BSides Tallinn 2025

Allar Lauk is a Cybersecurity Engineer on the Product Security team at Bolt. Passionate about securing digital products, he focuses on integrating proactive security throughout the development lifecycle to protect Bolt's global users and diverse services.

I'm paid to tell you that the fancy AI lock on your bathroom window won't help if your front door is wide open.

Aram is the founder and the CEO of Codific. With over 15 years of application security experience, he has a proven track record in building complex software systems by explicitly focusing on quality.

Aram has a PhD in cybersecurity from DistriNet KU Leuven. His contributions to the refinement and streamlining of the LINDDUN privacy engineering methodology have been incorporated into ISO and NIST standards.

Aram is also a core contributor to the OWASP SAMM project.

Giorgi is a Senior Penetration Tester at NEVERHACK Estonia specializing in web and mobile application security. He is experienced in uncovering complex vulnerabilities through manual testing and advanced logic flaw exploitation. Giorgi conducts ethical social engineering engagements to identify and improve human-related security weaknesses. He also brings a practical, business-aware approach to offensive security, helping teams turn findings into real improvements. On top of everything he is a creator of Security Summit CTF Challenge.

Currently information security manager at Opera browser company.

Previously various roles in MS/Skype, Telco, software development. Usually does random things what are needed so never have I had a clear role definition.

Hendrik Noben is the co-founder of Resilix, focusing on cyber incident management and practical security assessments that lead to strategic guidance. As trusted advisor, provinding a pragmatic and people-aware approach to modern security challenges. Hendrik brings a hands-on background as a penetration tester and security architect. He is also the (co-)founder of BSides Limburg, a community-driven security event in Belgium.

Jarkko Kinnunen is a Security Solution Engineer at Microsoft and Co-Founder of KuoSec. A passionate advocate for the Blue Team, he specializes in developing continuous security services and enhancing SOC operations. By day, he advises companies and partners on designing and implementing solutions built on Microsoft security technologies. After working hours, he loves helping the community to do stuff...

Karl Ots breaks and secures cloud stuff for a living — and has been doing it since back when ‘cloud security’ meant locking the server room door. By day, he’s Head of Cloud Security at EPAM Systems, wrangling enterprise-scale chaos across industries and continents.

He’s written books (most recently Securing Microsoft Azure OpenAI), dropped a bunch of cloud security courses on LinkedIn Learning, and collected more acronyms than a compliance checklist (RD, MVP, CISSP, CCSP, SABSA SCF — yeah, it’s a problem).

Karl’s no stranger to the stage — he’s spoken at BSides SF, Microsoft Build, T2, Gartner Security & Risk, InfoSec World, and more. If it involves cloud, misconfigs, or weird edge cases, he’s probably got a story.

I like to play around with the web and browsers for fun. Sometimes I find bugs. 9 CVEs in Chrome.
https://lyra.horse/blog/

If you are reading this, you probably get paid to build or protect stuff. Mait does the opposite — but has somehow avoided handcuffs so far.

I'm a lawyer specializing in EU and US data protection law, with a modest side-interest in intellectual property laws, IT and programming.

LinkedIn: https://www.linkedin.com/in/margot-arnus/

Maria is a Security Engineer at Cybernetica AS. Combining both theoretical knowledge and hands-on experience she applies a practical and forward-looking approach to securing digital environments. Her professional focus is rooted in continuous learning, collaboration, and a genuine enthusiasm for making the digital world safe for everyone.

Marko has worked for over 20 years in IT and cybersecurity across companies, public sector, and as a consultant to many industries. Most recently, he has shaped and operated TIBER-FI and other cyber resilience initiatives at the Bank of Finland.

Markus Einarsson is a Security Architect and Incident Response Lead at Sectra in Sweden, where he secures cloud-hosted environments for healthcare customers worldwide. With over a decade of experience in cybersecurity, Markus specializes in incident response, digital forensics and security architecture.

As part of the Sectra Hunt and Incident Response Team, he has extensive hands-on experience with forensic workflows and modern DFIR toolchains. Markus holds multiple GIAC certifications including GEIR, GCDA, GCFE, GCFA, GRID, GNFA, GCIA and GCIH. He is passionate about scalable incident response methodologies and advancing open-source forensic tools.

Marvin is a seasoned consultant and security architect. He has a strong passion for helping nordic and baltic organizations succeed in their cybersecurity programs. He has led many projects in both the private and public sectors, architecting and building Security Operations and Intelligence capabilities; unifying tools, processes, and people. Prior to joining Elastic, Marvin worked as a security consultant at IBM and was the primary SME for QRadar in the nordics and baltics.

In addition to his work with clients, Marvin frequently speaks at conferences, summits, and meetups on the latest security topics, making him a dedicated security evangelist. He holds a masters in Computer Science & Engineering from Chalmers University of Technology in Sweden, and is a very proactive member of ISC2, among other security bodies.

I've seen things you people wouldn't believe. I have also made mistakes you people wouldn't believe - which is fine, as I have also seen mistakes you, people, make. You wouldn't believe...

Stella Goldman is Co-founder and Privacy Expert at Damus and Lead Legal Counsel – Privacy & Product at Veriff. She is International Association of Privacy Professionals accredited Certified Information Privacy Manager (CIPM) and a member of Estonian Bar Association (currently inactive due to in-house position).

Stella is a trusted cross-functional partner to product, information security and business teams, translating complex legal requirements into compliant, actionable and scalable business-enabling solutions.

https://www.linkedin.com/in/stella-raudsepp/

I am a cyber architect and incident responder by trade, chaos manager by necessity, and coffee addict by choice. Based in Belgium, he’s one of the co-founders of Resilix, where I help organizations stay cool during digital fires — from ransomware to insider threats and everything in between.

Over the years, I have seen my fair share of breaches, panic rooms, and “uh-oh” moments. I thrive in high-pressure situations where quick thinking, clear communication, and just a touch of black humor go a long way. Whether it’s containing an active attack or helping a team rebuild after the dust settles, I am all about turning messes into meaningful lessons.

well seasoned Cyber Security Analyst with over 20+ years of experience in the IT industry.
Specialises in network forensics, malware analysis and in incident handling.
Work blends hands-on technical analysis with emphasis on critical thinking and laziness being also passionate about secure software practices. Likes to pet dogs and other domestic animals.