Akshansh Jaiswal is a security engineer at CRED who works closely around Web ,Mobile and Cloud Security.He is also an active CTF player where he has won several CTF's such as Hackerone CTF's -h1 100k CTF, Hacky Holidays CTF,h1-2006 CTF, BugPOC CTF's and community CTF's. He also participates actively in Bug Bounties where he is an active hacker on platforms like Hackerone and Synack Red Team where he finds and reports vulnerabilities to various organisations.He has also been part of Hackerone exclusive Live hacking event h1-2103 where selected hackers got a chance to find security issues in Amazon public applications and infrastructure.
- Android Application Hacking with Damn Vulnerable Bank
Head of customer solutions, security software engineer at Cossack Labs
I am a software engineer with ~10 years of experience in many languages and technologies, specialising in security engineering, data security and applied cryptography.
- Cryptographic protection of ML models
Andriy is an accomplished manager with 10+ years of experience in various industry verticals. He has started his IT Audit and Consulting career and continued in Enterprise IT and Software Development services.
Andriy has experience in leading customer relationships within the US, UK, and Western Europe geographies, responsible for distributed teams and permanent engagements of different scales.
Andriy has stood at the root of the Ukrainian cybersecurity professional community and has joined BSG to advance his contribution to the cybersecurity industry's development.
At BSG, Andriy leads the Project Management Office and acts as a security consulting practice lead.
- Dzień dobry, you’re hacked. Review of the biggest recent security incidents related to state, business, and mass sectors in Poland.
- Security researcher for last 5 years
- Started my career as penetration tester at UnderDefense
- Malware analyst in the past
- Splunk enthusiast
- Maintaining blog about Threat hunting and Malware Analysis in my free time (https://bogdanvennyk.medium.com/)
- Attacks on Windows Infrastructure (Blue Team edition)
- Hunting for APT in network logs
Daniel Miessler is a security professional, writer, long-time contributor to OWASP project, author of Unsupervised Learning podcast, SecLists project, worked with companies like HP, Apple, recently with Robinhood.
- Special Interview with Daniel Miessler
Application security engineer and lead curriculum contributor for Go, Python, and ES6 at @SecurityJourney. Aspiring to become a gentle FOSS maverick by age 60.
- Why the Options Pattern is Great for Security
Not too public person :)
- DFA and code control flow obfuscation: a real-world example
Security Engineer @ CRED
- Centralised Monitoring and Alerting system over AWS
Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation, where she runs EFF’s Threat Lab. She has spent the last 14 years helping to improve the digital security of vulnerable populations, ranging from journalists to activists to survivors of domestic abuse. She has published research on APTs from Lebanon, Vietnam, Syria, and Kazakhstan, and is one of the founders of the Coalition Against Stalkerware.
- Special Keynote: Eva Galperin
I’ve been working Principal Security Engineer at Talkdesk, Security Researcher at SenhaSegura and Instructor at Hacker Security…I’m Hacking is NOT crime Advocate. I’m part of the Staff team of DEFCON Group São Paulo-Brazil, International Speakers in Security and New technologies events in many countries such as US, Canada, Germany, Poland and others, I’ve been served as University Professor in Graduation and MBA courses at brazilian colleges, in addition, I'm Creator and Instructor of the Course Malware Attack Types with Kill Chain Methodology (PentestMagazine) and Malware Analysis - Fundamentals (HackerSec Company).
- Discovering C&C in Malicious PDF using deobfuscation, encoding and other techniques
Hrushikesh Kakade specializes in advanced assessments of Mobile Security (Android and iOS), Network Infrastructure Security, DevSecOps, Container security, Web security, and Cloud security. Hrushikesh is a member of the Synack Red Team and is a holder of renowned OSCP (Offensive Security Certified Professional) certification. He is an active member of local Cybersecurity chapters and has delivered multiple talks and workshops. He is an Open Source Contributor and has a keen understanding of Linux Internals. He has received multiple CVEs to his name for finding vulnerabilities in different applications.
- Android Application Hacking with Damn Vulnerable Bank
Julia is a Security Software Engineer at Cossack Labs, building convenient and affordable data security and encryption solutions. With background experience in mobile application development, she helps customers to choose and implement security controls for their products. Julia is passionate about tech communities. She is a Security Lead at Women Who Code Kyiv, a Leader of the OWASP Zhytomyr Chapter, and a contributor to OWASP MASVS/MSTG.
- Why can't developers make it secure?
Костянтин Корсун
У 2000-2005 роках Костянтин працював заступником керівника відділу боротьби з комп’ютерною злочинністю при Департаменті контррозвідки СБУ, а пізніше – одним із засновником та першим керівником CERT-UA.
Після звільненні зі служби Костянтин працював директором українського офісу міжнародної кібербезпекової компанії iSIGHT Partners (тепер є частиною FireEye), пізніше співпрацював з Symantec Corp. у якості незалежного постачальника послуг Threat Intelligence.
Наразі Костянтин є співзасновником та виконавчим директором кібербезпекової компанії Бережа Сек’юріті, яка надає послуги тестування на проникнення, оцінки безпеки програмного забезпечення, оцінки на соціальну інженерію, розробки та впровадження програм безпеки додатків, безпекової обізнаності персоналу, Bug Bounty, тощо.
Пан Корсун є активним членом української кібер-спільноти, пропагуючи ідеї розвитку індустрії кібербезпеки в українському суспільстві.
Kostiantyn Korsun
As former deputy head of Cybercrime Department at Security Service of Ukraine (colonel retired), Kostiantyn was one of the founders and the first head of CERT-UA. After resigning from the service, Kostiantyn acted as Regional Director for Ukraine Research Office of iSIGHT Partners, international cyber threat intelligence company (now is a part of FireEye). Then he cooperated with Symantec Corp. as an official vendor of Threat Intelligence services.
Currently, Kostiantyn is a COO and Co-Founder of Berezha Security LLC., a company that provides services in Penetration Testing, Security Awareness Programs, Software Security Assessment, Bug Bounty Program, Social Engineering Assessment, Application Security Programs.
Mr Korsun is an active member of the local cyber community in Ukraine, promoting cybersecurity ideas within Ukrainian society.
- Де моя стратегія, чумба?
Security Systems Engineer at EPAM Systems
- Let's play a game
4 years experience as a full time IT-Security Analyst I am currently responsible for malicious software analysis, forensics, incident response, Security Product researches and development.
Speaker at:
- OWASP Ukraine 2018: Security issues with Chrome extensions on practical use cases.
- DC38032 Lviv 2019: MacOS forensics and anti forensics (tips and tricks)
- Lviv Polytechnic National University training: Windows Persistence mechanisms
- Hunting for APT in network logs
Philippe Delteil is Computer Science Engineer from the University of Chile, he gave his first talk at Defcon 26 Skytalks, called "Macabre stories of a hacker in the public health sector", his country's government sent 3 officials to record the talk, they did. He's been reporting bugs for a year. He's an annoying github issue opener of some opensource tools like axiom, nuclei, dalfox and bbrf; also makes small contributions to 'Can I take Over XYZ?'
- Bug bounty hunting Workshop
Rewanth Tammana is a security ninja, open-source contributor, and Senior Security Architect at Emirates NBD. He is passionate about DevSecOps, Application, and Container Security. He added 17,000+ lines of code to Nmap (famous as Swiss Army knife of network utilities). Holds industry certifications like CKS (Certified Kubernetes Security Specialist), CKA (Certified Kubernetes Administrator), etc.
Rewanth speaks and delivers training at multiple international security conferences around the world including BlackHat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others.
He was recognized as one of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. He also published an IEEE research paper on an offensive attack in Machine Learning and Security. He was also a part of the renowned Google Summer of Code program.
- Android Application Hacking with Damn Vulnerable Bank
Roger Johnston is a security specialist at Ubisoft and a member of CogSecCollab. In 2020, Cognitive Security Collaborative set up the CTI League's disinformation team, and continues to work with groups around the world to bootstrap communities of disinformation responders.
His work involves security consulting, adversary emulation, and malware development. At CogSecCollab he researches influence operation TTPs and develops mitigation strategies for the AMITT framework, performs red team exercises, and develops trainings.
- Influence operation mitigation with the AMITT framework
Security Engineer@CRED, likes to break network, cloud and application logics and in free time like to automate all the findings to take away the pain of re-testing the same things again and again, and research on new attack vectors.
- Centralised Monitoring and Alerting system over AWS
Sharon Brizinov is the vulnerability research team lead at Claroty. He specializes in vulnerability research, malware analysis, network forensics, and ICS/SCADA security. In addition, Brizinov participated in well-known hacking competitions such as Pwn2Own, and he holds a DEFCON black-badge for winning the ICS CTF.
- All Roads Lead to OpenVPN: Pwn’ing Industrial Remote Access Clients