Arsenal Review Board

Rachid Harrando fell in love with CyberSecurity, thanks to his long-time buddy Nabil Ouch (aka @ToolsWatch) where they launched their 1st startup about Cloud Vulnerability Security! Now Rachid enjoys keeping up with InfoSec as Office of the CISO at ServiceNow. Rachid is CISSP, ISO17001 LI Certified and graduated from French Engineering School ESME Sudria Paris!

NJ has 20 years of experience in security assessment, penetration testing and vulnerability management with excellent knowledge of industry standards. In 2001, he founded the Leading and renowned Infosec Community Tools Portal ToolsWatch.org. During 2011, NJ co-founded and since then manage the Black Hat Arsenal Event improving its development and expansion from USA to Europe and Asia. Today the Arsenal is the World Largest Security Event dedicated to Open Source Tools Demonstrations. NJ is also maintaining vFeed IO the Largest Correlated Vulnerability and Threat Intelligence Database used by 1000+ security companies and CERTs.

He currently works as ICS/SCADA Ethical Hacker for different Oil Companies in Europe and Middle East.

Dr. Bramwell Brizendine completed his Ph.D. in Cyber Operations. A security researcher, currently Bramwell is an Assistant Professor at the University of Alabama in Huntsville, and he is the founding Director of the Vulnerability and Exploitation Research for Offensive and Novel Attacks (VERONA Lab). A cybersecurity expert, Bramwell has taught numerous undergraduate, graduate, and doctoral level courses in reverse engineering, software exploitation, advanced software exploitation, malware analysis, and offensive security. Additionally, Bramwell has authored several important cybersecurity tools, including JOP ROCKET, SHAREM, ShellWasp, and ROP ROCKET, which are open source and freely available. Bramwell was a PI on a $300,000 NSA research grant to develop a shellcode analysis framework, SHAREM. Bramwell has been a speaker at many top security conferences across the globe, including different regional variations of Black Hat, DEFCON, Hack in the Box, and more.

Jon Kaltwasser currently leads the security testing organization within AWS's Proactive Security. A retired Naval Officer, Jon spent over a decade within the National Security Agency and US Cyber Command helping the military respond to cyber threats. Jon served as the Vice President and Chief Information Security Officer of SpaceX, and Stripe’s CISO prior to joining AWS. Jon has two black badges from DEFCON's capture the flag hacking competition.

Matthew Kemelhar has over 25 years of experience in cybersecurity and information technology. Currently, he leads security at Stripe, where he's been for over six years, overseeing everything from security infrastructure and regulatory compliance to detection and privacy engineering. At Stripe, his role involves safeguarding systems and implementing policies that keep data secure for millions of users.

Before his time at Stripe, Matthew spent six impactful years at Microsoft. As Global Director for Incident Response, he led global investigations into customer network breaches and provided strategic advice to C-level executives, helping them navigate complex cybersecurity challenges.

Matthew’s career began in government service, where he dedicated over 16 years to roles within the U.S. Air Force, the NSA, and the DOE. At the NSA, he served as Technical Mission Director for the Red Team, focusing on identifying vulnerabilities within secure systems. At the DOE, he led penetration testing efforts against critical infrastructure and was instrumental in shaping national cybersecurity policies.

Matthew holds a Bachelor's Degree in Electrical Engineering from Ohio State University and an MBA with honors from the University of Dayton.

Andrew Kramer is an Assistant Professor in the Beacom College of Computer and Cyber Sciences at Dakota State University, teaching classes related to reverse engineering, vulnerability research, and exploit development. He is an avid C and assembly programmer with a keen interest in low-level computing, as well as a frequent capture the flag (CTF) participant and advocate. Andrew is passionate about student success and strives to make education exciting through hands-on learning and project-based work. He is a strong believer that a teacher’s primary goal should be to spark joy and excitement for the subject. Andrew holds a B.S. In Cyber Operations, a M.S. In Computer Science, and a Ph.D. in Computer Science from DSU. Andrew also previously worked as a researcher at a national lab and as a penetration tester at a cyber security firm. He has published a variety of open source software projects and holds several CVEs from personal research work.

With a diverse background in Red Teaming, Incident Response, and SOC building, Tony is considered a trusted advisor to many global organizations. As an avid educator, he has taught thousands of students at venues worldwide, including government, universities, corporations, and conferences such as Black Hat. He takes every opportunity to give back to the security community through writing, mentoring, and helping organize amazing conferences and presentations.

Ping Look is a 20 year veteran of the cybersecurity industry and is passionate about bringing people together to solve problems. She served as the event director of Black Hat and DEFCON for over a decade before shifting her focus to driving innovation and energy outside of the events space. Ping is now focused on strategic initiatives for Microsoft's Detection and Response Team which is focused on investigating and tactical containment for customers who come under cyberattack.

Dr. Kyle Murbach is a Principal Research Engineer at UAH/CCRE. With over a decade of experience as a cybersecurity researcher and software reverse engineer with industry and government, he is responsible for leading numerous cybersecurity related projects as PI, Co-PI, and Subject Matter Expert in various topic areas relating to malware analysis, security tool development, vulnerability analysis, and computer network operations. He is CISSP certified, holds his PhD in Cyber Operations from Dakota State University (2019) and BS/MS degrees in Computing Security from Rochester Institute of Technology (2016) as a CyberCorps Scholarship for Service graduate.

Vivek Ramachandran is a serial entrepreneur, author, and cyber security professional with over 2 decades of experience. He is currently the founder of SquareX, a browser-based cyber security solution for consumers, which recently received seed funding from Sequoia Capital Southeast Asia in May 2023.

Prior to SquareX, Vivek was the founder and CEO of Pentester Academy. The company trained thousands of customers from government agencies, Fortune 500 companies and to enterprises from over 140 countries. Vivek successfully sold Pentester Academy to a US based education and training company called INE in 2021.

Vivek's expertise and influence extend beyond his ventures, as he is a sought-after speaker at top security conferences worldwide, including Blackhat USA and Europe, DEFCON, Brucon, and Hacktivity. His pioneering work on wireless security led him to discovery of the notable Caffe Latte attack. Vivek is an accomplished author with multiple five-star rated books on Wi-Fi security, translated into various languages and appreciated globally.

Noushin Shabab is a lead security researcher in the Global Research & Analysis Team (GReAT) at kaspersky. Her research focuses on the investigation of advanced targeted attacks with a particular focus on local threats in the Asia Pacific region.

Noushin is very active in the cybersecurity community where she regularly presents at various security conferences and also delivers technical workshops. Some of her previous conference presentations include Virus Bulletin, Black Hat ASIA, AusCERT, Security Analyst Summit, 0xCC, MRE, Ruxcon, Kawaiicon and various BSides events. She has been a guest lecturer at RMIT University, Melbourne Institute of Technology and the University of Guelph, Canada. She is also a member of the Australian Women in Security Network (AWSN) which aims to connect, support, collaborate and inspire women in the Australian cybersecurity industry.

Maxi Soler has more than 15 years of experience in Information Security; his work has been oriented toward Penetration Testing for Web and Mobile Application Security. He participates in Secure Podcast, an infosec podcast made by and for the community. He is the CTO/Co-Founder of ARTSSEC, providing creative solutions and delivering high-value services to its customers.

Veronica is a researcher and intelligence analyst from Argentina. Her research strongly focuses on helping people. She specializes in malware network traffic analysis, threat intelligence, and profiling of attackers. She is currently the director of the Civilsphere project at the Czech Technical University, dedicated to protecting civil organizations and individuals from targeted attacks. She's also the project leader at the Stratosphere Laboratory, a research group at the Czech Technical University dedicated to studying and researching at the intersection of cybersecurity, machine learning, and helping others. She co-founded the MatesLab hackerspace and the Independent Fund for Women in Tech. She has presented her research at international conferences such as BlackHat, EkoParty, Botconf, Virus Bulletin, Deepsec, and others.