John Hammond

Cybersecurity Researcher

Huntress

John Hammond is a cybersecurity researcher, educator, and content creator. He has taught as an instructor with the US Department of Defense Cyber Training Academy and developed training material and interactive security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at numerous security conferences, colleges, and universities and shares free cybersecurity education online on YouTube.

Katie Paxton-Fear

Lecturer and Educational YouTuber

Traceable AI

Dr Katie Paxton-Fear is a lecturer of cyber security at Manchester Metropolitan University, she's a hacker and YouTube, she's made 50+ videos on a range of topics, explaining vulnerabilities, tools etc, and made a splash as an API hacker .

Adam Pennington

ATT&CK Lead

MITRE

Adam Pennington (@_whatshisface) leads ATT&CK at The MITRE Corporation and collected much of the intelligence leveraged in creating ATT&CK’s initial techniques. He has spent much of his 14 years with MITRE studying and preaching the use of deception for intelligence gathering.

Adam Arellano

Field CTO

Traceable by Harness

Adam Arellano is the Field Chief Technology Officer (CTO) at Harness where he provides partnership and guidance to customers and the broader industry on API and application security. He is well known as a progressive and inventive technology executive offering over 15 years of success in championing mission-driven initiatives focused on cloud, AI, and information security innovation.

Jake Wnuk

Senior Security Consultant

Scorpion Labs by K Logix

Jake spends his time writing code for security tools, hacking systems and applications, and finding vulnerabilities in software and networks professionally. He has identified vulnerabilities in hardened applications and networks for various-sized clients and ecosystems, and takes pride in elevating organizations security postures.

Will Baggett

Director, Digital Forensics & Advanced Technology Application, Operation Safe Escape. Will Baggett is the Director of Digital Forensics and Advanced Technology Application at Operation Safe Escape (volunteer role), a non-profit organization providing assistance to victims of domestic abuse and a Cyber Threat Intelligence manager at a “large company.” Will draws from his experience as a former intelligence officer specializing in Technical and HUMINT Operations as well as a NATO SOF Cyber Security SME. His experience in the cyber industry covers the gamut from Y2k compliance to Log4J mitigation.

Scott Thomas

Scott Thomas is the Manager of Offensive Security for Soteria. He has over 25 years of professional cybersecurity experience in a variety of roles, with the last 15 years as an offensive security consultant performing penetration tests and red team engagements for clients in a wide range of industries. He got his start as a kid wardialing things he probably shouldn’t have @ 300 baud.

Audrey Long

Audrey Long is a Sr. Cloud Security Architect at Xbox in Microsoft. To Audrey, security is like solving a puzzle, but with real life impact- and she loves to break these puzzles. Because security is such a focal point for many customers, but there are so few people, and especially women in the space, Audrey is passionate about making security accessible both to software engineers and as a career for girls in STEM. She holds DoD secret clearance and a Master of Science degree in Cyber Security at Johns Hopkins.

Jonathan Davis

Jonathan Davis is a Cloud Security Engineer with deep experience in AWS, Microsoft 365, and Azure. He currently leads cloud assessment and remediation efforts, specializing in enterprise forensics, compliance, and threat detection. Jonathan has developed automation frameworks for Digital Forensics & Incident Response (DFIR) in cloud environments and regularly advises clients on cloud security configuration assessments, guided remediation, and getting critical telemetry into SIEM platforms. His work focuses on scalable, cloud-native solutions that help organizations prepare for and respond to security incidents.

Nicole Morris

Nicole Morris is a Sr. Information Security Architect at Salesforce with over three years of experience specializing in incident response and threat intelligence. She holds a Master's degree in Cybersecurity from Johns Hopkins university. Nicole’s expertise lies in bridging the gap between technical investigation and strategic response. Her passion for understanding attacker behavior and leveraging threat intelligence has made her a trusted voice in developing resilient security programs. Beyond her technical work, Nicole is a dedicated advocate for inclusion and mentorship in the cybersecurity community. She actively mentors through Women in CyberSecurity (WiCyS), helping support and uplift the next generation of security professionals. Her commitment to creating accessible pathways into cybersecurity is matched by her ability to break down complex topics and make them actionable for all audiences.

Michael Silva

Michael Silva is a technology leader with 17+ years of experience. Presently, Michael is the Director of Solution Engineering with Astrix Security, the pioneers of non-human identity security. Using the combined expertise of technical and customer facing roles, Michael has developed the ability to relate to customers, understand their pain points, and help define a strategy that will map to successful execution of business requirements.

Charles Bain

Charles Bain is a Senior Penetration Tester with over a decade of hands-on experience in offensive security. He specialises in identifying and exploiting vulnerabilities across environments, help organisations improve their security posture. Charles is also an active trainer, delivering technical workshops and mentoring aspiring professionals in the field.

Michael Rodriguez

Michael is a Cyber Security Practitioner with over 20 years of experience. As a Manager with Mandiant Solutions at Google Public Sector, he specializes in National Security Programs, ICS-OT Security, and teaching with Mandiant Academy. When not working on his day job, he is part of the board of directors of the cyber security nonprofit Thruntcon, and the DefCon GooN.

Daniel Powery

Daniel Powery is a technology leader with over a decade of experience, during which time he has spearheaded IT operations, cybersecurity initiatives, and digital transformation projects within the financial services sector. He plays a strategic role in leading secure technology modernization projects—ranging from core infrastructure upgrades to AI-enabled automation—while ensuring alignment with regulatory and business objectives. Daniel is a Certified Information Systems Security Professional (CISSP) and holds additional certifications in ITIL, and Data Science (Microsoft). He has led numerous security and compliance programs including CIMA SOG implementations. His expertise spans cybersecurity risk management, vendor governance, policy development, and network security, underpinned by hands-on proficiency with industry leading tools.

Roxey Davis

Roxey Davis is a passionate cybersecurity leader, storyteller, and advocate for inclusive defense. With a background in Security Operations, Threat Intelligence, and Governance, Risk, and Compliance (GRC), they specialize in turning complex threats into collaborative learning opportunities for all skill levels. Currently serving as a GRC Security Analyst and the Chief Operating Officer of the Women's Society of Cyberjutsu, Roxey helps create spaces where underrepresented voices can lead, learn, and thrive. Their work bridges technical expertise with empathy-driven strategy, focusing on threat-informed defense, insider risk, and building communities where defenders support each other like a well-formed pack. Whether coordinating purple team exercises, launching mentorship programs, or gamifying security awareness, Roxey believes cybersecurity isn’t just about tools — it’s about people, purpose, and preparing before the full moon rises. They’ve spoken at BsidesNOLA and are known for their creative, interactive sessions that blend storytelling, threat models, and the occasional supernatural metaphor.

Michael Castro

As an IT leader with over two decades of experience building and leading information security, cyber risk and compliance programs at the enterprise level, Michael is a veteran vanguard for protecting sensitive data. Michael’s multi-faceted portfolio includes a rich mosaic of work ranging from security strategy to architectural development to cybersecurity training. Michael’s previous work includes serving as Head of Information Security and Risk Management at Loblaw Companies Limited and numerous Senior Info and Cybersecurity roles in the areas of Oil & Gas, Finance, Health Care and Retail.

Paul Ihme

Paul Ihme is a cofounder at Soteria, a Charleston-based cybersecurity services firm. Paul began his career in the US Air Force, where he served in roles planning, coordinating, and executing offensive cyber operations supporting the National Security Agency and US Cyber Command. Following his Air Force career, he worked as a defense contractor supporting NSA missions in a planning and advisory capacity. Paul has also worked in security operations positions at the Internal Revenue Service and JP Morgan Chase. At Soteria, Paul helped build the firm from a pre-revenue startup to a profitable business providing a range of cybersecurity services to clients around the world. His current focus centers around growing the company’s incident response and managed detection and response businesses and incubating new product ideas within Soteria’s engineering and advisory teams.

Jeff Ames

CTO and fundamental part to CND’s success since 2007. Cyber security passion started whilst in the Royal Air Force and continued to develop his skill set for over 20 years working with the UK military and after a full career moved on to working at NATO, DXC, Cisco Advanced services to mention a few.

Neha Nair

Neha Vijay is the senior director of Risk, Policy, and Compliance at Radix, where she focuses on identifying and mitigating domain name abuse. Her role involves implementing AI and ML models to automate processes for early detection and mitigation of cyber abuse on Radix-owned domain extensions. She drives Radix’s strategic directions for venturing into Web 3.0 domains, addresses legal and compliance matters, and oversees the Regulatory Policy and Compliance function. Neha actively lobbies with ICANN to draft and enforce stricter internet security and data privacy policies and helps establish Radix’s Trust and Safety, Policy, and Compliance functions in key jurisdictions. Neha’s work also focuses on building and maintaining relationships with law enforcement, governments, agencies, and industry groups, while managing Radix’s security infrastructure and strategic initiatives. Neha’s work also focuses on building and maintaining relationships with law enforcement, governments, agencies, and industry groups, while managing Radix’s security infrastructure and strategic initiatives. Over the past decade, her career has spanned diverse security domains, including counter-terrorism, online radicalization prevention, intelligence, investigations, and crisis management. Before Radix, Neha held roles at Indian Law Enforcement, the Wikimedia Foundation, and Netflix, where she contributed to security, trust & safety, and intelligence-focused initiatives. In recent years, she has worked closely with law enforcement, governments, and think tanks to bridge gaps between public and private entities to promote peace and security.

Angus Chen

Angus Chen is a leader who fosters a culture of trust and is an experienced cybersecurity data scientist known for his ability to connect the dots. As DEFCON Goon and a board member, he contributes to communities and promotes diversity in all its forms. He is also a speaker who shares his knowledge extensively. With over 20 years of hands-on experience, Angus has developed, and implemented data science and deep tech solutions for a wide range of organizations, including MITRE, the Federal Reserve Board, and FINRA. He is a rock climber who looks for projects. He is the Director of Data Science at Binary Defense. He holds an MBA from IESE and a Master’s in Applied and Computational Mathematics from Johns Hopkins University. Angus is also certified in CISSP, CCSP, and PMP.

Garry Coldwells

Garry is a 27 year cybersecurity veteran who has taught and spoken at conferences across three continents, to diverse business and technical audiences. He is a resident advisor to the Roger’s Cyber Accelerator at Ryerson University and is a periodic guest lecturer at universities. Garry speaks on a broad array of cyber topics from foundational security principles to technical concepts of current interest.

Adriana Winkler

Adriana Antunes Winkler, LL.M., is a recognized leader in Information Security and a Data Protection Officer (DPO) with extensive experience implementing and managing risk, privacy, and data protection frameworks for multinational corporations on a global scale. She currently leads risk and privacy regulatory initiatives at Accenture in the United States, where she helps clients navigate complex regulatory environments, implement robust compliance structures, and align their business strategies with evolving global standards. Her work delivers innovative and effective solutions that ensure data privacy, security, and operational efficiency, empowering organizations to build trust, mitigate risks, and thrive in an increasingly regulated and data-driven world. Previously, Adriana led privacy and data protection programs across Latin America, the Middle East, and Asia for a leading U.S.-based company valued at over $50 billion, serving clients such as McDonald’s, Coca-Cola, Subway, and Pizza Hut. She also chaired the Privacy and Data Protection Commission of the Brazilian Bar Association, Brasília Chapter, for the past 6 years, where she worked with over 100 attorneys, and acted as the organization’s leading privacy authority. Adriana also serves as an educator, author, speaker, and researcher, providing guidance to public and private entities on a wide range of privacy and data protection regulations (including LGPD, GDPR, HIPAA, NIST, DMA, DORA, PIPA, PDPA, CPRA, and more). Her expertise spans risk management, Privacy by Design, third-party assessments, data subject access requests (DSARs), audits, evaluations, and delivering training and educational sessions.

Parth Shukla

Parth Shukla is a dedicated Cybersecurity Analyst at Cequence Security with a strong passion for Web Application Security. He is an accomplished bug hunter, community builder, and cybersecurity enthusiast with a relentless drive to uncover vulnerabilities and share knowledge. Parth’s work focuses on securing modern web applications by addressing critical threats like those outlined in the OWASP API Top 10, including BOLA, SSRF, and Broken User Authentication.In addition to his professional achievements, Parth has mentored over 600 aspiring cybersecurity professionals, empowering them with skills in ethical hacking, bug bounty hunting, and advanced web application testing. An advocate for continuous learning and collaboration, Parth is a frequent speaker at leading cybersecurity conferences worldwide. Guided by the principle that “security is a myth,” he strives to challenge assumptions and push the boundaries of what’s possible in cybersecurity.

Georgia Scott

Georgia is head of Ogier Regulatory Consulting in the Cayman Islands. She joined Ogier in 2022, providing AML officer services to a range of fund vehicles before transitioning to Ogier's Regulatory Consulting division in 2023. She has a strong background in Regulatory Compliance and AML with experience in managing regulatory inspections, conducting audits and testing of control programmes. Georgia is a Certified Public Accountant, Certified Internal Auditor, and holds the Certified Anti-Money Laundering Specialist (ACAMS) designation. She has more than 10 years of experience in the Cayman financial services industry including audit, regulatory compliance and AML functions. Prior to joining Ogier, Georgia held various roles within an International Bank in finance, operations and regulatory compliance and AML where she also served as Deputy MLRO. She also worked for a Big 4 Audit firm specialising in banking and captives. Georgia Scott has been diligently working to uncover and elevate awareness about the intricate interconnections between compliance, cybersecurity, and Anti-Money Laundering (AML) practices. With her expertise, she is making strides in identifying and addressing the challenges at the intersection of these critical areas, ensuring robust regulatory compliance and enhancing the cybersecurity posture within the industry.

Scott Stoner

John Stoner is a US Army veteran and accomplished cybersecurity leader, threat analyst and consultant, bringing over 25 years of experience. He brings with deep technical competency across the US Intelligence Community (USIC), defense sectors, SLED and commercial verticals. He holds multiple certifications including: CISSP, PMP, FITSP-M-NG, CASP and Network+. His strengths include Cyber Threat Intelligence (CTI), program management, cybersecurity consulting, course development and instruction. He gives back to the cybersecurity community volunteering with The Diana Initiative, VetSec and many BSides events. John is also a volunteer DEFCON G00N and a BlackHat trainer.

Andy Piazza

Andy Piazza is an accomplished security professional with 20 years of experience in security operations, threat intelligence, and incident response. Andy has developed multiple cyber threat intelligence programs for clients and is a frequent contributor to the CTI community through his personal blog and talks at industry conferences. He has worked alongside clients and stakeholders in multiple critical infrastructure sectors to improve their incident response capabilities, security operations integrations and processes, and threat management programs. Andy is a US Army combat veteran with multiple deployments to Iraq, Central America, and Haiti. He has earned a Master's in Intelligence Studies from American Military University and a Master's in Information Security Engineering from SANS. He enjoys writing, mentoring, and project development in support of threat intelligence and cybersecurity operations. He’s also the Operations Lead for BSidesNOVA and the Global Head of Threat Intelligence at IBM X-Force. Andy can be found on Twitter as @klrgrz, on Medium at https://klrgrz.medium.com, and his personal site klrgrz.com.

David Wright

David Wright has approximately twenty-eight years of experience in IT. His qualifications include a Bachelor's in Computer with Management Studies from the University of Technology, Jamaica (UTech), a Master's in Computer-Based Management Information Systems from the University of the West Indies (UWI), Mona, and over twenty-five active certifications in various areas including physical and cloud infrastructure as well as cybersecurity. By day, David has fulfilled numerous roles, including managing a team of penetration testers (go Red Team) and currently a team of data protection analysts (go Blue Team). By night, David goes by the hacker name Kn1ghtK1ng since 2021 where he has become “Jamaica’s #1 ethical hacker” according to TryHackMe leaderboards (heck, if Ryan Montgomery [0day] is the world’s #1 ethical hacker, it makes logical sense).

Shinesa Cambric

Shinesa Cambric (CCSP, CISSP, CISM) is a cybersecurity innovator and thought leader who specializes in leveraging AI and machine learning to combat emerging threats to digital identities. Her groundbreaking work has earned her multiple industry awards and resulted in one granted patent, with another pending. As the lead developer of ISACA's Google Cloud audit program and lead author of the bestselling 'Cloud Auditing Best Practices,'' Cambric has established herself as an authoritative voice in cloud governance. A passionate advocate for collaboration within the cybersecurity community, Cambric serves on non-profit boards and advises startups while actively mentoring emerging professionals. Her expertise shapes the future of cybersecurity certification through her work with global organizations including CompTIA, CertNexus, and the Cloud Security Alliance, where she contributes as a subject matter expert in exam content development. Cambric's insights and thought leadership extend across multiple bestselling publications, including her role as contributing author to 'Securing Our Future' , '97 Things Every Information Security Professional Should Know,' and 'Shifting Security Left.' Her influence reaches global audiences through prominent platforms such as SANS, the RSAC Conference and Podcast, DevOps.com, Women In Identity, Top Cyber News Magazine, and Women In Security Magazine.

Langson Clement

Langston grew up reading stories about the 90’s hacker escapades, and after years of observing the scene, he jumped into the cybersecurity field and never looked back. He is currently a Senior Red Team operator for Brown Brothers Harriman. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, he aims to provide organizations with valuable and actionable information to help improve their security posture. Langston’s specializations focus on modern-day social engineering techniques, wireless and RFID attacks, red teaming, and physical penetration testing.

JJ Asghar

JJ works as a Developer Advocate representing IBM worldwide. He mainly focuses on open-source AI and OpenShift, trying to help companies and users successfully onboard to the Cloud-Native ecosystem. He’s also known in the DevOps tooling ecosystem and generalized Linux communities. If he isn’t building automation to streamline his work, he’s building the groundwork to do just that. He lives and grew up in Austin, Texas. A father and husband, trying to learn to balance his natural nerdiness with family life. He enjoys a good strong dark ale, hoppy IPA, some team-building Artemis, and epic Gloomhaven campaigning. He has recently dove headfirst into Fedora since IBM bought Redhat, but still secretly wants FreeBSD everywhere. He’s always trying to become a better web technology developer, though he normally just uses bash to get the job done.

Roxey Davis

Roxey Davis is a passionate cybersecurity leader, storyteller, and advocate for inclusive defense. With a background in Security Operations, Threat Intelligence, and Governance, Risk, and Compliance (GRC), they specialize in turning complex threats into collaborative learning opportunities for all skill levels. Currently serving as a GRC Security Analyst and the Chief Operating Officer of the Women's Society of Cyberjutsu, Roxey helps create spaces where underrepresented voices can lead, learn, and thrive. Their work bridges technical expertise with empathy-driven strategy, focusing on threat-informed defense, insider risk, and building communities where defenders support each other like a well-formed pack. Whether coordinating purple team exercises, launching mentorship programs, or gamifying security awareness, Roxey believes cybersecurity isn’t just about tools — it’s about people, purpose, and preparing before the full moon rises. They’ve spoken at BsidesNOLA and are known for their creative, interactive sessions that blend storytelling, threat models, and the occasional supernatural metaphor.

RJ Berry

RJ Berry has been the Director of the Financial Reporting Authority since August 2016. Prior to that he was Head of Compliance at the Cayman Islands Monetary Authority (CIMA) for 12 years, and also served as Deputy Head for 2 years. Mr. Berry also has 9 years of Private Banking and Investment Dealing experience, having worked for CIBC Bank & Trust Company (Cayman) Limited, Barclays Private Bank & Trust (Cayman) Limited and Bank Vontobel Cayman prior to joining CIMA. Mr. Berry has a sound working knowledge of the Financial Action Task Force’s 40 Recommendations and Methodology, and was extensively involved in the Jurisdiction’s 4th Round Mutual Evaluation by the Caribbean Financial Action Task Force. Mr. Berry has a Bachelor of Business Administration, and is a Certified Anti-Money Laundering Specialist. He also holds the Canadian Securities Certificate and Series 7 Equivalency. Mr. Berry was awarded the Officer of the Most Excellent Order of the British Empire (OBE) in 2024 for services to the UK Sanctions Regime and Global Financial Standards in the Cayman Islands.