Find Expert Speakers

As a seasoned speaker and trainer, Anant has shared his expertise at various prestigious platforms including Black Hat (USA/ASIA/EU), Defcon, Nullcon, c0c0n, and Rootconf. His extensive involvement in these conferences extends to serving as a CFP reviewer for Blackhat EU, nullcon, Rootconf by Hasgeek, and multiple villages at Defcon (Recon, Adversary and Cloud), showcasing his dedication to nurturing and elevating the discourse within the field.

I’m a results-driven Principal SecOps Engineer with over 15 years of proven expertise spanning across multiple organisations in various service sectors in architecting and delivering world-class security programs for global software organizations. I’ve spearheaded transformational automation initiatives, reducing report-generation times by over 95% and built unified multi-cloud compliance frameworks that consistently pass rigorous audits and compliances. I've created AI-powered attack surface platform earned international hackathon recognition, and I’ve presented SecOps deep dives at VULNCON, top engineering colleges, and industry forums.As Cloud Security Lead and Principal Engineer at Perforce, I’ve led high-impact teams to operationalize continuous monitoring, vulnerability management, and incident response at scale.A CISSP-certified mentor and community advocate, I actively contribute to open-source security projects and share expertise through workshops, and local meetups empowering the next generation of security professionals.

Danish Tariq is a Security Engineer by profession and a Security researcher by passion. He has been working in Cyber Security for over 8 years and it all started out of a curiosity to break things and look deep down into those things (physical or virtual) back in his teenage years. His major expertise is Penetration Testing and Vulnerability Assessments.He was also involved in bug bounty programs as well, where he helped many companies by finding vulnerabilities at different levels. Companies include Microsoft, Apple, Nokia, Blackberry, Adobe, etc.Spoke @ BlackHat MEA 2022 (Briefing: Supply-Chain Attacks)Featured in "The Register" for an initial workaround for the NPM dependency attacks.Certified Ethical Hacker, Certified Vulnerability Assessor (CVA), Certified AppSec Practitioner, Certified Network Security Specialist (CNSS),IBM Cyber Security AnalystEx-Chapter Leader @ OWASPEx-Top Rated freelancer (Information security category) on UpworkRecent security research and CVEs include - CVE-2022-2848 & CVE-2022-25523Served as a Moderator @ OWASP 2022 Global AppSec APAC.Researched and Speaker at MCTTP, Germany - HITB, Thailand - OOTB, Indonesia and many more.

Donavan is a Physics graduate turned into cybersecurity consultant with >8 years of experience in a variety of cybersecurity domains (e.g. offensive security, threat modeling, maturity assessments, security architecture) and business domains (cyber GRC).He blends his understanding of clients across both public and private sectors to identify key cybersecurity concerns and solutions to enable companies' cybersecurity compliance, confidence and cost-effectiveness (3 Cs).He has numerous contributions to the cybersecurity community since 2018. He has written hacking challenges, spoken at numerous conferences and events (SECCON JP, Threat Modeling Connect Japan, GCC 2025 @ Taiwan, Seasides 2025 @ Goa, SINCCON @ Singapore, DefCamp @ Romania) on topics ranging from threat modeling to application security. He has conducted career talks to encourage younger students from middle school to university levels to enter the cybersecurity industry. He also sits on the advisory board of VULNCON (since 2024), BSides Mumbai and Vazig, and has authored numerous articles on ISACA on topics ranging from post-quantum cryptography, to the relations between social sciences and cybersecurity as well as threat modelling. His views on cybersecurity has also been quoted by "The Pentester Blueprint" written by Phillip L. Wylie and Kim Crawley, and Offensive Security. He also contributes to the ISC2's Unified Body of Knowledge (UBK) through the Technical Advisory Panel Workshop.In Thales, he has also led a team to create a made in Singapore cybersecurity gamification experience, "Defend the Breach" (DTB), in three months, where players role-play CISO roles to make difficult cybersecurity decisions, taking into account both cyber and non-cyber factors such as the overall health of the business, manpower and operational requirements.Donavan also possesses certifications ranging from Offsec certifications (OSCE3, OSCP), ISC2 (CISSP), ISACA (CRISC) and is more than halfway through his Masters in Cybersecurity at Georgia Tech (OMSCY).On the mentorship front, he has developed and helped two mentees secure jobs, and mentors a dozen mentees in various capacities (individuals, cyber start-up founders)Outside cybersecurity, Donavan has also represented Singapore in international forums such as the ASEAN-India Youth Summit as a delegate.Find out more about me at https://donavan.sg and my cybersecurity writing at https://donavan.sg/blog.

Louis Nyffenegger is an experienced speaker and trainer known for delivering high-impact talks on web security, vulnerability research, and security code review.Highlights include:Keynote Speaker at BSides Canberra Delivered the keynote “A journey to Mastery” sharing actionable strategies for building skills.DEF CON: multiple workshops and talks at DEFCON and villages on SAML, JWT and code reviewOWASP California: talk on JWTNumerous talks at meetups, private workshops and training sessions with top red teams, pentesters, and application security teams worldwide.Louis’s talks are known for blending technical depth with practical, experience-driven advice, helping attendees level up their security skills beyond checklists and automated tools.

Orange Tsai is the principal security researcher of DEVCORE and a core member of CHROOT security group in Taiwan. He is also the champion and title holder of 'Master of Pwn' in Pwn2Own Vancouver 2021 and Toronto 2022. Additionally, Orange has spoken at several top hacking conferences, such as Black Hat USA (6 times), DEF CON (5 times), HITCON (12 times), CODE BLUE (6 times), POC, Hexacon, RomHack, HITB, and WooYun!Currently, Orange is a 0day researcher focusing on Web and Application Security. His research not only earned him the Pwnie Awards winner for "Best Server-Side Bug" in 2019 and 2021 but also secured 1st place in the "Top 10 Web Hacking Techniques" for 2017, 2018 and 2024. In his free time, Orange also engages in bug bounties. He is especially enthusiastic about RCE, successfully identifying critical RCEs across a broad range of vendors, including Twitter, Facebook, Uber, Apple, Netflix, Tesla, GitHub, Amazon, and more.

Patrick Ventuzelo is a senior security researcher, CEO & founder of Fuzzinglabs. After working for the French Ministry of Defense, he specialized in fuzzing, vulnerability research, and reverse engineering. Over the years, Patrick has created multiple fuzzers, found hundreds of bugs, and published various blog posts/videos/tools on topics like Rust, Go, Blockchain, WebAssembly, and Browser security. Patrick is a regular speaker and trainer at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, RingZer0, PoC, ToorCon, hack.lu, NorthSec, SSTIC, and others.

I'm a security researcher with a passion for OS internals and all things low-level. Over the years I have specialised in Android & the Linux kernel, but have dabbled in a number of domains. When I'm not figuring out how things work and breaking them, I love to share my experiences and help others; whether it's via my blog, talks or mentoring.