Ten years of XP as developer & security consultant. OSCP/CRTP/CARTP/CISSP. Previous speaker at OWASP/Disobey. Passionate about Web/API hacking. Weak spot for reverse engineering & automation

Anton Linné (@safts0ppa ) is a freelance IT security researcher and penetration tester with over a decade of experience, mostly digging into application security and recon. Enjoys automating things.

Dan is the Executive Founder of Phobos Group, a boutique information security services and products company specializing in custom tailored assessment and engineering work. Having been on both red and blue teams, Dan brings a wealth of defensive and adversarial knowledge to bear on offensive, defensive or architectural concerns. Dan has spent time at Twitter, British Telecom, Websense, Anonymizer, Intuit and Sempra Energy, to name a few!

Cybersecurity Professional | Blue Team Specialist | Police officer

Since childhood, I dreamed of becoming either a police officer or a hacker. I chose law enforcement, developing investigative skills that now fuel my cybersecurity career. Specializing in Windows Client security, I conduct security assessments, security research, enhance defenses, incident response and protect against other threats.

Head of Cybersecurity – Basalt AB

Fredrik Sandström, M.Sc., is Head of Cyber Security at Basalt, based in Stockholm, Sweden. With a decade of experience in penetration testing, Fredrik delivers advanced security assessments—including penetration testing, red teaming, and threat emulation—for clients in sectors like banking, insurance, and automotive. (GXPN, GCPN, GRTP, CBBH)

He has also delivered talks at major conferences such as Sec-T, BSidesLV, and DEFCON Red Team Village.

Hendrik Noben is the co-founder of Resilix, focusing on cyber incident management and practical security assessments that lead to strategic guidance. As trusted advisor, provinding a pragmatic and people-aware approach to modern security challenges. Hendrik brings a hands-on background as a penetration tester and security architect. He is also the (co-)founder of BSides Limburg, a community-driven security event in Belgium.

Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security. o
Speaker at DEFCON, H2HC, Troopers, LeHACK, NorthSec, TyphoonCon, Security Fest, SASCON, 8.8 among others.
@Ignavarro1

Hey! I'm a security researcher at Semperis, where I spend my days wrangling digital identities, taming identity providers (IdPs), and keeping non-human accounts from getting too ambitious. I build Indicators of Attack, Compromise, and Exposure focused on Active Directory, Okta and Microsoft Entra ID, working closely with product and engineering teams to make enterprise identity security a little smarter - and a lot harder to break.

Professional background includes two decades of penetration testing and cyber resilience. Third year and counting of LLM capability exploration from a hacker's perspective, as basis for a foundational understanding of how today's strongest LLM:s can be leveraged - both offensively and defensively - in the Cyber Security domain.

I do lots of lecturing nowadays, AI literacy education and workshops tailored for developers, engineers, digital users or leadership, in global corporations.

I'm a pentester & security researcher, so I'm mostly focus on offensive security. Outside penetration tests (where I enjoy web the most), I spent a lot of time in R&D, where a majority of this time investment was spent on one topic: Unicode. So Unicode is, by far, the topic I know best.

Some people may know me for my Github activity: writing tools, contributing to open-source software a lot as well as security resources, maintaining packages at BlackArch, etc.

Paul is a Cyber SME at nou Systems, Inc. His expertise includes space systems, service provider, and ICS/SCADA network infrastructure attacks and defenses, as well as large complex network design and implementation. He has a BS in Math\Computer Science, a MS in Space Systems, a MS in Systems Management, a MS in Information Assurance and Security and a MS in Computer Information Systems. In addition, he holds numerous industry network and security certifications.

Former Police Officer from Argentina, now a Cloud Incident Responder and Security Engineer with over 10 years of IT experience. A Digital Nomad an international speaker, I've presented on Cloud Security and Incident Response at Ekoparty, FIRST, Virus Bulletin (three times), Hack.Lu, and various BSides events worldwide. I hold a Bachelor's degree in Information Security and an MBA (Master in Business Administration).

Sean Juroviesky is a dedicated security and risk management expert with extensive experience navigating complex environments. Sean excels at developing a comprehensive understanding of intricate systems and crafting strategic roadmaps to revitalize security programs. By identifying high-risk areas and optimizing the use of existing resources, Sean removes barriers between teams to enhance communication and coordination, driving effective security outcomes. Beyond their professional pursuits, Sea

Veteran cybersecurity professional with 17 years of experience. Started with 8 years in offensive security, discovering multiple Microsoft vulnerabilities that earned official CVEs. Leveraged this offensive mindset to transition into 9 years of defensive security work. This unique career progression provides exceptional insight into both attacker techniques and defensive strategies, creating a comprehensive security perspective few professionals possess.

Simon Gerst is a security researcher at Asymmetric Research who uses static analysis to scale bug discovery, formal methods to uncover subtle flaws, and plain source code reading. Before that, he worked on bounded model checking of V8 for his master's thesis. He enjoys breaking insecure GitHub Actions and has found issues in repositories from GitHub, Microsoft, and others. In his free time, he plays piano—especially Rachmaninoff—and competes in CTFs.

12+ experience in cybersecurity with a main focus on the blue side. I have worked on multiple IR and ransomware cases.

Tomer Nahum is a Security Researcher at Semperis, where he works to find new attacks, and how to defend against them, in on-prem identity stacks such as Active Directory, as well as cloud identity systems. Tomer was awarded Most Valuable Researcher (MVR) in 2023 by Microsoft Security Response Center (MSRC).

Vivi is a ML & application security researcher at KTH with a special interest in Go, blockchain software and the software supply chain.

Xeno spends ~75% of his time working on his 501(c)(3) non-profit OpenSecurityTraining2 (https://ost2.fyi), where he and others publish commercial-grade training for free, to make more awesome engineers, faster. The other 25% of his time is spent on consulting and research, primarily in the Bluetooth firmware security space. This talk is about some of that research.

I'm a Security Engineer at Google, currently specializing in researching, identifying and remediating critical vulnerabilities in Google's systems & products. I'm also part of the team managing Google's Bughunter Vulnerability Rewards Program.

I've been working in the cybersecurity space since 2007. I've worked at Apple, Meta, Microsoft and now Google.