Bsides Cymru 2024

2008-2015 ITSec: IAM, Project Coordinator, Third Party Auditing, Sec Mgmt Lead for Architecture Project
2015- now Cyber: SOC Tech Lead / T2, SOC Manager, CSIRT T3, Senior SOC Eng, Threat Response Lead, Advanced Threat Operations Lead
Prior Certs: CISSP, CEH, CISA, CISM, CRISC, ISO27001LA, GCFA(508), GREM(610), CAPM(project management), CDP(devsecops), CCSE(container sec), CTMP(threat modeling), AOWD, TDI-CD(Cavern diver 🤿)

A passionate tech-driven professional, with over 15 years in technology and specialising in vulnerability management after working in industry I now help businesses with their security frameworks within a leading global company.

Ceri currently works at Pen Test Partners as a Red Team operator and offensive tooling developer. He has contributed and authored several offensive and defensive tools that have been released to the community. He has presented talks at DEF CON and BSides and is looking forward to be returning to talk at his home event, BSides Cymru.

TBC

Daniel Cannon is a seasoned cybersecurity professional with over a decade of experience specializing in penetration testing and technical assurance. Throughout his career, Dan has collaborated with diverse public and private sector entities, providing invaluable security assessments and strategic advice.

Hani is a highly skilled Purple Team consultant with a background in system administration and a deep
passion for teaching and educating the cybersecurity community. With over 7 years of experience in
the field, Hani possesses a comprehensive understanding of computer systems and networks,
specializing in Linux, Windows, and networking technologies.

Beyond his professional endeavors, Hani is dedicated to sharing his knowledge and empowering
others in the cybersecurity community. He actively engages in teaching and educating aspiring
cybersecurity professionals through workshops, webinars, and community events. Hani's ability to
explain complex concepts in a clear and concise manner has made him a highly sought-after speaker
and mentor.

Harry graduated from the University of Warwick in 2019 with a history degree, before working for PwC in the Ethical Hacking team from March 2020 until November 2023. He now works as a Cyber Security Consultant for Stripe OLT.

Hugo is a Red Team Operator & Developer at Pen Test Partners.

Ilkin Javadov, a globally recognized ethical hacker is known for ethically hacking numerous companies and government websites worldwide. Ilkin Javadov also hacked some federal entities(German Armed Forces and Ministry of Defence UK - Awarded Medal of honor).
Check My Linkedin : https://www.linkedin.com/in/ilkin-javadov-630491166/

Illyana Mullins is the founder of the Women in Tech and Cyber Hub (WiTCH), a not for profit that focuses on supporting women in and who are looking to join cyber security and technology. She has a passion for innovation, community, and EDI and is a champion for Neurodiversity. She also is the director of BSides Cheltenham.

James is a software engineer and security researcher, with a background of over six years in the computer security industry - with a primary focus in vulnerability research.

Joe is a Lecturer in Cyber Physical Systems security at the University of Bristol. His work focusses on the security of Industrial Control Systems.

Jon is Deputy Director of Commercial Research at NCC Group, a cyber security consultancy and services company headquartered in Manchester, UK. His role involves managing cyber security research for NCC Group's customers globally, across technologies and sectors, and delivered by technical experts from across the company.

Jon's technical background is in the design and integration of secure networked systems with experience across telecommunications, enterprise and military communications networks, vehicle platforms and key management systems.

Matt Wixey is a threat researcher. He is a former penetration tester, and previously led cybersecurity R&D capabilities at both a professional services firm and a law enforcement unit, digging into emerging attack vectors, vulnerabilities, and new technologies. Matt has spoken at national and international conferences, including Black Hat USA, DEF CON, ISF Annual Congress, 44con, and BruCon.

Max is a practicing Red Teamer who has quickly risen through the ranks to Head of Adversarial Simulation, just three years after getting into cyber from a non-technical, self-taught background. Formerly an English Teacher and Linguist, he has weaponised his communication skills to great effect whilst social engineering on Red Team engagements. Max now has years of experience working in fast-paced offensive security consultancies, and currently leads a highly technical team of consultants who are at the forefront of cloud Red Teaming. His zero-day vulnerabilities in Microsoft Teams and IBM Backup Products have made headline news around the world. Max is a CHECK Team Leader, and was one of the first in the UK to have received the professional entitlement (Principal Cyber Security Professional) from the UK Cyber Security Council.

Indonesian student, studying for a better future.

Oishee is a researcher in science technology and innovation (STI) policy, with a focus on the role of government demand in technology development.

Pete G is a Principal Cyber Security Engineer heading up a Security Engineering practice for one of the largest and most famous transport networks in the world.

For over 16 years, Pete has navigated the ever-evolving IT and cybersecurity landscape. His journey has taken him through the darkest corners of the cyberworld, from chasing ransomware operators through labyrinthine networks to resurrecting Active Directory from the ashes of malicious attacks. From crafting brand-new infrastructures from the ground up to unraveling complex fraud schemes, he has done most things.

A passionate advocate for knowledge sharing and community building, you can often find him at BSides conferences, where he's not just an attendee but a source of inspiration for budding cybersecurity enthusiasts. He's also the creator and guardian of the "Cyber Railway," a live interactive hackable railway CTF/War Game. It's a playground where aspiring hackers can sharpen their skills.

Known for his dad jokes, loyalty and entertainment on the decks and off he's a good egg.

Information Security profession with numerous years experience with physical securty pentesting. Whilst a competant lockpicker still always trying to improve skills.

Rob is a psychologist at the University of Bath and part of the centre for doctoral training in Trust, Identity, Privacy, and Security (at scale). He has a general interest in the human factors of cybersecurity and digital behaviour. His specific research focuses on how individuals' trust in digital information is exploited (from OSS attacks, to phishing, to disinformation) when making decisions over the trustworthiness of information that they are unable to verify.

A cybersecurity professional with only two years experience, imposter syndrome is a weekly bi-product of having changed careers midlife. Every day is a school day, now looking to tackle the inner fraud that takes so many in the community and share what I have learnt.

Samuel is a SOC Team Manager at Ontinue, where he leads a team of Analysts providing MDR service for Ontinue’s customers. Samuel has 6 years of experience working in different Security Operation Centres as Analyst and Engineer. He loves all things related to SOC with main interests in SecOps, Threat Hunting and DFIR.

I work in the adversary simulation team at JUMPSEC. Having been offensive security for a number of years, these days I am passionate in exploring and researching latest techniques and paradigms in cloud red teaming, a relatively nascent field in our industry.
In my free time I listen to math rock and play the guitar.

For 15 years, Tony's job has been either trying to break technology or defend it from attack. This he has done everywhere from banks to mass transport systems. He specialises in open source intelligence and social engineering, providing intelligence and understanding, helping clients understand their exposure and providing insight and access for red and purple teams. He also speaks the world over at technology and cybersecurity events about how anything from children's toys to cars, planes and ships can be hacked. He has spoken at PCI events in Europe and Asia, at the ISC2 Congress, ISACA CSX Europe, SANS Awareness Conference, WIRED Smarter, technical conferences such as 44Con and BSides. Most notably, he has spoken to US Congress and the European Central Bank about how the underlying digital theories and systems which modern life relies on, are vulnerable to attack.

I am currently in the third year of my PhD program at Cardiff University, specialising in Cybersecurity. My research focuses on Machine Learning threat detection for resource-constrained devices, aiming to secure the rapidly expanding Internet of Things (IoT) landscape.

In addition to my academic pursuits, I am an active ham radio operator with the callsign 5B4ANU. This hobby allows me to connect with a global community of enthusiasts and reflects my passion for technology and communication.

I am also deeply committed to the open-source community. I have contributed to various projects, not only through code but also by translating project documentation. This has allowed me to help break down language barriers and make these projects accessible to a wider audience.

Victoria is a 3rd year PhD student based in the School of Psychology and is part of the Doctoral Training Program (DTP) in Cyber Security Analytics.

Victoria studied Criminology as an undergraduate at the University of Lincoln and went on to complete her Masters in Criminology and Social Research – Cyber Crime and Cyber Security at the University of Surrey.

Victoria’s research focusses on how self-driving cars would be blamed and trusted (or not) in the event of a cyber attack using methods from both applied and experimental psychology. Victoria is also examining how the initial loss of trust in such technology could be countered by human-computer interactions with the human-machine interface and wider vehicle design.

Around her studies, Victoria has worked as a Research Assistant; spoken at international conferences, workshops and symposiums and is also an established Cyber Security and Information Assurance Consultant.

Wayne discovered the world of scambaiting in 2005 and has since become deeply involved with both baiting and helping those who have been scammed. In 2012 he created scamsurvivors.com alongside a group of likeminded people. He has appeared in the media worldwide, on such programs in the UK as Crimewatch, Victoria Derbyshire, Scam Interceptors and The Kyle Files as well as both BBC and ITV news.

Zayne is a Computer Science student at the University of Cambridge. He is an avid security researcher and CTF player. He holds industry certificates such as the OSWE and OSCP, and has previously worked in TikTok's security team. In his free time, he hunts for bugs on the HackerOne platform, and plays CTFs with Blue Water, one of the top global CTF teams.