Find Expert Speakers

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

I have spoken at multiple international cybersecurity conferences and platforms, addressing both deeply technical audiences and early-career practitioners, with topics spanning AI security, detection engineering, and modern SOC evolution. At NDC Security 2026 Oslo, I shall deliver “Who Gave the Agent Admin Rights?! Securing Cloud & AI Machine Identities”, where I'll examine non-human identities, AI agents, and the emerging risks of autonomous privilege, focusing on governance, detection, and containment strategies in cloud environments. At BSides Pittsburgh and BSides Krakow, as well as at the Silicon Saxony Day (19th edition), I presented “Enhancing Open-Source IDS & SIEM Solutions into AI-Enabled XDR & SOAR Solutions in Cloud Environments”, focusing on extending open-source detection stacks with automation, ML-driven enrichment, and response orchestration to build scalable, analyst-effective security operations. In contrast, my session at BSides Buffalo, “From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out”, was designed for students and early professionals, offering actionable guidance on skill-building, differentiation, and navigating cybersecurity careers. Beyond conferences, I have appeared on the Distilled Security Podcast, where I discussed how deploying specialised, small language models locally can significantly improve efficiency, reduce operational friction, and make AI-assisted security workflows more practical and trustworthy.

I spoke at about a dozen conferences so far, mostly always about Software Supply Chain Security / Application Security. I am a regular guest on several podcasts on the same topic as well. I spoke in front of small (a few dozen) and large audiences (several hundreds) both locally and internationally (North America and Western Europe). I spoke at BlackHat SecTor, OWASP Global AppSec, NorthSec, Linux Foundation's OpenSSF event, Munich Cyber TTP, etc.

I am a versatile Application Security Engineer dedicated to enhancing the security posture of both web and mobile applications. My primary focus is on implementing robust security measures through thorough assessments, comprehensive source code reviews, and the integration of security practices within the DevSecOps framework. I specialise in embedding security into Continuous Integration and Continuous Deployment (CI/CD) pipelines through various methods, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Mobile Application Security Testing (MAST). By driving effective threat modelling sessions, I identify and mitigate potential vulnerabilities early in the development lifecycle, ensuring that security is a fundamental component rather than an afterthought.Additionally, I work on building secure-by-default pipelines and guardrails tailored to the unique requirements of each project, fostering a culture of security awareness among development teams. My goal is to empower organisations to deliver secure applications without compromising on agility or performance.

Jyoti Raval serves as Director of Cyber Security Engineering at Baker Hughes, where Jyoti is responsible for ensuring end-to-end product security and actively contributes across multiple phases of the security lifecycle. Jyoti is the author of Phishing Simulation and MPT tools, and has delivered presentations at leading security conferences, including InfosecGirls, Nullcon, DEF CON 27, Black Hat Asia, HITB Singapore, OWASP New Zealand, Shecurity, DEF CON 32, and Black Hat London. Additionally, Jyoti leads the OWASP Pune Chapter.

Matthias Luft is a seasoned information security leader. After more than 15 years in security, he is still excited about a broad range of topics (from hypervisors via containers/clouds to security leadership) and has had the privilege to present on them around the globe. Currently he works on container and cloud security engineering. Outside of work, he enjoys the outdoors, martial arts, and spending time with dogs.

My career has taken me through a diverse journey, spanning roles that include full-stack developer, business analyst, IT manager, and now thriving in cybersecurity. Throughout this journey, my deep passion for technology has remained a constant driving force. For me, security resembles solving a 10,000-piece puzzle that's been turned upside down. You understand the end goal, yet you're uncertain about where each piece belongs. Achieving this requires close collaboration with developers, business stakeholders, and others, necessitating me to consistently bridge different disciplines within technology. Whether it's simplifying intricate development concepts for security and business professionals or vice versa, every piece added brings us nearer to the solution. This challenge deeply motivates me. I approach my work with a clear focus on prioritizing people first, followed by refining processes, and then utilizing technology to enhance these efforts. This philosophy ensures that technological changes are seamlessly integrated and readily embraced by our teams and organizations.

Over 14 years of experience in the security domain, specializing in Penetration Testing, Application Security, Cloud Security, Architecture and Forensics Investigation.Leading an Offensive Security (OffSec) team with a passion for Red Teaming and Security Research.Reported multiple vulnerabilities in products and applications, recognized with CVEsHolds prestigious certifications including GIAC Cloud Penetration Tester (GCPN), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Certified Red Team Operator (CRTO), among othersPresented at prominent conferences such as Bsides Budapest, Bsides Milano, Hacktivity, VulnCon 2024, Hacker Halted, CyberSec Asia, Identity Shield, Microsoft BlueHat 2025, PHDays 2025, VulnCon 2025, OWASP AppSec Days 2025, Hacker Halted 2025.

Pramod Rana is author of below open source projects:Omniscient - LetsMapYourNetwork: a graph-based asset management framework CICDGuard - Orchestrating visibility and security of CICD ecosystem vPrioritizer - Art of Risk Prioritization: a risk prioritization frameworkHe has presented at BlackHat, defcon, nullcon, OWASPGlobalAppSec, HITB, CyberConAus, rootcon, AppSecNZ, HackMiami, HackInParis, CodeBlue and Insomnihack before. He is OWASP Pune chapter lead.He is leading the application security function in Netskope with primary focus on integrating security controls in the development process and providing security-testing-as-a-service to engineering teams.

I am a cybersecurity professional with over 10 years of experience across industries like telecom, healthcare, product development, and banking. I graduated with a Postgraduate Diploma in Information Security from CDAC. My expertise includes application and network security assessments, focusing on mobile app security for Android and iOS. I've disclosed critical vulnerabilities in platforms like Salesforce and Oracle, including CVE-2023-22042.

For the world is an exciting place, for creating stuff from nothing is challenging, for hacking everything is the way to live, stay hungry, stay curious, and keep hacking. For the world is an exciting place, for creating stuff from nothing is challenging, for hacking everything is the way to live, stay hungry, stay curious, and keep hacking.

Vinod has spent the past decade working in cybersecurity across financial services, government, and tech sectors. Currently a Staff Security Engineer at PIP Labs, he navigates the intersection of traditional enterprise security and the emerging world of Web3 and blockchain infrastructure.His journey has taken him through companies like Amazon, Zapier, and HackerOne, where he's gained hands-on experience in penetration testing, cloud security architecture, and application security. He works with AWS, GCP, and Azure environments, focusing on threat modeling and secure DevOps practices while approaching security as an enabler rather than a blocker.He shares his experiences and lessons learned through writing on Medium, breaking down complex security topics and exploring practical approaches to building security programs that work in real-world environments. Outside of his day job, he participates in bug bounty programs, mentors aspiring security professionals, and continues researching emerging threats and technologies in both traditional and Web3 security landscapes.

A competent and committed professional currently working as a Cloud-Native Security Consultant on behalf of Control Plane. Fully energetic and ambitious person who has developed a mature and responsible approach to any undertaken task or situation he has been presented with.A competent and committed professional currently working as a Cloud-Native Security Consultant on behalf of Control Plane. Fully energetic and ambitious person who has developed a mature and responsible approach to any undertaken task or situation he has been presented with.