Robert Schifreen is the founder of SecuritySmart.co.uk, which provides measurable IT security awareness training. He first became known in the security industry in 1985 when he was the first person in the world to be arrested and tried by a jury in connection with computer hacking. His ultimate acquittal in 1987 on all charges, by the House of Lords (the most supreme court at the time), led to the introduction of the Computer Misuse Act 1990.
Daniel Compton works as a principal security consultant at Info-Assure Ltd. He is a certified CREST/CHECK team leader in both Infrastructure and Applications. Daniel has a keen interest in testing networking devices and has released a number of popular pentesting scripts to assist and automate testing in this area. Daniel is the head of security research at Info-Assure and has discovered over 70 security advisories in applications and network security appliances to date.
Saumil Shah is the founder and CEO of Net-Square, providing cutting edge information security services to clients worldwide. Saumil is an internationally recognized conference speaker and instructor for over 15 years. He is also the co-developer of the wildly successful “Exploit Laboratory” courses and authored two books titled “Web Hacking: Attacks and Defense” and “The Anti-Virus Book”.
Saumil holds an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time playing Pacman, flying kites, traveling around the world and taking pictures.
Will Schroeder is a security researcher and red-teamer for Veris Group’s Adaptive Threat Division. He is a co-founder of the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a co-founder and core developer of the PowerShell post-exploitation agent Empire. He has presented at a number of security conferences on topics spanning AV-evasion, post-exploitation, red teaming, offensive PowerShell, and more.
Steve began working in the security arena in 1994 whilst serving in the UK Royal Air Force. He specialised in the technical aspects of IT security from 1997 onward, and before retiring from active duty, he lead the RAF’s penetration and TEMPEST testing teams. He founded Logically Secure in 2006 to provide specialist security advice to government departments, defense contractors, the online video gaming industry, and both music and film labels worldwide.
When not teaching for SANS, Steve provides penetration testing and incident response services for some of the biggest household names in the high street, online gaming and music media. To relax Steve enjoys playing Battlefield and FPS games to loud music.
Graham is a pentester, electronics tinkerer, ex-developer, security researcher, reverse engineer, crypto enthusiast, promulgator of useless facts, vehement drunkard, and bacon aficionado. Can often be found scurrying towards a bar. One of his shoes is probably sentient.
Graham leverages his 15 years of information security leadership experience to advise on appropriate security postures and resilience capabilities in line with risk appetite, focusing on business value.
With a blend of technical skills and business acumen, a deep knowledge of information law including privacy, data protection and information rights, Graham holds the certifications CIPP/E, CISM, CRISC, MBCI and PCIP in addition to being a qualified accountant. He has recently graduated from Northumbria University with an LLM in Information Rights Law and Practice where his dissertation on the application of data protection regulations in the cloud computing landscape including cross jurisdictional boundary challenges received a distinction.
Philippe is a security researcher working for GoSecure. He is the author of the Java static analysis tool Find Security Bugs. He is actively doing research to find new attack vectors and develop new tools. His experiences are both in the offensive and the defensive side, having the chance to do countless pentests and code reviews.
He has also built many plugins for Burp and ZAP proxy tools (Reissue Request Scripter, Retire.JS, PDF Viewer, CSP Auditor, etc.). He has discovered many vulnerabilities in popular software including Google Chrome, Dropbox, Paypal, RunKeeper and Jira.
Haroon Meer is the founder of Thinkst, the company behind Canary. Haroon has contributed to several books on information security and has published a number of papers on various topics related to the field. Over the past decade (and a half) he has delivered research, talks, and keynotes at conferences around the world.
Rogan is a senior researcher at SensePost and has been hacking since 1998, which,coincidentally, is also the time he settled on a final wardrobe. He used the time he saved on choosing outfits to live up to his colleague’s frequent joke that he has an offline copy of the Internet in his head. Rogan spent many years building web application assessment tools, and is credited as having built one of the first and most widely used intercepting proxies; WebScarab.
In recent years, Rogan has turned his attentions towards hardware hacking; and these days many suspect him to be at least part cyborg. A good conversation starter is to ask him where he keeps his JTAG header.
Dominic works at SensePost and tweets as @singe.
Jacob Torrey is an Advising Research Engineer at Assured Information Security, Inc. where he leads the Computer Architectures group and acts as the site lead for the Colorado branch. Jacob has worked extensively with low-level x86 and MCU architectures, having written a BIOS, OS, hypervisor and SMM handler. His major interest is how to (mis)use an existing architecture to implement a capability currently beyond the limitations of the architecture. In addition to his research, Jacob volunteers his time organizing conferences in Denver (RMISC & BSidesDenver) and regular meet-ups across the front range.
Kevin O’Reilly is a Principal Consultant and Head of Threat at Context Information Security. He is responsible for leading threat research and malware analysis within Context’s Response department. He has been working in information security for over 12 years. Prior to joining Context, he was previously Research Developer at Corsaire, after beginning his career as Virus Researcher at Anti-Virus firm Sophos.