Find Expert Speakers

I’m currently working as a Security Analyst, with experience in both red team and blue team operations. My current focus is on red team engagements, zero-day research, and malware analysis.

Andreas Wiegenstein is engaged in SAP cyber security since 2003. He discovered quite a number of zero-day vulnerabilities in SAP software and supported development of a market leading static code analysis tool for the business programming language ABAP. He has spoken at more than 70 conferences world-wide about SAP security, including Black Hat, DeepSec, Hack In The Box, IT Defense, RSA, SAP TechEd and Troopers (alphabetical order). His current research is focused on SAP malware and supply chain attacks.

Aryan is a senior security researcher with nearly six years of focused experience in malware development, AV/EDR evasion, and low-level system programming. His work bridges deep technical research and practical offensive security, creating advanced tooling for red team engagements. He holds the CRTO certification and has led numerous adversarial simulations against mature defenses. His research also extends to implementing fuzzing frameworks and automation.Previous Speaking Engagements:WildWest Hackin' Fest - Presented research on advanced security evasion.The Hack Summit - Delivered a talk on modern malware techniques.CarolinaCon - Shared findings in offensive security research.BSides Ahmedabad - Led technical training sessions on red team tooling and methodologies.

Chi-en “Ashley” Shen is a Security Research Engineering Technical Leader at Cisco Talos, specializing in emerging threat research—ranging from nation-state attacks to financially motivated crimes and spyware campaigns. Before joining Cisco, she worked at Google’s Threat Analysis Group, where she hunted zero-day exploits and tracked botnets. Prior to that, she was part of Mandiant’s Global Research Team, where she co-authored the APT41 report and published research on ICEFOG campaigns. In Taiwan, Ashley co-founded Team T5 and served as a senior threat analyst with a focus on targeted attacks in APAC. A passionate advocate for women in cybersecurity, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan, and she currently organizes Rhacklette, a security community for FINTA in Switzerland. She has presented her research at a range of conferences, including Black Hat, HITB, HITCON, FIRST, Pivotcon and CODE BLUE. In her free time, she supports the community by offering training sessions and serving on the review boards for Black Hat, HITCON, and HITB.

Feel free to email me on basically anything on computing or history

EXPERTISE:- Experienced Cyber Security with a demonstrated history of working in the several industry. Skilled in Penetration testing, XDR, EDR, DFIR, Threat Hunting, and OSINT.- Advanced Ethical Hacking:Proficient in various hacking methodologies, including but not limited to network penetration testing, (web, API, Infra, mobile) application testing, wireless network exploitation, and social engineering.- Deep Knowledge of Security Frameworks: Expertise in industry- standard security frameworks such as OWASP, NIST, and PTES, with the ability to apply their guidelines effectively

As an ethical hacker, I equip enterprises with the advice and solutions to improve their digital security posture and their overall business growth. Throughout my career as an ethical hacker I’ve worked across several industries including:💥 Government💥 Advertising💥 Retail💥 Financial Services💥 Blockchain💥 Technology💥 Publishing💥 Non-Profit💥 And more!This has provided me the opportunities to gain a breadth of knowledge on all things security testing.

Diyar Saadi Ali is a formidable force in the realm of cybersecurity, renowned for their expertise in cybercrime investigations and their role as a certified SOC and malware analyst. With a laser-focused mission to decode and combat digital threats, Diyar approaches the complex world of cybersecurity with precision and unwavering dedication. At the core of their professional journey lies real-time security event monitoring a task Diyar executes with exceptional vigilance and expertise. As a respected MITRE ATT&CK Contributor, they have made invaluable contributions to the global cybersecurity community, sharing insights and strategies that help organizations bolster their defenses against evolving cyber threats. Diyar’s impact is further amplified by their role as the discoverer and owner of critical Common Vulnerabilities and Exposures (CVEs), including CVE-2024-25400 and CVE-2024-25399. These achievements underscore their commitment to identifying and addressing systemic vulnerabilities that could otherwise threaten digital ecosystems.

Dr. Bramwell Brizendine completed his Ph.D. in Cyber Operations. A security researcher, currently Bramwell is an Assistant Professor at the University of Alabama in Huntsville, and he is the founding Director of the Vulnerability and Exploitation Research for Offensive and Novel Attacks (VERONA Lab). A cybersecurity expert, Bramwell has taught numerous undergraduate, graduate, and doctoral level courses in reverse engineering, software exploitation, advanced software exploitation, malware analysis, and offensive security. Additionally, Bramwell has authored several important cybersecurity tools, including JOP ROCKET, SHAREM, ShellWasp, and ROP ROCKET, which are open source and freely available. Bramwell was a PI on a $300,000 NSA research grant to develop a shellcode analysis framework, SHAREM. Bramwell is a 2025 recipient of the DARPA YFA for $500,000. Bramwell has been a speaker at many top security conferences across the globe, including different regional variations of Black Hat, DEFCON, Hack in the Box, and more.

Fareed is a malware security researcher with more than 5 years of experience. His interests lie in malware reverse engineering, threat intelligence, digital forensics, and detection. As part of the Global Research and Analysis Team (GReAT) at Kaspersky, Fareed participates in investigating cybercrimes, tracking APT groups, and dismantling the malicious infrastructure of threat actors. Additionally, Fareed frequently shares his knowledge through public talks, mentorship, training sessions, briefings, and media interviews, representing both himself and Kaspersky. His specialization in malware and APT analysis allows him to speak and share his insights with a wide range of audiences, contributing significantly to the local and international cybersecurity community.

The speaker has served as a presenter at Black Hat Asia in both 2023 and 2024, participating in the Arsenal (Web Application Security) track held in Singapore.The speaker has also served as a guest speaker in several universities and community events & had attended BlackHat MEA 2022 - 2024 in Riyadh as a CTF Finals participant.

I’ve been working as Head of Identity Threat Labs and Global Product Advocate at Segura®, Red Team Village Director, Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM), AWS Community Builder, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA - Middle-East - and others. I’ve served as University Professor in Master Degree - Portugal and Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).

Joseliyo Sanchez is a security engineer at VirusTotal - Google. Previously worked at McAfee and BlackBerry as a threat researcher. His main objectives are threat hunting that leads to detection engineering and analysis of APTs and Crime groups.

Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer with the FLARE team at Google, where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and other security related topics.

Mars Cheng leads TXOne Networks' PSIRT and Threat Research Team as their Threat Research Manager, where he coordinates product security initiatives and threat research efforts. He also holds the position of Executive Director for the Association of Hackers in Taiwan, facilitating collaboration between enterprises and the government to bolster the cybersecurity landscape. Additionally, Mars serves as a Cybersecurity Auditor for the Taiwan Government. His expertise spans ICS/SCADA systems, malware analysis, threat intelligence, and hunting, as well as enterprise system security. Mars has made significant contributions to the cybersecurity community, including authoring more than ten CVE-IDs and publishing in three SCI journals on applied cryptography.Mars is a frequent speaker and trainer at numerous prestigious international cybersecurity conferences, including Black Hat USA/Europe/MEA, RSA Conference, DEF CON, CODE BLUE, SecTor, Troopers, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, NoHat, ROOTCON, SINCON, CYBERSEC, and many others. He plays an instrumental role as the General Coordinator for the HITCON CISO Summit 2024 and has successfully organized several past HITCON events including HITCON CISO Summit 2023, HITCON PEACE 2022, HITCON 2021, and HITCON 2020, demonstrating his commitment to advancing the field of cybersecurity.

Moonbeom ParkCPO(Chief Product Officer) @78ResearchLabFormer senior researcher of KrCERT/CC & KISAI'm working at 78ResearchLab(http://www.78researchlab.com) in South Korea, a company specializing in the development of cyber warfare tactics and offensive and attack technologies. They analyze the cyber warfare strategies of Advanced Persistent Threat(APT) groups and conduct research on of attack techniques such as 0-day vulnerabilities and develop various cyber weapons, exploites, Post-Exploitation techniques that can be utilized in cyber warfare operations.

## Investigation and Analysis of Malware Spreading Infection via MSI Package Files (BSides Tokyo 2023)Language: JapaneseAgenda: https://bsides.tokyo/2023/Slide (PDF): https://github.com/mopisec/bsides-tokyo-2023/blob/main/BSidesTokyo2023_MSIanalysis_dist.pdfRecording: Not Available## Reverse Engineering Malware Written in C++ with IDA and Semi-Automated Scripts (Training at GCC 2025 Taiwan)Language: EnglishAgenda: https://gcc.ac/archive/gcc_2025/Slide (PDF): Not AvailableRecording: Not Available## Inside Pandora's Box: dissecting the latest arsenal and tactics of APT27 (VB2025 Berlin)Language: EnglishAgenda: https://www.virusbulletin.com/conference/vb2025/abstracts/inside-pandoras-box-dissecting-latest-arsenal-and-tactics-apt27/Slide (PDF): https://www.virusbulletin.com/uploads/pdf/conference/vb2025/slides/Slides-Inside-Pandoras-box-dissecting-the-latest-arsenal-and-tactics-of-APT27.pdfRecording: https://www.youtube.com/watch?v=TUATnkPEsnc## Continuous Evolution of Tianwu’s Pangolin8RAT and Custom Cobalt Strike Beacon (JSAC2026)Language: EnglishAgenda: https://jsac.jpcert.or.jp/en/timetable.htmlSlide (PDF): https://jsac.jpcert.or.jp/archive/2026/pdf/JSAC2026_1_6_naoki_takayama_en.pdfRecording: TBA (Should be available on YouTube soon)

Prajwal is a Malware Analyst at Cloudsek, specializing in reverse engineering and threat intelligence. He focuses on uncovering new threats through malware research, with a background in Offensive Security and Windows Internals.

Rafael Salema Marques (SWaNk) is an old-school VXer who tends to define himself as a malware enthusiast. He has been coding malware since the early 2000s.His contributions bridge the dark technical underground with rigorous scientific methodology. Over his career, he has published code and research in prestigious hacker e-zines including 29A and Phrack Magazine. Additionally, he already contributed to the LOLBAS project, discovering and documenting novel ways to weaponize native OS executables. Academically, he did his MSc research at the Instituto Tecnológico de Aeronáutica (ITA) focused on employing an artificial immune system approach to detect advanced rootkit activities and covert data exfiltration. Building on this foundation, his PhD research introduced a novel method for detecting highly evasive pivot attacks in complex networks. SWaNk is always available for coffee, beer, and malware projects.

Rahul is a security researcher with 7+ years in offensive security and red teaming. He specializes in malware development, AV/EDR evasion, and bypassing security controls in heavily defended environments. As a full-time red teamer, he's built tools and developed techniques that work against real-world security stacks.He currently works as Manager of Offensive Security and Threat Assessment with leading financial organizations across the Middle East, collaborating with red, blue, and purple teams to find and fix security gaps in enterprise infrastructure. He's spoken at international conferences including BlackHat, CONFidence, and HAcktivity.His expertise spans enterprise security and cloud infrastructure, with particular focus on identifying and exploiting design flaws in hardened environments.

I am a cybersecurity professional with 1.5 years of work experience in DFIR and CTI. Recently, I have been researching into macOS threats and forensics since this topic is niche in Malaysia. I've also spent two years in the CTF scene, competing with the M53 and L3ak teams, where I had the opportunity to compete on a global stage and achieve multiple victories in CTF competitions and writeup contests. I now channel that same curiosity and rigor into professional development, pursuing certifications and exploring macOS research, RFID security, and blockchain security.

ISACA Cybersecurity ConferenceDelivered an insightful session on Zero Trust Security, breaking down its practical implementation and its role in modern cyber defense architecture. His talk was well-received by industry professionals and highlighted the evolving nature of perimeter-less security models.CIO News Cybersecurity ForumPresented on the integration of offensive and defensive security practices, emphasizing collaboration over siloed efforts. His impactful delivery earned him an on-the-spot award for excellence in thought leadership and practical insight.Crypto Expo DubaiTook the stage at one of the largest blockchain and cryptocurrency platforms in Dubai, where he delivered a high-impact talk on “Hacking Crypto Wallets”. The session provided deep dives into real-world attack vectors and preventive mechanisms, drawing significant attention from global fintech and blockchain professionals.

I am an active educator in the cybersecurity community and currently work as a Consultant in Offensive Security at Kroll. I have delivered technical workshops at multiple colleges across India. These sessions cover practical topics like ethical hacking, mobile application penetration testing, and Red Teaming.I am also an instructor on Udemy. I share my knowledge with a global audience by creating courses that help students learn complex security concepts. In addition to teaching, I contribute to the industry as a Subject Matter Expert for Hack The Box. I help the community understand the latest trends in offensive security.​I have been recognised for my skills by the NCIIPC as one of the top 15 hackers in India. I also participate in bug bounty programs and have received acknowledgements from various organisations. My goal is to make cybersecurity education accessible and practical for everyone.

Vishal Chand is a cybersecurity researcher at BharatGen, IIT Bombay, specializing in AI-driven threat defense and generative AI security. As an author and Red Team contributor at OWASP AI Exchange, he works on adversarial robustness, model exploitation, and AI red teaming frameworks. His research focuses on offensive AI, malware analysis on Windows and macOS, and AI-powered threat detection. Vishal has presented at Microsofts BlueHat Asia, BSides Ahmedabad, BSides Bangalore, BSides Mumbai, and FOSS Mumbai.