Regional Review Board

Ankur Bhargava heads the Product Security team at PhonePe, bringing over 15 years of expertise in Mobile, Web, REST API, and Cloud Security, along with Vulnerability Management and Security Operations. He has successfully built security teams from the ground up for various startups. Ankur is a frequent speaker at prominent conferences like c0c0n, Ground Zero, and Nullcon, where he has shared insights on topics such as "PDF Exploitation," "Mobile Automation Framework," and "Android Security." Since 2012, Ankur has been delivering Android Security training at major conferences, including Black Hat, Nullcon, and c0c0n. He has presented the Android security automation tool "Mafia" and the OSINT tool "Mantis" at Black Hat Arsenal in 2018, 2019, and 2024. Additionally, Ankur serves as a Review Board member for Bsides Bangalore (2023, 2024) and OWASP AppSec India 2024.

Sudhanshu Chauhan is a passionate entrepreneur and Co-Founder/Director of RedHunt Labs, a company specializing in Attack Surface Management (ASM). With extensive experience in security consulting and training, he has previously served as Associate Director at NotSoSecure. Sudhanshu has developed RedHunt OS and is a core contributor to DataSploit. He has also co-authored 'Hacking Web Intelligence', a book on OSINT and web reconnaissance, and is a speaker and trainer who has presented at various conferences such as Ground Zero Summit, CyberHackathon Bar-Ilan University, and Black Hat Arsenal.

In addition to his work at RedHunt Labs, Sudhanshu co-founded Recon Village, which operates at DEF CON. Sudhanshu continues to contribute to the industry through his innovations and expertise.

Shanna Daly has over 20 years’ experience across the information security industry. Shanna’s expertise has been called upon during countless data breach investigations, giving her an in-depth understanding of the security implementations that work, and the ones that don’t. Shanna continues to share her knowledge with the industry and has built and managed consulting teams of industry experts responding to all types of intrusions and breaches. Her experience across a wide range of information security domains gives her a unique perspective and a “think outside the box” attitude to securing organisations.

Himanshu Das is a Chevening Cyber Fellow, UK and brings over 12 years of experience building elite cybersecurity teams at leading tech companies like eBay, Flipkart, and Grab. He is a founding team member and CISO of the product-based fintech company CRED, where he specializes in digital payments & cloud security within the BFSI sector. Himanshu is actively involved with AWS Dev/Cloud Alliance and AWS CISO Circle in the APAC region and is part of key industry bodies such as the SANS CISO Network, PCI DSS, FS-ISAC, and DSCI. He founded India's first international CTF team, SegFault, and has presented at international conferences, including Black Hat (Arsenal), Grace Hopper, Nullcon, c0c0n, ElasticON, and the AWS Summit, where he delivered a keynote. He is a passionate community builder, has organized international CTF contests like HackIM, and has contributed to influential cybersecurity groups like Garage4Hackers and Null. As a core team member of ReconVillage at DEF CON, he has led premier contests ReconAacharya and LiveRecon, promoting cybersecurity knowledge and engagement globally.

Mika Devonshire advises security go to market strategies for Google. She specialized in response and forensic investigations after spending her first career decade building or implementing controls, IAM apps, offensive capabilities, and loss ratio algorithms for insurance. Prior to Google, Mika served as Director of Strategic Development for the APAC based DFIR firm, Blackpanda, and was the founding responder in Hong Kong.

Mika holds a Masters in Digital Forensics from George Washington University, a Bachelors in Comparative Literature from Princeton University, a CISSP and GCFA among other certifications. She regularly engages with the infosec community as a speaker or speaker coach, and loves working with those seeking to pivot from non-technical fields. She is a guest lecturer at Northwestern Pritzker School of Law and a willing mentor.

Currently, the senior manager of the Forward-Looking Threat Research team in APAC, Ryan Flores has had more than 15 years of experience in antivirus and IT security under his belt. He has held various positions in Trend Micro, starting as an antivirus engineer in charge of malware analysis, detection, and removal. He was heavily involved in malware sourcing and honeypot development and deployment as a member of Trend Micro Incident Response Team. His current position requires him to research on botnets, cybercrime and underground activities, as well as emerging technologies.

Lidia Giuliano has been involved in the information security field for over 20 years working in the financial, defence, retail and health care sector. Lidia has an extensive background in security with a key focus on defensive and cloud security. She enjoys ensuring security is involved in every stage of an initiative and BAU lifecycle, finding new and repeatable ways of doing things, and solving complex problems. She holds a BAppSci (CS), MAppSci (IT), various security and cloud certifications, has spoken internationally and nationally and been published in various media.

She is involved as an active review board member for various conferences internationally and locally, involved in speaker coaching program for Black Hat USA and BSides Melbourne, AWSN mentoring program and enjoys being part of the InfoSec community to help others.

Seunghun Han is a security researcher at the Affiliated Institute of ETRI. Seunghun focuses on hardware root of trust, firmware, hypervisor, and kernel security, so he has made his own hypervisor and contributed various patches to the Linux kernel and TPM-based security software. He has also contributed to Debian Linux as a Debian Maintainer.

Seunghun was a speaker and an author at USENIX Security, Black Hat USA/Asia/Europe, HITBSecConf, BlueHat Shanghai, VXCon, TyphoonCon, KimchiCon, and more. He also authored two books about building 64bit OS from scratch, 64-bit multi-core OS principles and structure volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN-13: 978-8979148374).

Bunnie Huang is best known for his work hacking the Microsoft Xbox, as well as for his efforts in designing and manufacturing open source hardware, including the chumby (app-playing alarm clock), chibitronics (peel-and-stick electronics for craft), Novena (DIY laptop), and Precursor (trustable mobile device). He received his PhD in EE from MIT in 2002. He currently lives in Singapore where he runs a private product design studio, Kosagi. His current research interest is in facilitating trust in technology.

Vincenzo Iozzo is the CEO and Co-founder of SlashID. Vincenzo was previously Founder & CEO of IperLane (acquired by CrowdStrike), co-authored the “iOS Hacker’s Handbook” (Wiley) and presented the winning attacks against Firefox, iOS and Blackberry OS at Pwn2Own (2010-2012).

Monnappa K A is a Security professional with over 15 years of experience in incident response and investigation. He previously worked for Microsoft & Cisco as a threat hunter, mainly focusing on threat hunting, investigation, and research of advanced cyber attacks. He is the author of the best-selling book "Learning Malware Analysis."He is the review board member for Black Hat Asia, Black Hat USA, and Black Hat Europe. He is the creator of the Limon Linux sandbox and the winner of the Volatility plugin contest 2016. He co-founded the cybersecurity research community "Cysinfo". He has conducted training sessions on malware analysis, reverse engineering, and memory forensics at Black Hat, BruCON, HITB, FIRST (Forum of Incident Response and Security Teams), SEC-T, OPCDE, and 4SICS-SCADA/ICS cybersecurity summit. He has presented at various security conferences, including Black Hat, FIRST, SEC-T, 4SICS-SCADA/ICS summit, DSCI, National Cyber Defence Summit, and Cysinfo meetings on various topics related to memory forensics, malware analysis, reverse engineering, and rootkit analysis. He has also authored various articles in eForensics and Hakin9 magazines. You can find some of his contributions to the community on his YouTube channel, and you can read his blog posts at cysinfo.com

Vitaly Kamluk is a cybersecurity researcher with 20+ years of work experience in the anti-malware industry. Previously he was a Principal Security Researcher and used to lead a cyber threat intelligence team in Asia-Pacific focusing on APT and targeted attack investigations. Vitaly spent 2 years working at INTERPOL Digital Crime Centre as a cybersecurity expert. In 2024, he founded TitanHex, a company focusing on threat intelligence, cybersecurity R&D, and targeted attack investigations. Vitaly participates in infosec mentorship initiatives, volunteers to deliver free talks for the next generation of researchers, and is one of Black Hat's speaker coaches. Over the years, he presented at many international security conferences including Black Hat, Defcon, Hitcon, BSides, Ruxcon, Sincon, FIRST, Botconf, AVTokyo and many others, as well as numerous invite-only events such as BTF, DCC, SAS, UE among others.

He is passionate about a broad set of cybersecurity topics including reverse engineering, malware analysis, cyberthreat intelligence, computer forensics, cryptography, privacy and hardware hacking.

Seungjoo (Gabriel) Kim is a professor of Graduate School of Information Security in Korea University from 2011 and his research areas focus on SDL, security engineering, cryptography and blockchain.

For the past seven years, he was an associate professor of Sungkyunkwan University and has five years of back ground of team leader of Cryptographic Technology Team and also IT Security Evaluation Team of KISA(Korea Internet & Security Agency).

In addition to being a professor, he is positioning a head of SANE(Security Analysis aNd Evaluation) Lab, an adviser of hacking club 'CyKor', a founder/advisory director of an international security & hacking conference 'SECUINSIDE'. His numerous professional focus on a presidential committee member on the 4th industrial revolution and an advisory committee member of several public and private organizations such as NIS(National Intelligence Service), Ministry of National Defense, Ministry of Justice, Supreme Prosecutors' Office, Korea National Police Agency, Nuclear Safety and Security Commission, etc. He also taught at the Korea Military Academy. www.KimLab.net

Marina Krotofil is a cyber security professional with over a decade of hands-on experience in securing Industrial Control Systems (ICS) and Industrial Internet of Things (IIoT). She managed and executed diverse technical projects around the world across a variety of industrial domains. She is also an experienced Red/Blue Teamer who researched numerous novel attack vectors, exploitation techniques, designed novel defence methods and led complex incident responses. Marina frequently collaborates with international organizations on the topics of critical infrastructure security, she is also a regular speaker at the leading conference stages worldwide and is a frequent reviewer of academic manuscripts and grant proposals. At Black Hat Marina leads Cyber-Physical Systems track. Marina holds MSc. in Telecommunications, MSc. in Information and Communication Systems and an MBA in Technology Management.

Anthony Cheuk Tung Lai works at VX Research Limited on malware investigation, incident response, and offensive security testing. He began hacking after playing Chroot wargame and Beist CTF, reading 2600, and China hacker magazines. He has spent the last 20 years working in the risk and security areas of MNCs in the financial industry.

Anthony is a hobbyist bug hunter and creator of CTF challenges who hacks for fun and belief. In addition to VXCON, which he founded and chairs, he also spoke at Black Hat, DEFCON, Secuinside, AVTokyo, Hack In the Box, HITCON, and DFRWS.

He earned his doctorate from HKUST, where he also worked in the cybersecurity lab and focused on malware and vulnerability research. His credentials additionally include SANS GREM (Gold), GXPN, GCIH, and Offsec OSEE.

Beist has been a member of the IT security field since 2000. His first company was Cyber Research based in Seoul, South Korea and first focused on pen-testing. He then got a Computer Engineering B.A. degree from Sejong University. He has won more than 10 CTF hacking contests in his country as well as passed DefConquals 5 times. He has run numerous security conferences and hacking contests such as SECUINSIDE and CODEGATE in Korea. Also, he has given talks at BLACKHAT Las Vegas, SYSCAN, CANSECWEST, AVTOKYO, HITCON, SECUINSIDE, EDSC, and TROOPERS. Hunting bugs and exploiting them are his main interests. He was one of GRAYHASH company founders now acquired by LINE which is a leading messenger company in Asia. He is CISO of LINE Plus.

Hui Yi is a senior security researcher at TikTok, Singapore. She previously headed the red team operations in Singapore, developing numerous innovative attack techniques and bespoke tools. She currently supports TikTok's SOC team and is focused on managing product security incident responses and improving their backend cybersecurity infrastructure and tools. Hui Yi also shares her insights at Singapore-based conferences such as SINCON, Black Hat Asia and other conferences.

Ty Miller is the Managing Director of Threat Intelligence Pty Ltd (www.threatintelligence.com) who are specialists in the area of security automation, penetration testing, digital forensics and incident response, cyber threat intelligence, and specialist security consulting. Ty is the visionary around the Evolve Security Automation Cloud.

Ty is on the Black Hat Asia Review Board and is a long-term trainer for Black Hat, having run training with Black Hat for over a decade across Black Hat USA, Black Hat DC and Black Hat Europe. These training courses include "The Shellcode Lab", "Practical Threat Intelligence" and "Automating Security with Open Source". Ty has also presented multiple times at Black Hat on "Reverse DNS Tunnelling Shellcode" and "The Active Directory Botnet".

He also trained at Hack In The Box, and presented multiple times at "Ruxcon" where he demonstrated his cutting edge attack technique to force your web browser to exploit internal servers from the Internet. Ty also developed the Core Impact Pro covert DNS Channel for Core Security and is a co-author of "Hacking Exposed Linux 3rd Edition".

Ty is on the CREST ANZ Board of Directors and led the CREST ANZ Technical Team. Ty's experience not only covers security automation and advanced hacking techniques, but also expands into traditional and cloud security architecture designs, developing and running industry benchmark accreditations, performing forensic investigations, as well as creating and executing a range of specialist security training.

Shubham Mittal is the CEO of RedHunt Labs, a leading 360-degree Attack Surface Management platform. Previously, he served as the CTO of Neotas and co-founded Recon Village, an OSINT-focused mini-conference at DEFCON.

As a dedicated Black Hat trainer, Shubham delivers the highly-regarded ‘Tactical OSINT for Pentesters’ course. He has trained and presented to various government organizations, and security firms, and at notable conferences such as Black Hat, DEFCON, HackMiami, and Nullcon.

Shubham has a strong foothold in OSINT, Recon, Cybersecurity, and Product Engineering. His expertise covers Offensive and Defensive security, Open Source Intelligence, and Perimeter Security. Actively involved in the Null-Open Security Community, Shubham prefers working from the command line and using the vi editor.

Asuka Nakajima is a cyber security researcher and engineer based in Tokyo, Japan. With over a decade of experience in computer security, her expertise includes software security, reverse engineering, and cyber security research and development. She has presented at numerous security conferences and events, such as Black Hat USA/Europe/Asia Briefings, AsiaCCS, ROOTCON, AIS3, and PHDays, and serves on the Review Board for Black Hat USA and Asia.

In addition, Asuka is the founder and leader of CTF for GIRLS, the first infosec community for women in Japan, and also the author of the bestselling book "Cyber Attack" (Bluebacks, 2018). Currently, she works as a Senior Security Research Engineer at Elastic Security, focusing on endpoint security R&D.

Dr. Ben Nassi is a cyber security specialist and a frequent conference speaker.

Ben holds more than 10 years of experience in cyber security as an independent consultant, a former Google employee, and a former project manager at the innovation labs of cyber @ BGU. He advised multinational automotive manufacturing corporations, advanced driver assistance systems manufacturers, multinational information and communications corporation and conglomerates, IoT and drones manufacturers, and more.

Ben presented his works at Black Hat (USA 20, Asia 21, Asia 22), DEFCON (18, 21), RSA Conference (20, 21), SecTor (20, 21), CodeBlue (20), AI Week (22), and CyberTech (20).

His works were covered by Forbes, Wall Street Journal, Mirror UK, Wired, ArsTechnica, MIT Technology Review, MotherBoard, Bloomberg, ZDNet, and more.

Dr. Pamela O'Shea is the head of Shea Information Security which provides security consulting, training and penetration testing services to some of Australia's most prominent tech companies. Pamela has a Ph.D. in computer science and has presented at security conferences including Black Hat Asia, BSides Canberra and OWASP. She has lectured at the Royal Melbourne Institute of Technology (RMIT) and is the founder of the haXX group which provides technical classroom training and mentorship to women starting out in the security field. Outside of consulting, teaching and research, Pamela enjoys HAM radio and satellite communications and runs the Melbourne CyberSpectrum meetup on Software Defined Radio (SDR).

Dr. Nguyen Anh Quynh is doing research in Nanyang Technological University, focusing on several cybersecurity areas such as malware, binary analysis and vulnerability finding. He frequently travels around the world to present at top industrial and academic conferences. As a passionate coder, he is happy that some of his works, such as Unicorn, Capstone and Keystone engines are widely used and cited in the security community, paying the way for various next-generation products, research and development.

Chi-en Shen (Ashley) is an information security technical leader at Cisco Talos. She specializes in researching emerging threats, including nation-state targeted attacks, financially motivated crimes, spyware, and exploits carried out by mercenaries. Previously, she worked as a security engineer at Google Threat Analysis Group, where she focused on zero-day exploit hunting and tracking botnets. Prior to that, she was a member of the Mandiant Global Research Team, where she tracked APT groups in APAC and contributed to the development of the Threat Intelligence platform used by researchers. Passionate about supporting women in InfoSec, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan. Additionally, she serves as an organizer for Rhacklette, a security community for FINTA in Switzerland. Ashley has shared her research as a speaker at conferences such as Black Hat, Hack in the Box, HITCON, FIRST, CODE BLUE, Troopers, Confidence, RESET, and others. In her free time, she enjoys supporting the community by giving training and serving in the review boards of Black Hat, HITCON and HITB.

Anant Shrivastava is the founder of Cyfinoid Research. He has experience in Security (both offense and defense), Development, and Operations. He has a rich history of engagement with renowned conferences as both a trainer and a speaker, including Black Hat (USA, Asia, EU), Nullcon, and c0c0n, among others. Anant leads open-source projects, notably the Tamer Platform and CodeVigilant, and curates the Hacking Archives of India. When not engaged in official work, Anant contributes to open communities with a shared goal of spreading information security knowledge, such as the null community, Garage4Hackers, hasgeek, and OWASP. social.anantshri.info/@anant

Neelu Tripathy comes with 16+years of experience in Security and is currently into architecting and building next gen security platforms and solutions at Adobe Inc. Prior to Adobe, she served as the Head of Security for Thoughtworks India. Her area of work included developing & managing large scale security implementation programs, to automate security for hundreds of Agile dev teams. She has a rich background in offensive security across vulnerability assessments and penetration testing, red teaming, reconnaissance, threat modelling and design reviews, API security, source code reviews & social engineering. She has spoken/trained at various security conferences such as Black Hat (primary trainer- BIH), Speaker- DevSecCon24 AMER, OWASP APAC, Agile India, AllDayDevOps, c0c0n, rootconf & BSidesDelhi and organized villages at DefCon (Recon) and NullCon (Social Eng.). She started SecConf (at Thoughtworks, 2021). She is on the Review Boards for BSidesSG, BSidesGoa and NullCon Security Conference, India. She is a mentor for W3C and has led Null security community chapters in India. She hosts the Breakpoint Security Podcast to share awesome security innovations with the community.

Cheng-Da Tsai, aka Orange Tsai, is the principal security researcher of DEVCORE and the core member of CHROOT security group in Taiwan. He is also the champion and the "Master of Pwn" title holder in Pwn2Own 2021/2022. In addition, Orange has spoken at several top conferences such as Black Hat USA/ASIA, DEF CON, HITCON, HITB GSEC/AMS, CODE BLUE, POC, and WooYun!

Currently, Orange is a 0day researcher focusing on web/application security. His research got not only the Pwnie Awards for "Best Server-Side Bug" winner of 2019/2021 but also 1st place in "Top 10 Web Hacking Techniques" of 2017/2018. Orange also enjoys bug bounties in his free time. He is enthusiastic about the RCE bugs and uncovered RCEs in numerous vendors such as Twitter, Facebook, Uber, Apple, GitHub, Amazon, etc. You can find him on Twitter @orange_8361 and blog blog.orange.tw

Vandana Verma is a seasoned security professional. She is a seasoned speaker / Trainer and presented at various public events ranging from Global OWASP AppSec events to Black Hat events to regional events like BSides events in India.

She is part of the OWASP Global board of directors. She also works in various communities towards diversity initiatives InfosecGirls, WoSec and null. Vandana is a member of the Black Hat Asia and Europe Review Boards as well as multiple other conferences including Grace Hopper India, OWASP AppSec USA to name a few.

She has been the recipient of multiple prestigious awards like Cyber Security Leader of the Year Award 2023 by BSides, the Resilient CISO award by Dynamic CISO, Cyber Security Woman of the Year Award 2020 by Cyber Sec Awards, Application Security Influencer 2020 by Whitesource, Global cybersecurity influencer among IFSEC Global's "Top Influencers in Security and Fire" Category for 2019, Cybersecurity Women of the year award by Women Cyberjutsu Society in the Category "Secure Coder". She has also been listed as one of the top women leaders in this field of technology and cybersecurity in India by Instasafe.

Kenneth White is a security engineer whose work focuses on networks and global systems. He is co-founder and Director of the Open Crypto Audit Project and led formal security reviews on TrueCrypt and OpenSSL. He currently leads applied encryption engineering in MongoDB's global product group. He has directed R&D and security Ops in organizations ranging from startups to nonprofits to defense agencies to the Fortune 50. His work on applied signal analysis has been published in the Proceedings of the National Academy of Sciences. He created software powering the largest clinical trial & cardiac safety research networks in the world. His work on network security and forensics has been cited by the Wall Street Journal, Reuters, Wired, and the BBC.

Neil R. Wyler (a.k.a. Grifter) is the Vice President of Defensive Services for Coalfire. He has spent over 20 years as a security professional, focusing on penetration testing, physical security, incident response, and threat hunting. He has been a staff member of the Black Hat Security Briefings for 22 years and a member of the Senior Staff at DEF CON for 23 years. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. In his free time, Neil keeps himself busy as a member of both the DEF CON, and Black Hat CFP Review Boards, the Black Hat Training Review Board, the founder of DC801, and founder of his local hackerspace, 801 Labs.

Fyodor Yarochkin is a senior threat researcher at Trend Micro Research and holds a PhD from EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a "happy" programmer, Fyodor made Taiwan his second home and been in the region for nearly two decades.Fyodor professional experience includes several years as a threat investigator and over eight years as a information security analyst responding to network security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at several conferences regionally and globally.

Chi-Yu is a team lead on the Cyber Espionage Team at Google Cloud. She leads a team that provides insights into nation-state threats in the Asia Pacific region. Her expertise spans across threat hunting, reverse engineering, automated malware analysis, and campaign tracking. She has spoken at conferences including CodeBlue, HITCON, Virus Bulletin and JSAC.

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently a professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching "Computer Security" and "Digital Forensics and Cybercrime" at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 100 scientific papers and books. He is a Senior Member of the IEEE and of the Computer Society, which has named him a Distinguished Visitor and Distinguished Contributor; he is a lifetime senior member of the ACM, which has named him a Distinguished Speaker; and has been named a Fellow of the ISSA (Information System Security Association). Stefano also co-founded Secure Network, a leading cybersecurity assessment firm, and BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.