Founder - PureID
Ajit Hatti is a founder of PureID and specializes in Information security, Threat Intelligence, Cryptography, and Blockchain Technology. He is the author of LAMMA and Gibbersense tools, widely used for assessment of crypto implementations. He also co-founded Null Open Security Community and has worked as Security Researcher with IBM, Emerson, Symantec & Citrix. Ajit has been regularly presenting his work at BlackHat USA, and DEFCON. He also conducts Blockchain Village at DEFCON and organizes World Run by Hackers at various conventions.
Head of Information Security at Gojek
Amol is Head of Information Security at Gojek with 16+ years of experience. He has led multiple teams in both the offensive and defensive side of security. Apart from helping and building a security program for a Unicorn Startup, he finds his interests in Security Research, Bug Bounties, Vulnerability Research and Exploit Development. He is also an author of a playground focused on learning the exploitation of client-side web vulnerabilities - Bodhi. He currently protects GoJek’s vast Infrastructure against Security misconfigurations and bugs. He is not only an active member in Infosec Community, especially Null Community and Garage4Hackers, but also has spoken in multiple conferences like NullCon, c0c0n, etc.
Director Asia Pacific for NotSoSecure Global Services
Anant Shrivastava is an information security professional with 10+ yrs of corporate experience with expertise in Network, Mobile, Application and Linux Security. He is Director Asia Pacific for NotSoSecure Global Services. He has spoken / Trained at various conferences (Blackhat USA/EU/Asia, Nullcon, g0s, c0c0n, RootConf, GroundZero). Anant also leads Open Source project Android Tamer (www.androidtamer.com) and CodeVigilant (www.codevigilant.com/). His work can be found at anantshri.info
You may find Anant on these social networks :
Aseem is a renowned security researcher with extensive experience in system programming, security research and consulting. He has worked on various security software including IBM ISS Proventia UTM appliance, Mirapoint messaging/security appliance, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is well known in the hacking and security community as the founder of null - The open security community (registered not-for-profit organization, http://null.co.in), the largest security community in India. The focus and mission of null is advanced security research, sharing information, responsible vulnerability disclosure and assisting Govt./private organizations with security issues.His research includes Linux remote thread injection, automated web application detection and dynamic web filter. He has authored several software projects such as Jugaad, EyePee and Kunsa due to be released under an open source license.
You may find Aseem on these social networks :
Axelle Apvrille is a happy senior researcher at Fortinet, where she hunts down any strange virus on so-called 'smart' devices. She also organizes Ph0wn (ph0wn.org), a CTF dedicated to smart devices.
Chaitanya is a senior member of Apple's Product Security Team, which handles security response by engaging with third-party security researchers regarding their findings. Chaitanya focuses his efforts on identifying and responding to security issues.
You may find Chaitanya on these social networks :
Gursev Singh Kalra is a Sr. Product Security Engineer at Salesforce.com. Earlier he was working with McAfee as a Senior Principal Consultant and led multiple software security service lines. He loves to write security tools and has authored free tools, like JMSDigger, TesserCap, Oyedata, SSLSmart and clipcaptcha. He has performed security research on CAPTCHAs schemes and implementations, JMS based enterprise messaging applications, OData protocol, mobile application security etc. He has written several security related whitepapers and the security community and experts have voted his research among the top ten web hacks of 2011 and 2012. He has spoken at conferences like Black Hat, OWASP AppSec, NullCon, Focus, ToorCon, and Infosec Southwest etc.
You may find Gursev Singh Kalra on these social networks :
Information Security Engineer, Google
James is a security researcher in Google's Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities, he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.
Founder & Managing Director, Moabi
Jonathan is a veteran reverse engineer. He is a reputable researcher in the security community, with contributions in the fields of Bios Firmware Vulnerabilities (Defcon 2008) and Firmware Backdooring (Defcon 2012, Nullcon 2013). He is the author of the open source Witchcraft Compiler Collection, a retroengineering framework popular among Capture the Flag enthousiasts. Prior to managing Moabi, Jonathan was the Head of Security at Change.org and Head of Offensive Security at Salesforce
You may find Jonathan on these social networks :
Lavakumar is a Web Security Researcher with over 5 years of Penetration testing experience. He has authored multiple security tools like 'Shell of the Future', JS-Recon, Imposter and the HTLM5 based Distributed Computing System - Ravan. He has discovered several novel attacks, one of his techniques was voted by peers and experts as the 5th best 'hack' of 2010. His works have been covered by leading media portals including the Forbes. All his research and tools are available at the Attack and Defense Labs website. He has spoken at multiple conferences like BlackHat, OWASP AppSec Asia & SecurityByte 2009, ClubHack, NullCon etc on topics ranging from browser exploitation to HTML5 Security.
You may find Lavakumar on these social networks :
Mario Heiderich, handsome heart-breaker, bon-vivant and (as he loves to call himself) "security researcher" is from Berlin, likes everything between lesser- and greater-than, leads the small yet exquisite pen-test company called Cure53 and pesters peaceful attendees on various 5th tier conferences with his hastily assembled powerpoint-slides.
Murtuja is a Linux and Network Security enthusiast. He is a Co-founder of null (The Open Security Community) and make his living by security consulting. He is X-IBMer and has worked on IBM-ISS (Internet Security System) project as Senior Software Engineer. He has worked on Secure gate UTM (Unified Threat Management) product and design and developed various features such as Firewall, IPS, VPN, Application Proxies, and Authentication
You may find Murtuja on these social networks :
Principal AppSec Consultant at ThoughtWorks
Her passion resides in Offensive Security, primarily across areas such as Penetration Testing, Red Team Attacks, Threat Modelling & Design Reviews of web applications & APIs, Source Code Reviews, Data Leakage Investigations, Phishing & Social Engineering engagements, and Mass Reconnaissance. She enjoys building and executing various threat cases which bend Business Logic. Currently, she is exploring the defensive side of security by working as Principal AppSec Consultant for security automation and Agile Security practices, to cater to the vast variety of devOps life-cycles at ThoughtWorks. She has spoken/trained at various conferences (BlackHat, Nullcon, c0c0n & BSidesDelhi) and organized Villages at Defcon and Nullcon. She is an OSCP and in her free time dabbles with GraphQLParser, a BurpSuite Extension. She has been actively involved with the Indian security community by leading Null (India’s largest Security Community) Mumbai and Bengaluru chapters for several years.
You may find Neelu on these social networks :
w3bd3vil is a well known security researcher from outerspace. w3bd3vil's interest lies in fuzzing, bug-hunting and writing exploits for client side software including MS office, browsers, video players etc. Some of the vulnerabilities reported by w3bd3vil include Internet Explorer 9 - Attribute Remove (CVE-2012-1524), Excel Out of Bounds Array Indexing Vulnerability (CVE-2011-1990), RealPlayer SIPR Heap Buffer Overflow Vulnerability (CVE-2011-2945), Excel Memory Corruption Vulnerability (CVE-2011-1277) etc.
You may find w3bd3vil on these social networks :
Berend-Jan "SkyLined" Wever is an Independent Information Security Specialist working from home in the Netherlands. After working on security teams at both Microsoft and Google, he became an independent bug bounty hunter and consultant. His Internet Explorer exploits popularized heap spraying techniques in the early 2000s. He has created a published a large number of tools for security researchers to use in finding, analyzing and exploiting security issues.
You may find Berend-Jan Wever on these social networks :
Fyodor Yarochkin (TSTF, o0o.nu) is a Security Analyst. He is happy programmer and AI hobbyst in his free time. Major contributor to Open Source security tools (snort, xprobe, etc). Frequent speaker at international security conferences, including BlackHat 2001 HK, BlackHat 2001 Singapore, BlackHat 2002, Ruxcon 2003, XCon 2003 /2006, HITB 2004 and 2005, Syscan 2005, Bellua 2005, HITCon 2006 / 2007, and VNSecurity 2007, SySCAN TW 2008, OWASP Asia 2008, Deepsec 2008, Coscup 2008. Published many well‐cited papers on top security conferences and magazines, including Usenix and Phrack Magazine.
You may find Fyodor on these social networks :
Justin Searle is a Managing Partner of UtiliSec, specializing in Smart Grid security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and currently plays key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences, and is currently an instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top security conferences such as Black Hat, DEFCON, OWASP, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).
You may find Justin on these social networks :
Vivek started working on Wi-Fi Security since 2003. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon. He is also the author of the book "Wireless Penetration Testing using BackTrack 5" due for release in August 2011. In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco's 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He is best known in the hacker community as the founder of SecurityTube.net where he routinely posts videos on Wi-Fi Security, Assembly Language , Exploitation Techniques etc. SecurityTube.net receives over 100,000 unique visitors a month. Vivek's work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. This year he is speaking or training at a number of security conferences, including Blackhat, Defcon, Hacktivity, 44con, HITB-ML, Brucon, Derbycon, HashDays, SecurityByte etc. Recently, he has started his own training company and conducts trainings around the world on topics such as - WLAN Security, Exploit Research, Advanced Metasploit, Security Tool Programming, Reverse Engineering etc. This is his day job which pays the bills :-) At night, he spends most of his time researching and making videos for SecurityTube.
You may find Vivek on these social networks :
Head of Security and Risk Management at Ubisoft
Jason Haddix has been a security leader and researcher for over 15 years. He has led offensive and defensive security groups at companies such as Citrix, HP, Redspin, Bugcrowd, and Ubisoft. In his research and bounty time, Jason is a web application and mobile hacking specialist. He currently ranks top 50 on Bugcrowd’s platform in several categories.
Director of Engineering Security at Mandiant
Ryan Black (he/his) is currently the Director of Engineering Security and Compliance at Mandiant, with broad technical experience spanning Fortune 500 companies to multiple successful startups in a wide range of focus areas including: Secure SDLC, AppSec, SaaS operations, and bootstrapping both practical and highly impactful security programs. Ryan’s professional passion lies with unifying his experience driving pragmatic security strategy with both the perspective, and genuinely technical skill set, of a hacker. When Ryan is not focused on his corporate responsibilities, he enjoys independent security research and is discretely credited with numerous high-impact vulnerability remediations, including remote code execution across millions of consumer endpoint devices by a major PC manufacturer.