Find Expert Speakers

I have spoken at multiple international cybersecurity conferences and platforms, addressing both deeply technical audiences and early-career practitioners, with topics spanning AI security, detection engineering, and modern SOC evolution. At NDC Security 2026 Oslo, I shall deliver “Who Gave the Agent Admin Rights?! Securing Cloud & AI Machine Identities”, where I'll examine non-human identities, AI agents, and the emerging risks of autonomous privilege, focusing on governance, detection, and containment strategies in cloud environments. At BSides Pittsburgh and BSides Krakow, as well as at the Silicon Saxony Day (19th edition), I presented “Enhancing Open-Source IDS & SIEM Solutions into AI-Enabled XDR & SOAR Solutions in Cloud Environments”, focusing on extending open-source detection stacks with automation, ML-driven enrichment, and response orchestration to build scalable, analyst-effective security operations. In contrast, my session at BSides Buffalo, “From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out”, was designed for students and early professionals, offering actionable guidance on skill-building, differentiation, and navigating cybersecurity careers. Beyond conferences, I have appeared on the Distilled Security Podcast, where I discussed how deploying specialised, small language models locally can significantly improve efficiency, reduce operational friction, and make AI-assisted security workflows more practical and trustworthy.

Johann Rehberger has over twenty years of experience in threat modeling, risk management, penetration testing, and red teaming. During his tenure at Microsoft, Johann established a Red Team within Azure Data and led the program as Principal Security Engineering Manager. He went on to build a Red Team at Uber, and currently serves as Red Team Director at Electronic Arts. In addition to his industry roles, Johann is an active security researcher and a former instructor in ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK and ATLAS frameworks and is the author of "Cybersecurity Attacks - Red Team Strategies". He holds a master's degree in computer security from the University of Liverpool. You can find his latest research at embracethered.com.

As we hand more agency to machines, we’re creating identities that can act, but not always be held accountable. I research how to red team and secure autonomous AI systems before that gap becomes systemic risk. My work lives at the intersection of offensive security and the rapid, often untethered growth of artificial intelligence. As an AI/ML Researcher and Red Teamer, I don't just look for bugs; I map the boundaries of autonomous systems to ensure they remain resilient when the unexpected happens. From the intricate layers of LLM pipelines to the hidden vulnerabilities in blockchain and DevSecOps automations, I focus on uncovering risks before they become reality. At DEF CON 33, I had the opportunity to speak on the Policy Track about the legal frameworks for ethical hacking. To me, security is as much about the humans who defend the systems as it is about the code itself. Advocating for global safe harbor standards is a vital part of ensuring that researchers can continue to protect the digital world without fear. I believe that as we hand more agency to machines, our need for intentional, human-centered security only grows. Whether I am simulating a real-world attack on an AI-driven workflow or refining a policy for international safety, my goal is to provide a clean window of clarity in an increasingly complex threat landscape. I am always open to quiet conversations about the offensive side of security, the future of AI resilience, or the ongoing effort of building trust in technology.

I am an active educator in the cybersecurity community and currently work as a Consultant in Offensive Security at Kroll. I have delivered technical workshops at multiple colleges across India. These sessions cover practical topics like ethical hacking, mobile application penetration testing, and Red Teaming.I am also an instructor on Udemy. I share my knowledge with a global audience by creating courses that help students learn complex security concepts. In addition to teaching, I contribute to the industry as a Subject Matter Expert for Hack The Box. I help the community understand the latest trends in offensive security.​I have been recognised for my skills by the NCIIPC as one of the top 15 hackers in India. I also participate in bug bounty programs and have received acknowledgements from various organisations. My goal is to make cybersecurity education accessible and practical for everyone.

Vitaly Simonovich is a senior security researcher at Cato Networks and a member of Cato CTRL. Currently, Vitaly focuses on researching topics related to LLM security, with a particular emphasis on jailbreaks and prompt injections, as well as conducting vulnerability research across a wide range of technologies. In addition, he is actively involved in threat intelligence, analyzing emerging threats and attack trends to strengthen organizational defenses.Prior to joining Cato in 2023, Vitaly worked at Incapsula and Imperva, where he led teams of security analysts and researchers. With over nine years of experience in cybersecurity, Vitaly specializes in application security, data security, LLM security, vulnerability research, and threat intelligence.An active contributor to the cybersecurity community, Vitaly regularly publishes research blogs, hosts webinars, and presents at conferences. In addition to his professional work, he teaches cybersecurity at local colleges and enjoys solving CTF challenges in his free time to stay sharp and enhance his skills.