Find Expert Speakers

Speaker at Bsides Kochi, BIOS meetup, SlashN and various other conferences.

Abhijeet is a security researcher specializing in adversary simulations that mimic advanced threat actors, by crafting multi stage attack chains, from initial foothold to stealthy persistence and data exfiltration. With extensive hands-on experience, he has engineered and executed offensive engagements targeting CI/CD pipelines, Kubernetes clusters, Active Directory environments, cloud infrastructures (AWS, Azure, GCP), and *NIX systems. In his spare time he runs a homelab where he recreates adversary TTPs, toys with new tech, and dissects emerging threats. He’s also an avid reader, enthusiastic foodie, and weekend time home chef.

Abhisek R is a Security Consultant at NetSPI, where he specializes in internal network penetration testing, with a strong focus on Active Directory security assessments. He has also worked on penetration tests across web applications, APIs, mobile platforms, and enterprise environments in previous organizations.He has reported security vulnerabilities to organizations such as Google, Zoho, and Brave, and has contributed to publicly disclosed vulnerabilities, including CVE-2023-21035. His experience spans vulnerability assessments, penetration testing, and security research across a wide range of modern attack surfaces.Abhisek is also the host of “The Abhisek Cast,” a cybersecurity podcast that explores lesser-known and under-discussed areas of the security ecosystem, featuring CEOs, CISOs, and security researchers from across the industry. He actively contributes to the security community through research, knowledge sharing, and technical discussions aimed at making complex security topics more accessible.

Aditya Shankar is a cybersecurity professional with over 10 years of experience in infrastructure, cloud, and enterprise security. He currently works as a Senior Security Architect & Administrator, focusing on Azure security, infrastructure hardening, threat detection, and security automation across large-scale enterprise environments.His work spans security architecture, log analysis, identity hardening, and defensive engineering, with a growing focus on practical applications of AI in cybersecurity workflows. He actively experiments with AI-assisted reconnaissance, automation pipelines, and modern offensive-security tooling to explore how emerging technologies are reshaping both attack and defense strategies.Aditya holds the CISSP certification along with multiple Microsoft security certifications and is passionate about making complex security concepts practical, accessible, and operationally relevant for the community.

Hi, My name is Aftab Sama! 👋I'm a cybersecurity researcher. I graduated from Rashtriya Raksha University with a degree in Computer Science and Engineering with specialization in Cyber Security. My interest in Capture the Flag (CTF) competitions helped me secure my first internship at KPMG India, as I was among the top performers in a national CTF competition organized by the KPMG Cyber Security Team. I secured an on-campus internship at Quick Heal, where I had the opportunity to shadow various malware cases and learn about the investigation process. I validated Indicators of Compromise (IoC) for physical samples from CertIN and OTX, and I utilized my Python skills to automate some daily tasks. I also ranked among the top 100 in TCS HackQuest Season 7 Capture the Flag (CTF) competition, which led to an employment opportunity with TCS, where I am currently working as Penetration Tester.My passion for offensive security and penetration testing led me to obtain certifications such as CAPenX, BSCP, CNPen, CAPen, and CEH Practical, among others. I plan to enroll in further offensive security courses in the future.In my free time, I actively participate on HackTheBox and CTFTime and have taken part in several prestigious CTF competitions, winning multiple prizes. Besides my interest in security, I enjoy reading about stoicism and philosophy.You can read my blogs and writeups at https://aftabsama.com.

Alon Friedman is a Principal Security Architect at Microsoft 365 Defender, with extensive experience in application security and penetration testing. He focuses on defining application security standards and researching threat landscapes. His background includes leading secure software development at Salesforce and managing application vulnerabilities at PayPal. Alon is a recognized researcher, credited with CVE-2014-4246 and the creation of the SCIP OWASP ZAP extension

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

Over the years, I’ve had the opportunity to speak at cybersecurity conferences, technology summits, university campuses, and industry communities where I focus on making security practical, relatable, and engaging through real-world stories, demonstrations, and attacker-driven thinking.I’ve delivered talks at events including ATAGTR 2024, ATAGTR 2025, AITestFest 2025, AITestFest 2026, Identity Shield, SAP Security Expert Summit, TechX, along with guest sessions and cybersecurity awareness talks across multiple university campuses.My sessions typically revolve around AI-driven threats, OSINT, phishing, social engineering, dark web exposure, privacy, cyber risk, and the growing intersection between offensive security and governance. I enjoy blending live demonstrations, attacker psychology, and practical security lessons to help audiences understand not just how attacks happen — but why organisations continue to underestimate them.Beyond conferences, I actively mentor aspiring professionals, contribute to security awareness initiatives, and enjoy simplifying complex security concepts for both technical and non-technical audiences.

I’m a results-driven Principal SecOps Engineer with over 15 years of proven expertise spanning across multiple organisations in various service sectors in architecting and delivering world-class security programs for global software organizations. I’ve spearheaded transformational automation initiatives, reducing report-generation times by over 95% and built unified multi-cloud compliance frameworks that consistently pass rigorous audits and compliances. I've created AI-powered attack surface platform earned international hackathon recognition, and I’ve presented SecOps deep dives at VULNCON, top engineering colleges, and industry forums.As Cloud Security Lead and Principal Engineer at Perforce, I’ve led high-impact teams to operationalize continuous monitoring, vulnerability management, and incident response at scale.A CISSP-certified mentor and community advocate, I actively contribute to open-source security projects and share expertise through workshops, and local meetups empowering the next generation of security professionals.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 150+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

I'm an active member and contributor at various security and developer communities including null open security community and FOSS United.I delivered talks/training at various conferences such as HITB, Sincon, Nullcon, c0c0n, Defcon: Recon Village, various Bsides, Bugcrowd LevelUp, PyCon India etc.References to my talks/trainings:https://www.disruptivelabs.in/talks/https://speakerdeck.com/0xbharathhttps://www.disruptivelabs.in/trainings/

Bhaumik Shah is a cybersecurity leader and founder of Securify, where he helps organizations secure their cloud, applications, and infrastructure through penetration testing, red team operations, and compliance programs like SOC 2 and ISO 27001. With over a decade of experience uncovering vulnerabilities in complex environments — from AWS misconfigurations to API flaws — he has worked with startups, enterprises, and government agencies to strengthen their security posture. Bhaumik is passionate about sharing real-world lessons from the field, mentoring the next generation of security professionals, and occasionally sneaking in a pop-culture reference or two to make security just a little more fun.

I have spoken at multiple international cybersecurity conferences and platforms, addressing both deeply technical audiences and early-career practitioners, with topics spanning AI security, detection engineering, and modern SOC evolution. At NDC Security 2026 Oslo, I shall deliver “Who Gave the Agent Admin Rights?! Securing Cloud & AI Machine Identities”, where I'll examine non-human identities, AI agents, and the emerging risks of autonomous privilege, focusing on governance, detection, and containment strategies in cloud environments. At BSides Pittsburgh and BSides Krakow, as well as at the Silicon Saxony Day (19th edition), I presented “Enhancing Open-Source IDS & SIEM Solutions into AI-Enabled XDR & SOAR Solutions in Cloud Environments”, focusing on extending open-source detection stacks with automation, ML-driven enrichment, and response orchestration to build scalable, analyst-effective security operations. In contrast, my session at BSides Buffalo, “From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out”, was designed for students and early professionals, offering actionable guidance on skill-building, differentiation, and navigating cybersecurity careers. Beyond conferences, I have appeared on the Distilled Security Podcast, where I discussed how deploying specialised, small language models locally can significantly improve efficiency, reduce operational friction, and make AI-assisted security workflows more practical and trustworthy.

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

Security Engineer with 5 years of experience, currently working as a Senior Security Engineer at ShareChat.Previously worked with Flipkart as a Security Engineer and bug bounty hunter. Experienced across multiple domains including cloud security, WAF, application security, network and infrastructure security, as well as mobile security testing.

EXPERTISE:- Experienced Cyber Security with a demonstrated history of working in the several industry. Skilled in Penetration testing, XDR, EDR, DFIR, Threat Hunting, and OSINT.- Advanced Ethical Hacking:Proficient in various hacking methodologies, including but not limited to network penetration testing, (web, API, Infra, mobile) application testing, wireless network exploitation, and social engineering.- Deep Knowledge of Security Frameworks: Expertise in industry- standard security frameworks such as OWASP, NIST, and PTES, with the ability to apply their guidelines effectively

Devang Solanki is a Security Researcher at RedHunt Labs and an offensive security engineer focused on cloud security, attack surface management, and large-scale security automation. His work centers around identifying real-world attack paths across modern cloud environments, with a particular emphasis on exposed assets and internet-scale vulnerability discovery.He is the creator of IAMX, a multi-cloud IAM permission enumeration framework designed to uncover effective permissions across AWS, GCP, and Azure through large-scale API testing. Devang has also built several open-source security tools focused on Docker security, Firebase misconfigurations, cloud exposure monitoring, and SSRF detection.His research and tooling have been presented at major security conferences, including Black Hat USA 2025, Black Hat Asia 2025, Black Hat Europe 2024, and Black Hat MEA 2024. He has also responsibly disclosed vulnerabilities to organizations including Salesforce, Cisco, Electronic Arts, and Disney.Devang actively contributes to the offensive security and bug bounty community through open-source tooling, cloud security research, and practical automation designed to help security teams better understand their real-world exposure.

Catalyst 💜 | Architect of Calm in Chaos | Secure-By-Design Advocate | Cloud Security, Responsible AI & Digital Trust | Researcher | Community Builder | #DTalk

Drijesh Patel is an Engineering Manager and AI security practitioner with extensive experience building and securing large-scale cloud and AI-driven systems. His work sits at the intersection of Generative AI, cybersecurity, and modern software engineering, where he focuses on identifying and mitigating real-world risks introduced by LLMs, AI agents, and automated development workflows.Over the years, he has led engineering teams delivering high-impact platforms across enterprise environments, with a strong emphasis on secure architecture, DevSecOps, and AI adoption. His recent work explores adversarial techniques against LLM-powered applications, including prompt injection, data exfiltration, and supply chain risks in AI-assisted development.Drijesh is also an active speaker and community leader, regularly conducting workshops and talks for developers and security professionals on AI, secure system design, and emerging threat landscapes. He has been recognized by Google Developer Communities for his contributions and continues to drive conversations around building secure, human-centric AI systems.

Throughout his 25-year career in the IT field, Eric has sought out and held a diverse range of roles. Currently the Chief Identity Architect for Semperis; Eric previously was a member of the Security Research and Product teams. Prior to Semperis, Eric worked as a Security and Identity Architect at Microsoft partners, spent time working at Microsoft as a Sr. Premier Field Engineer, and spent almost 15 years in the public sector, with 10 of them as a technical manager.Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. His security research has also been recognized by Microsoft, most notably for his findings he dubbed “UnOAuthorized”. Eric is a strong proponent of knowledge sharing and spends a good deal of time sharing his insights and expertise at conferences as well as through blogging. Eric further supports the professional security and identity community as an IDPro member, working as part of the IDPro Body of Knowledge committee.

I’ve been working as Head of Identity Threat Labs and Global Product Advocate at Segura®, Red Team Village Director, Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM), AWS Community Builder, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA - Middle-East - and others. I’ve served as University Professor in Master Degree - Portugal and Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).

I spoke at about a dozen conferences so far, mostly always about Software Supply Chain Security / Application Security. I am a regular guest on several podcasts on the same topic as well. I spoke in front of small (a few dozen) and large audiences (several hundreds) both locally and internationally (North America and Western Europe). I spoke at BlackHat SecTor, OWASP Global AppSec, NorthSec, Linux Foundation's OpenSSF event, Munich Cyber TTP, etc.

Haakon is currently a security consultant working for Binary Security in Oslo, focusing mostly on WebApps and backend security. He has a strong background in Cybersecurity, with expertise in analyzing and securing applications and operating systems. His experience includes working at the Norwegian National Defense Research Establishment (FFI), where he conducted in-depth security assessments. Additionally, his background as a mathematician has equipped him with the skills to analyze and understand complex systems effectively.