC automation, aligned with frameworks such as NIST, ISO 27001, and SOC 2.He is the creator of “God’s Eye,” an advanced capability within ReconPro that delivers continuous attack surface visibility, adversary simulation, and intelligence-driven security insights. Through Novus Aegis AI, he is advancing autonomous cyber defense using AI agents that proactively hunt threats, reduce alert fatigue, and compress incident response times from hours to seconds.Chris is passionate about shaping the future of cybersecurity through AI-driven defense, offensive security strategy, and building resilient, self-adapting security ecosystems for enterprises globally.

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.

Pengfei is a Solution Architect at Picus Security, where he advise enterprise security teams in implementing automated adversary simulation operations and framework.Previously, he worked as a Cybersecurity Engineer in GovTech's GCSOC team, where he led the implementation of continuous purple teaming across the Whole-of-Government. Before this role, he served on GovTech's red team, mainly dabbling in VAPT and Adversary Simulation.Pengfei is certified with OSCP, eMAPT, Crest CRT, CCSK V4, etc. He has conducted research on emerging cybersecurity technologies and presented his findings at renowned conferences like Black Hat USA & Asia, DEFCON, SINCON, ROOTCON, etc.

Pramod Rana is author of below open source projects:Omniscient - LetsMapYourNetwork: a graph-based asset management framework CICDGuard - Orchestrating visibility and security of CICD ecosystem vPrioritizer - Art of Risk Prioritization: a risk prioritization frameworkHe has presented at BlackHat, defcon, nullcon, OWASPGlobalAppSec, HITB, CyberConAus, rootcon, AppSecNZ, HackMiami, HackInParis, CodeBlue and Insomnihack before. He is OWASP Pune chapter lead.He is leading the application security function in Netskope with primary focus on integrating security controls in the development process and providing security-testing-as-a-service to engineering teams.

Organizer & Speaker at DevFest 2025 (Trivandrum)Hands-on Kubernetes Workshop at GDG Cloud Community Days TrivandrumSpeaker at GDG Cloud Kochi launch event on 11 May 2022JPC recommendation on data protection: Impact on Startups conducted by the Centre for the Digital Future (CDF) on 6 January 2022Keynote address at Hac'KP Summit & Awards 2021 on 4th Sep 2021Startup Stories - #36 Beagle Security interviewData Privacy & Security for Business Analysts on 12 Dec 2020Hands-On Threat Hunting Workshop at OWASP Seasides, International Centre Goa on 3,4,5 March 2020CYINNOV8 - One Day Conference on “INNOVATIONS IN CYBERSPACE” at DR D S KOTHARI AUDITORIUM, DRDO Bhawan, New Delhi on 29 October 2018Security in Web Applications at Cyber Park KozhikodeMalware Analysis Basics for CyberDome volunteers at CyberDome TrivandrumKerala Police CyberDome Python Workshop at CyberDomeOWASP Kerala Student Outreach Program at KeralaWorkshop on Python Programming for College Faculties of KTU at Mar Baselios College of Engneering, Kollom on 24th & 25th July 2015Node JS Security (Coffee@DBG) at DBG Trivandrum on 03 Dec 2014Secure Deployment at DBG Trivandrum, Dec 2013Introduction to Jenkins at DBG Trivandrum on 04 Nov 2013Version Control with Git (Coffee@DBG) at DBG Trivandrum on 02 Oct 2013Code quality tools for PHP developers (Coffee@DBG ) at DBG Trivandrum on 05 Sep 2013

Sankar is a cybersecurity professional with over 10 years of experience spanning telecom, healthcare, product development, and banking industries. His expertise lies in vulnerability assessment, penetration testing, red team operations, and mobile application security for Android and iOS platforms. Currently at Aldar, Sankar leads security assessments across multiple organizational entities, helping strengthen enterprise defenses against evolving threats. He has responsibly disclosed critical vulnerabilities in major platforms including Salesforce (CVE-2023-22042) and Oracle, demonstrating his commitment to improving security across the industry. Beyond his professional role, Sankar actively participates in bug bounty programs and CTF competitions, and engages in Web3 security research through platforms like Immunefi. His current focus on AI-powered security automation and autonomous penetration testing frameworks reflects his dedication to advancing offensive security methodologies. Sankar holds a Postgraduate Diploma in Information Security from CDAC and regularly shares his insights through conference talks and technical presentations, contributing to both regional and global cybersecurity communities.