Find Expert Speakers

Hushcon West 2019Presented a technical talk on cellular infrastructure security, focusing on real-world weaknesses in mobile and carrier-adjacent systems. The session drew from hands-on research into cellular protocols, deployment realities, and how attackers exploit assumptions in telecom environments that are often treated as “trusted” or out of scope by enterprise security teams.Hushcon East 2023Delivered a talk centered on hacker culture, attacker mindset, and how security thinking evolves outside formal frameworks. The session explored how curiosity-driven exploration, informal knowledge sharing, and cultural norms shape real attacker behavior more accurately than checklists, tooling, or compliance-driven models.PRaSEC 2023Presented a red-team-focused session on Domain Admin attack paths, blending practical exploitation techniques with philosophical perspectives on adversary reasoning. The talk emphasized how attackers model trust, authority, and system design to move from initial access to full domain control.

A motivated individual always up for breaking stuff ! Currently working as a Red Team Security Consultant with a focus on penetration testing and security assessments for Web, Mobile, API, OT, and Network environments. I have experience leading 150+ security assessments, working with vendors from various industries such as government agencies, private organizations, healthcare, crypto, finance, retail, education, and many more to identify vulnerabilities and improve their overall security and help organizations strengthen their defenses against potential threats.In addition to my professional work, I’m an active bug bounty hunter on platforms like Bugcrowd and Synack. I’ve earned recognition in 70+ Hall of Fame lists, including those of Microsoft, Apple, Google, Zoom, Okta, Canva, Indeed, Atlassian, Dell, and many more. Helping organizations strengthen their security by identifying vulnerabilities and contributing to their overall cybersecurity efforts.Constantly learning, always hacking, I thrive on offensive security challenges and take pride in discovering the unknown before attackers do.

Dr. Gregory Carpenter is Principal Partner at CW PENSEC and a retired U.S. Army officer with over two decades of operational experience spanning intelligence, counterintelligence, electronic warfare, deception, and security testing. He previously served in senior roles across joint and interagency environments and was recognized as NSA Operations Officer of the Year for his work in advanced operational analysis and mission execution.Dr. Carpenter’s professional focus centers on adversary modeling and the failure modes of trust, identity, and attribution under adaptive threat pressure. His work examines how emerging technologies—including cyber-physical systems, in vivo and nano-scale technologies, automation, and information operations—alter attacker behavior and invalidate long-standing defensive assumptions. He has led and advised offensive and defensive programs across cyber, information, and electronic warfare domains, with particular emphasis on how identity collapses when human operators are no longer stable or external to the systems they access.At conferences and in research settings, Dr. Carpenter translates complex adversary behavior into practical defensive insight, emphasizing how organizations must redesign identity, access control, and trust models for environments where compromise is expected rather than exceptional. He has presented at DEF CON’s Misinformation Village (2023), Adversary Village (2025), and the DEF CON Creator Stage (2024, 2025).

I'm Hrishikesh Somchatwar, a Storyteller, Electronics Hacker, and Bestselling Author based in France.🔗 Connect With Me: Email: hrishikeshsom@gmail.com LinkedIn: linkedin.com/in/hrishikesh-somchatwar/📖 Publications: "Exploitation of Embedded Systems" – Presented at Car Hacking Village "Hacking with Physics" – Showcased at HackFest Canada 2021 "Car Hacking Village" – Authored publication🎙️ Speaker & Trainer:I've had the privilege of speaking and providing training at esteemed cybersecurity conferences, including: DeepSec Austria SCSA Georgia SecurityFest Sweden Defcamp Romania (2019, 2023) Bsides Ahmedabad Bsides Delhi c0c0n HackFest CanadaKey Topics: Automotive Cybersecurity Hardware Security IoT Security Car hacking techniques Tools for embedded system exploitation📚 Author:As the bestselling author of "Hacking the Physical World", my book topped Amazon charts in the USA and India.🎧 Podcast:Check out "The Storytelling Hacker", where I blend storytelling with electronics hacking. Available on: Spotify Apple Podcasts Google Podcasts💼 Professional Journey: Valeo: Worked on cutting-edge automotive cybersecurity solutions and advanced hardware technologies. Security Researcher: Contributed to NDA-protected projects at a confidential company in Maharashtra, India. Hardware Security Intern: Played a pivotal role in a cybersecurity startup, conducting security testing on: Cars IoT devices PLCs SCADA systems

Mathew Caplan is Director of International Professional Services and a Security Advisor for Orange Cyberdefense based in London, England. He is a highly experienced cybersecurity specialist with over 25 years in the field and a proven record in the implementation of information risk management processes.As a recognised trusted advisor, Mathew has helped many businesses with cybersecurity strategy, governance, process and policy. He works in the Orange Group on many international projects being the go-to guy on security and compliance matters and enjoys finding sustainable solutions to challenging problems.Mathew loves music, movies, and cats and wherever possible will combine his audio-visual skills to simplify complex topics and breathe life into cybersecurity.

A Telco Security Researcher and Embedded System Developer with over 10 years of experience in telecommunication protocol analysis, embedded system design, and cybersecurity research. Founder and principal researcher at NOZ Berkarya Indonesia, focusing on emerging network security, OpenBTS/Osmocom stack integration, and SIEM for Telco networks. Specialized in combining radio frequency analysis, reverse engineering, and real network behavior modeling to improve detection, response, and resilience in telecom infrastructures (2G–5G). Committed to advancing Sustainable Development Goal (SDG) 9: Industry, Innovation, and Infrastructure, by fostering innovation and resilient digital infrastructure through open-source research and secure communication technologies.These are some of the results of my research that I have published.1. 2 Januari 2015 - Publication of research result at Infosec Institute with title “Introduction to RFID Security” At this research we do Reverse Engineering at ticket commuter line and make a attack scenario RFID   2. Januari 2015 - Research RFID – Berdikari Standalone RFID Reader dan Emulator At this research we do a design PCB use ATmega328P to be Reader and Emulator to do cloning RFID Tag.  • Deep learning microcontroller  • Emulate RFID Tag  • RFID cloning more than 3 tags in 1 Device   3. 12 Februari 2015 - Publication of research result at Infosec Institute with title “Introduction to Smartcard Security”At this research we learn about communication of protocol used on Smartcard EMV Debit Card and 4G Provider BOLT and implement several attack  • Deep learning about SIM Card  • Smartcard Architecture  • simulated attack identification     ◦ Physical attack: Reverse engineering, Smartcard cloning    ◦ Remote attack: IMSI catcher, OTA     4. 19 Maret 2015 - Publication of research result at Infosec Institute with title “Introduction to GSM security” At this research we learn about communication of protocol used on Handphone and BTS (base transceiver station). We do analysis using radio (Universal Software Radio Peripheral) to know type of encription used and tracking handphone location used LAC and Cell ID.  • Analisys 2G GSM Protocol  • Tracking IMSI in your area   5. 9 Juni 2015 - Publication of research result at Infosec Institute with title “Reverse Engineering of Embedded Devices”At this research we learn about how to work “broadcasters livestream” with identify all CHIP used and learning about protocol communication used, we do Reverse Engineering using Bus Pirate and Saleae Logic Analyzer.  • Device disassembly and PCB design analysis.  • Debugging Communication Protocol 1-Wire, UART, I2C, SPI, JTAG.  • Analyze the logic signals, capture sampling and decode protocol.  • extracting the firmware.  • Mapping the component Device and protocol used   6. Maret 2016 - Publication Mini Course of INFOSEC INSTITUTE with title “Advanced Pentesting Techniques with Metasploit”    • AUXILIARY — Scanners (Intermediate → Advanced). Mastery of additional modules for discovery, fingerprinting, and brute force against services  • AUXILIARY — Fuzzers (Intermediate). Find crashes/vulnerabilities in services through Metasploit's built-in fuzzing  • Credential Harvesting & Social-Engineering (Intermediate → Advanced). Technique to retrieve credentials from endpoints via post-exploit modules.  • Post-Exploitation — Privilege Escalation (Advanced).  • Post-Exploitation — Lateral Movement & Persistence (Advanced).  • IE Proxy PAC / Proxy Abuse (Attack on Browsing Infrastructure) (Advanced).  • Misc: NOP generator & Encoders (Exploit robustness / Evasion) (Advanced).  • Advanced module/payload configuration & custom Metasploit modules (Expert)   7. Desember 2018 - Research and manufacture of post-disaster telecomunication equipment. Post-disaster telecommunications equipment (portable BTS / emergency comms kit) aims to provide emergency voice/data services when commercial infrastructure is damaged. This solution involves the design of radio equipment (small/portable BTS), a standalone power system, backhaul options (satellite / microwave / cellular fallback), antenna and RF tuning, signal security, and field operations and logistics procedures.8. 24 Agustus 2019 - Publication of research result at Infosec Institute with title “Mobile Phone Tracking”At the research we learning about protocol communication between Mobile Phone and BTS (base transceiver station) working, with identification LAC , Cell ID and Timing advance (TA) we could to know where the signaling come from.   9. September 2025 – SIEM Telco Research at the research we make a idea inovasion combination of OpenBTS , Osmocom Stack , and ella-core to build a telco-aware SIEM pipeline, benefit for analysis behavior endpoint and cell realtime for detection response, low level kernel analysis behavior realtime detection response, fraud detection realtime.