Bsides Exeter 2026

Achim is a Professor in Computer Science (Chair in Cybersecurity) and Head of the Cybersecurity Group at the University of Exeter, UK.

He has over 20 years of professional experience in cyber security in
general, and, in particular, in research and development of safety
and security critical systems. In his work, he particularly focuses
on techniques, methods, and tools for ensuring the safety, security,
correctness, and trustworthiness of advanced systems.

His industry experience includes being a Security Architect and
Security Testing Strategist for SAP SE. In this role, he defined the
risk-based security testing strategy of SAP that combines static,
dynamic, and interactive security testing methods and integrates
them deeply into SAP's Secure Software Development Life Cycle.

He is supporting security initiatives and events in the South West,
building bridges between industry, academia, and the local
community. Amongst others, he is a member of the SWCSC Steering
Committee and the BSides Exeter Steering Committee.

Adam is a penetration tester with a background in software development. His work focuses on web application and infrastructure testing, amongst other testing. He is also a professionally registered cyber security practitioner.

Adrian Tiron is the Co-Founder and Principal Pentester/Red Teamer at FORTBRIDGE, bringing over 20 years of hands-on experience in cybersecurity. Throughout his career, Adrian has worked with top-tier companies across the UK, US, and Europe, helping them identify and remediate complex security issues across web applications, APIs, cloud environments, and internal networks. His expertise spans offensive security, red teaming, and adversary emulation. As an active security researcher and blog author, Adrian has discovered and responsibly disclosed multiple critical vulnerabilities in both open-source projects and commercial platforms. His research has been featured at multiple BSides conferences, and most recently at BlueHat IL, organized by Microsoft in Israel. Adrian is known for delivering highly technical, practical content drawn from real-world assessments, and is passionate about pushing the boundaries of modern application security.

Dr. Elmesiry is a principal security researcher with a Ph.D. in information security and assurance. He has extensive experience in R&D, having held academic and industrial positions in various countries on six continents. He has worked on projects related to cybersecurity, IoT, and machine learning, and has received several awards for his work, including six best paper awards at international conferences. Dr. Elmesiry holds industrial certifications in the fields of managing networked systems and offensive cybersecurity from top tech companies. Dr. Elmesiry has also contributed to the field through patents, books, book chapters, and research papers.

Alex is a security researcher at Foundry Zero.

Anton is a Fellow of the Chartered Institute of Information Security (CIISec) and a cybersecurity practitioner with 27+ years in threat intelligence, OSINT, and adversary profiling.

His approach is simple: Educate. Prepare. Test. Adapt. Repeat.

He believes strong security comes from creativity, critical thinking, and perseverance, not just tools.

A lifelong technologist, he focuses on practical, human-centred defence and community knowledge sharing.

Ashley Barker is a security and digital leader who bridges the worlds of security and technology, with over 10 years in cybersecurity and deep experience in digital delivery, products, and user-focused solutions. A passionate advocate for NIST CSF, OWASP, and SANS, he simplifies complex security challenges, building robust cloud and DevSecOps systems for global organisations. Staying hands-on, Ashley crafts practical solutions that secure critical systems while driving innovation, making him a go-to for turning chaotic projects into clear, effective outcomes.

hello! I'm a cyber-security apprentice, & keen breaker of things that probably shouldn't be broken. This is my first conference talk, born out of some obsessive Electron-app experimentation, and wondering "hold on, should that be open?"

Chijioke Okoye is a Security Analyst with hands-on experience supporting organisations to manage risk, protect data, and build trust into technology from the ground up. With a background spanning information security, governance, and AI-enabled systems, their work focuses on translating complex security concepts into practical, real-world solutions that developers and businesses can actually apply.

Chijioke has worked across compliance-driven and fast-moving environments, helping teams embed security, risk awareness, and responsible AI practices into everyday workflows. As a speaker, Chijioke brings a grounded, accessible approach to security, combining technical insight with real examples from building and securing modern digital systems.

Dumisani Masimini is a penetration tester and security consultant at Pentest People.

He is particularly interested in the human side of security, how technical findings are communicated, understood, and acted upon within organisations. His work explores the gap between exploitation and impact, helping translate complex vulnerabilities into clear, actionable risk.

Dumisani has contributed to community discussions through webinars and is building a body of work focused on improving how penetration testers communicate security risk.

George Chapman is a senior security consultant with a background spanning red teaming, incident response, penetration testing, and vulnerability research. A CVE-credited researcher (CVSS 9.8 Critical and 7.8 High), George's work bridges offensive and defensive disciplines, enabling him to deliver robust security evaluations and strategic guidance that help organisations identify weaknesses and improve their overall cyber resilience.

SOC Analyst at PureCyber Ltd. Before this, spent more than 10 years leading teams in business and NGOs, alongside work in digital marketing.

Harish Kumar currently a postgraduate student of Masters in Cyber security Management. After spending years in Helpdesk and IT Support, self studied his way into entering cybersecurity field. Spent two years as SOC analyst L1 and L2 roles. He mentors on the side and loves attending conferences.

TBD

Illyana Mullins is a neurodiverse leader, community builder, and the founder of the Women in Tech and Cyber Hub (WiTCH), a not-for-profit supporting women to enter, stay, and progress in cybersecurity and technology. She works on the human side of cyber from events and community to working closely with practitioners, leaders, and organisations to address the cultural and behavioural risks that tools alone cannot fix.

Keri is a working CISO in a professional services firm. He has had senior management roles in tech companies, implementers and managed service companies as well as having run his own business.
His security journey started in UK defence manufacturing in the late 1980s.. but has been a calling since the mid-1990s.
Keri spends a lot of his out of office time mentoring people through career transitions.

Laurie is a security strategy and risk practitioner who's work centres on ensuring cyber risk is relevant, proportionate, and clearly linked to organisational objectives, decision-making and value protection.

Creative by nature, Laurie brings visual thinking and clarity to complex security problems. She has a strong eye for detail but consistently focuses on the bigger picture, distilling key messages that resonate with both technical and non-technical stakeholders. She specialises in assessing cyber risk exposure in financial and operating terms, helping organisation prioritise defensive investments that genuinely reduce risk to the business.

Outside of work, Laurie lives on the North Devon coast and is a keen rower, so enjoys the balance that coastal life has to bring alongside working in the fast-paced industry of cyber.
As a UK STEM Ambassador. she dedicates time to support outreach activities and mentoring students who are considering careers in cyber security, helping to build the next generation of cyber professionals.

Former teacher, civil servant, actress, model, trying my hand at cyber :) (will think of something better later)

Matthew Lucas-Clarke has worked in an internal red team since 2024, previously honing his skills in pentesting and consulting. From then, he has delivered red teams, purple teams, and cyber-resilience exercises in a MacOS-heavy Zero Trust environment.

Matthew has previously presented as Matthew Lucas at SEC-T in Stockholm and BSides Cambridge (UK), talking about misconfigurations in Windows OpenSSH and has written blog posts about hacking Azure DevOps Pipelines.

OWASP Exeter Student Chapter Leader,
President of University of Exeter Cyber Security Society
Certified Junior Pentration Tester (eJPT) by INE
Certified in Cyber Secuirty (CC) ISC2

Cyber security researcher working in the crossroads of traditional cyber security and novel LLM developments for Fujitsu Research of Europe. I am here to present the work done by Ahmed M. Elmesiry, my colleague.

Paul Watts FCIIS CITP MBCS CISSP CISM has been in Information Security leadership for over twenty years of a thirty-plus years career in information technology. He has led and advised security teams across several industry sectors including financial services, retail, critical national infrastructure, food and beverage, data analytics and market research both in the UK and on the global stage. He speaks at national and international conferences and events, and has published numerous blogs, articles and papers on a range of cyber security topics. Outside of security, Paul is a non-executive director in the UK’s education sector.

Rakesh Elamaran is a passionate Security Engineer with a love for breaking things responsibly and apparently his dissertation doing the same to virtual cars. He holds an MSc in Cyber Security Engineering from the University of Warwick, is a Licensed Penetration Tester, and founder of Rootecstak, a cybersecurity community for the next generation of security professionals.

His current obsession is offensive security and red teaming, which probably explains why he enjoyed the attack simulation part of his dissertation a little too much.

BSides Exeter 2026 marks his first international conference talk and he is here to find out if anyone else wants to know what happens when you try to hack a car's brain.

Richard is an experienced cyber security engineer and researcher. Over a 20 year career he’s worked in both the public and private sector on vulnerability research, exploit development and security engineering across a wide range of platforms. Specialising in Linux and embedded device reverse engineering and analysis he is currently a Principal Software Engineer at Volexity Inc.

Victor van der Helm is an experienced offensive security professional. Since 2021, he has focused on Red Teaming with a specialisation in AiTM phishing, malware development, CI/CD pipelines and cloud infrastructure.

Has previously spoken at SteelCon in Sheffield about his research in automating malware development, with the goal of creating re-usable malware by protecting underlying techniques.

Viola Lykova is a senior software engineer and SRE focused on authentication reliability and security in production systems. She has delivered over 5 community talks across webinars and in-person events including Cypress, Community Stack AWS user group, Ministry of Testing London, and London DevSecOps, and she is scheduled to speak at IOActive Hack Soho in March 2026. She is an AWS Community Builder in the Security category and a Cypress Ambassador. Viola runs weekly hands-on open-source workshops building Snappycart with contributors and publishes educational software engineering and security content on YouTube.