2026 BSides Las Vegas Presenters

2026 Speakers

A. Stryker

Stryker has spent the last decade translating technical research and qualitative intelligence into the "so what?" and "what now?" reports that keep more people safe and secure. She previously produced threat intelligence for security services, financial institutions, and tech startups—including Ivanti, Blackpoint Cyber, and GEICO—currently leads threat analysis at Fable Security. You can find her playing tabletop exercises after her talks at SecTor, DEF CON, and BSides conferences around the United States. Stryker lives in Maryland, growing parsley for butterflies and algae for shrimp.

Talks:

The Meeple Problem: How to Build Risk Controls Around Actions, Not Roles

Aakash Krishana

Aakash Krishana is a Cyber Security Engineer in Application Security at General Motors, where they help engineering teams build more secure software through threat modeling, secure coding guidance, code review, and vulnerability triage. Aakash focuses on turning security requirements into practical, developer-friendly practices that reduce risk across the software development lifecycle. Their work is centered on improving application resilience, strengthening security culture, and enabling teams to deliver software more safely and effectively.

Talks:

Five AIs Walk Into a Severity Meeting: Auto-Triage and the Evolution of GM’s Bug Bounty

Aastha Sahni

Proving Ground Mentor

Abhi Ramchandran

I hack critical infrastructure because I like blinking lights and whirring sounds and Im on a research mission to convert every potential STUXNET to a STUXNOT. Ask me about the time that I successfully rick-rolled someone using the Digital Output lights on a PLC (I member a time when CTF challenges used to make hackers cry after finally solving a difficult problem).

Talks:

Programming PLCs for Fun, Profit, and Disaster: Get Your Shit Off the Internet - TOKEN: 15

Abhijeet Kumar

Abhijeet Kumar headshot

Master's student in Cybersecurity at the University of Maryland, College Park, with a focus on offensive security research. I have disclosed vulnerabilities across organizations, including NASA, the U.S. Department of Commerce, and several enterprise targets, findings that have had a real impact on securing critical systems. OSCP-certified and captain of UMD's CTF team RandomHackers, which placed 1st at HTB Hack The Madness 2026 out of 64 universities.

Talks:

X-Ray Specs for Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain

Abhinav Verma

Abhinav Verma headshot

Abhinav Verma is a Senior Staff Security Engineer/Researcher at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms. Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies. Abhinav also taken stage this year at RSA Conference to talk about AI security and safety. He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

Talks:

From Prompt to Pwn: Hands-On Exploitation of LLM-Powered Applications with OWASP Techniques

Adam Kohler

Adam Kohler headshot

Adam Kohler is the lead security researcher on the Iru (formerly Kandji) Threat Research team, where he focuses on macOS malware analysis and behavioral detection engineering. The research and detections he builds ship directly into the Iru EDR, protecting customer fleets in production. He co-discovered the Cuckoo macOS infostealer in 2024 alongside Christopher Lopez. Adam's path into Mac malware research was a slow inevitability: he started his career at Apple retail as a Technical Specialist, then spent years as a security analyst at ReliaQuest and Maxar Technologies before joining Kandji in 2022 to focus full-time on macOS. The analyst background shapes the way he builds detections. He writes them for the people who'll be on the other end of the alert

Talks:

The State of Mac Malware: How macOS Became a First-Class Target

Adarsh Kyadige

Adarsh Kyadige headshot

Adarsh leads the AI Research team at Sophos. He's been working at the intersection of ML and Security for over 8 years now, with work spanning using Machine Learning models for Large Scale detection of several malicious artifacts. Most recently, Adarsh has been focused on securing LLM based deployments using Machine Learning and AI Security Techniques. Outside of work, Adarsh can be found in the great outdoors, Tennis/Pickleball courts, Archery Ranges and at home in Denver, where he lives with his dog Hobbes.

Talks:

CerBERTus: A Three-Headed Approach to Prompt Security

Tib3rius

Tib3rius headshot

Tib3rius is a penetration tester at Coalfire, a PortSwigger Burp Ambassador, and a cybersecurity content creator known for making web application testing accessible to wide audiences through livestreams, video series, and community events. With over 15 years of experience using Burp Suite, he has deep expertise in extending the tool, from quick Bambdas for filtering proxy history and boosting the scanner to full custom extensions that streamline real-world testing workflows. His recent work includes autoBambda, a Claude Code project that automates the development and testing of custom scan check Bambdas, and Collector, a token extraction and replay tool.

Talks:

Burp, But Yours: Hands-On Extension and Bambda Development

Adrian Sanabria

Adrian is the Founder and Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His background spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA. His current research focuses on improving vulnerability management and breach analysis. The Defenders Initiative is systematically publishing easy-to-consume lessons learned from every breach where we have a deep understanding of how the attack happened. He also maintains “Destroyed by Breach” - a list of all companies that have gone out of business due to a cybersecurity breach or incident. There are currently 33 businesses on the list. He is the host of the Enterprise Security Weekly Podcast and the Alice in Supply Chains Podcast. As faculty at IANS Research, he advises hundreds of enterprises every year. After helping to deliver 11 successful events, he retired from BSides Knoxville in 2025 but remains a member of the Global BSides committee. He is also a member of several other community groups like the Security Tinkerers and the Cybersecurity Canon. After 25+ years in the industry, he still sees the glass as half full.

Talks:

Destroyed by Breach: Corporate casualties of cybersecurity failures

Akshay Rohatgi

Akshay Rohatgi headshot

Akshay Rohatgi is an upcoming fourth-year Computer Science major at UC Irvine, originally from San Diego. He is a 2025 Collegiate Cyber Defense Competition (CCDC) champion and a three-time CyberPatriot winner. Professionally, Akshay is an undergraduate security education researcher who has previously worked as a software engineering intern at Microsoft and is currently a security engineering intern at Meta. Throughout his competitive cybersecurity career, Akshay has specialized in architecting vulnerable environments for practice and purple-team exercises. He has manually developed dozens of high-fidelity ranges, including the 2025 Western Region CCDC Invitational, over ten mock competitions for his national championship team, KoTH environments for security education research, custom CyberPatriot National training environments, and interactive labs for Cyber@UCI’s workshops. Passionate about security education, he is joining the Western Regional CCDC operations team while remaining a full-time student to help shape the future of cybersecurity competitions.

Talks:

Democratizing Hack-The-Box: Intent as Infrastructure for Vulnerable Topologies

Aldo Salas

Aldo Salas headshot

Application Security Lead with close to two decades of experience spanning code review, penetration testing, cloud security, and program management. Currently leading HYPR’s AppSec program, including bug bounty operations, CNA/CVE disclosure, and MASA certification. Speaker at BSides Las Vegas and OWASP Global AppSec. Former OWASP Chapter Leader. Experience across financial, healthcare, media and entertainment, education, and IT sectors.

Talks:

Came for the AppSec scans, stayed for the flaky tests

Alejandro Vazquez Vazquez

Alejandro Vazquez Vazquez headshot

Alejandro Vázquez Vázquez is a security researcher, instructor, and Red Team operator specializing in Windows Internals, malware development, and advanced threat emulation. His work focuses on low-level offensive techniques, from UEFI firmware exploitation and bootkit development to kernel-level persistence. Over the years, he has built several hands-on offensive projects, including custom malware for Red Team operations, UEFI implants for long-term persistence, OT honeypots designed to attract real attackers, AI-assisted pentest frameworks, and platforms for ransomware hunting and threat profiling. His research has been presented at international security conferences, from the DEF CON main stage to DEF CON community groups and events organized by Off By One Security, where he is known for live demonstrations of firmware attacks, vulnerability research, and malware development, always backed by practical material that others can reproduce. By day, he conducts offensive security operations while also teaching in several cybersecurity master's programs, where he gives classes on malware analysis and exploit development. By night, he writes implants that play nice with modern security mechanisms. He doesn't just give talks. He builds the tools, shares the code, releases the research material, and walks through the full workflow so others can reproduce the techniques themselves.

Talks:

Breaking the Modern Boot Chain on Windows and Linux: Exploiting UEFI Internals

Alex Sayre

Alex Sayre headshot

Alex Sayre is a Cybersecurity Analyst with a background across finance, sales, mortgage auditing, management, and commercial brewing. Inspired by his wife in Cybersecurity, he pivoted in the beginning of 2022 to this career and became interested in automation, coding, AI, and recreating vulnerabilities submitted through our Vulnerability Disclosure Program. Outside of work, he enjoys hiking, maintaining local trails, reading, gaming, playing music, and traveling.

Talks:

From the Wild West to Yes, If: Building an AI Security & Governance Program

Alexandrine Torrents

Alexandrine Torrents headshot

Alexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and then specialized in OT cybersecurity. She is IEC 62443 certified. She performed dozens of OT cybersecurity assessments across various industries & worked on OT models to perform attacks on PLCs & SCADA systems. Alexandrine also helps secure OT both at technical & organization levels: secure architecture, system hardening, IAM, cyber resilience, detection, governance, awareness & training, risk assessment, cyber by design, etc. Alexandrine works with different CISOs on their OT cybersecurity roadmaps & programs at different scales of large industrial companies: site, business units, Group with worldwide scope. Alexandrine also gives training on OT cybersecurity.

Talks:

OT Systems: how to secure them in practice!

Alexis Hancock

Alexis works to keep the networks strong and encrypted by managing the Certbot project. As well as ensuring EFF open source tools for the public are well supported. She researches an intersection of issues on digital rights, encryption, and consumer technology. She believes in an open and equitable web through encouraging expansion of security by default, bridging engineers and security research, and advocating for better and stronger tech policy and standards. Currently, her research has been focused on expansion of encryption, digital identity, and firmware transparency to mitigate pre-installed malware on Android devices. She has worked in web development and application security for over 10 years. She holds a BSc. in Applied Arts and Sciences and a MSc. in Change Management from the Rochester Institute of Technology and the New School university respectively.

Talks:

Ask EFF

Ali Kabeel

Ali Kabeel headshot

Ali Kabeel is a Security & Privacy Engineering Lead at Bending Spoons, where he leads security efforts across major products including WeTransfer, Brightcove, and Vimeo. With over a decade of bug hunting experience, Ali has uncovered critical vulnerabilities across some of the world’s leading technology platforms. His work focuses heavily on business logic vulnerabilities: high-impact flaws that emerge from real-world misuse, flawed assumptions, and broken trust boundaries rather than obvious code defects. These are the kinds of issues automated scanners often miss, but attackers can weaponize with serious consequences. Beyond his day-to-day work, Ali is committed to giving back to the security community through conference talks, mentoring, and hands-on knowledge sharing.

Proving Ground Mentor

Talks:

Low Severity, High Impact: The Bugs Companies Ignore

Allan Friedman

Proving Ground Mentor

Andrew Case

Andrew Case is the Director of Research at Volexity and has significant experience in incident response handling, digital forensics, and malware analysis. Case is a core developer of Volatility, the most widely used open-source memory forensics framework, and a co-author of the highly popular and technical forensics analysis book “”The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory.”” Case has spoken at many industry conferences, including Black Hat, DEF CON, RSA, SecTor, BSides*, and OMFW.

Talks:

Beyond Static Analysis: Memory Forensics for Go Malware

Anshu Gupta

Anshu Gupta headshot

Anshu Gupta is a seasoned global cybersecurity executive with Fortune 500 advisory experience at EY and KPMG, working with companies including Microsoft, Salesforce, Cisco, and Adobe. He has built and led security programs at high-growth startups and fintechs, including Coupa, HelloSign (Dropbox), Varo Bank (the first neobank to receive FDIC approval), Fast, and SPAN.io. Anshu is the CISO at Fixin Security, Founder of Tejas Cyber Network, a global community for cyber leaders and founders, and is an active investor with Silicon Valley CISO Investments (SVCI)

Talks:

Building and Leading High-Performing Security Teams: A Practitioner’s Playbook

Anthony Hendricks

Anthony Hendricks headshot

Anthony Hendricks is a legal problem solver and litigator at Crowe & Dunlevy, one of Oklahoma’s largest and oldest firms. At Crowe & Dunlevy, Anthony serves as founder and chair of the firm’s Cybersecurity and Data Privacy Practice Group. His legal practice focuses on data privacy compliance, regulatory enforcement and permitting, and other “bet-the-company” suits in the areas of data security, privacy, and other complex business litigation. Anthony is an adjunct professor who teaches Cybersecurity Law and Information Privacy courses at Oklahoma City University School of Law. He also hosts “Nothing About You Says Computer Technology,” a weekly podcast on cybersecurity and data privacy viewed through the lens of diverse voices. To learn more about Anthony’s current projects and upcoming speaking events, or listen to the latest episodes of his podcast, visit www.anthonyjhendricks.com

Talks:

Reheated Leftovers are Making Us Sick: How Old Data Breaches are Causing New Problems

Ariana Mirian

Ariana Mirian headshot

Ariana Mirian is a security researcher who has worked at the intersection of empirical measurement and security for over a decade, bringing a data driven lens to security decisions and intelligence. At BeeSafe AI, she is using this experience to drive novel methods that collect data on trust-based scams, in order to prevent victim losses. Prior to this, she worked as a senior security researcher at Censys, where she conducted measurement-driven research to map the Internet ecosystem. She earned her PhD in Computer Science and Engineering at UC San Diego, where she used Internet-scale measurement to study real-world security posture and develop data-driven methods across cybercrime, Internet-wide scanning, and enterprise security.

Talks:

Victim as a Service: Engaging with Trust Based Scams using AI

Ariel Ropek

Ariel Ropek headshot

Ariel Ropek is Principal Threat Researcher at Databricks. He has over a decade of experience building detection engineering and threat intelligence teams. His experience spans internal security, managed security, and security product organizations, which has exposed him to a broad variety of networks to protect and adversaries to defend against. Ariel builds tools for his teams to enhance their capabilities, most recently a distributed agentic malware scanner for the npm supply chain. When he's not hunting cyber threats he enjoys playing piano and building legos with his son.

Talks:

Rekt Teaming: What Attackers See When They Look at Your Bug Bounty PoC

Art Conklin

Professor Emeritus at the Cullen College of Engineering, University of Houston. Joint Appointment at Idaho National Laboratory. Specializes in Cybersecurity of Critical Infrastructure. Cheerleader for I am the Cavalry.

Talks:

Mitigating Digital Risk in Critical Infrastructure

Austin Phillips

Austin Phillips headshot

Austin Phillips is a cybersecurity leader with over a decade of experience building, scaling, and transforming security programs across enterprise, managed services, and cloud-native environments. As Director of Security Engineering at SilverSky, he leads the engineering team responsible for the detection, automation, and platform infrastructure powering managed detection and response for over 900 clients. Prior to SilverSky, Austin built an enterprise security program from the ground up at DataScan Technologies, standing up application security, DevSecOps, detection engineering, incident response, and compliance functions across a hybrid AWS/Azure environment while serving as a strategic security advisor to executive leadership. He has led 24x7 SOC operations supporting multiple enterprise clients, established incident response programs during high-stakes corporate transitions, and driven security platform and tooling investment decisions spanning XDR, SOAR, cloud security posture management, and identity governance. Across every role, Austin has combined hands-on technical architecture with executive advisory, translating security risk into business impact, shaping investment priorities, and aligning security strategy with organizational objectives. He is a recognized practitioner in detection engineering, security automation, and operational maturity, and has built talent development pipelines including structured internship-to-hire and mentorship programs that strengthen team capacity and grow the next generation of security practitioners.

Talks:

Nobody Told Me I Could Grow: Building a SOC Career You Actually Want

aviral srivastava

aviral srivastava headshot

Aviral Srivastava is a security engineer at Amazon working on application security and the security of AI and machine learning systems. His independent research has uncovered a series of high-severity vulnerabilities across the AI infrastructure stack, including the critical Langflow remote code execution flaw (CVE-2026-33017), now tracked in the CISA Known Exploited Vulnerabilities catalog, along with disclosed findings in vLLM, AnythingLLM, and other widely deployed AI frameworks and inference engines. He authored the first mapping of the OWASP LLM Top 10 to the NIST Cybersecurity Framework accepted into NIST's National Online Informative References program, the first OLIR submission for an AI security framework and now published on the NIST CSRC website. His academic research on adversarial machine learning and the safety of large language models is published at top world venues. He holds an MS in Cybersecurity from Penn State, is an RSA Security Scholar, and has presented at RSAC, BSides, CypherCon, HOPE, and CactusCon.

Talks:

Rejected-Input Programming: Exploiting Parsers That Say No Too Late

Becki True

Becki True headshot

From the Nuclear Emergency Search Team (NEST) to modern cloud infrastructure and agentic workflows, Becki's 40-year career has centered on security at scale. After her government service, she designed and defended large data networks in Las Vegas hotels that withstood annual probes from experts attending Defcon and BlackHat. Today, she works as a Principal Engineer on Okta's Security Architecture team.

Talks:

Trust No Agent: Cryptographic Identity and Verifiable Messaging for AI

Ben Gelman

Ben Gelman headshot

Ben Gelman is a Principal Data Scientist at Sophos. His prior work has focused on machine learning, AI, and deep learning in a variety of domains, including source code analysis, natural language processing, image recognition, data privacy, hyperparameter optimization, alert prioritization, LLM-based threat research, and command-line classification. Ben has been working at the intersection of cybersecurity and machine learning for the last ten years, and he has a passion for making ML accessible to everyone.

Talks:

Your Training Data Is Too Boring: Surfacing the Long Tail With Anomaly Detection and LLMs

BIAO GAO

BIAO GAO headshot

Biao is a Senior Security Software Engineer at Roblox, where he builds network security solutions focused on network segmentation and egress governance for modern infrastructure. Previously, he was part of the Microsoft Azure Networking team, working on secure application delivery and cloud networking technologies. His interests include network security, service-to-service networking, and securing AI-enabled systems.

Talks:

Spanning the Eras: Egress Domain Governance from On-Premises to Agentic Sandboxes

Bo Barger

Bo Barger headshot

Bo Barger is a Senior Cybersecurity Engineer at Cengage Group, where he works across cloud security, vulnerability management, AI governance, and security automation in a multi-cloud enterprise environment spanning more than 15,000 resources. His path into security runs through two decades in technology, from freelance web development in the mid-2000s to technical support and IT leadership, before he formally joined the security field in 2019 and worked his way from analyst to senior engineer. Over the past two years, Bo has helped build Cengage's AI security and governance program from the ground up, from discovering the sprawling AI attack surface hiding inside the enterprise to red-teaming the company's own AI integrations. He holds CISSP and CCSP certifications. This is his first appearance on the BSidesLV stage.

Talks:

From the Wild West to Yes, If: Building an AI Security & Governance Program

Bobby Kuzma

Bobby Kuzma headshot

Bobby Kuzma is a recovering offensive security researcher and leader, who decided that life wasn't interesting enough. Because of that, he's founded Artificer Health, a technology company devoted to streamlining prior authorization for physicians and other clinicians.

Talks:

Your Red Team Doesn’t Follow a Kill Chain: What 95 Engagements Actually Look Like

FHIRbug: Cross-Vendor OAuth Security Patterns in 14 Production Healthcare APIs

Brian Waite

Brian Waite headshot

Brian joined Lumen’s Black Lotus Labs team in July 2025 following a 30-year career in the U.S. Navy and as a civilian in the U.S. Government. His diverse accomplishments include service as a helicopter pilot, leading international cooperation initiatives, and numerous roles in cybersecurity analysis and executive leadership. At Lumen, Brian is a member of the Black Lotus Labs Advanced Actor Tracking team and is actively discovering and monitoring nation-state actor infrastructure and operations in near real time through Lumen’s global aperture. Brian is a graduate of the United States Naval Academy with a B.S. in History with a minor in Spanish language. He has M.S. degrees from the Rochester Institute of Technology and from Southern Methodist University. He is professionally fluent in Polish. At home, Brian is a historian and restorer of early 1910s and 1920s U.S. and British automobiles and race cars, an avid fly fisherman, and licensed amateur radio operator.

Talks:

GobRAT: Deeper Into the Abyss - TOKEN: 6

Carlota Sage

Carlota Sage headshot

Carlota Sage had 17 years of IT and Support operations leadership when she accidentally took over a cybersecurity vendor FireEye's customer-facing communities in 2014. Over the next 3 years, she helped hundreds of security teams across the globe solve hardware, networking, product and security issues. Since 2019, Carlota has made it her mission to help small to mid-sized businesses secure themselves. She also instructs and mentors future security leaders through Women’s Society of Cyberjutsu.

Talks:

Security Before Cyber: Building Robust Security & Compliance Programs from Scratch

Christian Dameff

Dr. Dameff is a practicing emergency physician, clinical informatician, and cybersecurity researcher. He is an Associate Professor in the Departments of Emergency Medicine, Biomedical Informatics, and Computer Science at the University of California, San Diego. He also serves as Co-Director of the UC San Diego Center for Healthcare Cybersecurity and as the Medical Director of Cybersecurity for UC San Diego Health.

Talks:

No Water: No Hospitals : Continuity of Care under Crisis

Christopher Walter

Christopher Walter headshot

Christopher Walter is the Manager of Application Security at General Motors, where he leads enterprise-scale application security and responsible disclosure programs. With a background spanning offensive security, application security, and business information security leadership, he brings a unique blend of technical depth and the ability to translate security into scalable, developer-first solutions. Christopher has led the evolution of GM’s vulnerability disclosure and bug bounty programs, leveraging automation and AI to improve validation, reduce risk, and accelerate remediation. Known for aligning security with business outcomes and fostering strong cross-industry partnerships, he translates complex risk into clear, actionable strategies that drive resilience at scale. He holds an M.S. in Information Assurance from Walsh College and a B.A. in Telecommunication, Information Studies, and Media from Michigan State University.

Talks:

Five AIs Walk Into a Severity Meeting: Auto-Triage and the Evolution of GM’s Bug Bounty

Cindy Cohn

Cindy Cohn headshot

Cindy Cohn is the former Executive Director of the Electronic Frontier Foundation, where she spent 26 years through June 2026 standing up for the rights of users, creators and hackers. Cohn was the lead counsel in the groundbreaking case of Bernstein v. Dept of Justice, which freed encryption software from most governmental control and paved the way for the security and privacy tools that we all rely upon today. The case also established that code is speech, that the First Amendment applies to attempts to regulate computer code just as it does to other areas of science. She is the author of Privacy's Defender, my 30-Year Fight Against Digital Surveillance that chronicles her work on privacy as well as the rise of the internet and of EFF. Ms. Cohn has been named to TheNonProfitTimes 2020 Power & Influence TOP 50 list, honoring 2020's movers and shakers. In 2018, Forbes included Ms. Cohn as one of America's Top 50 Women in Tech. The National Law Journal named Ms. Cohn one of 100 most influential lawyers in America in 2013, noting: "[I]f Big Brother is watching, he better look out for Cindy Cohn." She was also named in 2006 for "rushing to the barricades wherever freedom and civil liberties are at stake online." In 2007 the National Law Journal named her one of the 50 most influential women lawyers in America. In 2010 the Intellectual Property Section of the State Bar of California awarded her its Intellectual Property Vanguard Award and in 2012 the Northern California Chapter of the Society of Professional Journalists awarded her the James Madison Freedom of Information Award.

Talks:

Privacy’s Defenders: How Hackers Helped and Can Do So Again

Ask EFF

Cole Dutton

Cole Dutton is a member of EPA’s Office of Water Emergency Response and Cybersecurity, Cybersecurity Division, where he supports the agency's Sector Risk Management Agency (SRMA) responsibilities to enhance the cybersecurity resilience of America’s drinking water and wastewater systems. He founded the EPA’s Cybersecurity Vulnerability Identification Program, which identifies internet-exposed operational technology (OT) devices at water and wastewater systems and provides actionable mitigations to secure these devices from cyber threats. Cole has led the development of the EPA’s Cybersecurity Training and Exercise Program, designing and facilitating cybersecurity tabletop exercises across the United States. Cole is a Certified Information Systems Security Professional (CISSP) and holds a master’s degree in information security.

Talks:

The Water Must Flow

David Batz

David Batz headshot

Leveraging over 20 years of electric company experience, David Batz brings significant energy industry background in understanding and applying appropriate security solutions to address emerging threats and issues. In addition, he brings over a decade of energy regulatory compliance experience as well as physical and cyber security policy knowledge and engagement with multiple federal agencies, including the Department of Energy (DoE), and the Department of Homeland Security (DHS). David has played a central role in developing new programs that aid investor-owned electric companies, and more broadly, has been instrumental in the development and expansion of an industry-wide program called Cyber Mutual Assistance. He is a member of InfraGard and serves on the SANS Institute Advisory Board. He has authored multiple articles and presented at numerous events domestically and internationally on securing critical infrastructure, industrial systems as well as security baseline and standards topics for prominent industry associations including NIST, the National Academies of Sciences, United States Energy Association, and the World Economic Forum to name a few.

Talks:

Food for Thought: Concentration , Cold Chain, & Consequences

Do Not Go Gentle Into the Night Disrupting the disrupters of UnDisruptable27

Glass Houses: AI-Era OT/ICS Sprints

The Next 12 Months

Dean Ford

Dean Ford headshot

Dean Ford, CAP, PE Speaker Bio Dean Ford, CAP, PE, is an author, automation industry thought leader, and digital transformation consultant with more than 30 years spent helping the world’s manufacturers and utilities solve their toughest operational problems. A licensed Professional Engineer in 24 states and a Certified Automation Professional (CAP), Dean has built and led sales, operations, and engineering teams through start-up, turnaround, and high-growth phases at firms ranging from regional integrators to national consultancies. His work spans the food and beverage, consumer packaged goods, automotive, chemical, oil and gas, and water and wastewater sectors. Time and again he has taken organizations from a single client or office to multi-site, multi-million-dollar operations, earning a reputation as a decisive, hands-on leader who pairs deep technical command of process control and industrial IT with sharp business instinct. Today Dean channels that experience into two companies he co-founded. At Muddy Paws Automation, he leads an operations-first consultancy that acts as digital transformation engineers for plant systems and water utilities — delivering assessment, implementation, and management services grounded in the conviction that lasting results come from spending real time with the operators who must live with the systems. At OTEMIS, he is building an AI-powered observability platform that correlates fragmented IT and OT data with physical process behavior in real time — surfacing root causes of downtime in seconds rather than hours, hardening converging cyber-physical networks, and capturing the institutional knowledge walking out the door as a generation of veteran operators retires. A widely read author and frequent commentator on the future of the field — through pieces such as “Who Owns Your Career?” and “We Have a Demand Problem with the Automation Profession” — he speaks candidly on digital transformation, IT/OT convergence, workforce and knowledge retention, and the leadership obligations of a maturing industry. Background & Affiliations A longtime champion of the profession, Dean is a Senior Member of the International Society of Automation (ISA) who has held senior leadership roles including VP of the Image and Membership Department and Chair of the CAP Steering Committee, chaired the American Water Works Association’s Water Utility Technology and Automation Committee, served on the Automation Federation’s Government Relations Committee, and received the Nels Tyring Award. He holds an Executive MBA from the University of Maryland’s Robert H. Smith School of Business and a B.S. in Electrical Engineering from the University of Missouri (Missouri S&T), where he now serves on the Academy of Electrical and Computer Engineering.

Talks:

The Water Must Flow

Diptendu Kar

Diptendu Kar headshot

Diptendu Kar is a security researcher focused on supply chain and dependency risk. He works on triaging open-source vulnerabilities, writing detection rules, and exploring how AI can automate tedious parts of security research. He also taught Software Security Practices at Northeastern University part time and holds a Master’s in Cybersecurity. Before security, he worked as a Java developer at TCS. He’s especially interested in patch diffing, vulnerable function detection, and the use of LLMs in AppSec. He believes cryptography is magic and AI is a noisy intern - helpful but always needs supervision.

Talks:

Crypto Is Fine. The Code Is Not: Real-World Cryptographic Failures

Divyesh Batra

Divyesh Batra headshot

Divyesh Batra is a Staff Data Engineer with over 13 years of experience spanning cybersecurity, data engineering, and financial technology. He currently works within Visa's Global Information Security organization, where he architects and develops large-scale Attack Surface Management and Vulnerability Management analytics platforms that process millions of security observations using Python, SQL, Apache Spark, Cassandra, Airflow, and Elasticsearch. Over the past six years at Visa, Divyesh has focused on solving complex cybersecurity data challenges, designing end-to-end pipelines that transform raw security telemetry into actionable intelligence for security teams, auditors, and executive leadership. His work includes vulnerability management reporting, container security analytics, security compliance programs, and large-scale distributed data systems. Before entering cybersecurity, Divyesh spent several years building analytics solutions for the financial services industry, developing technologies that supported fixed-income index calculations and investment decision-making for global asset management firms. He holds a Master's degree in Management Information Systems from Texas A&M University and a Bachelor's degree in Engineering Physics from Delhi Technological University. A Databricks Certified Spark Developer, Divyesh is passionate about applying engineering discipline, data integrity principles, and large-scale distributed architectures to modern cybersecurity problems.

Talks:

The Shadow IT Leak: Solving Silent Data Loss in Vulnerability Pipelines

Donald McFarlane

Donald McFarlane headshot

Donald McFarlane is a father, hacker, recovering CISO and engineer who works in the office of the CISO at Microsoft. With over three decades of cybersecurity experience, Donald has led information security, IT risk management, and audit governance at AIG, Merrill Lynch and Bluestone Capital. His first paid infosec job was to secure Unix systems for the UK’s version of DARPA.
 Donald has served his communities in the army, and as a volunteer EMT & First Aid Squad Chief. He helps run Skytalks@BSidesLV and Policy@DEF CON, and serves as a state legislator. He enacted a vulnerability disclosure program into New Hampshire election law and has a close interest in OT security and critical infrastructure resilience. 

Donald lives with his wife, son and dog in a log cabin which he built himself on the side of a mountain in New Hampshire.  He enjoys vibe hacking and a nice cup of tea.

Talks:

Programming PLCs for Fun, Profit, and Disaster: Get Your Shit Off the Internet - TOKEN: 15

Efrain Orsini Jr

Efrain Orsini Jr headshot

As a two-time SOC Director, EJ has designed analyst development programs from scratch, built certification roadmaps and budget frameworks for growing teams, and spent years watching talented L1s hit a wall and lose momentum simply because no one had mapped out what came next. That gap is what drives his current focus: building durable career pathways for the analysts doing the queue work every day. EJ holds Security+, CISM, CRISC, CDPSE, CCZT, and CCSK, and continues to serve as a military reservist in an Equal Opportunity role — an experience that shapes his people-first approach to leadership. He's a frequent speaker and podcast guest on topics spanning MDR, credit union cybersecurity, and the realities of running a SOC around the clock. He currently leads a 24/7 SOC & MDR program of over 30 analysts defending clients ranging from small business to enterprise. In his spare time he likes tinkering with technology and spending time with his wife & kids.

Talks:

Nobody Told Me I Could Grow: Building a SOC Career You Actually Want

Emily Choi-Greene

Talks:

Nullify Prompt Injection Attacks

Emma Yuan Fang

Emma Yuan Fang headshot

Emma is a seasoned Security Architect with extensive experience in cloud security and AppSec, and security strategy. As Regional Practice Lead at EPAM Systems, she oversees security initiatives and lead a team of security practitioners in UK&I, Switzerland, and Germany. Beyond her professional work, she is a recognised conference speaker, a passionate mentor and a dedicated advocate for fostering diversity in the cyber workforce.

Proving Ground Mentor

Eric Boivin

Eric Boivin headshot

Technical Platform Specialist at Flare. With a start in 90s Internet and hacking to a background in engineering, my mission is to help educate people on topics around CTI, while keeping it fun with my lightweight humor and my french canadian accent.

Talks:

Criminal Hijacking: Profiling Threat Actors engaged in session takeover with Infostealer Logs

Filipi Pires

Filipi Pires headshot

I’ve been working as Head of Technical Advocacy at SCYTHE, Founder & Investor at CROSS-INTEL, BSides Porto Organizer, Red Team Village Director (DEF CON), Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM) and AWS Community Builder. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA - Middle-East - and others, I’ve served as University Professor in Master Degree in Portugal, Graduation and MBA courses at Brazilian colleges and Author book - TPRM driven Supply Chain Cybersecurity: Connecting TPRM and supply chain security for operational resilience by Packt.

Talks:

DPAPI Was Never a Lock: How Infostealers Break Every Windows Credential Store

Florian Noeding

Florian Noeding headshot

Florian Noeding is a Principal Security Architect at Adobe. As strategy lead, he drives proactive application security efforts across the entire enterprise, with a focus on automated code analysis, memory safety and supply chain security. He uses his deep software engineering expertise to design pragmatic, developer focused security solutions.

Talks:

Ace Your AppSec Interview: Hands-on Practice and Insights

Fred Heiding

Fred Heiding is the executive director of Menlo Park Intelligence and a researcher at UC Berkeley’s Center for Long-Term Cybersecurity. He was previously a doctoral and postdoctoral researcher at the Harvard School of Engineering and Applied Sciences and the Harvard Kennedy School, working with Bruce Schneier and Eric Rosenbach. His work bridges computer science and political science to explore how emerging technologies shape international conflict. Fred is a member of the World Economic Forum's Centre for Cybersecurity and the Geneva Centre for Security Policy, and serves on the committee of the Harvard and MIT Technology and National Security Conference. He has taught several AI and cybersecurity classes at Harvard, regularly briefs the U.S. Congress on AI-powered cyber threats, and advises foreign governments on national cyber risks. His work has been featured at leading conferences, journals, and media outlets, including The Economist, Reuters, TIME, and Foreign Affairs. Fred has assisted in the discovery of more than 45 critical computer vulnerabilities (CVEs), and he previously made headlines for hacking the King of Sweden and the European Commissioner.

Talks:

Mapping the AI Security Landscape: A Comprehensive Analysis of Research Clusters, Disciplinary Gaps, and Defense-Attack Misalignment

Devising and Detecting Voice Phishing: Large AI Voice Models (ElevenLabs, Gemini, Sesame) vs. Traditional Human Scam Techniques

ScamBench: Measuring Real-World Risk of AI-Generated Social Engineering

Fred Mack

Fred Mac is an infosec professional who’s attended hacker events since Palm Pilot beaming was dope. Fred built his career by protecting clients from industry hype. He was an early open-source adopter who recognized its potential for security and privacy, and has helped win over a large mainstream following.

Talks:

The Holy Grail of Election Security: Serious Quest or Theater of the Absurd? - TOKEN: 1

George Bilbrey

Trey Bilbrey is the Lead of SCYTHE Labs, specializing in Purple Team Exercises, Threat Emulation, Critical Infrastructure, and holistic cyber operations. With 17+ years of industry experience, Trey is an accomplished educator, network defender, and cultivator of cybersecurity professionals. Prior to joining SCYTHE, he developed content for HTB Academy at Hack The Box, performed ICS/SCADA penetration testing for the U.S. Army Corps of Engineers, and served in the United States Marine Corps conducting defensive and offensive cyber operations. Current certifications include the CISSP, GICSP, GCIP, and K>FiveFour RTAC.

Talks:

Purple Teaming in Practice: Emulate, Detect, Adapt

George Coldren

Infosec threat researcher with a knack for exploring the back alleys of the internet.

Talks:

Decentralized Deception: EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Glen Sorensen

Glen Sorensen is a Recovering CISO/vCISO-Type and is presently a Solutions Engineer with DeleteMe. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership, including leading the security program for a credit union and for smaller organizations in a fractional role. He currently focuses on how exposed information and OSINT are weaponized in conjunction with AI toward social engineering attacks, and how that factors into greater enterprise cyber risk. Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 20+ years, depending on how much misspent youth you count. He is a privacy geek and a sucker for a good tabletop exercise, and also serves as an Incident Master for HackBack Gaming, which puts his countless hours of roleplaying game experience to work teaching people about cybersecurity and incident response.

Talks:

Burn the Trail: Why Your Personal Digital Exhaust Is An Organizational Problem (And What To Do About It)

Greg Albrecht

Greg Albrecht (W2GMD) is a systems integrator and operational technology practitioner specializing in Team Awareness Kit (TAK) and Counter-UAS deployments at National Special Security Events and large-scale public gatherings. His work spans RF detection, interagency coordination, open-architecture sensor integration, and the field-expedient problem-solving that happens when theory meets operational reality. He is the author of technical guides on COTS Remote ID detection published at ampledata.org and has contributed to TAK ecosystem development including C-UAS sensor integration. A licensed amateur radio operator and active EMT, Greg is a frequent speaker at technology, public safety, and wireless events.

Talks:

Your Airspace Has a Security Problem: A Field Guide to Counter-UAS

Guy Barnhart Magen

Guy Barnhart Magen headshot

Guy Barnhart-Magen is CTO and Co-Founder of Profero, a rapid incident response firm, where he focuses on making IR fast and resolution scalable using cloud-native approaches. He has over 30 years of experience in cybersecurity, including roles as a security group manager at Cisco and leading Intel's Predictive Threat Analysis group, where he defined the company's global AI security strategy and roadmap. He holds three patents on AI system hardening and model protection, serves as chairman of BSidesTLV, and has been awarded Cisco's "black belt" security ninja honor, their highest cybersecurity advocacy rank. He speaks regularly at security conferences including DEF CON, Black Hat, 44CON, SAS, and t2.

Talks:

Your Next Breach Won’t Have an Attacker - TOKEN: 2

Hala Ali

Hala Ali headshot

Hala Ali is a PhD candidate in the Department of Computer Science at Virginia Commonwealth University in Richmond, Virginia. Her research focuses on software supply chain security, AI security, memory forensics, and malware analysis. She received the Best Paper Award at DFRWS USA 2025 and the USCYBERCOM Defender Award. Her work has been recognized and presented across major academic and industry venues, including DFRWS, WiCyS, PyCon US, DEF CON AI Village, and Black Hat Arsenal. Website: https://halaali198.github.io/

Talks:

Beyond Static Analysis: Memory Forensics for Go Malware

Haley Pedersen

Talks:

Ask EFF

Hannah L

Hannah L headshot

Hannah is an Extensibility Specialist at PortSwigger, where she helps shape how Burp Suite can be adapted to real-world testing workflows. She works hands-on with submissions to the BApp Store, as well as the Bambdas and BChecks community repositories, helping refine extensions and community contributions before they’re shared more widely. She especially enjoys making extensions better and finding creative workarounds to awkward testing problems. She has also written extensions for customers, internal teams, and her own projects, including the original WebSocket Turbo Intruder extension.

Talks:

Burp, But Yours: Hands-On Extension and Bambda Development

HD Moore

HD Moore has been taking things apart; networks, protocols, assumptions; since the 1990s. He created Metasploit, spent two decades doing vulnerability research and network discovery, and now runs runZero, the company he founded to solve the deceptively hard problem of knowing what's actually on your network. Before runZero he held leadership roles at Atredis Partners, Rapid7, and BreakingPoint. His career started the old-fashioned way: exploring telephone networks, writing exploits for the Department of Defense, and breaking into financial institutions (with permission, eventually). He's a long-time advocate for open-source software and vulnerability disclosure. Outside of work he writes questionable Go code, builds electronics that mostly function, runs in circles, and plays single-player RPGs.

Proving Ground Mentor

Talks:

Mind the Gap: Bridges, Backplanes, and BloodHound

Ignacio Navarro

Ignacio Navarro headshot

Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security. Speaker at DEFCON, H2HC, Troopers, LeHACK, NorthSec, TyphoonCon, Security Fest, SASCON, 8.8 among others. @Ignavarro1

Talks:

Every ride you take - Hacking a City’s Public Transportation

Jack Burgess

Talks:

Winning From Constraints

Jacqueline Suttin

Jacqueline Suttin headshot

Jacqueline Suttin doesn't come to the identity conversation from the credential side. She comes from the gap. After years leading cloud, security, and analytics programs inside healthcare organizations, she kept running into the same structural problem: authentication was designed around a moment, and the moment was increasingly fictional. The authorized user and the acting entity were no longer the same thing, and no part of the stack was built to notice. That gap became MagenTrust. Jacqueline is the founder and creator of MAGEN, a continuous human verification engine that uses entropy-based behavioral signals to establish proof-of-life without biometrics, stored PII, or CAPTCHAs. It doesn't ask "who logged in" but rather "is a human still here, and should one be?" That reframe puts her work directly at the center of the agentic AI problem: when an LLM agent is the authorized actor, traditional authentication isn't just weak, it's asking the wrong question entirely. Her concept of Human Exclusion Zones flips the assumption baked into most IAM architectures: in certain operational contexts, human presence mid-session is the anomaly and should trigger an interrupt. She has pressure-tested these ideas in environments where it matters, including critical infrastructure workflows, healthcare compliance stacks, and agentic pipelines where a spoofed identity or slipped agent carries real-world consequences. Beyond MagenTrust, Jacqueline serves as CTO of The AI Cowboys, a San Antonio-based team working across AI, quantum computing, and national security. Attendees with enterprise IAM backgrounds, offensive tooling experience, or interest in where behavioral biometrics break down under adversarial agent mimicry will find she has thought hard about exactly those edges.

Talks:

Kill the Login: Continuous Trust in the Age of AI

James Hawk

James Hawk (He/Him) is a Principal Consultant with Google Public Sector within Proactive Services. He is the wireless subject matter expert for his team. James has led and contributed to numerous assessments (Red Teams and pentests). He has developed internal training and tool updates for 802.11 for his company. James is a 20-year veteran of the U.S. Army and has over 10 years of hands-on experience in wireless technologies. James is constantly researching/testing 802.11 attacks against his home lab. He is a fan of hockey, LetterKenny, and almost anything sci-fi.

Talks:

Wi-Fight Club: I am Jack’s Evil Twin

James Ringold

Talks:

Building a Quantum Safe Test Lab

James Utley

James Utley headshot

Dr. James Utley, PhD is a board-certified anti-aging scientist, immunohematology expert, and Chief Scientific Officer at Auragens, where he advances stem cell therapeutics, regenerative medicine, cellular reprogramming, and AI-driven longevity research. A former US Navy Scientist, Johns Hopkins-educated Certified Advanced Biotherapies Professional (CABP), and Technical Director, Dr. Utley has helped oversee more than 150,000 cellular transfusions while contributing to Department of Defense initiatives in transfusion medicine and biomanufacturing. His research focuses on the genomic architecture of aging, mesenchymal stem cell biology, predictive biomarkers, and biological countermeasures for radiation exposure, microgravity-induced degeneration, and accelerated aging in space environments. Dr. Utley is also recognized as a prominent leader of the [Bio]Punk movement and author of the first draft of the BioPunk Manifesto, a call to bring science to all who choose to take up the flag. His work stands for a future where biology is not gatekept, but opened through freedom, access, and disciplined scientific rebellion.

Talks:

To catch a PseudoScientist - TOKEN: 6

Jason Brown

Jason Brown headshot

Jason Brown is a Staff Cyber Security Engineer at General Motors with a background in penetration testing and a focus on application security, AI security, and all the strange ways software can fail in production. He likes pulling apart apps, tracing weird behavior back to root cause, and helping teams fix the things that turn into real security problems. Most days, he lives somewhere between AppSec, pentesting, and AI security; off the clock, he’s usually behind a camera chasing good light and interesting angles. Whether it’s attack paths or photography, he enjoys digging into the details most people miss.

Talks:

Five AIs Walk Into a Severity Meeting: Auto-Triage and the Evolution of GM’s Bug Bounty

Jay Jacobs

Jay Jacobs headshot

Jay Jacobs is Co-founder and Data Scientist at Empirical Security, and lead data scientist for the Exploit Prediction Scoring System (EPSS). He is one of the creators of EPSS and serves as co-chair of the FIRST EPSS Special Interest Group. Jay also chairs the Consumer Working Group within the CVE Program.

Talks:

The Timing of Exploitation Evidence and Prediction

Jeff Bryner

Talks:

Root To CISO – Just AIsk

Jeff Lucovsky

Jeff Lucovsky has been a core Suricata developer since 2019 and has made significant contributions to various areas of Suricata. Jeff is also a Principal Software Engineer at Corelight, where his primary focus is to oversee the development and deployment of Suricata across Corelight’s sensors. He is also a technical lead for Corelight’s performance engineering team.

Talks:

Engineering the Hunt: Developing AI SKILLs for Network Security Monitoring

Jeff Tully

Jeff Tully headshot

Jeff (r3plicant) Tully is a security researcher with an interest in understanding the ever-growing intersections between healthcare and technology. His day job focuses primarily on the delivery of oxygen to tissues. 



Talks:

No Water: No Hospitals : Continuity of Care under Crisis

Jenko Hwong

Jenko Hwong headshot

Jenko Hwong is a Principal Security Researcher at Huntress Labs, focusing on identity-based attacks and cloud abuse. Prior to Huntress, he spent 6 years at Netskope Threat Labs, has spoken at RSA and DEFCON, and is a Cloud Village Lead. He has spent an odyssey playing Sisyphus at security companies in cloud detection/response, vulnerability scanning, AV/AS, pen-testing, L3/4 appliances, threat intel, and windows security.

Talks:

Bashing CloudShells for mining, networking, exfil and persistence at scale

Jenna Esparza

Jenna spent a decade selling cars on independent lots before pivoting to threat modeling and federal cybersecurity. Turns out the skills are more transferable than you'd think. She's spent the last fifteen years in federal cybersecurity building programs from scratch, leading teams of cyber professionals, and holding certifications including CISSP, GDSA, GCIH, among others. The car business gets partial credit. She threw out the five year plan ages ago. She has no regrets.

Talks:

Burn the Five Year Plan: An Anti-Roadmap for the Rest of Us

Jerrry Gamblin

Talks:

I am CVE, AMA!

Jessa Gegax

Jessa Gegax is a penetration tester located in Minneapolis, MN. Jessa holds an undergraduate degree in Computer Science and minor in Environment and Natural Resources with research interests in offensive cloud security, IoT devices, and web application/API penetration testing. In their free time, Jessa likes to make art, volunteer, and spend time with their dog (in no particular order).

Talks:

Translating Cybersecurity Expertise into Community Practice: Lessons from Minneapolis Mutual Aid Work - TOKEN: 8

Jie Wu

Jie Wu headshot

Jie is a Senior Security Engineer at Shopify based in New York City, working on cloud security, Kubernetes, and detection engineering to secure cloud infrastructure. She has spoken at KubeCon EU, fwd:cloudsec, and BSides (Chicago, Ottawa, Montréal), covering topics from Kubernetes security at scale to non-human identity accountability in the cloud. Before Shopify, she worked on cyber defense and vulnerability management at Bank of America.

Proving Ground Mentor

Talks:

The Keyless Backdoor: Detecting GCP Workload Identity Federation Abuse

Jimmy Shah

Jimmy Shah headshot

Jimmy Shah specializes in analysis of mobile/embedded threats on existing platforms, threat modeling and threat intelligence. He has been involved with mobile threat research for over two decades. Shah brings a wide breadth of experience in security research on a variety of mobile and embedded/IoT platforms. If it's lighter than a car, has a microprocessor, and is likely to be a target it's probably his problem.

Proving Ground Mentor

João Pedro Tricta

João Pedro Tricta headshot

Known as Tricta, I am 20 years old, Brazilian, and work as a Client-Side Applications Squad Leader, Researcher, and Malware Developer at Hakai Offensive Security. I am passionate about Sysinternals, reverse engineering, low-level, and client-side applications. In my free time, I enjoy programming, gaming, and watching anime. I’m a cat lover and a compulsive pizza eater.

Talks:

Lyra: An LLVM IR Obfuscator for Rust

Joe Leon

Joe Leon headshot

Joe Leon is a security researcher at Aikido Security. He believes the most interesting security research lives in the gap between what users expect and how systems actually work. Before Aikido, Joe led security research at Truffle Security and ran application security assessments at FortyNorth Security. Joe has presented at Black Hat USA, OWASP Global, x33fcon, and Wild West Hackin' Fest.

Talks:

My email address is an API key?

John Stoner

John Stoner headshot

John Stoner is a cybersecurity leader, instructor, and U.S. Army veteran with more than 26 years of combined military, intelligence, and cybersecurity experience, including 16+ years with a focus on Cyber Threat Intelligence (CTI) and threat analysis. He has held senior roles at Google Public Sector (Mandiant), Booz Allen Hamilton, the DoD Cyber Crime Center (DC3), and CACI, leading cybersecurity teams, supporting federal and commercial clients, and delivering actionable intelligence on nation-state threats, malware, and adversary tactics. His expertise includes MITRE ATT&CK, structured analytic techniques, and intelligence-driven defense strategies. Today, John serves as a Senior Technical Instructor, delivering advanced cybersecurity training and speaking at major industry and international events, helping develop the next generation of cyber professionals. John has interviewed and hired over 100 cybersecurity professionals across government and industry and remains active in community mentorship through career villages, The Diana Initiative, and VetSec, helping emerging professionals grow their careers.

Talks:

Cyber Jobs Dumpster Fire: Honest Advice from 2 Veterans

Jordan Schoenherr

Dr. Jordan Richard Schoenherr is a scientist (Humanix), an Adjunct Fellow in the School of Systems and Computing (University of New South Wales), an Adjunct Research Professor in the Department of Psychology and a member of the Institute for Data Science (Carleton University), and the co-Editor-in-Chief for IEEE Transactions on Technology and Society. He has over 20 years of experience conducting research and teaching in higher education. His primary areas of interest are learning and decision-making and metacognition with application in medical education, cyberpsychology (cybersecurity, disinformation, ethical AI, and XAI), and organizational behaviour (incivility, insider threat, and knowledge management). He is the author of Ethical Artificial Intelligence: From Popular Science to Cognitive Science, the forthcoming book series Fundamentals and Frontiers in Medical Education and Decision-Making, and a frequent contributor to The Conversation. His work has been translated into Chinese, French, and Portuguese (Brazilian)and has been featured on Fortune.com and the Straits Times (Singapore).

Talks:

Social Engineering Has a Grammar: Reverse-Engineering the Sequence Behind Real Attacks

Joshua Connolly

Joshua Connolly headshot

Nyt3jmp is a vulnerability researcher by day and hacker trainer by night.

Talks:

Binary Jiujitsu: White Belt and Blue Belt Fundamentals

K. Melton

K. Melton headshot

K. Melton is a strategist, community architect, and reality pentester exploring the fault lines between cybersecurity, cognitive resilience, and human systems. With more than 15 years in the security awareness industry, they specialize in translating complex ideas into human-centered deliverables. Their interests include how influence, perception, and socio-technical narrative function as modern attack surfaces. As Director of Community Events & Programs at the Cognitive Security Institute, K designs collaborative environments—conferences, workshops, experimental spaces, workgroups—where hackers, researchers, practitioners, and curious newbies can discover the emerging field of cognitive security. Their work spans industry, media, and creative pursuits, including executive leadership at KnowBe4, contributions to InfoWarCon, co-host of the No Password Required podcast, artistic commissions, and several of industry legend Winn Schwartau’s books. Through this work, they blend technical insight, storytelling, and art to explore how reality itself can be hacked (and thus defended).

Talks:

Reality Pentesting in Practice: Hands-On Cognitive Red-Teaming

Kane Narraway

Kane Narraway headshot

Kane is the security services engineering lead at Canva, and led similar teams at both Shopify and Atlassian over the past 10 years. Passionate about making security easy, and building secure paved roads into employee workflows so the average person doesn't need to think about security. Kane promises to include pictures of his dog in his presentation and show you on a map where new zealand is located.

Talks:

Paved Roads, AI Potholes: Security Platform Engineering in 2026

Katie Noble

Talks:

I am CVE, AMA!

Kayne McGladrey

Kayne McGladrey headshot

Kayne McGladrey is an independent virtual CISO who helps SMBs and mid-market firms work through cybersecurity, compliance, and risk management. He's the author of the the upcoming book "Cyber Risk is a Myth" and also the author of the GRC Maturity Model, a senior IEEE member, and ranked #1 worldwide for cybersecurity and risk management by Thinkers360. When he's not advising small businesses and Series B startups, you can find him translating complex court cases and regulations into plain English in his weekly newsletter.

Proving Ground Mentor

Kenton McDonough

Kent graduated from Virginia Tech in 2021 with a MS in Computer Science. His research focused on container boundary fuzzing through syscall mutations. He currently heads the Security Automation and Operations team for Engineering at Viasat, Inc, where he's responsible for credential management, RBAC configuration and auditing, just-in-time privilege escalation, PKI, SecDevOps education, and a half-dozen other things. In his spare time, Kent enjoys live music, card and board games, traveling with his partner, and staying active with their 5-year old lab mix.

Talks:

Certificate Transparency logs as OSINT

Kenyatta Thomas

Kenyatta Thomas headshot

Kenyatta Thomas (they/them) is EFF’s Social Media and Video Manager, leading the creation of digital content that educates and mobilizes the public across EFF's online platforms. They come to EFF from a background in youth and reproductive justice advocacy and organizing.

Talks:

Ask EFF

Keren Elazari

Keren Elazari headshot

Keren Elazari is an internationally recognized security analyst, researcher and author, working with leading security firms, government organizations and Fortune 500 companies. As an independent voice on cyber security, Keren Elazari is the first Israeli woman to give a TED talk at the official TED Conference. Keren’s TED talk about hackers has been viewed by millions, translated to 30 languages and is still one of the most watched talks on TED.com on the topic of cyber security. Keren is also the founder of BSidesTLV, Israel's largest security community event, and the co-founder of the Leading Cyber Ladies global network for Women in Cyber Security.

Proving Ground Mentor

Talks:

The Dots Do Matter: Gmail’s Invisible Blindspot

Kim Cote

Kim Cote headshot

Kim Cote is a former software tester turned cybersecurity auditor who brings a holistic, defense-in-depth perspective to tech security. Dedicated to lifting communities, Kim actively mentors newcomers breaking into the industry via Girl Security and by volunteering at student events and conferences. Kim’s creativity and focus extend beyond the office, spending free time exploring aerial arts, music, and D&D (druid for life).

Talks:

Music School Dropout to Cybersecurity Auditor - My Journey Into Cybersecurity

Kora Gwartney

Kora is the Lead Security Engineer at Outside Interactive, the outdoor media company behind Gaia GPS, Trailforks, and Pinkbike, where she covers a bit of everything: incident response, supply-chain issues, and figuring out how the company uses AI safely. She's also a PhD student at UCCS studying social engineering, using cognitive security to exploit how people think and what actually helps people resist it. She's published research on what makes phishing emails psychologically effective, and these days she's interested in the messy intersection where technical controls meet human behavior.

Talks:

Social Engineering the Machine

Kris Rides

Kris  Rides headshot

Kris Rides is the Founder and CEO of Tiro Security, one of the leading cybersecurity staffing and consulting firms in the United States, helping organizations build world-class security teams for more than a decade. He serves as President of the Cloud Security Alliance (CSA) Las Vegas Chapter and Chair of the NCyTE Industry Advisory Board, where he works closely with industry and academia to help shape the future cybersecurity workforce. Kris has been involved with BSides Las Vegas for over 10 years and has spoken at BSides events across the United States, as well as RSA Conference, ISC2, NCyTE, and numerous other industry conferences. He is also the host of the Root to CISO podcast, where he interviews cybersecurity leaders about their career journeys, leadership lessons, and the evolving role of the CISO. Passionate about building and connecting the cybersecurity community, Kris is dedicated to mentoring the next generation of security professionals while exploring how AI is transforming the future of cybersecurity.

Talks:

Root To CISO – Just AIsk

Laura Johnson

Laura Johnson headshot

LJ began her career in the U.S. Army as a 35T (Military Intelligence Systems Maintainer/Integrator), where a hands-on immersion in technology sparked a lasting passion for the field. Today, as Director of Strategic Solutions, she is part of the development and execution of forward-looking initiatives that integrate AI, encryption, data provenance, and zero trust to deliver trusted solutions. LJ brings a systems-level understanding of trust, identity, and access to the conversation around cyber harassment with first hand experience of the longterm affect of being harassed. LJ is committed to helping organizations and communities understand options available when dealing with cyber harassment abuse.

Talks:

Breaking The Silence: Cyber Harassment Research Continued…. - TOKEN: 11

Leo Meyerovich

Leo Meyerovich is the founder and CEO of Graphistry, makers of Louie.ai, and has spent the last decade advancing GPU, graph, and AI technologies for data-intensive investigations. Top industry and government organizations around the world use Graphistry to tackle problems across cybersecurity, money laundering, event analytics, social media analysis, and other event and entity data. Leo holds a PhD in Computer Science from UC Berkeley and pioneered GPU-accelerated visual analytics, helping launch Apache Arrow, GPU dataframes, and the GFQL GPU graph query language. He led the teams that performed the first agentic AI speed-runs of Splunk Boss of the SOC and the team that won the U.S. Cyber Command AI alert volume reduction competition. He has received multiple best paper awards including the SIGPLAN 10-Year Test of Time award.

Talks:

Breaking BOTS II: How frontier AI cheats evals

From Copilot to Commander: Building Agentic AI for Security Investigations

Lindsey Cerkovnik

Talks:

I am CVE, AMA!

Luke Jennings

Luke Jennings headshot

Luke Jennings is a security researcher from the UK. He spent most of his early career focused on red teaming and offensive security research, before moving on to developing new detection and response techniques and designing EDR software. He has now pivoted away from the endpoint to focusing on browser and identity attacks as VP of R&D at Push Security and is the primary author and maintainer of the popular Browser and Identity Attacks matrix.

Talks:

Authorization phishing: how attackers stopped targeting logins

Mackenzie Jackson

Mackenzie Jackson grew up in a traveling circus in New Zealand and traded juggling fire for something even more dangerous: application security. As Field CTO at Aikido Security, he helps tech leaders understand how hackers actually break things. He’s the co-founder and former CTO of Australian health tech company Conpago, he’s spoken in 30+ countries, hosts The Disclosure Podcast, and still insists New Zealand makes the best coffee.

Talks:

Turning GitHub Issues Into RCE: Exploiting AI Agents in CI/CD Pipelines

The Synthetic Insider: Securing Non-Human Identities in Cloud Workflows

Hacking My First Web App: A Hands-On Lab to Exploit & Fix Real Flaws

Madison Ficorilli

Talks:

I am CVE, AMA!

Mansoor Ahmad

Mansoor Ahmad is an offensive security professional who has always had a curiosity about how things worked. Mansoor studied computer stuff formally, and also worked as a news photographer. When he’s not working, eating or sleeping, Mansoor likes to practice photography and taking naps.

Talks:

Catch Me If You Can: Hooking your way into encrypted intimate IoT traffic

Marcelle Lee

Marcelle Lee is the CEO and founder of Fractal Security Group. She brings over twelve years of experience in cybersecurity, and her journey has taken her through some of the most elite teams in the field, including Secureworks Counter Threat Unit (CTU) and the Equinix Threat Analysis Center (ETAC). She's a security consultant, threat researcher, educator, and intel analyst with deep expertise in cyber threat intelligence, digital forensics, intrusion analysis, security operations, and technical writing. She has contributed to both government and private sector initiatives, bringing a well-rounded perspective to cyber defense and threat research. Before transitioning into cybersecurity, Marcelle led operations and managed complex projects across various industries. A frequent speaker at conferences and training events, Marcelle is deeply committed to advancing the cybersecurity field and empowering the next generation of professionals. She is an active leader in the cyber community, serving on boards and working groups such as the Women’s Society of Cyberjutsu. She is also an enthusiast of cyber competitions, both as a builder and participant. Marcelle holds numerous industry certifications, including CISSP, GCFA, GCIA, GCIH, GPEN, GISF, GSEC, GCCC, C|HFI, C|EH, PenTest+, CASP+, Security+, and Network+. She has earned four academic degrees, including a Master’s in cybersecurity. Her contributions have been recognized with honors such as the Chesapeake Regional Tech Council Women in Tech (WIT) Award and the Volunteer of the Year award from the Women’s Society of Cyberjutsu.

Talks:

Threat Actors: Gotta Catch Them All

MARK MONTGOMERY

MARK MONTGOMERY headshot

Mark is the Senior Director of the Center on Cyber and Technology Innovation and a Senior Fellow at the Foundation for Defense of Democracies. At CCTI, he develops policies that work to secure our national critical infrastructures in cyberspace. As a senior fellow he works with beleaguered democracies such as Taiwan, Ukraine, South Korea and Israel. He was previously Executive Director of the Cyberspace Solarium Commission and Policy Director of the Senate Armed Services Committee under Senator John McCain. Mark served for 32 years as a nuclear-trained surface warfare officer in the U.S. Navy, retiring as a Rear Admiral. His flag assignments included Director of Operations at U.S. Pacific Command; Commander of Carrier Strike Group 5; and Deputy Director, Plans, Policy and Strategy at U.S. European Command.

Talks:

Taiwan Conflict: Most Likely/Most Damaging

Matthew Canham

Dr. Matthew Canham is the Executive Director of the Cognitive Security Institute and a former Supervisory Special Agent with the Federal Bureau of Investigation (FBI). He has a combined twenty-one years of experience conducting research in cognitive security and human-technology integration. His research focuses on the cognitive factors in synthetic media social engineering and online influence campaigns. He was previously a research professor with the University of Central Florida's Behavioral Cybersecurity program (in the School of Modeling, Simulation, and Training). His work has been funded by NIST (National Institute of Standards and Technology), DARPA (Defense Advanced Research Projects Agency), and the US Army Research Institute. He has provided cognitive security awareness training to the NASA Kennedy Space Center, DARPA, MIT, NATO, the Voting and Misinformation Villages at DefCon, and the Black Hat USA security conference. He holds a PhD in Cognition, Perception, and Cognitive Neuroscience from the University of California, Santa Barbara, and SANS certifications in mobile device analysis (GMOB), security auditing of wireless networks (GAWN), digital forensic examination (GCFE), and GIAC Security Essentials (GSEC).

Talks:

Putting the CAT in the HAT: Exploring Cognitive Threats in the Context of Human Autonomy Teams (HAT)

Matthew Rogers

Matthew Rogers headshot

Matthew Rogers, PhD, is an OT Cybersecurity Expert at CISA, where he leads Secure by Design for OT as well as the CI Fortify initiative. Prior to CISA, Matthew built detection systems for planes, trains, and tanks as a founding engineer at Shift5.

Talks:

CI Fortify

Meghan Jacquot

Meghan Jacquot is a Cybersecurity Engineer with Carnegie Mellon University’s Software Engineering Institute (SEI) in the CERT division, which is a Federally Funded Research Development Center (FFRDC). She is on the cyber risk and resilience team. She is also an adjunct professor of cybersecurity at Carnegie Mellon University within the Heinz College of Information Systems and Public Policy. Within her work at CERT, Meghan has led a team to develop generative AI bots for offensive security, analyzed international cybersecurity frameworks for comparison with U.S. cybersecurity maturity frameworks, and worked on the enhancement of resiliency for cybersecurity maturity models and training. She enjoys working on emerging technology and cyber resiliency. Prior to CERT, Meghan worked as a cybersecurity engineer at an offensive cybersecurity startup, where she focused on pentesting and bug bounty programs for a variety of industry sectors. She has also worked at a large threat intelligence organization, Recorded Future, as a cybersecurity analyst on their Insikt (Swedish for insight) team. She conducted research on threat vectors and advanced persistent threats. Meghan has been published multiple times in WIS Magazine and the US Cybersecurity Magazine. She has also been the guest on podcasts, webinars, and spoken at conferences such as RSAC, OWASP Global AppSec, BlackHat, and DEF CON. Meghan holds a master’s degree from California State University and bachelor’s degrees from the University of Illinois at Urbana-Champaign and the University of Maryland. Throughout the year, she helps a variety of organizations including DEF CON as a SOC GOON, CyberCanon, The Diana Initiative, and OWASP. She often reviews CFPs and mentors new speakers. She runs two cyber book clubs, that anyone is welcome to join (HBC - https://hackerbookclub.com/ and DMV books - https://bit.ly/DMVBooks). To relax she also spends time visiting national parks with her partner and hanging with her chinchilla. She’s happy to connect with others on LinkedIn: https://www.linkedin.com/in/meghan-jacquot-carpe-diem/. Prior to diving into her career in cybersecurity, Meghan managed a STEM maker lab, conducted IT work for K-12 schools, and taught AP computer science and engineering to 11-12th graders.

Proving Ground Mentor

Michael Brown

Michael Brown headshot

Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, Associate CCISO is an information security professional and leader with years of experience in IT and information security/cybersecurity. While a security consultant advisor, he worked with clients in the healthcare, financial, manufacturing, and other sectors to assess their security programs and work with them to improve and mature their security posture. He is now Security and Compliance Director for FRG Systems, ensuring their HITRUST and SOC compliance. He is experienced with a variety of security regulations, frameworks, and standards. A seasoned speaker and presenter, he has presented at SFISSA, BSides Tampa, St Pete, and Orlando, HackMiamiCon, and ISSA International. He is an ISSA Fellow and Secretary and past president of the South Florida Chapter of ISSA and is a member of ISACA, ISC2, Infragard, IAPP, and the CISO Society.

Talks:

IT Security Certifications: Everything you wanted to know and more

Michael Reimsbach

Michael is a Product Security Specialist at SAP, working with the SAP Cloud Infrastructure security team. His focus areas include vulnerability management, secrets management, and building secure internal services. He obtained multiple industry certifications such as OSCP, GCPN, and CISSP. A healthy dose of paranoia led him to explore OSINT and the surprising power of publicly available information. Beyond his day-to-day work, Michael is an active member of the cybersecurity community and helps organize BSides Luxembourg.

Talks:

Ghost in the Hiring Machine: How to Spot Fake Personas Before They’re on Your Payroll

Mikael Vinding

Mikael is a CISO, private pilot, and recovering hacker kid shaped by dial-up, early Danish hacker BBS culture and a healthy dose of cyberpunk paranoia. He operated one of Denmark’s early hacker BBSs, later worked with the Danish Ministry of Foreign Affairs in ways that sound more mysterious than he is allowed to explain, and still loves helping new people in the field find their way through the neon fog of cybersecurity.

Talks:

Dr. Strangeprompt, or How I Learned to Stop Coding and Love my AI

Mohit Bansal

Mohit Bansal headshot

Mohit Bansal is Senior Manager, Security Engineering at Webflow, where he leads the team responsible for securing the developer toolchain across incident response, vulnerability management, and security DevOps. His work sits at the intersection of open source trust and enterprise defense: detecting and responding to compromised npm packages before they reach production, building detection capabilities for supply chain intrusions, and turning real incident forensics into repeatable playbooks. He has led response efforts against npm supply chain attacks ranging from RAT-laden packages targeting engineer workstations to sophisticated intrusions that abuse legitimate provenance mechanisms like SLSA. Mohit speaks and publishes on software supply chain security, contributes to OWASP and CSA. When he's not investigating suspicious package behavior, he's probably thinking about how provenance attestation still isn't enough.

Talks:

89 Seconds to Compromise: Inside npm Supply Chain Attacks and How to Fight Back

Moshe Bernstein

Moshe Bernstein is a Senior Security Researcher specializing in cloud vulnerability research at Tenable. With over a decade of experience in cybersecurity, Moshe has developed a strong focus on network and operational security, web vulnerability research, AI, and cloud infrastructure security. He enjoys presenting his research at conferences around the world, and is always on the lookout for new challenges.

Talks:

Agents of Chaos: A Systemic Approach to Finding GCP 0-Days

Nathan Sawyer

I am a student studying cybersecurity who enjoys low level topics. I also enjoy hockey, lacrosse, skiing and snowboarding.

Talks:

Stack Overflow, but the Largest Byte is 3F

Noelle Murata

Noelle Murata headshot

I'm Noelle. I started in technical security program management and ended up as a Senior Application Security Engineer, mostly because I got tired of writing policies that code didn't enforce. Thirteen years ago, I started HushCon in Seattle; it's still running, occasionally in New York too. I start conferences for fun. This talk is what happens when I don't.

Talks:

Prompt Injection Is an Auth Bug: The Case Against Bearer Tokens in an Agentic World

Olivier Bilodeau

Olivier Bilodeau is a Principal Researcher at Flare with 15+ years in infosec, working at the intersection of threat intelligence, prototype-building, and adversary deception. His current research focuses on information stealer ecosystems and the forensic value buried inside stealer logs. He previously presented at BlackHat USA, DEFCON, SecTor, DerbyCon, Botconf, and more. He co-organizes MontréHack, serves as Vice-President of NorthSec, and runs its Hacker Jeopardy.

Talks:

S.L. Confidential: The Dirty Secrets of InfoStealers - TOKEN: 3

Or Eshed

Or Eshed is co-founder and CEO of LayerX Security. Or has over 15 years of cybersecurity experience as an ML developer, security and intelligence researcher, and cybersecurity analyst. Prior to founding LayerX, Or worked as a cyber threat intelligence analyst at Check Point, Otorio, and ABN AMRO Bank. His work has led to the arrest of at least 15 threat actors and the exposure of the largest browser hijacking operation in history, with over 50 million browsers compromised. He has also written and spoken extensively on topics of cybersecurity, including at leading conferences such as RSA, DEF CON, and BSides Las Vegas. In addition, Or holds an MSc in Applied Economics.

Talks:

Abusing Agentic AI Browsers: An Exploit-Based Approach

Or Sahar

Or Sahar is a security researcher at Reflectiz who has spent more than two decades breaking, building, and securing software—not necessarily in that order. She gets genuinely excited about discovering new vulnerabilities, finding new ways to exploit old ones, or, ideally, doing both at once. Or loves snowy mountains and is still wondering how the hell she ended up in Las Vegas—again.

Talks:

Who Let the DAGs Out: When Your Orchestrator Plays the Wrong Tune

Paul Roberts

Paul Roberts headshot

Paul Roberts is the President of the Secure Resilient Future Foundation (SRFF) Paul is a respected cybersecurity journalist and industry analyst with more than two decades of experience covering the cybersecurity beat. He is the Publisher and Editor in Chief of The Security Ledger, an independent online publication founded in 2012 to focus on the cybersecurity of the Internet of Things. Since 2021, Paul has also served as the Director of Editorial Content at ReversingLabs, a provider of cloud-based intelligence on malware and software supply chain risks. Beginning in 2018, Paul spearheaded efforts to organize the information security community to support a legal right to repair. That year, he founded Secure Repairs (https://securepairs.org) —a network of more than 400 IT and cybersecurity professionals fighting for a legal right to repair our devices. In 2019, Paul became a board member at The Repair Association (Repair.org), the leading non-profit group advocating for a legal right to repair. Paul's work in the right to repair movement led him and others to advocate for needed changes in software security. In 2024, Paul joined with leading figures from the information security, environmental and consumer advocacy movements to co-found SRFF - the Secure Resilient Future Foundation (https://secure-resilient.org), a 501(c)(4) non-profit that advocates for policies and practices that enhance the security, privacy, and resilience of The Internet of Things.

Talks:

Operation Graceful Exit: Creating Smart Policies For Software End of Life

Peter Manev

Member of the executive team at Open Network Security Foundation (OISF) and Suricata Project Evangelist. I have over 20 years of experience in the IT Security industry, including enterprise-level practice. Passionate user, developer, and explorer of innovative open-source security software. I have been involved with Suricata IDS/IPS/NSM from its very early days in 2009 as QA and training lead. Co-founder and chief strategy officer (CSO) of Stamus Networks, a company providing commercial and open-source network detection and response solutions based on Suricata. One of the lead maintainers of ClearNDR Community - https://www.stamus-networks.com/clear-ndr-community (former SELKS), the popular turnkey open-source based implementation of Suricata IDS/IPS/NSM. Co-author of The Security Analyst’s Guide to Suricata book - https://www.stamus-networks.com/suricata-4-analysts written with Eric Leblond. SEPTun I -https://github.com/pevma/SEPTun/tree/master and SEPTun II - https://github.com/pevma/SEPTun-Mark-II Suricata ExtremePerformance Tuning series. Peter is a writer, content creator and open source contributor about Network Cyber Security and authored over 150 blogs , 500 threat hunting visualizations and dashboards for Kibana/Elasticsearch - https://github.com/StamusNetworks/KTS7 and OpenSearch - https://github.com/StamusNetworks/KTS7/tree/opensearch2-v1 , written over 2000 detection rules, developed over 150 threat hunting trigger routines. Authored scientific papers on Cyber Security Strategy and Defense. Peter has developed and delivered over 100 hands on Cyber Security trainings and workshops for different government, public, private and defense organizations in US and Europe like the US Space command, US Missile command, NATO units. 10 years of hands on experience and instructor for NATO Counter Cyber Operations and Offensive Cyber Operations units in some of the largest live-fire cyber exercises such as Crossed Swords, Locked Shields. Peter often engages in private or public training, workshops and speaking events in the area of cyber security and threat hunting at conferences such as DeepSec, FOSDEM, Troopers, BotConf, BSides, DefCon, Suricon, HackLu, SharkFest, RSA, Flocon, MIT Lincoln Lab and others.

Talks:

Engineering the Hunt: Developing AI SKILLs for Network Security Monitoring

Philip Almueti

Talks:

Hands on with USB HID Attacks

Philip Almueti

Almost two decades of production incident management and infrastructure design in the cloud, finding my way back to my roots by dabbling in the arts of Sisyphus.

Talks:

Hands on with USB HID Attacks

Priyank Nigam

As an senior security engineer, Priyank's primary areas of focus is conducting security exercises that emulate real-world threats impacting billions of users. He is well-known for his expertise in identifying high-impact vulnerabilities and has shared his research openly through various industry conferences. His forte is full-stack security assessments via threat modelling, penetration testing and secure source code reviews. In the past, he has advised Fortune 500 brands and startups and does mobile and IoT related research in his spare time. As a new parent, he is now (re)learning hacking from his toddler(s) who defeat all the "restrictions" to do whatever the hell they originally intended.

Talks:

Open Relays in 2026: Red Team Initial Access Vectors

Qiancheng Wu

Qiancheng (Mark) Wu is a Senior Software Engineer at Roblox specializing in network and AI security. He works on network segmentation, host-based eBPF security solutions, hybrid network monitoring, and AI security infrastructure. Mark also serves as a reviewer for journals such as IEEE Transactions on Reliability and conferences such as ASE 2024 and WACV 2025. With a background in AI research and formal verification at UC Berkeley, he is passionate about bridging traditional network defense with intelligent automation to provide a safe world for players.

Talks:

Minutes from Malice: Detect Cloud Exposures in Minutes

Rachel Benson

Tarun Koyalwar is an AI Researcher for Offensive Security at ProjectDiscovery, where he works on the tracing, evals, and benchmarking behind Neo, PD's offensive security agent. He's self-taught, starting with CTFs, TryHackMe, and web security labs before reporting over 50 vulnerabilities in his first year of bug bounty in 2021. He joined ProjectDiscovery to build and improve offensive tooling, and is a core contributor and maintainer of Nuclei as well as the author of Alterx and Vulnx. He has presented at DEF CON's Bug Bounty Village, Black Hat Asia Arsenal, and BSides Ahmedabad. At BSides Las Vegas 2026, he takes a closer look at how offensive security AI agents, both frontier and open weight, actually behave in 2026.

Talks:

Watching Agents Work: A Behavioral Audit of 189 Offensive-Security LLM Runs

Rafael Felix

Rafael Felix headshot

Rafael has been working with malware development for 5 years, also being involved in the malware community for more than 7 years. He is also experienced in Incident and Response, specifically during malware inner workings analysis. Currently, Rafael is a researcher for Hakai Offensive Security (https://hakaisecurity.io/), being deeply involved with red-team operations.

Talks:

Lyra: An LLVM IR Obfuscator for Rust

Ramazan Uysal

Ramazan Uysal headshot

Ramazan has worked across military, finance, and technology sectors on both offensive and defensive security, with experience spanning penetration testing, malware reverse engineering, threat intelligence, and incident response. For the past 5+ years, he has focused exclusively on detection and response at Atlassian — a field he is passionate about. He enjoys digging into attacker behavior, understanding how threats evolve, and turning that knowledge into practical defenses.

Talks:

Hunting North Korean Malware Over the Years - TOKEN: 13

Reynaldo Vasquez Garcia

Rey started out finding bugs and holes in websites at 15. He began attending local infosec meetups in Portland, Oregon—like RainSec and PDX2600—soaking up everything he could. After stumbling across a creepy surveillance device at his high school, he drifted into hardware security and reverse engineering. He’s determined to keep learning and digging deeper.

Talks:

How to Ransomware USB Devices

Ricki Burke

Ricki Burke headshot

Ricki Burke is the Founder and Managing Partner of CyberSec People, a cybersecurity search firm. He has spent the last decade embedded in the infosec community, running career programs at Black Hat USA, Asia, and Europe, BSides Melbourne, and BSides Canberra, as well as co-organising BSides Gold Coast and SecTalks Gold Coast.

Talks:

Come With Me If You Want a Job

Rishi (@rxerium)

Rishi is a London-based security researcher with experience in vulnerability research, threat intelligence, and enterprise risk analysis. His work focuses on identifying zero-day vulnerabilities and emerging CVEs, with a particular interest in building detection logic before threats are publicly weaponised. He works across both offensive and defensive disciplines, developing threat models grounded in real-world TTPs, writing detection rules, and automating reconnaissance to uncover exposed assets at scale. Attack surface management and OSINT are areas he keeps coming back to, specifically the challenge of mapping exposure that organisations often don't know exists. Outside of his day job, Rishi contributes to open source security tooling through Project Discovery and OWASP, part of the leadership team of the UK OSINT Community, and occasionally speaks at community events including DEF CON and BSides.

Talks:

Ghost in the Hiring Machine: How to Spot Fake Personas Before They’re on Your Payroll

Robert Mitera

Robert Mitera headshot

Bobby the Phish Associate Director of Global Attack Surface Management & "Fleet Admiral" "Bobby the Phish" is a deep-sea defensive security leader and elite operational navigator currently serving as the Associate Director of Global Attack Surface Management. Known across the infosec ecosystem for charting clear paths through turbulent digital waters, BTP commands a high-performing Attack Surface and Vulnerability Management fleet tasked with tracking, netting, and neutralizing threats across vast global oceans of enterprise infrastructure and data. When it comes to executing massive global infrastructure, ERP, SAP, and Guidewire initiatives across the Financial Services, Transportation, Pharma, Manufacturing, and Tech sectors, Bobby specializes in wrangling the gentle giants. He has successfully steered absolute whales of complex projects safely into harbor, proving that massive scale just requires a stronger hull and the right navigation. But don't let the steady maneuvering fool you—when a security crisis strikes, Bobby hunts like an apex predator. He moves with the blinding speed of a sailfish to slice through technical chaos, deploying tactical precision to isolate vulnerabilities before the sharks even smell blood in the water. Believing that an entire ecosystem relies on the strength of its school, Bobby has dedicated a massive portion of his career to mentorship, having personally trained a massive pod of more than 10,000 professionals globally in project management methodologies. He swims onto the BSides Las Vegas stage ready to share hard-earned strategies on how to lead technical teams through high-pressure depth charges, navigate cross-industry complexity, and successfully herd catfish in Kevlar without sinking the ship.

Talks:

Root Access to Reality — A Project Management Bootcamp for Hackers

Rodrigo Montoro

Rodrigo Montoro is the CTO at Clavis Security, bringing over 25 years of leadership and technical expertise to the information technology and cybersecurity landscape. Throughout his career, Rodrigo has been a pioneer in open-source security, specializing in incident detection, response, and Cloud Security. A two-time patented inventor, he holds proprietary technologies for detecting malicious digital documents and analyzing malicious HTTP traffic. With a resume that includes key research roles at Tenchi Security, Apura, Tempest, Sucuri, and SpiderLabs, Rodrigo is a globally recognized authority who frequently speaks at elite conferences such as DEF CON Workshops, DEF CON Cloud Village , Black Hat Brazil Summit, SANS (DFIR, SIEM Summit, CloudSecNext), Source (Boston and Seattle), Toorcon (San Diego), Sector Canada , and BSidesLV.

Talks:

AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity

Rory Mir

Rory Mir (they/them) is Director of Open Access & Tech Community Engagement at EFF, where they drives advocacy on access to knowledge, emerging technologies, and user autonomy. They also partner with community builders, experts, and other EFF volunteers to foster strategic coordination and knowledge sharing. Before EFF, Rory was a cybersecurity educator and an academic researcher on the socio-psychological impacts of digital technology

Talks:

Ask EFF

Ryenn White

Ryenn White headshot

Ryenn White (she/her) is a Red Team Consultant for Google Public Sector, where she conducts a wide range of offensive security assessments for public sector organizations. She previously worked in offensive security for a leading telecom company, and holds particular interest in OT/IoT testing, as well as physical security assessments. Ryenn is passionate about mission-driven offensive security that has a direct impact on society and is motivated by the opportunity to strengthen the security of critical infrastructure and services.

Talks:

Wi-Fight Club: I am Jack’s Evil Twin

Samantha Swift

Samantha Swift headshot

Samantha has been happily entrenched in the cybersecurity industry for over 25 years. During this time, she has helped hundreds of organizations of all shapes, sizes, and geographies recover and learn from cyberattacks, defined strategy for pioneering security products and technologies, and is a regular speaker at security conferences around the world. She's a security person first and foremost, which despite now having "marketing" in her job title at Cyberr, she's definitely not your usual CMO. Sam is on the advisory board and senior council for The Hacking Games, having joined their mission in 2023. She authors articles and blogs for various security publications, has a strong passion for mentoring and coaching, and is a serial volunteer at cybersecurity community events. Sam's on the organisation teams for three UK BSides conferences (Newcastle, Leeds, and Lancashire), volunteers as a SOC Goon at Def Con, and has won various awards including CSO30 UK, TechWomen100, and Top 20 Most Inspiring Women in Cyber. She had her first job in tech when she was 6 years old, hates liquorice, and can "flip catch" 51 beermats in one hand.

Talks:

(A)I Feel the Need: The Need for Ludicrous Speed

Saquib Saifee

Saquib Saifee headshot

Saquib is a Security Engineer at IBM working on Security for AI and AI for Security, along with supply chain security and vulnerability management. He holds CISSP and eCPPT certifications and focuses on secure architecture, with a background in offensive security. He enjoys designing systems that make the safe path the easy one and shift left. He has contributed to open source security initiatives such as OWASP CycloneDX, the OWASP GenAI Security Project, and more, and he also helps lead internal efforts to grow employee participation in open source security. He has spoken on panels and presented to both technical and non-technical audiences on a variety of security topics.

Talks:

MCP Servers Are a New Attack Surface: A Practitioner’s Guide to Building and Using Them Securely

Quality Over Quantity: A Targeted Approach to Breaking Into Cybersecurity

Sarah Miller

Sarah Miller headshot

Dr. Sarah K. Miller is full-time professor of Emergency Management at Pierce College in Washington. She has worked at all levels of government in a variety of emergency management and public safety roles for more than 30 years. She has a passion for community preparedness and specializes in actionable risk communication.

Talks:

Making Preparedness and Personal Resilience Approachable

Scoubi Dou

Mathieu Saulnier is a cybersecurity leader with 20+ years in Threat Research, Detection Engineering, Threat Hunting, and Incident Response. He has led diverse, global teams to success and shared his expertise on stages at Derbycon, SANS Summits, RSAC, SecTor, and BSides worldwide. A dedicated community mentor with DEF CON’s Blue Team Village and co-organizer of NorthSec and DEATHcon, Mathieu now serves as Product Manager for BloodHound, empowering attackers and defenders to audit and secure complex environments.

Proving Ground Mentor

Sindre Breda

Sindre Breda headshot

Police officer turned computer forensic investigator, turned analyst/developer. Sindre started his career as a street cop that quickly switched to computer forensics/mobile forensics with key focus on online child abuse. From 2018 he worked at the Norwegian "National Criminal Investigation Service", more commonly known as Kripos. At Kripos he worked with analyzing data that the commercial forensic toolkits did not parse/present, most actively in the investigations of the ransomware attack against Norsk Hydro in 2019. Currently working as a Solutions architect at Graphistry.

Talks:

From Copilot to Commander: Building Agentic AI for Security Investigations

Slava I. Maslennikov

Slava I. Maslennikov headshot

Slava spends his daylight hours consulting on Cloud, Site Reliability, Management, Leadership, and AI. By night, he builds Meshtastic and MeshCore workshops for your local conference and engineers communications solutions for Undisruptable27. His two orange cats work hard to distract him throughout.

Talks:

Broadcast, Don’t Chat: Hyperlocal Emergency Comms on $11 Radios Or: Why the Mesh Won’t Save You

Sounil Yu

Sounil Yu headshot

Sounil Yu is the author and creator of the Cyber Defense Matrix and the DIE Triad, which are reshaping approaches to cybersecurity. He's a Board Member of the CMMC Cyber Accreditation Body; senior fellow at GMU Scalia Law School's National Security Institute; guest lecturer at Carnegie Mellon; and advisor to many startups. Sounil is the co-founder and Chief AI Safety Officer at Knostic and previously served as the CISO at JupiterOne, CISO-in-Residence at YL Ventures, and Chief Security Scientist at Bank of America. Before BofA, he helped improve information security at several Fortune 100 companies and Federal Government agencies. Sounil has over 20 granted patents and was recognized as one of the most influential people in security by Security Magazine and Influencer of the Year by SC Awards. He is a recipient of the SANS Lifetime Achievement Award and was inducted into the Cybersecurity Hall of Fame. He has an MS in Electrical Engineering from Virginia Tech and a BS in Electrical Engineering and a BA in Economics from Duke University.

Talks:

The DIE Triad: The Past Present and Future of Security and How to Stop It

Stacey Higginbotham

Stacey Higginbotham headshot

Stacey Higginbotham is a policy fellow focused on cybersecurity for the tech advocacy team at Consumer Reports. She has been writing about technology for 20 years in major publications such as Fortune, PCMag, IEEE Spectrum and MIT Technology Review. In 2015 Stacey founded “The Internet of Things Podcast” and a weekly IoT newsletter where she explained the latest IoT news and tested the latest in consumer IoT devices. She has recently started her own consulting practice and is working with CR on public policy work around security for connected devices.

Talks:

Operation Graceful Exit: Creating Smart Policies For Software End of Life

Steven Bernstein

Working in the field of Digital Identity since 2002, SciaticNerd is actively involved in the San Antonio Information Security community. He participates with local groups and diligently works to promote involvement with computing, security, and technology, and works to support the security curious.

Talks:

Kill the Login: Continuous Trust in the Age of AI

Susan Paskey

Susan Paskey enjoys researching authentication, identity systems, and user behaviors with a background in threat hunting, detection engineering, and insider threat investigations. Her passion for empowering others has led to active leadership roles in the Raleigh-Durham infosec community, leading DEF CON Group 919 and serving as Director of Community Engagement at cackalackycon. She welcomes conversations with practitioners tackling similar challenges and is always open to exchanging ideas about defending against or simulating determined adversaries.

Talks:

Everything I had to learn about Passkeys

Tamas Nyiri

Tamas Nyiri headshot

Tamas Nyiri is an AI/ML Engineer with diverse experience spanning AI research in interpretability, LLM-based agentic systems, production ML pipelines, and neural network optimizations.

Talks:

Your Training Data Is Too Boring: Surfacing the Long Tail With Anomaly Detection and LLMs

Tetsuro Ishida

Tetsuro Ishida headshot

Tetsuro Ishida is a security researcher at Fujitsu Defense & National Security LTD focused on vulnerability research in industrial protocols. After earning Master's Degree at Graduate School of Okayama University in March 2024, he joined NRI SecureTechnologies, Ltd., focused on IoT penetration testing and security assessment in automotive ECUs for two years. In March 2026, he joined his current department at FDNS, where he is mainly focused on offensive security such as Hardware security / Side channel attack / vulnerability research in industrial protocols.

Talks:

From Forest to Bonsai: Pruning and Explaining Logs for Air-Gapped IoT Devices Using Local LLM

Thanatos ThatCyberGuy

Thanatos ThatCyberGuy headshot

A veteran cybersecurity and intelligence leader with 20+ years of combined military and civilian experience. Beginning as a U.S. Army Signals Intelligence (SIGINT) Analyst, they spent nearly a decade supporting critical intelligence missions and overseas operations including KFOR and OEF, working extensively with 5-Eyes Partners, building a strong foundation in analysis, operational planning, and national security. Transitioning from military service into cybersecurity, they have spent the past 15+ years specializing in Cyber Threat Intelligence (CTI), adversary tracking, and strategic cyber operations. Their career has included leadership roles across the Department of Defense, federal agencies, and the private sector. With expertise in SIGINT, threat analysis, incident response, and intelligence-driven defense, they have supported hundreds of organizations in strengthening resilience against evolving adversaries. In addition to operational leadership, they are an accomplished instructor and speaker, delivering advanced cybersecurity training and presentations at major industry conferences.

Talks:

SIGINT and the U.S. Intelligence Community: What I Actually Did During OEF - TOKEN: 9

Tibor Kristóf Lányi

Tibor Kristóf Lányi headshot

Tibor Kristóf Lányi is a data scientist and machine learning engineer with a master’s degree in computer science from the University of Szeged. He began his career in DevOps before transitioning to data science, where he contributed to a Retrieval-Augmented Generation (RAG)–based virtual assistant. His current work focuses on cybersecurity, particularly security modeling and identity risk scoring.

Talks:

Your Training Data Is Too Boring: Surfacing the Long Tail With Anomaly Detection and LLMs

Tobias Mueller

Tobias Mueller headshot

Tobias Mueller is a cybersecurity expert with over a decade of experience spanning academia, applied research, and consulting. He holds a PhD in cryptography, is a CISSP, CISM, and OSCP as well as a certified ISO 27001 auditor. Tobias supports clients in the financial and insurance sectors with red teaming, incident response, SOC design, compliance, and third-party risk management.

Talks:

ACME for S/MIME and the S/MIME ecosystem

Tod Beardsley

Tod Beardsley is VP of Security Research at runZero, where he "kicks assets and fakes frames." Prior to 2025, he was the Section Chief for the Vulnerability Response section for CSD/VM/VRC at CISA, the Cybersecurity and Infrastructure Security Agency, part of the US government, and a seasonal Travis County Election Judge in Texas. He's also a founder and CNA point of contact for AHA!. Tod spends much of his time involved in vulnerability research and coordinated vulnerability disclosure (CVD). He has about 40 years of hands-on security experience, stretching from in-band telephony switching to modern ICS/OT implementations. He has held IT ops, security, software engineering, and management positions in large organizations such as the US Government, Rapid7, 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Tod is a CVE Board member, has authored several research papers, and is an internationally-tolerated horror fiction expert. Tod asserts his identity and contact information at https://github.com/todb

Proving Ground Mentor

Talks:

I am CVE, AMA!

Virginia Wright

Virginia “Ginger” Wright is the Chief Technology Officer for the Critical Infrastructure Security and Resilience Division and the program manager for Cyber-Informed Engineering (CIE) at the Idaho National Laboratory (INL). She leads INL’s implementation of the National Strategy for Cyber-Informed Engineering developed by the Department of Energy. Cyber-Informed Engineering was the 2026 winner of the Research Impact Cyber Policy Award from the Institute for Security and Technology. Ms. Wright has led multiple cyber research programs at INL including DOE-CESER’s Cyber Testing for Resilient Industrial Control Systems (CyTRICS™) program, Software Bills of Material for the Energy Sector, critical infrastructure modeling and simulation, and nuclear cybersecurity. Ms. Wright has a Bachelor of Science in Information Systems/Operations Management from the University of North Carolina at Greensboro. She is an appointed fellow of the Control System Cyber Security Association International.

Talks:

The Water Must Flow

Mitigating Digital Risk in Critical Infrastructure

Vitaly Simonovich

Talks:

C(2)YA: Inside the Adversary’s Inbox

Willie Zhang

Willie Zhang headshot

Willie Zhang is an Offensive Security Consultant with experience protecting companies by thinking like an attacker. What started as a $1 online course on ethical hacking in college turned into a career built on finding the gaps in systems that aren't supposed to have any. Willie has a growing passion for understanding and attacking AI systems, building on a foundation of testing everything from corporate networks to the humans that run them. When he's not learning something new, Willie is in a League of Legends lobby, because apparently cybersecurity isn't chaotic enough.

Talks:

For Prompt Injection, Press 1: Hacking AI Voice Agents

yltsi ?

Proving Ground Mentor

Yonesy Nunez

Talks:

Root To CISO – Just AIsk

Yu Terada

Yu Terada is a Red Team Consultant and Security Researcher at Fujitsu. Previously, he worked as a SOC analyst and CSIRT member for over five years. Currently, his main responsibilities focus on conducting red team operations and cyber exercises, alongside developing attack methods and tools. He has spoken at Black Hat USA/Europe, BSides Las Vegas, CODE BLUE, and several conferences in Japan. He holds a Master’s degree in Computer Science and various certifications, including OSEP, OSCP, CRTL, CETP, ODPC, CISSP, and GIAC.

Talks:

Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel

Z Z

Sent the paper to Skytalks - no bio

Talks:

How to Break Into My Home - Home Alarm Hacking 101 - TOKEN: 12