Find Expert Speakers

🎤 Public Speaking & Knowledge Sharing1️⃣ 🇮🇳 Nullcon Goa 2026 — “Why Did the Model Think That? Demystifying the Black Box with Explainable AI (XAI)” 🔗 Link: https://nullcon.net/talk/why-did-the-model-think-that-demystifying-the-black-box-with-explainable-ai-xai/2️⃣ 🇮🇳 OWASP AppSec Days Bangalore 2025 — “Unveiling the Risks of MCP Servers: An In-Depth Exploration” 🔗 Link: https://owaspappsecdaysbangaloreoct.sched.com/event/28Z5G/unveiling-the-risks-of-mcp-servers-an-in-depth-exploration3️⃣ 🇸🇬 OWASP AppSec Days Singapore 2024 — “The Dark Side of AI: Exploring Adversarial Threats” 🔗 Link: https://owaspappsecdayssingapore202.sched.com/event/1ir3T/the-dark-side-of-ai-exploring-adversarial-threats4️⃣ 🇮🇪 Security BSides Dublin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://www.bsidesdub.ie/speakers.php5️⃣ 🇩🇪 Nullcon Berlin 2024 — “Into The Abyss: Adversarial Tactics In AI Security” 🔗 Link: https://nullcon.net/berlin-2024/speaker-into-the-abyss-adversarial-tactics-in-ai-security6️⃣ 🇮🇳 Seasides Infosec Conference 2023 — “Primer into SAP Penetration Testing & OWASP SAPKiln” 🔗 Link: https://www.bugbountyvillage.com/speakers7️⃣ 🇮🇳 c0c0n 15th Edition (2022) — “Hyperledger Fabric & Ethereum Apps: Security Deep Dive” 🔗 Link: https://india.c0c0n.org/2022/agenda8️⃣ 🇹🇳 OWASP Tunisia Chapter (2020) — “Blockchain Security” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=fRQrJttI5vI9️⃣ 🇮🇳 OWASP Kerala Chapter (2020) — “Pen Testing Blockchain Solutions (Ethereum Nodes & Smart Contracts)” 🎥 Watch on YouTube: https://www.youtube.com/watch?v=ahZ_V6qdBjQ

Bhaumik Shah is a cybersecurity leader and founder of Securify, where he helps organizations secure their cloud, applications, and infrastructure through penetration testing, red team operations, and compliance programs like SOC 2 and ISO 27001. With over a decade of experience uncovering vulnerabilities in complex environments — from AWS misconfigurations to API flaws — he has worked with startups, enterprises, and government agencies to strengthen their security posture. Bhaumik is passionate about sharing real-world lessons from the field, mentoring the next generation of security professionals, and occasionally sneaking in a pop-culture reference or two to make security just a little more fun.

Hey, I’m Bhavesh Pardhi, a cybersecurity practitioner and bug hunter focused on real-world web application security.My work primarily revolves around reconnaissance, vulnerability discovery, and building practical workflows that improve efficiency in bug hunting. I focus on identifying real attack surfaces and optimizing recon processes to reduce noise and increase meaningful findings.I am the founder of CyberXsociety, a growing platform where I share cybersecurity knowledge through blogs, digital products, and a community-driven forum focused on real-world learning and methodologies.Alongside this, I am building a local tech community, Jalgaon Hackers Meetup, to connect and grow serious learners in cybersecurity, development, and related fields through discussions, meetups, and collaborative learning.My approach is strongly practical and system-driven. Instead of focusing only on tools, I focus on building structured methodologies that can be applied across different targets and environments.I am actively working on bug bounty programs, contributing to the cybersecurity community, and continuously exploring ways to improve recon workflows and vulnerability discovery processes.

Boik Su is a security research manager at CyCraft Technology and is currently focused on Cloud Security, Web Security, and Blockchain Security. He takes an active role in the cybersecurity community and has delivered speeches at multiple seminars across the globe, including HITCON, HITB, FIRSTCTI, VB, and HackerOne. He still participates in CTF competitions, including SECCON CTF in Japan and HITCON CTF in Taiwan, and has submitted multiple reports to bug bounty programs and open-source projects.

Donavan is a Physics graduate turned into cybersecurity consultant with >8 years of experience in a variety of cybersecurity domains (e.g. offensive security, threat modeling, maturity assessments, security architecture) and business domains (cyber GRC).He blends his understanding of clients across both public and private sectors to identify key cybersecurity concerns and solutions to enable companies' cybersecurity compliance, confidence and cost-effectiveness (3 Cs).He has numerous contributions to the cybersecurity community since 2018. He has written hacking challenges, spoken at numerous conferences and events (SECCON JP, Threat Modeling Connect Japan, GCC 2025 @ Taiwan, Seasides 2025 @ Goa, SINCCON @ Singapore, DefCamp @ Romania) on topics ranging from threat modeling to application security. He has conducted career talks to encourage younger students from middle school to university levels to enter the cybersecurity industry. He also sits on the advisory board of VULNCON (since 2024), BSides Mumbai and Vazig, and has authored numerous articles on ISACA on topics ranging from post-quantum cryptography, to the relations between social sciences and cybersecurity as well as threat modelling. His views on cybersecurity has also been quoted by "The Pentester Blueprint" written by Phillip L. Wylie and Kim Crawley, and Offensive Security. He also contributes to the ISC2's Unified Body of Knowledge (UBK) through the Technical Advisory Panel Workshop.In Thales, he has also led a team to create a made in Singapore cybersecurity gamification experience, "Defend the Breach" (DTB), in three months, where players role-play CISO roles to make difficult cybersecurity decisions, taking into account both cyber and non-cyber factors such as the overall health of the business, manpower and operational requirements.Donavan also possesses certifications ranging from Offsec certifications (OSCE3, OSCP), ISC2 (CISSP), ISACA (CRISC) and is more than halfway through his Masters in Cybersecurity at Georgia Tech (OMSCY).On the mentorship front, he has developed and helped two mentees secure jobs, and mentors a dozen mentees in various capacities (individuals, cyber start-up founders)Outside cybersecurity, Donavan has also represented Singapore in international forums such as the ASEAN-India Youth Summit as a delegate.Find out more about me at https://donavan.sg and my cybersecurity writing at https://donavan.sg/blog.

I spoke at about a dozen conferences so far, mostly always about Software Supply Chain Security / Application Security. I am a regular guest on several podcasts on the same topic as well. I spoke in front of small (a few dozen) and large audiences (several hundreds) both locally and internationally (North America and Western Europe). I spoke at BlackHat SecTor, OWASP Global AppSec, NorthSec, Linux Foundation's OpenSSF event, Munich Cyber TTP, etc.

I have a speaking experience of almost around 2.5 years, I started givung sessions from my own college utself and then I have been approached to provide expert training sessions in multiple colleges by far I might have given training sessions at around 6 to 7 colleges and i have also given online sessions as well. And my LinkedIn profile is proof of it.

Jaswanth has speaking experience in multiple well reputed conference's such as Seasides goa, OWASP, Security BSides, NexGen CyberWomen, and multiple universities.

Jyoti Raval serves as Director of Cyber Security Engineering at Baker Hughes, where Jyoti is responsible for ensuring end-to-end product security and actively contributes across multiple phases of the security lifecycle. Jyoti is the author of Phishing Simulation and MPT tools, and has delivered presentations at leading security conferences, including InfosecGirls, Nullcon, DEF CON 27, Black Hat Asia, HITB Singapore, OWASP New Zealand, Shecurity, DEF CON 32, and Black Hat London. Additionally, Jyoti leads the OWASP Pune Chapter.

Kirils Solovjovs is Latvia's leading white-hat hacker and IT policy activist, renowned for uncovering and responsibly disclosing critical security vulnerabilities in both national and international systems. Kirils started programming at age 7 and by grade 9 was spending his lunch breaks writing machine code directly in a hex editor.With deep expertise in network flow analysis, reverse engineering, social engineering, and penetration testing, he has significantly contributed to cybersecurity advancements. Notably, Kirils developed the jailbreak tool for MikroTik RouterOS and played a pivotal role in creating e-Saeima, enabling the Latvian Parliament to conduct a fully remote legislative process, the first of its kind globally.He currently serves as the lead researcher at Possible Security and as a research assistant at the Institute of Electronics and Computer Science.

Two decades of cybersecurity experience including executive roles at Twitter, CoinList, Mozilla and OWASP. A co-founder and CEO of a venture backed cybersecurity startup (acquired) and an early stage investor finding and growing the next generation of amazing cybersecurity companies. Based in San Francisco.

As we hand more agency to machines, we’re creating identities that can act, but not always be held accountable. I research how to red team and secure autonomous AI systems before that gap becomes systemic risk. My work lives at the intersection of offensive security and the rapid, often untethered growth of artificial intelligence. As an AI/ML Researcher and Red Teamer, I don't just look for bugs; I map the boundaries of autonomous systems to ensure they remain resilient when the unexpected happens. From the intricate layers of LLM pipelines to the hidden vulnerabilities in blockchain and DevSecOps automations, I focus on uncovering risks before they become reality. At DEF CON 33, I had the opportunity to speak on the Policy Track about the legal frameworks for ethical hacking. To me, security is as much about the humans who defend the systems as it is about the code itself. Advocating for global safe harbor standards is a vital part of ensuring that researchers can continue to protect the digital world without fear. I believe that as we hand more agency to machines, our need for intentional, human-centered security only grows. Whether I am simulating a real-world attack on an AI-driven workflow or refining a policy for international safety, my goal is to provide a clean window of clarity in an increasingly complex threat landscape. I am always open to quiet conversations about the offensive side of security, the future of AI resilience, or the ongoing effort of building trust in technology.

Cybersecurity Researcher and Security Trainer with hands-on experience in Web, API, Active Directory, and Thick Client Application Security Assessments. Worked on multiple large-scale onsite VAPT engagements across enterprise environments, focusing on identifying complex attack paths, exploitation techniques, and realistic security risks.Specialized in offensive security operations involving Active Directory, cloud environments, and advanced web application testing. Experienced in conducting black-box and system-level security assessments, developing security testing methodologies, and researching emerging attack vectors. Holds expertise in Windows and Linux security architecture testing along with multi-cloud offensive security concepts across AWS, Azure, and GCP.Beyond assessments, actively involved in mentoring and training students and security enthusiasts through practical, real-world cybersecurity sessions. Passionate about security research, red teaming methodologies, wireless security, and building offensive security tooling. Frequently works on vulnerability research, security documentation, and conference-driven security content focused on practical attack demonstrations and defensive awareness.

lives in Boston with his wife and two cats, enjoys solving math problems on college chalkboards at night, and runs a website dedicated to the city's best dive bars. He works at a security startup and maintains a blog focused on OSINT and North Korea

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.

Partho Alkesh Pandya (known online as Psychomong) is a cybersecurity professional from Patan/Ahmedabad, Gujarat, India. He currently serves as Cyber Security Manager at Decimal Point Analytics in Ahmedabad. He previously worked as a Cyber Security Analyst at Demmisto Technologies.Professional Bio & ExpertisePartho is a recognized ethical hacker, bug bounty hunter, digital forensics expert, and VAPT (Vulnerability Assessment and Penetration Testing) specialist. He holds over 100 certifications, including CEH v13 AI (Certified Ethical Hacker) and ISO 42001 Lead Auditor. He focuses on practical cybersecurity research, threat intelligence, AI-related risks, deepfakes, and digital safety awareness.He is an active public speaker, educator, and content creator. He has:Delivered 130+ workshops and seminars on cyber awareness, ethical hacking, and emerging threats at colleges, universities, conferences (IIT & IIMs)and educational platforms.Trained police personnel on cybersecurity topics.Served as a panelist/expert on news channels (e.g., Nirman News) discussing topics like OpenAI trends, digital vigilance, and business cybersecurity risks.Built a following through his Medium blog (Psychomong), LinkedIn, Instagram (@parthopandya), and YouTube, where he shares practical insights, research, and awareness content. His blogging and speaking journey started after encouragement from mentors to deepen his own expertise by teaching others.Claim to FameBug bounty discoveries: Notably found and reported vulnerabilities (including an XSS flaw) on high-profile sites such as NASA and RBI (Reserve Bank of India), earning recognition in the ethical hacking community.Public educator and speaker: Frequently invited for talks, workshops, and media appearances on real-world cyber threats, making complex topics accessible to students, professionals, and law enforcement.Community contributor: Known for promoting free, practical cybersecurity education and collaborating on learning resources.

Sr. Security Engineer @ Coupa Software . Passionate Learner for OffSec and Security Engineering. Working collaboratively with Security Operations , Security Engineering & Threat Management @ Coupa Software

Guest Lecturer: Certified Ethical Hacking (CEH)Poornima University, Jaipur | 2023 (Offline/On-Campus)The Engagement: Delivered an intensive 4-day offline lecture series to a cohort of over 200+ cybersecurity students.The Impact: Managed the full end-to-end delivery of the CEH program, translating dense theoretical frameworks into practical, hands-on offensive security insights.Key Achievement: Successfully maintained high engagement for a large-scale student body, focusing on real-world exploit demonstrations and career guidance in the offensive security domain.International Cybersecurity TrainerBLACKOPS Cybersecurity Consortium | Online (International)The Engagement: Provided specialized online technical training specifically for cybersecurity students located in the Philippines.The Impact: Focused on bridging international security gaps by teaching advanced penetration testing methodologies and vulnerability research.Key Achievement: Delivered high-value training across time zones, ensuring that complex security concepts were accessible and actionable for a global audience.Head Coordinator & Mentor: National Internship ProgramMSG’s Crime Free Bharat (CFB) | 2021 (Online/National)The Engagement: Served as the Head Coordinator for a massive 6-month online internship program, managing and mentoring over 500+ students.The Impact: Oversaw the technical and administrative direction of the program, designed to educate the next generation of security professionals on digital crime prevention and offensive security basics.Key Achievement: Successfully scaled a mentorship framework to support a massive volume of interns, maintaining quality control and technical rigor over a half-year duration.

R.D. Tarun (RDT) is a cybersecurity researcher specializing in malware analysis, reverse engineering, and adversary tradecraft. His work focuses on dissecting real-world attack campaigns, with particular emphasis on multi-stage infection chains, fileless execution, and evolving infostealer ecosystems.He conducts in-depth research on active malware campaigns, tracking their progression from commodity tooling to custom-developed payloads. His analysis has uncovered previously undocumented behavior, including custom infostealers, infrastructure patterns, and techniques used to evade modern defenses. His research has been widely circulated within the security community and covered by multiple security news outlets and industry publications.His work combines static and dynamic analysis with memory-level investigation to trace full execution chains from initial access to data exfiltration. He focuses on understanding attacker tradecraft end-to-end and translating offensive techniques into practical detection strategies for SOC and DFIR teams.He actively publishes technical deep-dives on malware, including infostealers, fileless loaders, and multi-stage attack chains, and has presented his research at reputed security community meetups and forums.

Organizer & Speaker at DevFest 2025 (Trivandrum)Hands-on Kubernetes Workshop at GDG Cloud Community Days TrivandrumSpeaker at GDG Cloud Kochi launch event on 11 May 2022JPC recommendation on data protection: Impact on Startups conducted by the Centre for the Digital Future (CDF) on 6 January 2022Keynote address at Hac'KP Summit & Awards 2021 on 4th Sep 2021Startup Stories - #36 Beagle Security interviewData Privacy & Security for Business Analysts on 12 Dec 2020Hands-On Threat Hunting Workshop at OWASP Seasides, International Centre Goa on 3,4,5 March 2020CYINNOV8 - One Day Conference on “INNOVATIONS IN CYBERSPACE” at DR D S KOTHARI AUDITORIUM, DRDO Bhawan, New Delhi on 29 October 2018Security in Web Applications at Cyber Park KozhikodeMalware Analysis Basics for CyberDome volunteers at CyberDome TrivandrumKerala Police CyberDome Python Workshop at CyberDomeOWASP Kerala Student Outreach Program at KeralaWorkshop on Python Programming for College Faculties of KTU at Mar Baselios College of Engneering, Kollom on 24th & 25th July 2015Node JS Security (Coffee@DBG) at DBG Trivandrum on 03 Dec 2014Secure Deployment at DBG Trivandrum, Dec 2013Introduction to Jenkins at DBG Trivandrum on 04 Nov 2013Version Control with Git (Coffee@DBG) at DBG Trivandrum on 02 Oct 2013Code quality tools for PHP developers (Coffee@DBG ) at DBG Trivandrum on 05 Sep 2013

Satyam Gothi is a full-time bug bounty hunter, co-founder of Barracks, and a member of the elite Synack Red Team (SRT) - Top 200 worldwide - one of the most selective vetted researcher communities in the industry, with a sub-10% acceptance rate globally.Known online as RogueSMG, he is a Null Ahmedabad Champion, part-time Security content creator on YouTube, and a repeat speaker at BSides Ahmedabad - most recently presenting "Client-Side to Critical" at BSides Ahmedabad 0x05. He has spoken at security forums including NullAhm and PrivEscCon, and has been featured in tech talks by organisations including Treebo & HackenProof.At Barracks, he leads the design and execution of cognitive assessment events for Cybersecurity talent recognition & hiring - running structured vulnerability assessment challenges across events like BSides Ahmedabad, BSides Vizag, CyberKavach, IdentityShield Summit, and more.

Cybersecurity Consultant with over three years of hands-on industry experience, I specialize in offensive security—driven by a passion for uncovering and exploiting weaknesses before adversaries can. My work spans Red Team operations, Network Security, and Web/API Vulnerability Assessment & Penetration Testing (VAPT), with successful engagements across BFSI, IT Products & Services, and Healthcare sectors.With a strong research focus on Adversarial Tactics, Techniques, and Procedures (TTPs), I continuously explore emerging threat vectors and offensive methodologies to deliver actionable security insights that directly reduce business risk. My approach blends technical precision with creative attack strategies, ensuring organizations stay ahead of evolving cyber threats

Vinod has spent the past decade working in cybersecurity across financial services, government, and tech sectors. Currently a Staff Security Engineer at PIP Labs, he navigates the intersection of traditional enterprise security and the emerging world of Web3 and blockchain infrastructure.His journey has taken him through companies like Amazon, Zapier, and HackerOne, where he's gained hands-on experience in penetration testing, cloud security architecture, and application security. He works with AWS, GCP, and Azure environments, focusing on threat modeling and secure DevOps practices while approaching security as an enabler rather than a blocker.He shares his experiences and lessons learned through writing on Medium, breaking down complex security topics and exploring practical approaches to building security programs that work in real-world environments. Outside of his day job, he participates in bug bounty programs, mentors aspiring security professionals, and continues researching emerging threats and technologies in both traditional and Web3 security landscapes.

Vishal Chand is a Security Researcher at Zscaler focusing on AI driven cybersecurity and LLM security. He has spoken at Microsoft BlueHat Asia and multiple BSides conferences across India. His work explores real world AI threats, adversarial techniques, and next generation defense strategies.