Speakers

Jack Daniel ( KEYNOTE )

A regular, featured speaker at ShmooCon, SOURCE Boston, DEF CON, RSAand other marque conferences, Jack is widely considered a leadingtechnology community activist. He is co-host of Security Weekly andserved as director of the National Information Security Group (NAISG).He is co-founder of Security BSides, and his Uncommon Sense Securityblog has been named to the Security Bloggers Network Hall of Fame.Current Position: As Strategist, Jack helps develop TenableSecurityCenter and provide valuable insight to consumers about currentIT trends.

Christopher Ahlberg (KEYNOTE)

Dr. Christopher Ahlberg Ph.D. Co-founded Recorded Future Inc. in 2009 and serves as its Chief Executive Officer. Dr. Ahlberg co-founded Spotfire Inc. in 1996 and served as its Chief Executive Officer from 1996 to 2007. He served as an Executive Vice President and President of Spotfire Division of TIBCO Software Inc. from 2007 to March 1, 2009. He serves as a Director of Fina Technologies, Inc. He serves as a Director of Hult International Business School. He serves as Member of Advisory Board at Dataspora LLC. He served as Director of Spotfire, Inc. He served as Director of Apptus Technologies AB. 

He was named among the World's Top 100 Young Innovators by Technology Review, MIT's Magazine of Innovation, in2002. He has lectured and consulted extensively for industry,academia, military and intelligence communities - as well as published& lectured in computer science, psychology, linguistics, biology and chemistry. Dr. Ahlberg earned a Doctorate (Ph.D.) from Chalmers University of Technology and has been a visiting researcher at the University of Maryland.

Yury Chemerkin - " Your defense and risk management – it’s complicated "

Yury Chemerkin has ten years of experience in information security.He is multi-skilled security expert on security & compliance andmainly focused on privacy and leakage showdown. Key activity fieldsare EMM and Mobile Computing, IAM, Cloud Computing, Forensics &Compliance. He published many papers on mobile and cloud security,regularly speaks at conferences such as CyberCrimeForum, DefCamp,HackerHalted, NullCon, OWASP, CONFidence, Hacktivity, Hackfest,DeepSec Intelligence, HackMiami, NotaCon, BalcCon, Intelligence Sec,InfoSec NetSysAdmins, RootCon, PHDays, etc.

Jim Manico - " XSS Defense Status: Complicated "

Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the founder of Brakeman Security, Inc. and is a investor/advisorfor Signal Sciences. Jim is also a frequent speaker on secure software practices, is a member of the JavaOne rockstar speaker community and is the author of "Iron-Clad Java: Building Secure Web Applications"from McGraw-Hill and Oracle Press. Jim also volunteers for the OWASP foundation where he helps build application security standards and other documentation. For more information, see http://www.linkedin.com/in/jmanico.

Richard Dennis - " Bitcoin - A detailed examination of key generation vulnerabilities "

Richard obtained a Masters in Computer information security, with a grade of distinction from the university of Portsmouth in 2013 and is currently at the writing stage of his PhD examining scalability solution to blockchain networks. Richard taught as a lecturer of Cryptography at the school of computing  at Portsmouth University from 2017, being the youngest cryptographer lecturer in the United Kingdom.  Currently Richard is undertaking research within Nettitude on vulnerabilities in public / private key  generation in cryptocurrencies as well looking at use cases of blockchain technology.

Javier Perez - " Breaking Bad"

Fan of tech and security, ISECOM OSSTMM and MILE2 instructor, trainer for security courses, speaker, researcher. Almost 10 years in the security world. During recent years, he has specialized in payment systems EMV, NFC, POS, ATM.

Rey Bango - " Security from the eye of a Web Developer: What I've Learned About AppSec"

Rey Bango is a developer advocate at Microsoft focused on helpingdevelopers build awesome cross-browser experiences. He’s an ardentsupporter of standards-based development, former member of the jQueryProject team. He's taken a passionate interested in informationsecurity, especially appsec, and wants to help web developers learn tobuild secure web apps.

Jose Pino - " Trape - the evolution of phishing attacks (Internet people research)"

Jose Pino is a security researcher and businessman, expert in bug hunting, known for helping to improve the security of companies like Dropbox, EBay, PayPal, Mozilla, Microsoft, Twitter, Yahoo, MEGA including Harvard University, recognized him by Have notified them of security failures (violated their systems), and so has happened with more than 30 organizations and institutions of great prestige on the Internet. Currently, he is the founder and CEO of Boxug, the first bug bounty platform in Spanish speaking and this through innovation seeks to help companies and government agencies through rewards programs, in order to improve Internet security.

Jhonathan Espinosa - " Trape - the evolution of phishing attacks (Internet people research)"

Jhonathan Espinosa is a Software Developer, has worked Developing Systems from 2007 in public entities as Francisco Jose of Caldas University, National Institute of Health and privates entities as WSP Global in Research and Development as Projects Leader. Currently is CTO in Boxug, developing tools and researchments for showing hack techniques and improve security systems.Currently, the director of R&D at Dreamlab Technologies.

Nikhil Kulkarni - " How My SVM nailed your Malware"

Nikhil.P.K is an Independent Security Researcher and an International Trainer. His area of interest includes Web Application Penetration Testing, Network Forensics, Mobile Application Security. He is currently pursuing an extensive research in "Implementing Machine Learning into Security". He has presented his talks at International and National level Conferences and meets such as Nuit Du Hack Paris,Cocon International Cyber Policing and Security Conference, DEFCON Bangalore Chapter, Null Open Security Meet Bangalore, Null OpenSecurity Meet Mysore. He is also a Bug Bounty Hunter and has beenlisted and Acknowledged in the Hall Of Fames of top Companies such as Microsoft, Apple, Adobe, Nokia, Engine Yard, AVIRA Antivirus, etc.

Aditya Sood- " Cloudifying Malware: Dissecting Threats in the Cloud !"

Aditya K Sood (Ph.D) is a security practitioner, researcher andconsultant. Dr. Sood has research interests in cloud security, malwareautomation and analysis, application security and secure softwaredesign. He has worked on many projects pertaining to product/appliancesecurity, networks, mobile and web applications while serving Fortune500 clients for IOActive, KPMG and others. He is also a founder ofSecNiche Security Labs, an independent web portal for sharing researchwith security community. He has authored several papers for variousmagazines and journals including IEEE, Elsevier, CrossTalk, ISACA,Virus Bulletin, and Usenix. His work has been featured in severalmedia outlets including Associated Press, Fox News, The Register,Guardian, Business Insider, CBC and others. He has been an activespeaker at industry conferences and presented at BlackHat, DEFCON,HackInTheBox, RSA, Virus Bulletin, OWASP and many others. Dr. Soodobtained his Ph.D from Michigan State University in Computer Sciences.Dr. Sood is also an author of "Targeted Cyber Attacks" book publishedby Syngress. He also sits on the review board of "CrossTalk - Journalof Defense Engineering", a publication sponsored by DHS and NavAir.

Ruben Recabarren- " Hacking Bitcoin mining for fun and profit"

Ruben Recabarren is currently a Computer Science PhD student atFlorida International University (FIU). He recently obtained his MSc.in Cybersecurity from FIU after a BSc from Universidad Simón Bolivar(Venezuela) in Computer Engineering and a triple major in Biophysics,Biochemistry and Pure Mathematics from the University of Michigan, AnnArbor (US). He is passionate about thinking "outside the box" andsolving difficult problems with unexpected resources.

JP Villanueva - " HUNT: Data Driven Web Hacking & Manual Testing"

JP Villanueva is a Trust & Security Engineer at Bugcrowd. BeforeBugcrowd, JP spent 4 years at WhiteHat Security as an ApplicationSecurity Engineer and later as a Solutions Architect helping customersbecome more secure. JP has also presented at local OWASP chapters,BlackHat Arsenal 2017, DEF CON 25, AppSecUSA 2017, and NBT4. In hisfree time, JP enjoys playing and collecting classic video games aswell as hacking on bug bounty programs.

Ryan Nolette - "How to Hunt for Lateral Movement on Your Network"

Ryan is Sqrrl's primary security technologist and expert. He has previously held a variety of roles including threat research, incident response consulting, and every level of security operations. With over a decade in the infosec field, Ryan has been on the product and operations side of companies such as Carbon Black, Crossbeam Systems,SecureWorks and Fidelity Investments. Ryan has been an active speaker and writer on threat hunting and endpoint security.

Cody Michaels - "Shodan: The Search Engine for IOT"

Cody Michaels is a software engineer with extensive experience and management skills. With a decade of real world experience as a full stack developer Cody is well versed in what challenges await those looking to join the web development work force. The wide area of companies Cody has worked with range from day one startups to fortune 500 companies. During his stay in Chicago he has given multiple lectures on development topics such as modularization and responsive design. With the help of other like minded professional programmers Cody was a founding member of CoderDojoChi. Helping kids that otherwise wouldn't have the opportunity to get one on one teaching in the realm of programming. After winning an award from Compuware during the Henry Ford HACK the museum 2013 event, he has strived towards including a security mindset in all his projects moving forward. Andhas since worked with community improvement organizations such as Codefor Miami.

Michael Brown - "Protecting your organization with resilience and disaster recovery planning"

Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, GSTRT, ISSA Fellow, has been involved with IT for over 20 years, more than half in information security. Moving from a security admin to a global security architect, he has been working for the last few of years as an IT security consultant working with clients to implement information security management systems as well as performing security risk assessments, gap analysis, and developing policies and procedures. He serves as a virtual CISO for some clients. His research interests include IT/Security frameworks and compliance, the Internet of Things, and mobile device security.

Raul Alvarez - "Hijacking the Boot Process - Ransomware Style"

Senior Security Researcher/Team Lead at Fortinet. Raul is a LeadTrainer responsible for training the junior AV/IPS analysts in malware analysis and reverse engineering.

Brian Contos - "Grandmothers, Gangsters, Guerrillas and Governments"

Brian Contos has over two decades of experience in the securityindustry. He is a seasoned executive, board advisor, security companyentrepreneur and author. After getting his start in security with theDefense Information Systems Agency (DISA) and later Bell Labs, Brianbegan the process of building security startups and taking multiplecompanies through successful IPOs and acquisitions including: Riptech,ArcSight, Imperva, McAfee and Solera Networks.
Brian has worked in over 50 countries across six continents. He is astrategic board advisor for multiple companies including Cylance andAppdome. He has authored several security books, his latest with theformer Deputy Director of the NSA, spoken at leading security eventsglobally and is a Distinguished Fellow with the Ponemon Institute.Brian frequently appears in the news and has been featured in CNBC,C-SPAN, Fox, NPR, Forbes, Wall Street Journal, The London Times andmany others. He most recently appeared in a cyberwar documentaryalongside General Michael Hayden (former Director NSA and CIA).

Phillip Maddux - "Honeypots, Deception, and Frankenstien"

Phillip Maddux is a Senior Solutions Engineer at Signal Sciences and has over 10 years of experience in information security, with the majority of that time focused on application security in the financial services sector. In his spare moments he’s a honeypot

Jayesh Chauhan - "Cloud Security Suite - One stop tool for AWS & GCP Security Audit"

Jayesh Singh Chauhan is a security professional with more than 6 years of experience in the security space. In past, he has been part of security teams of PayPal, PwC and currently works as the senior security engineer for Sprinklr. He has authored OWASP Skanda,RFID_Cloner and CSRF PoC generator and has presented in BlackHat EU2017, c0c0n 2017, 2015, 2013 GES 2014 and Ground Zero 2015. He is theproject leader for OWASP Skanda and leads the NULL Bangalore chapter.enthusiast and enjoys converting ideas to code and committing them to Github.

Rod Soto - "CHIRON - Home based ML IDS"

Rod Soto has over 15 years of experience in information technology and security. Currently working as a Director ofSecurity Research at JASK.AI. He has spoken at ISSA, ISC2, OWASP, DEFCON, Black Hat, RSA, Hackmiami, Bsides and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision and CNN. Rod Soto was the winner of the 2012 BlackHat Las vegas CTF competition and is the founder and lead developer of the Kommand && KonTroll competitive hacking Tournament series.

Joseph Zadeh - "CHIRON - Home based ML IDS"

Joseph Zadeh studied mathematics in college and received a BS from University California, Riverside and an MS and PhD from Purdue University. While in college, he worked in a Network Operation Center focused on security and network performance baselines and during that time he spoke at DEFCON and Torcon security conferences. Most recently he joined JASK.AI as Chief Data Scientist. Previously, Joseph was part of Splunk UBA and the data science consulting team at Greenplum/Pivotal helping focused on CyberSecurity analytics and also part of Kaiser Permanentes first Cyber Security R&D team.

Joshua Crumbaugh - "Avoiding the Top 10 Epic Security Awareness Fails - The path to risk human risk by greater than 98%"

Joshua Crumbaugh is a world-renowned cyber security speaker. He is the developer of the Human Security Assurance Maturity Model (HumanSAMM)and Chief Hacker at PeopleSec. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers,corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better "human solution" -- This led him to a passion in social engineering and better-understanding ways to stop social engineering attacks.

Brandon Arvanaghi - "Pentesting Etherum Apps"

Brandon Arvanaghi is a security engineer at Gemini. Before Gemini,Brandon was a security consultant at Mandiant. Brandon has written tools to detect web shells, obfuscated malware, and to evade sandboxes in every language. He is the author of SessionGopher, Check Please, and has contributed to PowerShell Empire. Prior to working in the industry, Brandon conducted research on automated attack plan generation at Vanderbilt University.

Jose Enrique Hernandez - "Building a Soc"

Jose Enrique Hernandez is currently the SOC Manager at Fastly. He started his professional career at Prolexic Technologies (now Akamai)in DDOS fighting attacks from anonymous and lulzsec against fortune100 companies. As a engineering co-founders of Zenedge Inc he helped build technologies to fight bot’s and web application attacks at the end. While working at Splunk Inc. as a Security Architect, he built and released an auto-­mitigation framework that has been used to automatically fight attacks in large organizations. In the past, he has helped build security operation centers as well as run a public threat intelligence service. Although security information has been the focus of his career, Jose has found that his true passion is insolving problems and creating solutions. As an example, he built an underwater remote control vehicle called the SensorSub, which was used to test and measure toxicity in Miami’s waterways.

Rayman - "Disaster Preparation: Personal Preparation for Hurricanes, Fires, and EMP"

The presenter has been active in the security community for several years and is very familiar with the techniques to identify vulnerabilities, threats, and mitigating controls, both from a design and from an operational perspective. He currently uses his security skills for his “day job” but early in his career he was an electronic technician (ASET). It turns out that the technician training from those early days has provided valuable experience in preparing for disasters, since having electrical power is so essential for our lives and communication with others. For example, after hurricane Irma last year, he set up a 12-volt DC power station at his home with a power inverter to run basic electronics, lights, and fans. He also set up a home generator to run larger appliances, such as refrigerators, and to charge the 12-volt system. This year, he is preparing for a possible threat that could impact the back-up power systems and would like toshare his preparation research and practical tips with you.

Beau Bullock, Steve Borosh , Ralph May , Mike Felch - "Security considerations in a cryptocurrency-driven world"

Beau Bullock (dafthack) is a Penetration Tester at Black Hills Information Security where he performs various security assessments for organizations. Beau is ahost of Tradecraft Security Weekly, Hacker Dialogues, and the CoinSec Podcast. He has spoken at industry events including Black Hat Arsenal,DerbyCon, Wild West Hackin' Fest, BSides events, and various SANSconferences.

Steve Borosh is a long-time security enthusiast, prior U.S. Army Infantry Combat Veteran, and private security contractor. Currently working as a Penetration Tester and Instructor with Nuix, Steve enjoys bug hunting, building useful security tools, teaching, and watching Rick and Morty.

Ralph May is a penetration tester at Optiv. As part of the Attack &Penetration team Ralph per forms security assessments for a variety of different enterprise clients. Ralph has authored or contributed to multiple open sourcesecurity tools as well as spoke at security conferences like Blackhat Arsenal. In his spare time Ralph teaches Cyber security bootcamp atSecurset Academy. Before his movement to the commercial world Ralph worked for the United States Special Operations Command as both acontractor and a soldier.

Mike Felch (ustayready) is currently a red teamer / pentester for Black Hills Information Security. He began his career in 1997 as a Linux Administrator which eventually led to numerous offensive security roles, software development and hardware/software security research. Mike is also a lead forensics instructor for TeelTech, anOfficer for OWASP Orlando (Chief Breaker) and an organizer for BSides Orlando. Mike also co-hosts Tradecraft Security Weekly and the CoinSecPodcast.

Dani Goland - Myth Busters: The DLP Edition

Dani Goland, co-founder at Virusbay

Dani Goland is a 23 year old coding machine. At the age of 20 he founded his own boutique company for innovative software and hardware
solutions. While gaining experience in the business field, Dani did not neglect his hands-on capabilities. In just a short while he won
two coding competitions, one of which was held by eBay. Dani recently relocated from Israel to the United States to study Data Science at
the prestigious UC Berkeley. After serving in the Israeli Defense Forces as a commander of a Field Intelligence unit, Dani went on an
8-month journey across South America. He loves snowboarding, music concerts, and having crazy, breathtaking experiences such as spending
5 days in the Bolivian Jungle with no food or water.