Find Expert Speakers

Andreas Wiegenstein is engaged in SAP cyber security since 2003. He discovered quite a number of zero-day vulnerabilities in SAP software and supported development of a market leading static code analysis tool for the business programming language ABAP. He has spoken at more than 70 conferences world-wide about SAP security, including Black Hat, DeepSec, Hack In The Box, IT Defense, RSA, SAP TechEd and Troopers (alphabetical order). His current research is focused on SAP malware and supply chain attacks.

Our team at CloudSEK has been revolutionizing threat intelligence by integrating AI-driven automations, significantly enhancing threat feeds and response times. My research has been acknowledged by top intelligence agencies for its impact on stealer malware understanding. We've empowered organizations worldwide through insightful presentations, fortifying their defenses against evolving cyber threats.

Rafael Salema Marques (SWaNk) is an old-school VXer who tends to define himself as a malware enthusiast. He has been coding malware since the early 2000s.His contributions bridge the dark technical underground with rigorous scientific methodology. Over his career, he has published code and research in prestigious hacker e-zines including 29A and Phrack Magazine. Additionally, he already contributed to the LOLBAS project, discovering and documenting novel ways to weaponize native OS executables. Academically, he did his MSc research at the Instituto Tecnológico de Aeronáutica (ITA) focused on employing an artificial immune system approach to detect advanced rootkit activities and covert data exfiltration. Building on this foundation, his PhD research introduced a novel method for detecting highly evasive pivot attacks in complex networks. SWaNk is always available for coffee, beer, and malware projects.

R.D. Tarun (RDT) is a cybersecurity researcher specializing in malware analysis, reverse engineering, and adversary tradecraft. His work focuses on dissecting real-world attack campaigns, with particular emphasis on multi-stage infection chains, fileless execution, and evolving infostealer ecosystems.He conducts in-depth research on active malware campaigns, tracking their progression from commodity tooling to custom-developed payloads. His analysis has uncovered previously undocumented behavior, including custom infostealers, infrastructure patterns, and techniques used to evade modern defenses. His research has been widely circulated within the security community and covered by multiple security news outlets and industry publications.His work combines static and dynamic analysis with memory-level investigation to trace full execution chains from initial access to data exfiltration. He focuses on understanding attacker tradecraft end-to-end and translating offensive techniques into practical detection strategies for SOC and DFIR teams.He actively publishes technical deep-dives on malware, including infostealers, fileless loaders, and multi-stage attack chains, and has presented his research at reputed security community meetups and forums.

Shubham is currently Founder of Triagz platform ( an AI driven endpoint analysis platform). Along with this, he is also lead security developer at Arctic Wolf Networks. Before Arctic wolf, he has worked as Staff security researcher as sentinelone and Security Researcher at Microsoft. In Microsoft, he was committed to secure the windows ecosystem by protecting customers from different vulnerability targeting Windows kernel, specifically that aims toward processors and enclaves. His expertise lies in low level security and internals which includes reverse engineering, exploitation and firmware security. Prior to joining Microsoft, Shubham was Security researcher at Mcafee where he is working in exploit prevention team where he contributed to protect customers from 0days and vulnerabilities in the wild. Beyond his professional engagements, Shubham actively shares his knowledge and insights with the cybersecurity community through his esteemed security blog, nixhacker.com. There, one can find a wealth of content focusing on low-level security and internals. He has previously spoken at conferences like AVAR, Defcon Demolabs, Deepsec etc.