Regional Review Board

Sudhanshu Chauhan is Director and Co-Founder of RedHunt Labs, focusing on Open Source Intelligence (OSINT), Asset Discovery and Perimeter Security. He is the former Associate Director at NotSoSecure, where he was actively involved in security consulting and training exercises.

Sudhanshu is the developer of RedHunt OS and one of the core contributors to DataSploit. He has co-authored 'Hacking Web Intelligence', a book on OSINT and web reconnaissance concepts and techniques. He has been a speaker at various conferences such as Ground Zero Summit, CyberHackathon Bar-Ilan University, Black Hat Arsenal, etc. He has been a trainer at Black Hat for 'Tactical OSINT' and 'Web Hacking - Black Belt Edition' and has delivered training at other conferences such as AppSec EU, c0c0n, RootCon, etc. He is the co-founder of Recon Village which runs at DEF CON.

Mika Devonshire is a specialist in digital forensics and incident response. She recently spent two years investigating cyber crimes based out of Hong Kong, and has worked with cyber insurance carriers across the globe on improving their risk underwriting methodology.

She is currently with S-RM, a special risks and intelligence firm out of London. Prior to her time with Blackpanda, Mika spent several years in Washington DC gaining depth and experience across the cyber attack lifecycle. She was an offensive cyber systems engineer at BAE Systems, served on the internal security team at Silent Circle, and got her start in product management.

Mika holds a Masters in Digital Forensics from George Washington University and a Bachelors in Comparative Literature from Princeton University. She holds several certifications including CISSP, CISM, and GCFA among others. She regularly appears as a speaker and panelist at professional associations and conferences, and works with those looking to pivot from non-technical professions into information security.

Currently, the senior manager of the Forward-Looking Threat Research team in APAC, Ryan Flores has had more than 15 years of experience in antivirus and IT security under his belt. He has held various positions in Trend Micro, starting as an antivirus engineer in charge of malware analysis, detection, and removal. He was heavily involved in malware sourcing and honeypot development and deployment as a member of Trend Micro Incident Response Team. His current position requires him to research on botnets, cybercrime and underground activities, as well as emerging technologies.

With over 15 years' experience in the Defence, Financial Services and Telecommunications, Lidia Giuliano has an extensive background in security testing, vulnerability management and prevention and detection techniques. Originally from Melbourne, Lidia spent a number of years in the USA working and researching malware evasion and obfuscation techniques. She has been a past speaker at Black Hat, SecTor, DevSecCon, and has been published in various media.

Lidia has since returned to Australia where she continues her endpoint security research and speaks at conferences both at home and internationally. She is the conference organiser for BSides Melbourne, spends a lot of her time mentoring others and is passionate about growing the information security community.

Seunghun Han is a security researcher at the Affiliated Institute of ETRI. Seunghun focuses on hardware root of trust, firmware, hypervisor, and kernel security, so he has made his own hypervisor and contributed various patches to the Linux kernel and TPM-based security software. He has also contributed to Debian Linux as a Debian Maintainer.

Seunghun was a speaker and an author at USENIX Security, Black Hat USA/Asia/Europe, HITBSecConf, BlueHat Shanghai, VXCon, TyphoonCon, KimchiCon, and more. He also authored two books about building 64bit OS from scratch, 64-bit multi-core OS principles and structure volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN-13: 978-8979148374).

Robert Hansen is the CEO of OutsideIntel. He is the former VP of Labs at WhiteHat security and the former Chief Executive of SecTheory and Falling Rock Networks which focused on building a hardened OS. Mr. Hansen began his career in banner click fraud detection at ValueClick. Mr. Hansen has worked for Cable & Wireless doing managed security services, and eBay as a Sr. Global Product Manager of Trust and Safety. Mr. Hansen contributes to and sits on the advisory board of several companies. Mr. Hansen has co-authored "XSS Exploits" by Syngress publishing and wrote the eBook, "Detecting Malice." Robert is a member of WASC, APWG, IACSP, ISSA, APWG and contributed to several OWASP projects, including originating the XSS Cheat Sheet. He is also a mentor at TechStars.

Vincenzo is an entrepreneur and investor. He currently serves as a Director at CrowdStrike following the sale of his company Iperlane in 2017. Vincenzo is also a Network Leader at Village Global, a seed stage VC fund based in Silicon Valley. In addition, Vincenzo is an Associate Researcher at the MIT Media Lab and serves as a committee member on the Black Hat Conference board. Vincenzo co-authored the "iOS Hacker's Handbook" (Wiley, 2012) and the winning attacks against Firefox, iOS and Blackberry OS at Pwn2Own between 2010-2012.

Yeongjin Jang is an Assistant Professor of Computer Science at Oregon State University. He hacks various computer systems such as iPhone, CPUs, voting machines, drones/automobiles, etc., to analyze cyber threats emerging from those systems. His research interests are also focused on defeating cyberattacks, such as applying hardware Trusted Execution Environment to crypto/software systems. He plays CTF as well and has won the Black Badge from DEF CON CTF (in 2015 and 2018).

Monnappa K A works with Cisco Systems as information security investigator focusing on threat intelligence, investigation of advanced cyber-attacks, researching on cyber espionage and targeted attacks. He is the creator of Limon Linux sandbox and winner of Volatility plugin contest 2016. He is the author of the upcoming book "Learning Malware Analysis". He is the co-founder of the cyber-security research community "Cysinfo". His fields of interest include malware analysis, reverse engineering, memory forensics and threat intelligence. He has presented at various security conferences like Black Hat, FIRST, SEC-T, DSCI, National Cyber Defence Summit and Cysinfo on various topics which include memory forensics, malware analysis, reverse engineering and rootkit analysis. He has conducted trainings at Black Hat, FIRST (Forum of Incident Response and Security teams), SEC-T, OPCDE cyber security conferences. He has also authored various articles in eForensics and Hakin9 magazines.

He regularly conducts training titled "A Practical Approach to Malware Analysis and Memory Forensics" around the world including Black Hat USA, Black Hat Asia and Black Hat Europe. You can find some of his contributions to the community in his YouTube channel, and he publishes blog posts at cysinfo.com

Vitaly Kamluk is Principal Security Researcher at Kaspersky Lab, focusing on target attack investigation, malware analysis, and broader security research. He spent two years with INTERPOL in Singapore specializing in malware reverse engineering, digital forensics and cybercrime investigation.

Vitaly has presented at numerous security conferences including Black Hat, DEF CON, Hitcon, BSides, PHDays, Ruxcon, SAS, etc. He is a trainer in Yara hunting, Advanced malware reversing and Digital forensics. He is also the author of open-source project Bitscout for remote system analysis.

Seungjoo (Gabriel) Kim is a professor of Graduate School of Information Security in Korea University from 2011 and his research areas focus on SDL, security engineering, cryptography and blockchain.

For the past seven years, he was an associate professor of Sungkyunkwan University and has five years of back ground of team leader of Cryptographic Technology Team and also IT Security Evaluation Team of KISA(Korea Internet & Security Agency).

In addition to being a professor, he is positioning a head of SANE(Security Analysis aNd Evaluation) Lab, an adviser of hacking club 'CyKor', a founder/advisory director of an international security & hacking conference 'SECUINSIDE'. His numerous professional focus on a presidential committee member on the 4th industrial revolution and an advisory committee member of several public and private organizations such as NIS(National Intelligence Service), Ministry of National Defense, Ministry of Justice, Supreme Prosecutors' Office, Korea National Police Agency, Nuclear Safety and Security Commission, etc. He also taught at the Korea Military Academy. www.KimLab.net

Marina Krotofil is a cyber security professional with over a decade of hands-on experiences in advanced methods for securing Industrial Control Systems (ICS) and other cyber-physical systems. She is also an experienced Red/Blue Teamer who contributed research on novel attack vectors, exploitation techniques and design of novel defense methods. She is an experienced incident responder, forensic investigator and ICS malware analyst. Marina frequently collaborates with international organizations on the topics of critical infrastructure security and is a regular speaker at the leading conference stages worldwide. She is also a frequent reviewer of academic manuscripts and talk proposals including Black Hat and USENIX WOOT. Marina is currently a Cyber Security Product Owner for connected vessels, terminals and warehouses at Maersk. She holds an MBA in Technology Management, MSc. in Telecommunications, and MSc. in Information and Communication Systems.

Dax Labrador has been active in the hacking scene for 10 years and possesses undiminished passion for information security. He is the founder and director of ROOTCON the largest hacking conference in the Philippines. Dax was previously an AppSec Manager at Hewlett-Packard Fortify on Demand, he later joined Bugcrowd's Application Security Engineering Team.

Anthony Lai focus on offensive "Kungfu", malware analysis, target attack research as well as attribution. He is passionate over Capture the Flag game, reverse engineering and exploitation for years.

After inspired by Black Hat and DEFCON in 2007-8, he has found a non-profit making research group called VXRL (Valkyrie-X Security Research Group) since 2009 in Hong Kong, researchers have published various research in various security and hacker conference including AVTokyo, Codegate, Blackhat USA, DEFCON, DFRWS, HITCON, HTCIA USA and Asia Pacific. He organized a small conference called VXCON (vxcon.hk) and line up various his good friends to give cutting edge sharing and workshop.

Anthony acts as a director of Knownsec Hong Kong and Macau (knownsec.asia) and currently engages a part-time PhD program in Hong Kong University of Science and Technology, his research focus is on malware/threat attribution, machine learning and software analysis. He has been invited to be the technical team coach with Zetta KE and Alan HO for the CTF Team named "FireBird" sponsored and supported by Cyber Security Lab in HKUST (cybersecurity.cse.ust.hk).

Anthony is a mentor of SANS GREM and GXPN holder for official course.

Beist has been a member of the IT security field since 2000. His first company was Cyber Research based in Seoul, South Korea and first focused on pen-testing. He then got a Computer Engineering B.A. degree from Sejong University. He has won more than 10 CTF hacking contests in his country as well as passed DefConquals 5 times. He has run numerous security conferences and hacking contests such as SECUINSIDE and CODEGATE in Korea. Also, he has given talks at BLACKHAT Las Vegas, SYSCAN, CANSECWEST, AVTOKYO, HITCON, SECUINSIDE, EDSC, and TROOPERS. Hunting bugs and exploiting them are his main interest. He is one of GRAYHASH company founders. He is now a graduate student at SANE LAB, Korea University.

Ping Look has over a decade of experience building, promoting and managing events in the IT space including two of the most iconic and massively influential IT security events: The Black Hat Briefings + Trainings and DEF CON. At Black Hat she managed the growth of brand from obscurity to profitability and grew the event from a three track, two-day event to a six day, 11 track and training intense event that brought together the best and the most relevant (and occasionally the most obscure) speakers and content providers to Black Hat events in Asia, Europe, the Middle East and the US. During her tenure at Black Hat she was often referred to as the Ping of Death aka "The One You Don't Want to Piss Off (or you will die)".

Ping is currently engaged as a program manager on the Detection and Reaction Team (DART) at Microsoft, Enterprise Cybersecurity Group.

Ty Miller is the Chief Executive Officer and Founder of Threat Intelligence Pty Ltd, a specialist consultancy defining the next era of security, intelligence and penetration testing approaches. He sits on the Board of Directors for CREST in Australia and New Zealand, and leads the CREST A/NZ Technical Team.

Ty is a trainer at Black Hat, with his training courses "The Shellcode Lab" and "Practical Threat Intelligence", and has trained and presented to international government agencies, big technology and security companies at a wide range of conferences around the world including Black Hat USA, Black Hat DC, Hack-In-The-Box, and Ruxcon.

Ty is a co-author of the highly popular security book "Hacking Exposed Linux 3rd Edition", and has developed low level attack techniques for companies including the DNS Channel payload for Core Security.

Before founding Threat Intelligence, Ty held strategic senior management and C-Level positions in key organizations and was instrumental in developing an expert and authoritative voice to the Australian media, and today remains a high-profile media commentator for both enterprise and consumer security trends, attacks and issues.

Shubham Mittal is Co-Founder at RedHunt Labs and is a techie at heart. He is the former CTO at Neotas where he led the research and development of their products and services. He is the co-founder of Recon Village, an OSINT focused mini-con at DEFCON. Shubham is also co-author of OSINT Framework DataSploit.

Shubham is a trainer at BlackHat, where he delivers his flagship training 'Tactical OSINT for Pentesters'. He has trained and presented to various government organizations, security companies and security conferences like BlackHat, DEFCON, HackMiami, Nullcon, etc.

Shubham has extensive experience in Offensive as well as Defensive security, Open Source Intelligence and Perimeter Security. He is also an active participant at Null - Open Security Community.

He works from the command line, uses vi and loves beer.

Asuka Nakajima is a security researcher at NTT R&D. Her research interests include reverse engineering, vulnerability discovery, and IoT security. Since 2014, she has been a member of the executive committee of SECCON, the largest CTF organizer in Japan. She is also a founder and leader of CTF for GIRLS, which is the first female infosec community in Japan. She has presented at various security conferences and events including BlackHat Asia 2020 LockNote, Black Hat USA 2019 Briefings, Black Hat EU 2019 Briefings, Asia CCS 2019, ROOTCON 2019, AIS3 2018/2016, and PHDays IV. Asuka also serves as a Review Board member for Black Hat USA and Asia. She is also an author of the best seller book called "Cyber Attack" in Japan. (Bluebacks, 2018)

Dr. Pamela O'Shea is Director of Shea Information Security, providing security consulting, training and penetration testing services to clients. Pamela is an industry lecturer at the Royal Melbourne Institute of Technology (RMIT) master's programme in cyber security and co-organises the OWASP AppSecDay Melbourne conference. She also runs the haXX group to provide free technical security classroom training and mentorship to women keen to break into the technical security field. Outside of consulting, teaching and research, Pamela plays with radio and satellite communications and runs the Melbourne CyberSpectrum meetup on Software Defined Radio (SDR).

Dr. Nguyen Anh Quynh is doing research in Nanyang Technological University, focusing on several cybersecurity areas such as malware, binary analysis and vulnerability finding. He frequently travels around the world to present at top industrial and academic conferences. As a passionate coder, he is happy that some of his works, such as Unicorn, Capstone and Keystone engines are widely used and cited in the security community, paying the way for various next-generation products, research and development.

Chi-en Shen (Ashley) is a security engineer at Google Threat Analysis Group, where she focuses on threat intelligence research. She specializes in threat hunting, malware analysis, reverse engineering, and targeted attack analysis. Prior to Google, Ashley worked as a senior security researcher at FireEye. Ashley is also the co-founder of Team T5, where she served as a senior analyst for 4 years. For supporting women in InfoSec, Ashley co-founded "HITCON GIRLS" — the first security community for women in Taiwan. She is also a regular speaker at international security conferences, including Black Hat, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCON, Confidence, RESET...etc. Beside Black Hat Asia, Ashley also serves in the review board of Blue Hat Shanghai and Hack in the Box conferences.

Cheng-Da Tsai (a.k.a. Orange Tsai), is the principal security researcher of DEVCORE, member of CHROOT security group and captain of HITCON CTF team. He has spoken at conferences such as Black Hat USA and ASIA, DEF CON, HITB, Hack.lu, CODEBLUE and WooYun. He is also the winner of Pwnie Awards 2019 for "Best Server-Side Bug"!

Orange participates in numerous CTF and won 2nd place in DEF CON CTF 22/25/27 as team HITCON. Currently, he is a 0day researcher and specialized in web/application security. He is enthusiastic about Remote Code Execution, and uncovered RCEs in several vendors, such as Facebook, Uber, Apple, Twitter, GitHub, Amazon, Netflix, Yahoo and Imgur. blog.orange.tw

Vandana Verma is a seasoned security professional with a current focus on DevSecOps. In her previous experience, she has dealt with Application security, Vulnerability management, SOC, Infrastructure security and Cloud Security. She is a seasoned speaker / Trainer and presented at various public events ranging from Global OWASP AppSec events to Black Hat events to regional events like BSides events in India. She is part of the OWASP Global board of directors. She also works in various communities towards diversity initiatives InfosecGirls, WoSec and null.

Vandana is a member of the Black Hat Asia Review Board as well as multiple other conferences including Grace Hopper India, OWASP AppSec USA to name a few. She is also one of the organizers of BSides Delhi.

She has been the recipient of multiple prestigious awards like Resilient CISO award by Dynamic CISO, Cyber Security Woman of the Year Award 2020 by Cyber Sec Awards, Application Security Influencer 2020 by Whitesource, Global cybersecurity influencer among IFSEC Global's "Top Influencers in Security and Fire" Category for 2019, Cybersecurity Women of the year award by Women Cyberjutsu Society in the Category "Secure Coder". She has also been listed as one of the top women leaders in this field of technology and cybersecurity in India by Instasafe.

Neil R. Wyler (a.k.a. Grifter) is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently with IBM-X Force as Global Lead of Active Threat Assessments. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 15 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. Neil is a member of the DEF CON CFP Review Board and Black Hat Training Review Board.

Fyodor Yarochkin is a senior threat researcher at Trend Micro Research and holds a PhD from EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a "happy" programmer, Fyodor made Taiwan his second home and been in the region for nearly two decades.Fyodor professional experience includes several years as a threat investigator and over eight years as a information security analyst responding to network security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at several conferences regionally and globally.

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on mobile malware, malware analysis, and systems security. Besides teaching "Computer Security" at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 50 scientific papers and books. He is an associate editor for the "Journal in computer virology and hacking techniques". He's a Senior Member of the IEEE (covering volunteer positions at national and regional level), the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association), of which he is a senior member. He sits in the International Board of Directors of the same association. A long time op-ed writer for magazines (among which "Computer World"), Stefano is also a co-founder and chairman of Secure Network S.r.l., a leading Italian information security consulting firm, and a co-founder of 18Months, a cloud-based ticketing solutions provider.