Find Expert Speakers

Speaker at Bsides Kochi, BIOS meetup, SlashN and various other conferences.

Abhijeet is a security researcher specializing in adversary simulations that mimic advanced threat actors, by crafting multi stage attack chains, from initial foothold to stealthy persistence and data exfiltration. With extensive hands-on experience, he has engineered and executed offensive engagements targeting CI/CD pipelines, Kubernetes clusters, Active Directory environments, cloud infrastructures (AWS, Azure, GCP), and *NIX systems. In his spare time he runs a homelab where he recreates adversary TTPs, toys with new tech, and dissects emerging threats. He’s also an avid reader, enthusiastic foodie, and weekend time home chef.

🎤 Public Speaking & Knowledge Sharing1️⃣ 🇮🇳 Nullcon Goa 2026 — “Why Did the Model Think That? Demystifying the Black Box with Explainable AI (XAI)” 🔗 Link: https://nullcon.net/talk/why-did-the-model-think-that-demystifying-the-black-box-with-explainable-ai-xai/2️⃣ 🇮🇳 OWASP AppSec Days Bangalore 2025 — “Unveiling the Risks of MCP Servers: An In-Depth Exploration” 🔗 Link: https://owaspappsecdaysbangaloreoct.sched.com/event/28Z5G/unveiling-the-risks-of-mcp-servers-an-in-depth-exploration3️⃣ 🇸🇬 OWASP AppSec Days Singapore 2024 — “The Dark Side of AI: Exploring Adversarial Threats” 🔗 Link: https://owaspappsecdayssingapore202.sched.com/event/1ir3T/the-dark-side-of-ai-exploring-adversarial-threats4️⃣ 🇮🇪 Security BSides Dublin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://www.bsidesdub.ie/speakers.php5️⃣ 🇩🇪 Nullcon Berlin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://nullcon.net/berlin-2024/speaker-into-the-abyss-adversarial-tactics-in-ai-security6️⃣ 🇮🇳 Seasides Infosec Conference 2023 — “Primer into SAP Penetration Testing & OWASP SAPKiln” 🔗 Link: https://www.bugbountyvillage.com/speakers7️⃣ 🇮🇳 c0c0n 15th Edition (2022) — “Hyperledger Fabric & Ethereum Apps: Security Deep Dive” 🔗 Link: https://india.c0c0n.org/2022/agenda8️⃣ 🇹🇳 OWASP Tunisia Chapter (2020) — “Blockchain Security” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=fRQrJttI5vI9️⃣ 🇮🇳 OWASP Kerala Chapter (2020) — “Pen Testing Blockchain Solutions (Ethereum Nodes & Smart Contracts)” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=ahZ_V6qdBjQ

Over the years, I’ve had the opportunity to speak at cybersecurity conferences, technology summits, university campuses, and industry communities where I focus on making security practical, relatable, and engaging through real-world stories, demonstrations, and attacker-driven thinking.I’ve delivered talks at events including ATAGTR 2024, ATAGTR 2025, AITestFest 2025, AITestFest 2026, Identity Shield, SAP Security Expert Summit, TechX, along with guest sessions and cybersecurity awareness talks across multiple university campuses.My sessions typically revolve around AI-driven threats, OSINT, phishing, social engineering, dark web exposure, privacy, cyber risk, and the growing intersection between offensive security and governance. I enjoy blending live demonstrations, attacker psychology, and practical security lessons to help audiences understand not just how attacks happen — but why organisations continue to underestimate them.Beyond conferences, I actively mentor aspiring professionals, contribute to security awareness initiatives, and enjoy simplifying complex security concepts for both technical and non-technical audiences.

Passionate about ensuring the reliability and performance of networking solutions, I specialize in protocol qualification, test automation, and validation for cutting-edge telecommunications and networking technologies. With a strong foundation in networking protocols, software testing, and automation frameworks, I thrive on optimizing test processes and driving continuous improvements in network quality.At Nokia, I focus on verifying and qualifying networking protocols to meet the highest industry standards, leveraging automation to enhance efficiency, accuracy, and scalability in testing. My expertise spans across routing, switching, network security, and cloud-native networking solutions, ensuring seamless integration and deployment.Key strengths:✔ Protocol Qualification & Network Testing – Expertise in evaluating routing and switching protocols, ensuring interoperability and compliance.✔ Test Automation & Scripting – Proficient in developing test suites that streamline validation processes.✔ Troubleshooting & Performance Analysis – Skilled in debugging complex network issues and optimizing system performance.✔ Collaboration & Innovation – Work closely with cross-functional teams to enhance test strategies and improve product quality.Always eager to explore emerging technologies, improve testing methodologies, and contribute to the evolution of next-generation networking solutions. Let’s connect and discuss innovations in networking and test automation!

Farhad Sajid Barbhuiya is a passionate security professional with over 5 years of hands-on experience in offensive security, delivering more than 2000 hours of training across educational institutions, corporations, and government organizations. His trainings cover Web & Mobile Application Security, Reverse Engineering, Exploit Development, Code Review, and more, empowering diverse audiences with practical, real-world skills.Currently a Staff Information Security Engineer on the Offensive Security team at Zscaler, Farhad works on offensive security assessments spanning across Mobile Application Security (Android & iOS), Reverse Engineering, Web Application Security, Agentic AI and LLMs and Hardware Security. His work focuses on uncovering vulnerabilities in high-stakes environments, from custom exploit chains to evasion techniques in containerized and cloud systems.A sought-after speaker, Farhad has presented at premier cybersecurity conferences including NullCon Goa (Advanced Web Apps Pentesting training), Bsides Delhi (Reverse Engineering for Exploit Development), Null Delhi (Reverse Engineering for Developers), Bsides Mumbai (DYLD Library Injection on macOS), Defcon Delhi (IoT Village), Bsides Vizag (TACTOU Attacks in AI Agents), and Bsides Mussorie (Magazine Exhaustion on iOS Heap Allocators). His sessions blend deep technical dives with live demos, making complex topics accessible and actionable.Farhad thrives at the intersection of vulnerability research, exploit development, and secure architecture, contributing to the infosec community through research, tools, and knowledge-sharing.

I am a security-focused systems and cloud engineer with hands-on experience across infrastructure monitoring, security operations, DevSecOps automation, cloud security, and offensive security testing.I began my career in 24×7 infrastructure and application monitoring, ensuring high availability and reliability using tools like Zabbix and Grafana, where I handled alert triage, incident escalation, operational dashboards, and root cause analysis. This foundation gave me strong operational discipline, SLA awareness, and real-world incident handling experience.Currently, I work as an Associate System Administrator with a strong security engineering focus, where I operate at the intersection of SecOps, DevSecOps, and cloud security. My work includes web and API penetration testing, identifying authentication, authorization, business logic, and access control vulnerabilities through manual testing using Burp Suite, Postman, and cURL, supported by source code review aligned with OWASP Top 10.I actively implement shift-left security by integrating SAST, SCA, container, and Kubernetes security controls into CI/CD pipelines, using tools such as SonarQube, OWASP Dependency Checkmarx, Kubebench, Trivy, and Kubescape, ensuring vulnerabilities are detected early and remediated before reaching production.On the cloud security side, I secure and monitor Microsoft Azure environments, focusing on identity security, network hardening, storage security, WAF tuning, and Kubernetes (AKS) security. My responsibilities include Azure Entra ID Conditional Access and MFA enforcement, Key Vault access reviews, NSG and firewall baseline analysis, Azure Front Door WAF tuning, TLS enforcement, logging coverage improvement, and Defender for Containers runtime monitoring.I also support Kubernetes security and operations, reviewing cluster configurations, pod security contexts, container images, and runtime logs across both AKS and on-prem Kubernetes environments, ensuring secure configurations, version compliance, and visibility for incident investigation.My work aligns closely with NIST SP 800-53 Rev.5 controls and Zero Trust principles, focusing on least privilege, continuous verification, and secure-by-design cloud architectures.I am particularly interested in roles that involve SecOps, DevSecOps, Cloud Security Engineering, and Blue Team security, where I can combine offensive security thinking, automation, and defensive monitoring to reduce real-world risk and strengthen security posture.Speaker at InfraSec Village, Cybersurksha & Gujarat University. 4X Acknowledged by Apple - 2025Acknowledged by Apple - 2026Acknowledged by Redbull, Microsoft, Tesla, Substack, etc.

AI Security Architect, and Founder of Novus Aegis AI and ReconPro. He specializes in building autonomous, AI-driven Security Operations (AI SOC) platforms that detect, triage, and respond to cyber threats in real time.With over a decade of hands-on experience in cloud security, DevOps, and cyber defense, Chris has designed and secured enterprise-scale infrastructures by embedding security into CI/CD pipelines and infrastructure-as-code. His expertise includes vulnerability management (SCA, SAST, DAST), red teaming, APT simulation, and SOC automation, aligned with frameworks such as NIST, ISO 27001, and SOC 2.He is the creator of “God’s Eye,” an advanced capability within ReconPro that delivers continuous attack surface visibility, adversary simulation, and intelligence-driven security insights. Through Novus Aegis AI, he is advancing autonomous cyber defense using AI agents that proactively hunt threats, reduce alert fatigue, and compress incident response times from hours to seconds.Chris is passionate about shaping the future of cybersecurity through AI-driven defense, offensive security strategy, and building resilient, self-adapting security ecosystems for enterprises globally.

Pengfei is a Solution Architect at Picus Security, where he advise enterprise security teams in implementing automated adversary simulation operations and framework.Previously, he worked as a Cybersecurity Engineer in GovTech's GCSOC team, where he led the implementation of continuous purple teaming across the Whole-of-Government. Before this role, he served on GovTech's red team, mainly dabbling in VAPT and Adversary Simulation.Pengfei is certified with OSCP, eMAPT, Crest CRT, CCSK V4, etc. He has conducted research on emerging cybersecurity technologies and presented his findings at renowned conferences like Black Hat USA & Asia, DEFCON, SINCON, ROOTCON, etc.

Organizer & Speaker at DevFest 2025 (Trivandrum)Hands-on Kubernetes Workshop at GDG Cloud Community Days TrivandrumSpeaker at GDG Cloud Kochi launch event on 11 May 2022JPC recommendation on data protection: Impact on Startups conducted by the Centre for the Digital Future (CDF) on 6 January 2022Keynote address at Hac'KP Summit & Awards 2021 on 4th Sep 2021Startup Stories - #36 Beagle Security interviewData Privacy & Security for Business Analysts on 12 Dec 2020Hands-On Threat Hunting Workshop at OWASP Seasides, International Centre Goa on 3,4,5 March 2020CYINNOV8 - One Day Conference on “INNOVATIONS IN CYBERSPACE” at DR D S KOTHARI AUDITORIUM, DRDO Bhawan, New Delhi on 29 October 2018Security in Web Applications at Cyber Park KozhikodeMalware Analysis Basics for CyberDome volunteers at CyberDome TrivandrumKerala Police CyberDome Python Workshop at CyberDomeOWASP Kerala Student Outreach Program at KeralaWorkshop on Python Programming for College Faculties of KTU at Mar Baselios College of Engneering, Kollom on 24th & 25th July 2015Node JS Security (Coffee@DBG) at DBG Trivandrum on 03 Dec 2014Secure Deployment at DBG Trivandrum, Dec 2013Introduction to Jenkins at DBG Trivandrum on 04 Nov 2013Version Control with Git (Coffee@DBG) at DBG Trivandrum on 02 Oct 2013Code quality tools for PHP developers (Coffee@DBG ) at DBG Trivandrum on 05 Sep 2013

Sankar is a cybersecurity professional with over 10 years of experience spanning telecom, healthcare, product development, and banking industries. His expertise lies in vulnerability assessment, penetration testing, red team operations, and mobile application security for Android and iOS platforms. Currently at Aldar, Sankar leads security assessments across multiple organizational entities, helping strengthen enterprise defenses against evolving threats. He has responsibly disclosed critical vulnerabilities in major platforms including Salesforce (CVE-2023-22042) and Oracle, demonstrating his commitment to improving security across the industry. Beyond his professional role, Sankar actively participates in bug bounty programs and CTF competitions, and engages in Web3 security research through platforms like Immunefi. His current focus on AI-powered security automation and autonomous penetration testing frameworks reflects his dedication to advancing offensive security methodologies. Sankar holds a Postgraduate Diploma in Information Security from CDAC and regularly shares his insights through conference talks and technical presentations, contributing to both regional and global cybersecurity communities.

Co-founder of Sherpasec Malaysia.Spoke at multiple local conferencesUncountable panelist experiences in closed door eventsSpoke at a couple of regional conferences

I am an active educator in the cybersecurity community and currently work as a Consultant in Offensive Security at Kroll. I have delivered technical workshops at multiple colleges across India. These sessions cover practical topics like ethical hacking, mobile application penetration testing, and Red Teaming.I am also an instructor on Udemy. I share my knowledge with a global audience by creating courses that help students learn complex security concepts. In addition to teaching, I contribute to the industry as a Subject Matter Expert for Hack The Box. I help the community understand the latest trends in offensive security.​I have been recognised for my skills by the NCIIPC as one of the top 15 hackers in India. I also participate in bug bounty programs and have received acknowledgements from various organisations. My goal is to make cybersecurity education accessible and practical for everyone.

Vinod has spent the past decade working in cybersecurity across financial services, government, and tech sectors. Currently a Staff Security Engineer at PIP Labs, he navigates the intersection of traditional enterprise security and the emerging world of Web3 and blockchain infrastructure.His journey has taken him through companies like Amazon, Zapier, and HackerOne, where he's gained hands-on experience in penetration testing, cloud security architecture, and application security. He works with AWS, GCP, and Azure environments, focusing on threat modeling and secure DevOps practices while approaching security as an enabler rather than a blocker.He shares his experiences and lessons learned through writing on Medium, breaking down complex security topics and exploring practical approaches to building security programs that work in real-world environments. Outside of his day job, he participates in bug bounty programs, mentors aspiring security professionals, and continues researching emerging threats and technologies in both traditional and Web3 security landscapes.

A competent and committed professional currently working as a Cloud-Native Security Consultant on behalf of Control Plane. Fully energetic and ambitious person who has developed a mature and responsible approach to any undertaken task or situation he has been presented with.A competent and committed professional currently working as a Cloud-Native Security Consultant on behalf of Control Plane. Fully energetic and ambitious person who has developed a mature and responsible approach to any undertaken task or situation he has been presented with.

Yashvendra is the Co-Founder and Chief Security Evangelist at SecLogic Inc., where he has spent the past four years building the CADR (Cloud Application Detection & Response) platform. He specializes in designing advanced detection methodologies and runtime security strategies to uncover sophisticated threats across cloud-native and Kubernetes environments.