Black Hat Asia

Regional Review Board

Please press or click a member's name for more information.

Sudhanshu Chauhan

Director and Co-Founder

RedHunt Labs

Sudhanshu Chauhan is a passionate entrepreneur and Co-Founder/Director of RedHunt Labs, a company specializing in Attack Surface Management (ASM). With extensive experience in security consulting and training, he has previously served as Associate Director at NotSoSecure. Sudhanshu has developed RedHunt OS and is a core contributor to DataSploit. He has also co-authored 'Hacking Web Intelligence', a book on OSINT and web reconnaissance, and is a speaker and trainer who has presented at various conferences such as Ground Zero Summit, CyberHackathon Bar-Ilan University, and Black Hat Arsenal.

In addition to his work at RedHunt Labs, Sudhanshu co-founded Recon Village, which operates at DEF CON. Sudhanshu continues to contribute to the industry through his innovations and expertise.


Dr. Magda Lilia Chelly

Co-Founder & Senior Cybersecurity Expert

Responsible Cyber

Dr. Magda Lilia Chelly is an award-winning global cybersecurity leader. She has been named one of the top 20 most influential cybersecurity personalities in 2017 and 2021 by ISFEC Global.

Magda has authored two books, with a third being written and planned to be published in 2022. The first book is called "Being Brave; Vera's Cyber Adventures." The book combines cybersecurity with science fiction and romance, intending to raise cyber awareness to the general public. The two other books address cybersecurity challenges and recommendations for c-executives.

Magda's many appearances discussing cybersecurity on national and international TV, Radio, and News Magazines have raised her profile as the media's go-to expert on subjects requiring accurate yet straightforward insights on cybersecurity topics. Magda appeared in a popular documentary on Channel News Asia, "The Dark Web," where she provides insights on cybercrimes. She, later on, was featured in other TV shows, including VTV 1 News; the first Vietnamese channel of VTV launched on 7 September 1970. Dr. Magda was the guest on Task Force 7 Radio. She gave interviews, including Prime Time on MoneyFM 89.3. In 2020 and 2021, she was featured in the distributed version of the Dark Web Documentary on Canal Plus and ZDFInfo.

Magda also hosted cybersecurity events worldwide, including the first Catch the Flag competition for girls in Singapore in collaboration with the Cybersecurity Agency of Singapore in 2019. Currently, she is working on its fourth edition.

In her career, Magda wore several hats. She has been an Information Security Officer for multiple organizations, including multinational insurance corporations. She developed businesses in the cyber advisory space. Furthermore, with years of experience in cybersecurity and providing services worldwide, Magda co-founded a cybersecurity start-up in Singapore valued at 7 Million SGD in 2020. She is also an angel investor in the cybersecurity space and beyond.

Magda is a popular keynote speaker. She delivers engaging presentations worldwide in five languages: English, French, Polish, Italian, and Arabic for corporate events, practitioner, and academic conferences. Known for her ability to engage audiences ranging from senior executives to ethical hackers and the general public, she brings energy, enthusiasm, and fun to cybersecurity.

Her speaking engagements address mainly topics on cyber risk quantification, bridging the gap between business and cybersecurity, cyber awareness, diversity and inclusion in the cybersecurity industry, and cybersecurity investments and entrepreneurship. Magda's research focused on cybersecurity, the future of localization and positioning, education, and more. Her research writings around cybersecurity have been featured by IEEE, RSA Conference, World Congress on Internet Security (WorldCIS-2016), CYBER RISK LEADERS Magazine.

Magda's international experience, technical knowledge, and multi-cultural background have equipped her with unique insights. She is known for her clear communication style and for making cybersecurity accessible to all.


Shanna Daly

Principal Consultant

Cosive

Shanna Daly has over 20 years’ experience across the information security industry. Shanna’s expertise has been called upon during countless data breach investigations, giving her an in-depth understanding of the security implementations that work, and the ones that don’t. Shanna continues to share her knowledge with the industry and has built and managed consulting teams of industry experts responding to all types of intrusions and breaches. Her experience across a wide range of information security domains gives her a unique perspective and a “think outside the box” attitude to securing organisations.


Mika Devonshire

Security & Compliance Specialist

Google Cloud

Mika Devonshire advises security go to market strategies for Google. She specialized in response and forensic investigations after spending her first career decade building or implementing controls, IAM apps, offensive capabilities, and loss ratio algorithms for insurance. Prior to Google, Mika served as Director of Strategic Development for the APAC based DFIR firm, Blackpanda, and was the founding responder in Hong Kong.

Mika holds a Masters in Digital Forensics from George Washington University, a Bachelors in Comparative Literature from Princeton University, a CISSP and GCFA among other certifications. She regularly engages with the infosec community as a speaker or speaker coach, and loves working with those seeking to pivot from non-technical fields. She is a guest lecturer at Northwestern Pritzker School of Law and a willing mentor.


Ryan Flores

Senior Manager, Forward-Looking Threat Research team

APAC

Currently, the senior manager of the Forward-Looking Threat Research team in APAC, Ryan Flores has had more than 15 years of experience in antivirus and IT security under his belt. He has held various positions in Trend Micro, starting as an antivirus engineer in charge of malware analysis, detection, and removal. He was heavily involved in malware sourcing and honeypot development and deployment as a member of Trend Micro Incident Response Team. His current position requires him to research on botnets, cybercrime and underground activities, as well as emerging technologies.


Lidia Giuliano

Security Architect

Lidia Giuliano has been involved in the information security field for over 20 years working in the financial, defence, retail and health care sector. Lidia has an extensive background in security with a key focus on defensive and cloud security. She enjoys ensuring security is involved in every stage of an initiative and BAU lifecycle, finding new and repeatable ways of doing things, and solving complex problems. She holds a BAppSci (CS), MAppSci (IT), various security and cloud certifications, has spoken internationally and nationally and been published in various media.

She is involved as an active review board member for various conferences internationally and locally, involved in speaker coaching program for Black Hat USA and BSides Melbourne, AWSN mentoring program and enjoys being part of the InfoSec community to help others.


Seunghun Han

Security Researcher

Affiliated Institute of ETRI

Seunghun Han is a security researcher at the Affiliated Institute of ETRI. Seunghun focuses on hardware root of trust, firmware, hypervisor, and kernel security, so he has made his own hypervisor and contributed various patches to the Linux kernel and TPM-based security software. He has also contributed to Debian Linux as a Debian Maintainer.

Seunghun was a speaker and an author at USENIX Security, Black Hat USA/Asia/Europe, HITBSecConf, BlueHat Shanghai, VXCon, TyphoonCon, KimchiCon, and more. He also authored two books about building 64bit OS from scratch, 64-bit multi-core OS principles and structure volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN-13: 978-8979148374).


Vincenzo Iozzo

CEO

SlashID

Vincenzo Iozzo is the CEO and Co-founder of SlashID. Vincenzo was previously Founder & CEO of IperLane (acquired by CrowdStrike), co-authored the “iOS Hacker’s Handbook” (Wiley) and presented the winning attacks against Firefox, iOS and Blackberry OS at Pwn2Own (2010-2012).


Monnappa K A

Principal Security Researcher

Monnappa K A is a Security professional with over 15 years of experience in incident response and investigation. He previously worked for Microsoft & Cisco as a threat hunter, mainly focusing on threat hunting, investigation, and research of advanced cyber attacks. He is the author of the best-selling book "Learning Malware Analysis."He is the review board member for Black Hat Asia, Black Hat USA, and Black Hat Europe. He is the creator of the Limon Linux sandbox and the winner of the Volatility plugin contest 2016. He co-founded the cybersecurity research community "Cysinfo". He has conducted training sessions on malware analysis, reverse engineering, and memory forensics at Black Hat, BruCON, HITB, FIRST (Forum of Incident Response and Security Teams), SEC-T, OPCDE, and 4SICS-SCADA/ICS cybersecurity summit. He has presented at various security conferences, including Black Hat, FIRST, SEC-T, 4SICS-SCADA/ICS summit, DSCI, National Cyber Defence Summit, and Cysinfo meetings on various topics related to memory forensics, malware analysis, reverse engineering, and rootkit analysis. He has also authored various articles in eForensics and Hakin9 magazines. You can find some of his contributions to the community on his YouTube channel, and you can read his blog posts at cysinfo.com


Vitaly Kamluk

Principal Security Researcher

Kaspersky Lab

Vitaly Kamluk is Principal Security Researcher at Kaspersky Lab, focusing on target attack investigation, malware analysis, and broader security research. He spent two years with INTERPOL in Singapore specializing in malware reverse engineering, digital forensics and cybercrime investigation.

Vitaly has presented at numerous security conferences including Black Hat, DEF CON, Hitcon, BSides, PHDays, Ruxcon, SAS, etc. He is a trainer in Yara hunting, Advanced malware reversing and Digital forensics. He is also the author of open-source project Bitscout for remote system analysis.


Seungjoo Kim

Professor, Graduate School of Information Security

Korea University

Seungjoo (Gabriel) Kim is a professor of Graduate School of Information Security in Korea University from 2011 and his research areas focus on SDL, security engineering, cryptography and blockchain.

For the past seven years, he was an associate professor of Sungkyunkwan University and has five years of back ground of team leader of Cryptographic Technology Team and also IT Security Evaluation Team of KISA(Korea Internet & Security Agency).

In addition to being a professor, he is positioning a head of SANE(Security Analysis aNd Evaluation) Lab, an adviser of hacking club 'CyKor', a founder/advisory director of an international security & hacking conference 'SECUINSIDE'. His numerous professional focus on a presidential committee member on the 4th industrial revolution and an advisory committee member of several public and private organizations such as NIS(National Intelligence Service), Ministry of National Defense, Ministry of Justice, Supreme Prosecutors' Office, Korea National Police Agency, Nuclear Safety and Security Commission, etc. He also taught at the Korea Military Academy. www.KimLab.net


Marina Krotofil

Cyber Security Product Owner

Maersk

Marina Krotofil is a cyber security professional with over a decade of hands-on experience in securing Industrial Control Systems (ICS) and Industrial Internet of Things (IIoT). She managed and executed diverse technical projects around the world across a variety of industrial domains. She is also an experienced Red/Blue Teamer who researched numerous novel attack vectors, exploitation techniques, designed novel defence methods and led complex incident responses. Marina frequently collaborates with international organizations on the topics of critical infrastructure security, she is also a regular speaker at the leading conference stages worldwide and is a frequent reviewer of academic manuscripts and grant proposals. At Black Hat Marina leads Cyber-Physical Systems track. Marina holds MSc. in Telecommunications, MSc. in Information and Communication Systems and an MBA in Technology Management.


Anthony Cheuk Tung Lai

Founder

VXRL (Valkyrie-X Security Research Group)

Anthony Cheuk Tung Lai works at VX Research Limited on malware investigation, incident response, and offensive security testing. He began hacking after playing Chroot wargame and Beist CTF, reading 2600, and China hacker magazines. He has spent the last 20 years working in the risk and security areas of MNCs in the financial industry.

Anthony is a hobbyist bug hunter and creator of CTF challenges who hacks for fun and belief. In addition to VXCON, which he founded and chairs, he also spoke at Black Hat, DEFCON, Secuinside, AVTokyo, Hack In the Box, HITCON, and DFRWS.

He earned his doctorate from HKUST, where he also worked in the cybersecurity lab and focused on malware and vulnerability research. His credentials additionally include SANS GREM (Gold), GXPN, GCIH, and Offsec OSEE.


SeungJin Lee

Graduate Student at SANE LAB

Korea University

Beist has been a member of the IT security field since 2000. His first company was Cyber Research based in Seoul, South Korea and first focused on pen-testing. He then got a Computer Engineering B.A. degree from Sejong University. He has won more than 10 CTF hacking contests in his country as well as passed DefConquals 5 times. He has run numerous security conferences and hacking contests such as SECUINSIDE and CODEGATE in Korea. Also, he has given talks at BLACKHAT Las Vegas, SYSCAN, CANSECWEST, AVTOKYO, HITCON, SECUINSIDE, EDSC, and TROOPERS. Hunting bugs and exploiting them are his main interests. He was one of GRAYHASH company founders now acquired by LINE which is a leading messenger company in Asia. He is CISO of LINE Plus.


Ty Miller

Managing Director

Threat Intelligence Pty Ltd

Ty Miller is the Managing Director of Threat Intelligence Pty Ltd (www.threatintelligence.com) who are specialists in the area of security automation, penetration testing, digital forensics and incident response, cyber threat intelligence, and specialist security consulting. Ty is the visionary around the Evolve Security Automation Cloud.

Ty is on the Black Hat Asia Review Board and is a long-term trainer for Black Hat, having run training with Black Hat for over a decade across Black Hat USA, Black Hat DC and Black Hat Europe. These training courses include "The Shellcode Lab", "Practical Threat Intelligence" and "Automating Security with Open Source". Ty has also presented multiple times at Black Hat on "Reverse DNS Tunnelling Shellcode" and "The Active Directory Botnet".

He also trained at Hack In The Box, and presented multiple times at "Ruxcon" where he demonstrated his cutting edge attack technique to force your web browser to exploit internal servers from the Internet. Ty also developed the Core Impact Pro covert DNS Channel for Core Security and is a co-author of "Hacking Exposed Linux 3rd Edition".

Ty is on the CREST ANZ Board of Directors and led the CREST ANZ Technical Team. Ty's experience not only covers security automation and advanced hacking techniques, but also expands into traditional and cloud security architecture designs, developing and running industry benchmark accreditations, performing forensic investigations, as well as creating and executing a range of specialist security training.


Shubham Mittal

Co-Founder

RedHunt Labs

Shubham Mittal is Co-Founder at RedHunt Labs and is a techie at heart. He is the former CTO at Neotas where he led the research and development of their products and services. He is the co-founder of Recon Village, an OSINT focused mini-con at DEFCON. Shubham is also co-author of OSINT Framework DataSploit.

Shubham is a trainer at BlackHat, where he delivers his flagship training 'Tactical OSINT for Pentesters'. He has trained and presented to various government organizations, security companies and security conferences like BlackHat, DEFCON, HackMiami, Nullcon, etc.

Shubham has extensive experience in Offensive as well as Defensive security, Open Source Intelligence and Perimeter Security. He is also an active participant at Null - Open Security Community.

He works from the command line, uses vi and loves beer.


Asuka Nakajima

Security Research Engineer

Elastic

Asuka Nakajima is a cyber security researcher and engineer based in Tokyo, Japan. With over a decade of experience in computer security, her expertise includes software security, reverse engineering, and cyber security research and development. She has presented at numerous security conferences and events, such as Black Hat USA/Europe/Asia Briefings, AsiaCCS, ROOTCON, AIS3, and PHDays, and serves on the Review Board for Black Hat USA and Asia.

In addition, Asuka is the founder and leader of CTF for GIRLS, the first infosec community for women in Japan, and also the author of the bestselling book "Cyber Attack" (Bluebacks, 2018). Currently, she works as a security research engineer at Elastic Security, focusing on endpoint security R&D.


Ben Nassi

Cyber Security Specialist

Cornell Tech

Dr. Ben Nassi is a cyber security specialist and a frequent conference speaker.

Ben holds more than 10 years of experience in cyber security as an independent consultant, a former Google employee, and a former project manager at the innovation labs of cyber @ BGU. He advised multinational automotive manufacturing corporations, advanced driver assistance systems manufacturers, multinational information and communications corporation and conglomerates, IoT and drones manufacturers, and more.

Ben presented his works at Black Hat (USA 20, Asia 21, Asia 22), DEFCON (18, 21), RSA Conference (20, 21), SecTor (20, 21), CodeBlue (20), AI Week (22), and CyberTech (20).

His works were covered by Forbes, Wall Street Journal, Mirror UK, Wired, ArsTechnica, MIT Technology Review, MotherBoard, Bloomberg, ZDNet, and more.


Dr. Pamela O'Shea

Director

Shea Security

Dr. Pamela O'Shea is the head of Shea Information Security which provides security consulting, training and penetration testing services to some of Australia's most prominent tech companies. Pamela has a Ph.D. in computer science and has presented at security conferences including Black Hat Asia, BSides Canberra and OWASP. She has lectured at the Royal Melbourne Institute of Technology (RMIT) and is the founder of the haXX group which provides technical classroom training and mentorship to women starting out in the security field. Outside of consulting, teaching and research, Pamela enjoys HAM radio and satellite communications and runs the Melbourne CyberSpectrum meetup on Software Defined Radio (SDR).


Nguyen Anh Quynh

Researcher

Nanyang Technological University

Dr. Nguyen Anh Quynh is doing research in Nanyang Technological University, focusing on several cybersecurity areas such as malware, binary analysis and vulnerability finding. He frequently travels around the world to present at top industrial and academic conferences. As a passionate coder, he is happy that some of his works, such as Unicorn, Capstone and Keystone engines are widely used and cited in the security community, paying the way for various next-generation products, research and development.


Ashley Shen

Security Engineer

Google Threat Analysis Group

Chi-en Shen (Ashley) is an information security technical leader at Cisco Talos. She specialises in researching emerging threats, including nation-state targeted attacks, financially motivated crimes, spyware, and exploits carried out by mercenaries. Previously, she worked as a security engineer at Google Threat Analysis Group, where she focused on zero-day exploit hunting and tracking botnets. Prior to that, she was a member of the Mandiant Global Research Team, where she tracked APT groups in APAC and contributed to the development of the Threat Intelligence platform used by researchers. Passionate about supporting women in InfoSec, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan. Additionally, she serves as an organiser for Rhacklette, a security community for FINTA in Switzerland. Ashley has shared her research as a speaker at conferences such as Black Hat, Hack in the Box, HITCON, FIRST, CODE BLUE, Troopers, Confidence, RESET, and others. In her free time, she enjoys supporting the community by giving training and serving in the review boards of Black Hat, HITCON and HITB.


Anant Shrivastava

Founder

Cyfinoid Research

Anant Shrivastava is the founder of Cyfinoid Research. He has experience in Security (both offense and defense), Development, and Operations. He has a rich history of engagement with renowned conferences as both a trainer and a speaker, including Black Hat (USA, Asia, EU), Nullcon, and c0c0n, among others. Anant leads open-source projects, notably the Tamer Platform and CodeVigilant, and curates the Hacking Archives of India. When not engaged in official work, Anant contributes to open communities with a shared goal of spreading information security knowledge, such as the null community, Garage4Hackers, hasgeek, and OWASP. social.anantshri.info/@anant


Orange Tsai

Principal Security Researcher

DEVCORE

Cheng-Da Tsai, aka Orange Tsai, is the principal security researcher of DEVCORE and the core member of CHROOT security group in Taiwan. He is also the champion and the "Master of Pwn" title holder in Pwn2Own 2021/2022. In addition, Orange has spoken at several top conferences such as Black Hat USA/ASIA, DEF CON, HITCON, HITB GSEC/AMS, CODE BLUE, POC, and WooYun!

Currently, Orange is a 0day researcher focusing on web/application security. His research got not only the Pwnie Awards for "Best Server-Side Bug" winner of 2019/2021 but also 1st place in "Top 10 Web Hacking Techniques" of 2017/2018. Orange also enjoys bug bounties in his free time. He is enthusiastic about the RCE bugs and uncovered RCEs in numerous vendors such as Twitter, Facebook, Uber, Apple, GitHub, Amazon, etc. You can find him on Twitter @orange_8361 and blog blog.orange.tw


Vandana Verma

Global Board of Directors

OWASP Foundation

Vandana Verma is a seasoned security professional. She is a seasoned speaker / Trainer and presented at various public events ranging from Global OWASP AppSec events to Black Hat events to regional events like BSides events in India.

She is part of the OWASP Global board of directors. She also works in various communities towards diversity initiatives InfosecGirls, WoSec and null. Vandana is a member of the Black Hat Asia and Europe Review Boards as well as multiple other conferences including Grace Hopper India, OWASP AppSec USA to name a few.

She has been the recipient of multiple prestigious awards like Cyber Security Leader of the Year Award 2023 by BSides, the Resilient CISO award by Dynamic CISO, Cyber Security Woman of the Year Award 2020 by Cyber Sec Awards, Application Security Influencer 2020 by Whitesource, Global cybersecurity influencer among IFSEC Global's "Top Influencers in Security and Fire" Category for 2019, Cybersecurity Women of the year award by Women Cyberjutsu Society in the Category "Secure Coder". She has also been listed as one of the top women leaders in this field of technology and cybersecurity in India by Instasafe.


Neil R. Wyler (a.k.a. Grifter)

Global Lead of Active Threat Assessments

IBM-X Force

Neil R. Wyler (a.k.a. Grifter) is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently with IBM-X Force as Global Lead of Active Threat Assessments. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 15 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. Neil is a member of the DEF CON CFP Review Board and Black Hat Training Review Board.


Fyodor Yarochkin

Senior Threat Researcher

Trend Micro Research

Fyodor Yarochkin is a senior threat researcher at Trend Micro Research and holds a PhD from EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a "happy" programmer, Fyodor made Taiwan his second home and been in the region for nearly two decades.Fyodor professional experience includes several years as a threat investigator and over eight years as a information security analyst responding to network security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at several conferences regionally and globally.


Stefano Zanero

Professor, Dipartimento di Elettronica, Informazione e Bioingegneria

Politecnico di Milano

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently a professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching "Computer Security" and "Digital Forensics and Cybercrime" at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 100 scientific papers and books. He is a Senior Member of the IEEE and of the Computer Society, which has named him a Distinguished Visitor and Distinguished Contributor; he is a lifetime senior member of the ACM, which has named him a Distinguished Speaker; and has been named a Fellow of the ISSA (Information System Security Association). Stefano also co-founded Secure Network, a leading cybersecurity assessment firm, and BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.