Research Director , CyCraft @ Taiwan
Chung-Kuan Chen is currently a senior researcher in Cycraft, and responses for organizing their research team. He earned his PHD degree of Computer Science and Engineering from National Chiao-Tung University (NCTU). His research focuses on network attack and defense, machine learning, software vulnerability, malware and program analysis. He tries to utilize machine learning to assist malware analysis and vulnerability discovery, and build automatic attack and defense systems. He has published several academic journal and conference papers, and has involved in many large research projects from digital forensic, incident response and malware analysis. He also dedicates to security education. Founding of NCTU hacker research clubs, he trains students to participate world-class security contests, and has experience of participating DEFCON CTF (2016 in HITCON Team and 2018 as coach in BFS team). Besides, he has presented technical presentations in non-academic technique conferences, such as HITCON, RootCon, CodeBlue OpenTalk, FIRST and VXCON. As an active member in Taiwan security community, he is in the review committee of HITCON conference, and ex-chief of CHROOT - the top private hacker group in Taiwan. He organized BambooFox Team to join some bug bounty projects and discover some CVEs in COTS software and several vulnerabilities in campus websites.
- Mentor of the KITRI BoB
- Interested on Browser bug hunting & exploitation and mobile security
Enno is a long time infosec practitioner, both in the offense and the defense space. Being an expert in protocol analysis he gave a few talks at HITB events himself, and he's always happy to look at interesting security research.
VP Product Security, Zimperium, Inc.
Nikias Bassen has been into reverse engineering for more than a decade. The breakthrough was back in 2011 when he joined the Chronic-Dev team to work on the iOS 5 + 5.1 jailbreaks. Ongoing research was focusing mostly on iOS, and in early 2013 he became part of the famous @evad3rs who released the evasi0n and evasi0n7 jailbreaks for iOS 6 and 7. He joined Zimperium zLabs back in 2015 to continue his efforts in security research and reverse engineering targeting iOS. Back in 2018, he joined the mobile device virtualization company Corellium as VP of Platform & Security to focus on providing the next-generation platform for security research and mobile development. Since 2019, Nikias is back at Zimperium zLabs as VP of Product Security to handle research and implementation of next-generation threat detections on iOS. As part of the checkra1n development team, he found his way back to his roots, working on the greatest jailbreak of the past decade: checkra1n.
Software Security Specialist, Major Cloud Service Provider
Boris is a software security specialist specializing in security software development, threat modeling, defensive coding, security testing, code obfuscation, steganography, as well as rootkit research. Currently Boris is working in a major cloud service provider, where he joined from one of the world’s leading US financial services institutes. He is also the OWASP HK chapter lead, core member of VXCON, organizer of DEFCON village, BlackHat Arsenal, and OpenSSF meetup group of Linux Foundation. Boris regularly speaks in cybersecurity conferences. He holds 3 US patents, 2 bachelor degrees and 2 master degrees. Boris is an enthusiast in aviation and he holds a private pilot license. During his free time, he is probably spending his time flying while not hacking.
Chief Technology Officer, Opposing Force
CEO, Net Square
Saumil is the founder and CEO of Net Square, providing cutting edge information security services to clients worldwide. Saumil is an internationally recognized conference speaker and instructor for over 19 years. He is also the co-developer of the wildly successful "Exploit Laboratory" courses and authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".
Saumil holds an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time playing Pacman, flying kites, traveling around the world and taking pictures.
Security Engineer, Google
Chi-en Shen (Ashley) is a security engineer at Google Threat Analysis Group, where she focuses on threat intelligence research. She specializes in threat hunting, malware analysis, reverse engineering, and targeted attack analysis. Prior to Google, Ashley worked as a senior security researcher at FireEye. Ashley is also the co-founder of Team T5, where she served as a senior analyst for 4 years. For supporting women in InfoSec, Ashley co-founded “HITCON GIRLS” – the first security community for women in Taiwan. She is also a regular speaker at international security conferences, including Black Hat, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCON, Confidence, RESET…etc. Beside Black Hat Asia, Ashley also serves in the review board of Blue Hat Shanghai and Hack in the Box conferences.
Co-Founder, Crash Override
Mark Curphey is the co-founder and Chief Marketing Officer at Crash Override, a venture backed security startup founded in 2022. Curphey is a well known security expert, author, and public speaker. He has more than 25 years of experience in the security and software development fields holding executive leadership, technical leadership and community advocacy roles.
Prior to Crash Override he was the co-founder and CPO/CTO of Open Raven, a data classification company, founder and CEO of SourceClear (acquired by Veracode in 2018) the first pure play security software composition analysis company and led the MSDN subscription team at Microsoft.
In 2002 he founded the Open Web Application Security Project, the de facto online community dedicated to improving software security. He has Masters Degree in Information Security from Royal Holloway and Bedford New College, University of London. Mark lives in the UK.
VP Engineering & Security Research, Palo Alto Networks
Formerly VP Engineering @ Palo Alto Networks, CTO @ Cyvera (acquired by PANW), CTO @ First Group, CTO @ HeXponent (acquired by First Group) and head of security research for Intel SW Security Organization.
One of the founders of the SW security organization, led SGX (aka Secure Enclave) security (incl BIOS Guard, Boot Guard and others) and worked on PIN dynamic binary instrumentation engine. At PAN (and Cyvera) I headed the endpoint product line and was involved in the creation of PAN centralized cloud and ML. At HeXponent I developed techniques for network analysis using side-channel information. At First Group I worked on key security, custody services, algo-trading, cryptocurrency security. Current startup still in stealth.
Peter blasty Geissler
Peter “blasty” Geissler is an independent security researcher from the Netherlands. He’s well known for facilitating code execution on various game console platforms, writing exploits for various popular software packages and being a founding member of the Eindbazen CTF team as well as an organizer for the HITBAMS CTF event!
Founder and Chairperson, VXRL / VXCON
+ Recently, I dive into browser exploitation and fuzzing.
+ For daily job, on red team and blue team mission, penetration test, incident response, SOC, and malware analysis work for customers
+ PhD, Computer Science @ HKUST for fun but not an academia, research interest: bug hunting/malware analysis/machine learning
+ Blackhat Asia CFP reviewer and Best of the Best (BoB) overseas mentor
Google Scholar: https://scholar.google.com.hk/citations?user=YcjzoFkAAAAJ&hl=en
Technical Research Lead, Trend Micro
Dr. Marco Balduzzi is a team leader & principal researcher in computer & network security. Marco holds a Ph.D. in applied security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo. His interests concern all aspects of computer security, with particular emphasis on real problems that affect systems and networks.
Marco has been involved in IT security since 2002 with international experiences in both industry and academia. With previous experience as security consultant and engineer, he is now a technical research lead at Trend Micro.
With over 50 talks in major security events he is considered a veteran speaker. His work has been published in the proceedings of top peer-reviewed conferences like NDSS, RAID and ACSAC, and featured by distinguished media like Forbes, The Register, Slashdot, InfoWorld, DarkReading, BBC and CNN. He now sits in the review board of conferences, including HITB, OWASP, eCrime, DIMVA and IEEE journals.
Senior, Ernst & Young
Matteo is a Senior at Ernst&Young focusing on Cloud Security and Penetration Testing. In the past he worked on technical research projects involving FPGAs, wireless networks and NFC systems, presented at different conferences around the world, e.g., DEFCON, BlackHat Arsenal, Hack In The Box, CCC.
He holds a double-degree M.Sc in Micro and Nanotechnologies for Integrated Systems agreed upon EPFL Lausanne, Politecnico di Torino and INP Grenoble, a double M.Sc degree at Politecnico di Milano in Electronic Engineering thanks to Alta Scuola Politecnica, and a B.Sc in Electronic Engineering from Politecnico di Torino.
Piano player in the free time, globetrotter whenever possible, with love for chess, card magic, and strategy games.
Hikohiro Y LIN
Managing Director, PwC Consulting LLC
Mr. Hikohiro Y Lin had been in charge of Product Security at Panasonic headquarters for over 15 years. He led several projects, including devising and deploying security test methods and risk assessments for IoT devices, formulating product security standard rules and guidelines, building a global product security system, formulating head office product security strategies, establishing Panasonic Cyber Security Lab for future cybersecurity research and product-focused security incident responses team, etc. He had served as Head of Panasonic PSIRT, Head of Product Security at Panasonic Global, and Director of Panasonic Cyber Security Laboratory. Also, He has received (ISC)² ISLA(Information Security Leadership Achievement)APAC Senior Information Security Professional 2018 Showcased Honoree and Community Service Star. He speaks in many international conferences such as Black Hat, CODE BLUE, Kaspersky Security Analyst Summit (SAS),HITCON and Government invited roundtable Panelist. Mr. Hikohiro Y Lin is currently appointed Managing Director of Digital Trust at PwC Consulting LLC
Security Researcher, DEVCORE @ Taiwan
An-Jie Yang(Angelboy) is a security researcher of DEVCORE and a member of CHROOT security group from Taiwan. He is a vulnerability researcher focusing on binary related security. He participated in a lot of CTF, such as HITB,DEFCON,Boston key party and won 2nd in DEFCON CTF 25/27 with HITCON CTF Team. In the past two years, he has pwned several products in Pwn2Own Mobile. He is also a speaker at conferences such as HITCON, CodeBlue, VXCON, AVTokyo, HITB GSEC.
Researcher, Hardware Ninja
Captain Kelvin (a.k.a. Forensics and Hardware Ninja) is an independent security researcher. He is specialist in hardware analysis and digital forensics. He focus on the drone security and forensics researches. He was the first and the only one Asian who leaded a group of white-hat hackers to held an in-depth, hands-on drone and hardware hacking village in BLACK HAT and DEFCON. He was also a frequent speaker and trainer in different top-notch security and forensics conferences including SANS, HTCIA, DFRWS, HITB, SINCON and HITCON.
Senior Security Researcher, Trenchant
Tarjei Mandt (@kernelpool) is a senior security researcher at Trenchant (formerly Azimuth Security) with more than 10 years of experience researching iOS and macOS device security. He holds a Master’s degree in Information Security from NTNU Gjovik and has spoken at security conferences such as Black Hat, CanSecWest, Hack in the Box, INFILTRATE, RECon, and SyScan. In his free time, he enjoys spending countless hours challenging security mechanisms and researching intricate issues in low-level system components. Previously, Tarjei has discovered several vulnerabilities in both Windows and macOS/iOS operating systems, as well as performed extensive research and analysis on the Secure Enclave Processor and its operating system, SEPOS.
Researcher, 9Hack Labs