Director of the Trans Tech Tent and Sr. CIRT Analyst, fixing what other people broke for [REDACTED] years!

  • Trans Tech Tent - (Talks begin at 10 am) Click for Schedule of talks
Alana Witten


I'm a security enthusiast with a background in web hacking and VDPs, and an interest in OSINT investigations and threat intelligence. My CV looks like a bad game of scrabble with the amount of letters I've picked up from working with various organisations and completing certs.

I've read thousands of bug reports and write synopses and other security topics in the forms of blogs (https://medium.com/@nynan) and I write bash one liners and regexes so horrific that HP Lovecraft couldn't dream of on twitter (https://twitter.com/_nynan).

  • Fangxiao, a Chinese phishing threat actor
Ayo Rotibi
  • Extending the capabilities of Dependency Modelling for Risk Identification in an ICS environment
Ceri Coburn

After a 20 career within the software development space I was looking for a new challenge and moved into pen testing back in 2019. During that time I have created and contributed to several open source offensive tools such as Rubeus, BOFNET and SweetPotato and on the odd occasion contributed to projects on the defensive side too.

  • Needles Without the Thread: Threadless Process Injection
Craig Jones, Clare Johnson + Stuart Criddle
  • Lunch - Click for Menu
  • Opening Speech
  • Closing Speech
  • Lunch - Click for Menu
Cristian Cornea
  • OSEP | OSWE | OSCP | CEH | CPTC | PenTest+ | eWPT | ECIH | CREST
  • Founder of Zerotak Security | Co-Founder of Cyber Union
  • Providing pentesting & security consultation for clients all over the world: Australia, U.S., U.K., Middle East, Singapore, India, Central Africa, Europe.
  • Trainer for U.S. Department of Defense, Slovenian National Bureau of Investigation, Polish Military CERT
  • Speaker @ Defcamp, HEK.SI, RST Con, HackTheZone, Unbreakable
  • EC-Council Certified Ethical Hacker (CEH) Scheme Committee Member
  • InfoSec Writer on Medium
  • Bypassing Anti-Virus using BadUSB
Darren Kingsnorth

Darren runs the Threat Intelligence function at Admiral Group. Having previously worked as a tester of pens his alumni includes ECSC, NCC Group, CGI and Symantec, he routinely combines defensive and adversarial capabilities to ensure attackers don't win.

  • IOC What You Mean
David Lodge

Is too boring for a biography.

  • Introduction to GEOINT
Emily Dennison

Emily is a CTI analyst at Cyjax and a student. In her spare time she can be found tinkering with all kinds of electronics and 3D printers, or buried in a book. She tweets from @nyxilar.

  • Fangxiao, a Chinese phishing threat actor
James (0xJay)

I am James, I am 16. I work in Cyber Security as a Junior Security Analyst and an Offensive Web Application Trainer for HackTheBox. I have a background in Offensive Hacking/Penetration Testing. I started at a young age and went down the wrong path where I was investigated and arrested by the National Crime Agency/Federal Bureau of Investigation. I am eJPT Certified and thanked by various companies for reporting vulnerabilities.

  • Hacking to defend: How we hacked into a Polar Orbit Satellite and managed to get a full system compromise
James Stevenson

I’m a Software Engineer and Security Researcher, with a background of over five years in the computer security industry. These days I’m working at an offensive security start-up, as well as working on a range of other side projects.

  • Mastering Android Application Reverse Engineering
Joe Gardiner

Joe Gardiner is a Lecturer in Cyber Physical Systems Security in Bristol Cyber Security Group, the University of Bristol. His primary area of research is the security of industrial control systems.

  • ICS Village (Opens at 9.45)
John Shier

John Shier is a Senior Research Scientist at Sophos. John is a popular presenter at security events, and is well-known for the clarity of his advice, even on the most complex security topics. He has researched everything from costly ransomware to illicit dark web activity, uncovering insights needed to strengthen cybersecurity defenses.

John is often consulted by press, and has been quoted in publications like Reuters, WIRED, The Register, Fortune, CNN, The Hill, Fast Co, Yahoo, and more. He’s also a frequent speaker at industry events like RSA Conference, Infosec, GITEX, BSides and more.

  • Keynote Speech
Josh Allman

My name is Josh, I am 23. I currently work as a Threat Operations Analyst for @HuntressLabs where I am able to defend against a variety of attacks and put Defensive/Forensics techniques into practice.
Lover of all things including IoT, Offensive Sec, Threat intelligence and more.

  • Hacking to defend: How we hacked into a Polar Orbit Satellite and managed to get a full system compromise
Josh Hopkins

Now leading the internal S2 research team, Josh has been an analyst with Team Cymru for the past six years. Specialising in the tracking of infrastructure for a diverse target set that includes both nation state and criminal threat actors. Josh has an extensive background in law enforcement and national security investigations.

  • Bohemian IcedID - Queen of Loaders
Luke Jones

Blue security person with interests from DFIR to Infrastructure as Code, with a current focus on building cool solutions for various security challenges.

  • Vulnerability Management Sucks.
Maha Alotaibi1
  • Developing cybersecurity curriculum for secondary school
Mark Goodwin

Mark is a software developer turned security specialist and has worked in Application Security for almost 20 years.

  • Robots for Complete Beginners
Mathias Frank

Mathias is a Senior Incident Response Consultant at Mandiant and delivers emergency response services for clients facing security breaches. He specialises in providing enterprise-scale incident response operations for sophisticated network intrusions.
Mathias has led organisations and government bodies in responding to breaches by highly sophisticated adversaries such as nation-state sponsored espionage actors and cyber criminals aiming to extort or ransom victim organisations.

  • When diplomats send Beacon - A retrospective view of APT29 malicious phishing campaigns
Matt Wixey

Matt Wixey is a Principal Technical Editor and Senior Threat Researcher at Sophos. He is a former penetration tester, and previously led cybersecurity R&D capabilities at both PwC UK and a specialist unit in the Metropolitan Police Service, digging into emerging attack vectors, vulnerabilities, and new technologies. Matt has spoken at national and international conferences, including Black Hat USA, DEF CON, ISF Annual Congress, BSides LDN, 44con, and BruCon.

  • Let that think in: Thought experiments and their application to cyber security
Othmane Belarbi
  • A Review of Intrusion Detection Systems in Large-scale IoT Systems: Challenges, Approaches, and Needs
Phil Eveleigh

Phil is a professional penetration tester working in the UK.. He has been a pen tester for the past four years and has completed numerous engagements across different sectors for all sizes of clients. He has written dozens of blogs covering different areas of testing, including: introductions to hardware hacking; threat modelling; owning a company through admin password reuse; and an investigating into an anti-5G USB key which caught the attention of the mainstream media. Phil was also co-speaker at DEF CONs Aviation Village discussing hacking legacy in-flight entertainment systems in retired 747s.

Phil has completed several social engineering jobs: breaking into buildings both big and small, well protected, and not so much. Forever wondering “what is behind that door” has somehow turned into a job, and a quizzical mind combined with quick thinking has allowed him to bypass some brilliant security measures and gain access into some very interesting areas.

  • The Office of Danger: A Choose Your Own adventure story!
Rick Jennings

Dr Rick Jennings is an acclaimed expert in the field of false identities and credential claims, and has been researching in the field for over a decade. Among other works, he is the author of the recognised authoritative text on the subject 'When You're Not You: Identity and Credential Falsification Through the Ages' and has presented keynotes at a number of globally renowned events.

  • Verify, then Trust
Rob Peace

Rob is a final year PhD student in psychology at the university of Bath. He is part of the centre for doctoral training in trust, identity, security, and privacy in large scale infrastructures (a collaboration between the universities of Bath and Bristol). His research focuses on gaining further understanding of how trust is exploited online (including open-source software attacks, mis/disinformation, and how to increase trust in honeypots).

  • Why critical thinking is not the answer to misinformation
Thibault Seret

Thibault Seret is a researcher on the Team Cymru Research Team. He is
currently focusing on crimeware and APT analysis and research, reverse engineering
and threat intelligence, and trying to fight against bad guys. Before joining Team
Cymru, he worked as a Threat Researcher in McAfee’s ATR team, as cybercrime
analyst in a banking institution with the mission to improve the digital forensics
department, and as a CERT analyst at an IT services company where he tried to save
the world with his teammate. He participates a lot in the security community and
CTF competitions and is a teacher for the new generation of cyber defenders. For
the Alliance!

  • Bohemian IcedID - Queen of Loaders
Tony Gee

For 15 years, Tony's job has been either trying to break technology or defend it from attack. This he has done everywhere from banks to mass transport systems. He specialises in open source intelligence and recon, providing intelligence and understanding, helping clients understand their exposure and providing insight and recon for red and purple teams. He also speaks the world over at technology and cybersecurity events about how anything from children's toys to cars, planes and ships can be hacked. He has spoken at PCI events in Europe and Asia, at the ISC2 Congress, ISACA CSX Europe, SANS Awareness Conference, WIRED Smarter, technical conferences such as 44Con and BSides. Most notably, he has spoken to US Congress and the European Central Bank about how the underlying digital theories and systems which modern life relies on, are vulnerable to attack.

  • Getting In: Initial Access in 2023
  • Introduction to GEOINT
Vangelis Stykas

Vangelis is a developer as well as Senior Penetration Tester. His research is mainly in API and web application security.

His academic research is focused on machine learning and the development of proactive web application security.

During his free time Vangelis helps start-ups secure themselves on the internet and get a leg-up on security.

During the past years he has published research regarding API control functions for ships, smart locks, IP cameras, EV chargers and many other IoT devices.

  • Electryone: In the land with no sun
Victoria Marcinkiewicz

Victoria is 2nd year PhD student based in the School of Psychology, Cardiff University and is part of the Doctoral Training Program (DTP) in Cyber Security Analytics. Her main research focus is on how self-driving cars would be blamed and trusted (or not) in the event of a cyber attack, and how the initial loss of trust in such technology could be countered by the human-machine interface (HMI).
Victoria studied Criminology as an undergraduate at the University of Lincoln and went on to complete her Masters in Criminology and Social Research – Cyber Crime and Cyber Security at the University of Surrey. Around her studies, Victoria supports a related research project and has represented this team at international conferences and workshops. Victoria is also an established Cyber Security and Information Assurance Consultant.

  • Trust & Blame in Self-Driving Cars Following a Cyber Attack