Rafaela Durlo

Topic: SAST, SCA, DAST

AppSec enginner helping companies have a sucefull build secure process, optimizing the AST tools and training securoty Champions and developers.

@

Yoad Fekete

Topic: Supply Chain

I am a DevOps engineer with over 13 years of experience in IT, DevOps, and DevSecOps.I have designed, built hands-on, and secured complex Cloud & On-Prem projects in startups and corporates.It started from the Stone era when people deployed servers in racks. Creating infrastructure end to end, from the cable level up to the application level, was an immense privilege. In my last role, I led a group of DevOps engineers at Microsoft. Microsoft was one of the companies attacked by the Solarwinds attack, and my team was part of the incident response group. After that, we figured out that we are not protected from such future attacks - And so I started Myrror to tackle that problem.I'm a cat enthusiast, and in my non-existent spare time, I play the drums and some soccer.

@

Kirill Efimov

Topic: AI Security

As a seasoned security researcher, I've led teams at Snyk and now helm security research at Mobb. With a wealth of publications and speaking engagements, I've delved deep into the intricacies of cybersecurity, unraveling vulnerabilities and crafting solutions. From pioneering research to impactful talks, my journey is fueled by a passion for safeguarding digital landscapes. Join me as I share insights, strategies, and innovations in the ever-evolving realm of cybersecurity.

@

Klaus Agnoletti

Topic: Cyber Games

Klaus Agnoletti has been an all-round infosec professional since 2004. He co-founded BSides København in 2019. Recently he started out as an infosec freelancer focusing on storytelling in marketing, employer branding, game-based learning or wherever new ideas bring him.

@

Mykola Kolomiiets

Topic: Application Security - SDLC

Starting as a Full Stack Developer, I quickly mastered both front-end and back-end technologies, delivering innovative and integrated solutions. My transition to a Tech Lead role showcased my leadership and technical skills, leading complex projects to success. Diving into AI and cybersecurity, I enhanced our software's security and intelligence, leveraging my skills to drive innovation. Now, as a Solutions Architect, I blend my development, leadership, and technical expertise to architect solutions that align with business goals and drive digital transformation.

@

Mikołaj Kowalczyk

Topic: AI Security

Pentester, security specialist, LLM security enthusiast and hackathon addict from Poland, currently living in Norway.

@m1k0ww

Steve Borosh aka rvrsh3ll

Topic: Cyber War

Steve Borosh started hacking the planet with Black Hills Information Security in 2021 and has been instructing offensive courses since 2015. Steve has instructed at conferences such as BlackHat and Wild West Hackin' Fest, for Fortune 500 companies, and for federal law enforcement. He currently annoys system administrators as part of the ANTISOC team at BHIS and enjoys releasing shock-and-awe research blogs and open-source tools to drive change in the industry.

@rvrsh3ll

Cassio Pereira

Topic: Application Security

Cassio Batista Pereira, a.k.a. @cassiodeveloper, is a Software Developer and Architect by training. He acts as Cyber Security Engineer and thus helps companies and professionals to build more secure solutions. He has 19 years of experience in the Development market for the most varied business segments, where he gained knowledge to work with different technologies, programming languages and processes. He is an evangelist for the Safe Development culture.

@cassiodeveloper

Marcos Santos

Topic: AppSec

Systems analyst and Programmer from Brazil now living in Germany. I have always focused on information security and currently study Cyber Security programming. One of my differentials is that I like to pass on information and teach those who are entering in the area of Technology

@

Fabian Kammel

Topic: Cloud Security

Fabian Kammel is a Senior Security Consultant at ControlPlane, where he helps to make the (cloud-native) world a safer place. His goal is to bring hardware security and cloud-native security closer together, as well as, improving the developer experience in the security space. He previously spoke at KubeCon, SigstoreCon, was a guest on the Kubernetes Podcast, and regular host of the CNCF TAG Security.

@datosh18

Danish Tariq

Topic: Secret Scanning

Danish Tariq is a Security Engineer by profession and a Security researcher by passion. He has been working in Cyber Security for over 8 years and it all started out of a curiosity to break things and look deep down into those things (physical or virtual) back in his teenage years. His major expertise is Penetration Testing and Vulnerability Assessments. He was also involved in bug bounty programs as well, where he helped many companies by finding vulnerabilities at different levels. Companies include Microsoft, Apple, Nokia, Blackberry, Adobe, etc.

• Spoke @ BlackHat MEA 2022 (Briefing - Supply-Chain Attacks)
• Featured in "The Register" for an initial workaround for the NPM dependency attacks.
• Certified Ethical Hacker, Certified Vulnerability Assessor (CVA), Certified AppSec Practitioner, Certified Network Security Specialist (CNSS), IBM Cyber Security Analyst
• Ex-Chapter Leader @ OWASP
• Ex-Top Rated freelancer (Information security category) on Upwork
• Recent security research and CVEs include - CVE-2022-2848 & CVE-2022-25523
• Served as a Moderator @ OWASP 2022 Global AppSec APAC.

@

Andrii Mytroshyn

Topic: Offensive Security

Samsung Electronics, computer graphics 6 years and 8 month. Visteon Corporation, computer graphics 5 years and 5 month. Carbon black, security 1 year and 4 month

@

Hassan Khan Yusufzai

Topic: Secret Scanning

Highly experienced Security Researcher with a proven track record of internet-wide scanning and Penetration Testing. A sought-after speaker, Hassan recently presented at the BlackHatMEA 2022 conference. His expertise extends to Ruby security, where he has conducted extensive research over the past few years. As a certified OSCP (Offensive Security Certified Professional), Hassan has also made a name for himself as a successful bug bounty hunter on both HackerOne and Bugcrowd. Hassan's achievements have earned him recognition in the industry, including inclusion in the Google Security Hall of Fame (2017), Twitter Security Hall of Fame (2017), and Microsoft Security Hall of Fame (2017). He has also conducted extensive research into WordPress security and won the HackFest CTF competition. In addition to his research, Hassan is also the developer of GemScanner.py and an npm scanner for account hijacking, further demonstrating his commitment to the security field and his skills as a developer.

@Splint3r7

Dorota Kozlowska

Topic: Social Engineering

Dorota Kozlowska dreamed of becoming a hacker since her youngest days, and then one day she decided that it is time to take that leap of faith and change her life for the one she envisioned for herself. As a certified cybersecurity specialist, she shares why she established herself in the cybersecurity industry to 'be the senior you needed when you were a junior', and tries to empower other women to become cybersecurity specialists. This is why she shares her learning journey, tips on how she became a cybersecurity professional, as well as useful learning and motivational material to help others build courage and follow their dreams - the way she did. She also enjoys sharing knowledge and insights as an international keynote speaker. Dorota is passionate about the Red Team, and Black Ops part of the Cyber Universe, as she worked as a Penetration tester for a few years, but now at Yogosha is responsible for building and growing the Hacker community, and ensuring the Hackers are successful at their endeavors just as a Hacker Success Manager should. Recognition - the Cyber Woman Hope (Europe) trophy handed out by CEFCYS, and 40 under 40 in Cybersecurity 2023 from the Top Cyber News Magazine. She loves gaining new skills and learning about new technologies. Possesses a strong investigative mindset with attention to detail, loves challenges, and on top of that she is a genuinely nice person. Degrees in Economics (Masters), Management and Marketing (Bachelors), and Computer Science (Post-grad). An avid cyclist, archer, guitar player, and adventurer.

@

Brian Vlootman

Topic: Keynote

Brian Vlootman is a pragmatic and passionate information security professional with more than 25 years of experience in information security in both technical and leadership roles. He’s currently serving as Backbase’s Chief Information Security Officer, tackling the challenges of empowering hundreds of developer and ops team to deliver secure banking applications.

@

John Strand

Topic: Keynote

John is the owner of Black Hills Information Security, a company specializing in penetration testing and security architecture services. He feels strongly that education is how the world of information security will change for the better and spends a considerable amount of time teaching and presenting around the world. He has presented for the FBI, NASA, the NSA, DefCon and is a frequent guest on Enterprise Security Weekly. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing

@

Paweł Kusiński

Topic: AI Security

Paweł is a Penetration Tester and Security Researcher at Snowflake, focusing on app and cloud security. He likes to share his knowledge by leading various workshops, giving conference talks, and teaching at universities. AWS Community Builder. In his free time, he is a CTF player (member of justCatTheFish) and enjoys buying too many Legos, despite the lack of space for more.

@_pkusik

Paul Molin

Topic: AI Security

After training in information systems security, he joins Theodo in 2013 and becomes passionate about web development. Very quickly, he specializes in security issues by helping Theodo teams to succeed in their post-production audits. He eventually becomes group CISO, and he is committed to creating a security culture in a developer company. He loves giving talks, especially to help developers understand the cybersecurity world. Convinced that it is developers who will change the world of cybersecurity, he leads trainings and develops tools to help them code flawlessly the first time.

@

Pedro-Dallegrave

Topic: K8S Security

Security engineer who, after too much time breaking things, decided to become a DevOps engineer to fix them.

@

Elliot Ward

Topic: Offensive Security

Elliot is a senior security researcher at software security company Snyk. He has a background in software engineering and application security.

@

Pawel Piwosz

Topic: Cloud Security

DevOps Institute Ambassador. CD.Foundation Ambassador. AWS Community Builder. Engineer, leader, mentor, speaker. My focus is on CALMS. I am building better understanding of DevOps as driver for the organization. I am devoted to Serverless and CI/CD. I authored the framework for design the CI/CD https://www.cicd.run/ Host of Last Week In IT and DevOps In Agile Way podcasts, and DevOps In Agile Way Youtube channel.

@pawelpiwosz

Kamil Nowak

Topic: OSINT & Forensics

By day, he tries to ommit or set firewalls; by night, he conquers actual walls, blending his passion for cybersecurity with the thrill of rock climbing.

@

Julia Zduńczyk

Topic: Offensive Security

Julia performs penetration tests for a wide range of IT Projects as an IT Security Specialist at SecuRing. Her main area of interest revolves around Red Teaming, specifically access control systems assessments, RFID hacking, social engineering and other related topics. As a Cybersecurity student at Academy of Science and Technology in Cracow, she had the opportunity to learn a wide range of IT security aspects from the beginning of her academic education. In her free time, she enjoys playing CTFs and researching attacks on access control systems. She presented her research at different conferences across Europe and has been selected as the top speaker at CONFidence Conference 2023 (Cracow, Poland) and best speaker at SEC-T 2023 (Stockholm, Sweden).

@

Grzegorz Zagraba

Topic: DevOps Security

Gregory Zagraba has built a career around the intersection of technology and buyer enablement within the IT sector. With experience spanning various product and software development companies, he has a particular interest in enterprise data management and computer vision. His approach emphasizes understanding customer needs and guiding them towards effective solutions. Currently, Gregory is part of the GitProtect Team, focusing on the evolving landscape of Data Security for DevOps. Beyond his immediate professional roles, he's actively involved in the Polish startup scene. As the Chief Networking Officer of the Krakow City of Startups Foundation, Gregory collaborates with emerging pre-seed and seed startups, offering guidance on sales and product validation.

@GitProtectio

Marcelo Toran

Topic: Red Team

Marcelo is a seasoned Red Teamer, with experience in conducting advanced operations to challenge and improve organizational defenses. When not breaking stuff you might find him rolling down some sketchy trails with his bike.

@spamv

Brian Harris aka CAT

Topic: Physical Security

I have spent the last 15 years working around the world in cyber and physical security. My most recent role was the European black team lead and the cyber team lead for the Nordic region for NCC Group. BS in mathematics and Computer Science and a MSc in Computer Science

@Covert_Access

Jonathan Bevers

Topic: Security Trainings & Games

I have been working in dynamic content creation for over 20 years. Live streamed audio and video, movie and film production, training and distance learning, animation, augmented reality, live events, video and practical games, websites, blogs, music and more. I manage projects and direct teams around the world to produce creative content. I source talented resources to complete projects while maintaining timelines to meet deadlines. I work with executives, directors and managers to ensure that all produced content meets all scoped requirements, and stays within budget.

@

Adrian Kapczyński aka Hpar3s

Topic: Biometric Security

Professor Andrzej Grzywak’s student has been professionally involved in computer science and its applications for over 25 years, with a special emphasis on cybersecurity. Expert in biometrics, steganography, and machine learning applications in cybersecurity. Educator, research team leader, manager, futurologist, auditor, and strategic consultant. Animator of the cybersecurity-focused “1753c” community. Member of Mensa Polska, IEEE, ACM, ISSA, and ISACA. In private - pentester, startup mentor, collector, basketball enthusiast, and puzzle and logic game enthusiast.

@hpar3s

Pawel Olbrycht

Topic: Compliance

Master's degree in Computer Science, more than 5 years of experience in IT with half of it in security - SOC, infrastructure security, automation and compliance. Currently leaning towards offensive security.

@

Aliaksandr Rahavy

Topic: AI Security

I am the Lead Security System Engineer at EPAM, with over 12 years of experience in Cybersecurity. My areas of focus include Cloud Security, DevSecOps, and Application Security. I have played an engineering role in various projects and have driven learning initiatives inside my company. I enjoy simplifying complex concepts and engaging new talent in solving security challenges.

@

Mikayel Minasyan

Topic: AI Security

Mikayel Minasyan is a seasoned Security Architect with extensive expertise in cybersecurity, compliance auditing, and enterprise-level security solutions. With over a decade of experience, he has successfully led security architecture overhauls, managed comprehensive audits to achieve PCI DSS and ISO compliance, and provided strategic security leadership across multiple projects. Mikayel holds industry-leading certifications such as CISSP, CCNA, AWS and Azure, validating his proficiency in various cybersecurity domains. His commitment to continuous improvement and educational leadership makes him a distinguished expert in enhancing security with AI and LLMs.

@

Zhassulan Zhussupov aka cocomelonc

Topic: Malware

Cybersecurity enthusiast, author, speaker and mathematician. Author of popular books https://cocomelonc.github.io/book/2022/07/16/mybook.html https://cocomelonc.github.io/book/2023/12/13/malwild-book.html Author and tech reviewer at Packt Author of book https://packt.link/MalwareDevelopment Co founder of MSSP Research LAB, author of many cybersecurity blogs, HVCK magazine Malpedia contributor Speaker at BlackHat, Arab Security Conference, Hack.lu, Standoff, etc conferences

@cocomelonckz

Tomas Kirnak

Topic: Network Security

Tomas has been a network engineer and a network and infrastructure architect for a better part of 20 years. He has worked on many networks from small businesses, to regional ISPs, all the way to large enterprises and nation-wide telco networks; with security always being one of his priorities. He has presented on network security on many conferences, from exploit analysis, network defense techniques, to sitting on panel discussions with security consultants for the White House.

@