Find Expert Speakers

Speaker at Bsides Kochi, BIOS meetup, SlashN and various other conferences.

- Unveiling Digital identities: Device and Browser fingerprinting have been accepted at Blackhat MEA , Nullcon Goa, Bsides Bloomington, Connecticut, Sydney, Hackred Con 2024, Defcon Delhi 0x07 etc.- Ghost in the Machine: Exploiting Hardware & Network Fingerprints for Tracking Presented at Myhack Malaysia.- Reinventing Access Control: Fingerprinting for Credential Protection Presented at VulnCon 2025 and BSides Mumbai 2025.- Speaker at Defcon Delhi 0x06: Presented my research paper on analyzing the Mirai Botnet and its derivatives.

Hi, My name is Aftab Sama! 👋I'm a cybersecurity researcher. I graduated from Rashtriya Raksha University with a degree in Computer Science and Engineering with specialization in Cyber Security. My interest in Capture the Flag (CTF) competitions helped me secure my first internship at KPMG India, as I was among the top performers in a national CTF competition organized by the KPMG Cyber Security Team. I secured an on-campus internship at Quick Heal, where I had the opportunity to shadow various malware cases and learn about the investigation process. I validated Indicators of Compromise (IoC) for physical samples from CertIN and OTX, and I utilized my Python skills to automate some daily tasks. I also ranked among the top 100 in TCS HackQuest Season 7 Capture the Flag (CTF) competition, which led to an employment opportunity with TCS, where I am currently working as Penetration Tester.My passion for offensive security and penetration testing led me to obtain certifications such as CAPenX, BSCP, CNPen, CAPen, and CEH Practical, among others. I plan to enroll in further offensive security courses in the future.In my free time, I actively participate on HackTheBox and CTFTime and have taken part in several prestigious CTF competitions, winning multiple prizes. Besides my interest in security, I enjoy reading about stoicism and philosophy.You can read my blogs and writeups at https://aftabsama.com.

Working since 15+y in telecom security, striving to move the industry to a more open and collaborative approach of critical infrastructure security. Today, leading POST Luxembourg TelcoSec team developing offensive & defense capabilities, research and building telecom security solutions to protect operators around the world. I have been previously publishing at Underground Economy, Chaos Computer Congres (CCC), Hack.lu, CTI-Summit, ETIS, GSMA FSAG, ENISA Telecom Security Forum, HITB, Troopers, TSD, HackitoErgoSum and many other private conference where we are invited to share our research.

Alfonso De Gregorio is a globally recognised cybersecurity technologist, award-winning research artist, and strategic policy advisor. He has spoken at 25+ peer-reviewed int'l events across 5 continents, such as NATO Conference on Cyber Conflict, RSAC, and the leading hacker events. High-performance organisations engage him to spearhead relentless innovation across disciplines and fields, accelerate asymmetric advantage, and achieve peak confidence in today's interconnected operational environment—establishing Alfonso as a key figure shaping the discussion and practice of cybersecurity.Today he is Founding Director and Principal Investigator at Pwnshow, an interdisciplinary research agency investigating critical cybersecurity challenges at the complex technology-society nexus; CEO at Zeronomicon, a premium zero-day vulnerability acquisition platform; and, Member of the ETSI TC SAI (Securing AI), where he works towards ensuring the technical standards underpinning the EU AI Act are practical, effective, and innovation-friendly. At the forefront of the AI governance debate, his current work focuses on the dual-use dilemma of open-weight AI and how the proliferation of powerful models impacts the cyber threat landscape. Active in the legislative and standardization trenches as much as at the terminal prompt, he provided expert technical consultation to the European Commission regarding the EU AI Act. He successfully advocated for the "substantial modification" clauses in the GPAI Code of Practice, protecting open model developers from undue liability.

Alon Friedman is a Principal Security Architect at Microsoft 365 Defender, with extensive experience in application security and penetration testing. He focuses on defining application security standards and researching threat landscapes. His background includes leading secure software development at Salesforce and managing application vulnerabilities at PayPal. Alon is a recognized researcher, credited with CVE-2014-4246 and the creation of the SCIP OWASP ZAP extension

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

Over the years, I’ve had the opportunity to speak at cybersecurity conferences, technology summits, university campuses, and industry communities where I focus on making security practical, relatable, and engaging through real-world stories, demonstrations, and attacker-driven thinking.I’ve delivered talks at events including ATAGTR 2024, ATAGTR 2025, AITestFest 2025, AITestFest 2026, Identity Shield, SAP Security Expert Summit, TechX, along with guest sessions and cybersecurity awareness talks across multiple university campuses.My sessions typically revolve around AI-driven threats, OSINT, phishing, social engineering, dark web exposure, privacy, cyber risk, and the growing intersection between offensive security and governance. I enjoy blending live demonstrations, attacker psychology, and practical security lessons to help audiences understand not just how attacks happen — but why organisations continue to underestimate them.Beyond conferences, I actively mentor aspiring professionals, contribute to security awareness initiatives, and enjoy simplifying complex security concepts for both technical and non-technical audiences.

Armaan Pathan is a Senior Security Engineer at KATIM with deep expertise in application security, penetration testing, and bug bounty hunting. Over the past 10+ years, he has uncovered and responsibly disclosed critical vulnerabilities at leading tech organizations including Google, Facebook, Apple.Holding a Master’s degree in Information Technology and certifications such as OSCP, Armaan has excelled in both offensive security operations and mentoring engineering teams to adopt secure-by-design practices. His research spans areas like browser security, OAuth misconfigurations, and novel attack vectors that challenge industry assumptions.Beyond client work, Armaan actively contributes to the security community—publishing technical blogs, presenting at conferences, and raising awareness of emerging threats and practical defenses.

Offensive Security Lead and globally ranked security researcher with extensive experience in vulnerability research and red teaming. Recognized as Best Bug Hunter at Microsoft MVR (2023–2025) and acknowledged by leading organizations including Apple (2022) and Google (2021). Featured in the Hall of Fame of 300+ Fortune companies for responsible disclosures.Holds multiple industry certifications including CRTP, LPT, CPENT, eWPTXv2, CHFI, and CEH. Discovered and reported 5 CVEs. Active CTF player and public speaker, regularly sharing insights on offensive security, bug bounty methodologies, and advanced attack techniques at international conferences and universities.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 200+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

I'm an active member and contributor at various security and developer communities including null open security community and FOSS United.I delivered talks/training at various conferences such as HITB, Sincon, Nullcon, c0c0n, Defcon: Recon Village, various Bsides, Bugcrowd LevelUp, PyCon India etc.References to my talks/trainings:https://www.disruptivelabs.in/talks/https://speakerdeck.com/0xbharathhttps://www.disruptivelabs.in/trainings/

Bhaumik Shah is a cybersecurity leader and founder of Securify, where he helps organizations secure their cloud, applications, and infrastructure through penetration testing, red team operations, and compliance programs like SOC 2 and ISO 27001. With over a decade of experience uncovering vulnerabilities in complex environments — from AWS misconfigurations to API flaws — he has worked with startups, enterprises, and government agencies to strengthen their security posture. Bhaumik is passionate about sharing real-world lessons from the field, mentoring the next generation of security professionals, and occasionally sneaking in a pop-culture reference or two to make security just a little more fun.

Connor has presented a several talks at AISA 2025 (not recorded https://melbourne2025.cyberconference.com.au/speakers/connor-du-plooy-gkvou), 0xCON (https://www.youtube.com/watch?v=oESrZVN79o4), BSides Johannesburg (https://www.youtube.com/watch?v=dn250YBDfzY) and CapeTown (https://www.youtube.com/watch?v=X_n0C1uFzDc). In addition private client-facing briefing talks were also done (https://www.youtube.com/watch?v=jJX-DU8wiAI&list=PLT9SO-6r9XFDh1bCkwL5JDoqSsfxRe7rO&index=10, https://www.youtube.com/watch?v=fVXhBS0CtTQ).

Security Engineer with 5 years of experience, currently working as a Senior Security Engineer at ShareChat.Previously worked with Flipkart as a Security Engineer and bug bounty hunter. Experienced across multiple domains including cloud security, WAF, application security, network and infrastructure security, as well as mobile security testing.

EXPERTISE:- Experienced Cyber Security with a demonstrated history of working in the several industry. Skilled in Penetration testing, XDR, EDR, DFIR, Threat Hunting, and OSINT.- Advanced Ethical Hacking:Proficient in various hacking methodologies, including but not limited to network penetration testing, (web, API, Infra, mobile) application testing, wireless network exploitation, and social engineering.- Deep Knowledge of Security Frameworks: Expertise in industry- standard security frameworks such as OWASP, NIST, and PTES, with the ability to apply their guidelines effectively

As an ethical hacker, I equip enterprises with the advice and solutions to improve their digital security posture and their overall business growth. Throughout my career as an ethical hacker I’ve worked across several industries including:💥 Government💥 Advertising💥 Retail💥 Financial Services💥 Blockchain💥 Technology💥 Publishing💥 Non-Profit💥 And more!This has provided me the opportunities to gain a breadth of knowledge on all things security testing.

Evangelos Bitsikas is a Doctoral Security Researcher at Northeastern University and a Google PhD Fellow in Cybersecurity. He specializes in wireless security, with an emphasis on cellular networks (LTE/5G), adversarial attacks against cellular infrastructure, and mission-critical networking for autonomous systems, including 5G-enabled drones and vehicles.Evangelos has trained extensively across offensive and defensive security, including network monitoring and incident response exercises, as well as hands-on exploitation and penetration-testing labs. He currently holds advanced security certifications, including CASP+ and CISSP, and speaks on topics at the intersection of wireless systems, real-world security testing, and resilient network design.

Farhad Sajid Barbhuiya is a passionate security professional with over 5 years of hands-on experience in offensive security, delivering more than 2000 hours of training across educational institutions, corporations, and government organizations. His trainings cover Web & Mobile Application Security, Reverse Engineering, Exploit Development, Code Review, and more, empowering diverse audiences with practical, real-world skills.Currently a Staff Information Security Engineer on the Offensive Security team at Zscaler, Farhad works on offensive security assessments spanning across Mobile Application Security (Android & iOS), Reverse Engineering, Web Application Security, Agentic AI and LLMs and Hardware Security. His work focuses on uncovering vulnerabilities in high-stakes environments, from custom exploit chains to evasion techniques in containerized and cloud systems.A sought-after speaker, Farhad has presented at premier cybersecurity conferences including NullCon Goa (Advanced Web Apps Pentesting training), Bsides Delhi (Reverse Engineering for Exploit Development), Null Delhi (Reverse Engineering for Developers), Bsides Mumbai (DYLD Library Injection on macOS), Defcon Delhi (IoT Village), Bsides Vizag (TACTOU Attacks in AI Agents), and Bsides Mussorie (Magazine Exhaustion on iOS Heap Allocators). His sessions blend deep technical dives with live demos, making complex topics accessible and actionable.Farhad thrives at the intersection of vulnerability research, exploit development, and secure architecture, contributing to the infosec community through research, tools, and knowledge-sharing.

I am a versatile Application Security Engineer dedicated to enhancing the security posture of both web and mobile applications. My primary focus is on implementing robust security measures through thorough assessments, comprehensive source code reviews, and the integration of security practices within the DevSecOps framework. I specialise in embedding security into Continuous Integration and Continuous Deployment (CI/CD) pipelines through various methods, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Mobile Application Security Testing (MAST). By driving effective threat modelling sessions, I identify and mitigate potential vulnerabilities early in the development lifecycle, ensuring that security is a fundamental component rather than an afterthought.Additionally, I work on building secure-by-default pipelines and guardrails tailored to the unique requirements of each project, fostering a culture of security awareness among development teams. My goal is to empower organisations to deliver secure applications without compromising on agility or performance.

I'm Hrishikesh Somchatwar, a Storyteller, Electronics Hacker, and Bestselling Author based in France.🔗 Connect With Me:Email: hrishikeshsom@gmail.comLinkedIn: linkedin.com/in/hrishikesh-somchatwar/📖 Publications:"Exploitation of Embedded Systems" – Presented at Car Hacking Village"Hacking with Physics" – Showcased at HackFest Canada 2021"Car Hacking Village" – Authored publication🎙️ Speaker & Trainer:I've had the privilege of speaking and providing training at esteemed cybersecurity conferences, including:DeepSec AustriaSCSA GeorgiaSecurityFest SwedenDefcamp Romania (2019, 2023)Bsides AhmedabadBsides Delhic0c0nHackFest CanadaKey Topics:Automotive CybersecurityHardware SecurityIoT SecurityCar hacking techniquesTools for embedded system exploitation📚 Author:As the bestselling author of "Hacking the Physical World", my book topped Amazon charts in the USA and India.🎧 Podcast:Check out "The Storytelling Hacker", where I blend storytelling with electronics hacking. Available on:SpotifyApple PodcastsGoogle Podcasts💼 Professional Journey:Valeo: Worked on cutting-edge automotive cybersecurity solutions and advanced hardware technologies.Security Researcher: Contributed to NDA-protected projects at a confidential company in Maharashtra, India.Hardware Security Intern: Played a pivotal role in a cybersecurity startup, conducting security testing on:CarsIoT devicesPLCsSCADA systems

Jaswanth has speaking experience in multiple well reputed conference's such as Seasides goa, OWASP, Security BSides, NexGen CyberWomen, and multiple universities.

20 YearsBrazilianClient Applications Squad Leader, Researcher and Malware Developer at @Hakai Offensive SecurityProgrammerGamerCat loverCompulsive pizza eaterPassionate about sysInternals, reverse engineering, low level and Client-Side applications

Jyoti Raval serves as Director of Cyber Security Engineering at Baker Hughes, where Jyoti is responsible for ensuring end-to-end product security and actively contributes across multiple phases of the security lifecycle. Jyoti is the author of Phishing Simulation and MPT tools, and has delivered presentations at leading security conferences, including InfosecGirls, Nullcon, DEF CON 27, Black Hat Asia, HITB Singapore, OWASP New Zealand, Shecurity, DEF CON 32, and Black Hat London. Additionally, Jyoti leads the OWASP Pune Chapter.