Find Expert Speakers

Chi-en “Ashley” Shen is a Security Research Engineering Technical Leader at Cisco Talos, specializing in emerging threat research—ranging from nation-state attacks to financially motivated crimes and spyware campaigns. Before joining Cisco, she worked at Google’s Threat Analysis Group, where she hunted zero-day exploits and tracked botnets. Prior to that, she was part of Mandiant’s Global Research Team, where she co-authored the APT41 report and published research on ICEFOG campaigns. In Taiwan, Ashley co-founded Team T5 and served as a senior threat analyst with a focus on targeted attacks in APAC. A passionate advocate for women in cybersecurity, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan, and she currently organizes Rhacklette, a security community for FINTA in Switzerland. She has presented her research at a range of conferences, including Black Hat, HITB, HITCON, FIRST, Pivotcon and CODE BLUE. In her free time, she supports the community by offering training sessions and serving on the review boards for Black Hat, HITCON, and HITB.

Donavan is a Physics graduate turned into cybersecurity consultant with >8 years of experience in a variety of cybersecurity domains (e.g. offensive security, threat modeling, maturity assessments, security architecture) and business domains (cyber GRC).He blends his understanding of clients across both public and private sectors to identify key cybersecurity concerns and solutions to enable companies' cybersecurity compliance, confidence and cost-effectiveness (3 Cs).He has numerous contributions to the cybersecurity community since 2018. He has written hacking challenges, spoken at numerous conferences and events (SECCON JP, Threat Modeling Connect Japan, GCC 2025 @ Taiwan, Seasides 2025 @ Goa, SINCCON @ Singapore, DefCamp @ Romania) on topics ranging from threat modeling to application security. He has conducted career talks to encourage younger students from middle school to university levels to enter the cybersecurity industry. He also sits on the advisory board of VULNCON (since 2024), BSides Mumbai and Vazig, and has authored numerous articles on ISACA on topics ranging from post-quantum cryptography, to the relations between social sciences and cybersecurity as well as threat modelling. His views on cybersecurity has also been quoted by "The Pentester Blueprint" written by Phillip L. Wylie and Kim Crawley, and Offensive Security. He also contributes to the ISC2's Unified Body of Knowledge (UBK) through the Technical Advisory Panel Workshop.In Thales, he has also led a team to create a made in Singapore cybersecurity gamification experience, "Defend the Breach" (DTB), in three months, where players role-play CISO roles to make difficult cybersecurity decisions, taking into account both cyber and non-cyber factors such as the overall health of the business, manpower and operational requirements.Donavan also possesses certifications ranging from Offsec certifications (OSCE3, OSCP), ISC2 (CISSP), ISACA (CRISC) and is more than halfway through his Masters in Cybersecurity at Georgia Tech (OMSCY).On the mentorship front, he has developed and helped two mentees secure jobs, and mentors a dozen mentees in various capacities (individuals, cyber start-up founders)Outside cybersecurity, Donavan has also represented Singapore in international forums such as the ASEAN-India Youth Summit as a delegate.Find out more about me at https://donavan.sg and my cybersecurity writing at https://donavan.sg/blog.

Johann Rehberger has over twenty years of experience in threat modeling, risk management, penetration testing, and red teaming. During his tenure at Microsoft, Johann established a Red Team within Azure Data and led the program as Principal Security Engineering Manager. He went on to build a Red Team at Uber, and currently serves as Red Team Director at Electronic Arts. In addition to his industry roles, Johann is an active security researcher and a former instructor in ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK and ATLAS frameworks and is the author of "Cybersecurity Attacks - Red Team Strategies". He holds a master's degree in computer security from the University of Liverpool. You can find his latest research at embracethered.com.

Over 12 years of experience in the security domain, specializing in Penetration Testing, Application Security, Cloud Security, Architecture and Forensics Investigation.Leading an Offensive Security (OffSec) team with a passion for Red Teaming and Security Research.Reported multiple vulnerabilities in products and applications, recognized with CVEsHolds prestigious certifications including GIAC Cloud Penetration Tester (GCPN), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Certified Red Team Operator (CRTO), among othersPresented at prominent conferences such as Bsides Budapest, Bsides Milano, Hacktivity, VulnCon 2024, Hacker Halted, CyberSec Asia, Identity Shield, Microsoft BlueHat 2025, PHDays 2025 and VulnCon 2025.

Pallavi is a Cloud Security Manager, overseeing cloud security operations and IAM, with 15 years of experience in cybersecurity. Passionate about application security, she excels in navigating complex security challenges, consistently working to strengthen defenses against emerging threats. With deep expertise in penetration testing, Pallavi focuses on identifying vulnerabilities and strengthening defenses in complex and challenging environments. She has spoken at multiple industry-leading conferences like HackerHalted, Vulncon, Identity Shield and BlueHat and continues sharing her knowledge and expertise in cybersecurity.