Regional Review Board

Bill Breen

Bill Breen

Bill Breen is a computer security subject matter expert in several domains. He is currently living in SE Asia and continues to work in the computer security arena. Mr. Breen has spent the last 17 years doing information security work for a Fortune 100 company. Work related to incident response, forensics, risk assessments, perimeter security and implementing security policy on a global scale. Mr. Breen has been a senior planner for the DEF CON security conference for over 12 years, and is on the CFP review board for DEF CON. Mr. Breen is a very proud member of the Ninja Network hacker group, and has been involved in the hacking community for over 20 years.


James Butler

James Butler

Jamie Butler is the Chief Technology Officer and Chief Scientist at Endgame, where he leads Endgame’s research on advanced threats, vulnerabilities and attack patterns. He has directed research teams at some of the most prominent and successful security companies of the last decade. Most recently, Butler was Chief Architect at FireEye and Chief Researcher at Mandiant. A recognized leader in attack and detection techniques, he has over 17 years of experience and knowledge in operating system security. Butler was a computer scientist at the National Security Agency and co-authored the bestseller Rootkits: Subverting the Windows Kernel. Butler is also a frequent speaker at the foremost computer security conferences and serves as a Review Board member for Black Hat. He co-developed and instructs the popular security courses “Advanced Memory Forensics in Incident Response,” “Advanced 2nd Generation Digital Weaponry,” and “Offensive Aspects of Rootkit Technology.”


Matt Devost

Matt Devost

Matt Devost is a technologist, entrepreneur, and international security expert specializing in counterterrorism, critical infrastructure protection, intelligence, risk management and cybersecurity issues.

Currently, Mr. Devost is President & CEO of FusionX, LLC, a cybersecurity consultancy that helps international corporations identify and manage dynamic threats in complex operational environments. Additionally, Mr. Devost has been an Adjunct Professor at Georgetown University since 2002 where he teaches a graduate course on Information Warfare and security, and is a Founding Director of the Cyberconflict Studies Association. Mr. Devost founded the Terrorism Research Center, Inc. (TRC) in 1996, where he served as President and CEO until November 2008. As founder and President, Mr. Devost oversaw all research, analysis, intelligence, assessment, and training programs. Previously, Mr. Devost held leadership positions at iSIGHT Partners, Technical Defense, Security Design International, iDEFENSE and SAIC. Mr. Devost has been a speaker at hundreds of international conferences and a contributor/author to several books on terrorism and information security.


Robert Hansen

Robert Hansen

Robert Hansen is the CEO of OutsideIntel. He is the former VP of Labs at WhiteHat security and the former Chief Executive of SecTheory and Falling Rock Networks which focused on building a hardened OS. Mr. Hansen began his career in banner click fraud detection at ValueClick. Mr. Hansen has worked for Cable & Wireless doing managed security services, and eBay as a Sr. Global Product Manager of Trust and Safety. Mr. Hansen contributes to and sits on the advisory board of several companies. Mr. Hansen has co-authored "XSS Exploits" by Syngress publishing and wrote the eBook, "Detecting Malice." Robert is a member of WASC, APWG, IACSP, ISSA, APWG and contributed to several OWASP projects, including originating the XSS Cheat Sheet. He is also a mentor at TechStars.

Twitter: @RSnake


Vincenzo Iozzo

Vincenzo Iozzo

Vincenzo Iozzo is an Entrepreneur in Residence at Rakoku Holdings where he focuses on Information Security. In addition to his work at Rakoku Holdings, Vincenzo is a Partner at the Italian business incubator iStarter SpA. Prior to that, Vincenzo was the Chief of Staff and Principal Security Engineer at Trail of Bits. Prior to Trail of Bits, Vincenzo founded Tiqad, an information security consulting firm, worked as a penetration tester for Secure Network srl and was a reverse engineer for Zynamics GmbH. His specialized research in Mac OS X security, smartphone exploitation, and exploit payloads has been presented at information security conferences around the world including Black Hat, CanSecWest and Microsoft BlueHat. In 2008, he was selected to participate in the Google Summer of Code and developed a testing infrastructure for TrustedBSD, the Mandatory Access Control system that became the foundation for sandboxing technologies included in Mac OS X. Vincenzo serves as a committee member on the Black Hat Review Board and is a co-author of the "iOS Hacker's Handbook" (Wiley, 2012). He is perhaps best known for his participation in Pwn2Own, where he co-wrote the exploits for BlackBerryOS and iOS that won the contest in 2010 and 2011 and where he co-wrote exploits for Firefox, Internet Explorer, and Safari that placed second in 2012.

Twitter: @_snagg


Christian Karam

Christian Karam

Christian Karam is the Director of Cyber Threat Intelligence at UBS where he oversees the bank's Cyber Threat Intelligence service that enables the delivery, consumption, analysis and actioning of cyber threat intelligence from various sources to provide the bank with risk awareness and the operations teams with valuable intelligence to identify threat indicators, tactics, techniques and procedures that inform and enable the timely mitigation and response to threats. Also in his role, Christian conducts security research and excellence activities in thought leadership specifically in the area of security and cybercrime.

Prior to joining UBS, Christian was the Lead Cyber Threat Researcher and the Head of the Cyber Research Lab at INTERPOL. He developed the activities in the fields of global cyber threat research, future trends analysis, cyber intelligence and R&D within the INTERPOL Global Complex for Innovation (IGCI). Prior to joining INTERPOL, he was an independent security researcher, penetration tester, and security consultant for several private sector firms.

Christian's subjects of expertise are threat intelligence, threat research, cryptography, cybercrime and underground economy as well as cryptocurrencies crime and blockchain technology.

Christian holds degrees in Information Security, cybersecurity and is currently pursuing advanced research in the areas of threat modelling and threat analysis. He is also a member of the INTERPOL Global Cybercrime Experts Group and an advisor for several security and blockchain based startups.


Anthony Cheuk Tung Lai

Anthony Cheuk Tung Lai

Anthony Lai focus on offensive "Kungfu", malware analysis, target attack research as well as attribution. He is passionate over Capture the Flag game, reverse engineering and exploitation for years.

After inspired by Black Hat and DEFCON in 2007-8, he has found a non-profit making research group called VXRL (Valkyrie-X Security Research Group) since 2009 in Hong Kong, researchers have published various research in various security and hacker conference including AVTokyo, Codegate, Blackhat USA, DEFCON, DFRWS, HITCON, HTCIA USA and Asia Pacific. He organized a small conference called VXCON (vxcon.hk) and line up various his good friends to give cutting edge sharing and workshop.

Anthony acts as a director of Knownsec Hong Kong and Macau (knownsec.asia) and currently engages a part-time PhD program in Hong Kong University of Science and Technology, his research focus is on malware/threat attribution, machine learning and software analysis. He has been invited to be the technical team coach with Zetta KE and Alan HO for the CTF Team named "FireBird" sponsored and supported by Cyber Security Lab in HKUST (cybersecurity.cse.ust.hk).

Anthony is a mentor of SANS GREM and GXPN holder for official course.


SeungJin Lee

SeungJin Lee

Beist has been a member of the IT security field since 2000. His first company was Cyber Research based in Seoul, South Korea and first focused on pen-testing. He then got a Computer Engineering B.A. degree from Sejong University. He has won more than 10 CTF hacking contests in his country as well as passed DefConquals 5 times. He has run numerous security conferences and hacking contests such as SECUINSIDE and CODEGATE in Korea. Also, he has given talks at BLACKHAT Las Vegas, SYSCAN, CANSECWEST, AVTOKYO, HITCON, SECUINSIDE, EDSC, and TROOPERS. Hunting bugs and exploiting them are his main interest. He is one of GRAYHASH company founders. He is now a graduate student at SANE LAB, Korea University.


Ping Look

Ping Look

Ping Look has over a decade of experience building, promoting and managing events in the IT space including two of the most iconic and massively influential IT security events: The Black Hat Briefings+Training and DEF CON. At Black Hat she managed the growth of brand from obscurity to profitability and grew the event from a three track, two day event to a six day, 11 track and training intense event that brought together the best and the most relevant (and occasionally the most obscure) speakers and content providers to Black Hat events in Asia, Europe, the Middle East and the US. During her tenure at Black Hat she was often referred to as the "The One You Don't Want to Piss Off (or you will die)".

Prior to entering the information security and events space, she worked in brand development and management in publishing, textiles and consumer products. She has extensive experience in design and marketing as well as product development.

Ping is currently engaged at Accuvant LABS working with one of the most technically proficient pentest and research teams in the world.


Haroon Meer

Haroon Meer

Haroon Meer is the founder of Thinkst, an applied research company with a deep focus on information security. Haroon has contributed to several books on information security and has published a number of papers on various topics related to the field. Over the past decade (and a half) he has delivered research, talks, and keynotes at conferences around the world.


Ty Miller

Ty Miller

Ty Miller is the Chief Executive Officer and Founder of Threat Intelligence Pty Ltd, a specialist consultancy defining the next era of security, intelligence and penetration testing approaches. He sits on the Board of Directors for CREST in Australia and New Zealand, and leads the CREST A/NZ Technical Team.

Ty is a trainer at Black Hat, with his training courses “The Shellcode Lab” and “Practical Threat Intelligence”, and has trained and presented to international government agencies, big technology and security companies at a wide range of conferences around the world including Black Hat USA, Black Hat DC, Hack-In-The-Box, and Ruxcon.

Ty is a co-author of the highly popular security book "Hacking Exposed Linux 3rd Edition", and has developed low level attack techniques for companies including the DNS Channel payload for Core Security.

Before founding Threat Intelligence, Ty held strategic senior management and C-Level positions in key organizations and was instrumental in developing an expert and authoritative voice to the Australian media, and today remains a high-profile media commentator for both enterprise and consumer security trends, attacks and issues.


Chris Rohlf

Chris Rohlf

Chris Rohlf is currently a security engineer at Square in NYC. He specializes in vulnerability discovery, exploitation, and reverse engineering. Chris has over thirteen years of experience in various security roles including software engineer, researcher, and consultant. Prior to Square he led the Red Team at Yahoo, founded Leaf Security Research, a boutique security consulting firm acquired by Yahoo; a Principal Security Consultant at Matasano Security; and previously worked as a Security Researcher for the US Department of Defense.


Jennifer Savage

Jen Savage

Jen is a security consultant at Mad Security. Currently, she does penetration testing, vulnerability assessment, and vulnerability management. Prior to joining the information security community, she spent 10 years in software development, and focused on secure development. In her spare time, she enjoys hacking on various home electronics, doing yoga, and raising her daughter Ada.


Saumil Shah

Saumil Shah

Saumil Shah, a veteran Black Hat instructor, is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker and instructor, having regularly presented at conferences like Black Hat, RSA, CanSecWest, 44CON, Hack.lu, Hack-In-The-Box, NoSuchCon, Recon, and others. Saumil has been the co-developer of the wildly successful "Exploit Laboratory" courses that he teaches all over the world. He has also authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".

Saumil graduated with an MS in Computer Science from Purdue University, USA and a BE in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world, and taking pictures.


Chi-en (Ashley) Shen

Ashley Shen

Chi-en (Ashley) Shen is a Senior Cyber Threat Analyst at Team T5 Research, where she focuses on tracking and monitoring Advance Persistence Threat (APT) and cyber espionage attacks. Her major areas of research include malware analysis, malicious document, reverse engineering, and tracking of emerging threat. She is a member of Hacks in Taiwan Conference and is one of the founders and organizers of HITCON GIRLS, the first security community for women in Taiwan. Ashley is also a regular speaker at information security conferences, including CODE BLUE, Troopers, HITCON Community and HITCON Enterprise.


Yuji Ukai

Yuji Ukai

Yuji Ukai is the chief executive officer of FFRI, Inc, known as a technical opinion leader in Japanese security industry.

After completing his Ph.D. in computer science at the National University of Tokushima, he began his employment at Kodak research and development center in Japan where he worked on research and development for digital device and embedded security. In 2003, he moved to United States and started working on development of vulnerability scanner product at eEye Digital Security as a Senior Software Engineer. He also worked for research of vulnerability analysis, vulnerability auditing, malware analysis, embedded system security, P2P network security, etc. as a Senior Research Engineer at eEye research group. In 2007, he moved back to Japan and became a co-founder of Fourteenforty Research Institute, Inc. Over the last several years, he discovered many critical security vulnerabilities affecting various software products as well as pioneered vulnerability analysis and exploitation of embedded system based on real time operating systems.


Neil Wyler

Neil R. Wyler (a.k.a. Grifter)

Neil R. Wyler (a.k.a. Grifter) is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently with RSA Security as an Advanced Security Operations Specialist. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 13 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. Neil is a member of the DEF CON CFP Review Board and Black Hat Training Review Board. Follow him on Twitter at @Grifter801.


Fyodor Yarochkin

Fyodor Yarochkin

Fyodor Yarochkin is a senior threat researcher at vArmour and a Ph.D. candidate at EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a "happy" programmer, Fyodor made Taiwan his second home and been in the region for nearly two decades. Prior to vArmour, Fyodor professional experience includes several years as a threat analyst at Armorize and over eight years as a information security analyst responding to network, security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at several conferences regionally and globally.

Twitter: @fygrave


Stefano Zanero

Stefano Zanero

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an assistant professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on mobile malware, malware analysis, and systems security. Besides teaching “Computer Security” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 50 scientific papers and books. He is an associate editor for the “Journal in computer virology and hacking techniques”. He's a Senior Member of the IEEE (covering volunteer positions at national and regional level), the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association), of which he is a fellow. He sits in the International Board of Directors of the same association. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network S.r.l., a leading Italian information security consulting firm, and a co-founder of 18Months, a cloud-based ticketing solutions provider.