Alexis Cao is a senior at Johns Hopkins University studying computer science. Her research interests include privacy and secure communication. She has volunteered at TraceLabs OSINT search party to find missing persons since 2021, and she has also volunteered at Physical Security Village, Red Team Village, and AppSec Village at DEFCON.

Allyn Stott is a senior staff engineer at Airbnb where he works on the InfoSec Technology Leadership team. He spends most of his time working on enterprise security, threat detection, and incident response. Allyn has presented at Black Hat, Kernelcon, The Diana Initiative, Blue Team Con, Swiss Cyber Storm, SecretCon, Texas Cyber Summit, and BSides around the world. In the late evenings, Allyn writes an exclusive security newsletter: meoward.co.

Andrew Schoka is a former U.S. Army Cyber Warfare Officer and is currently a graduate student at the University of Virginia. He served in a variety of offensive cyber operations assignments with the Election Security Group at U.S. Cyber Command, and later with U.S. Special Operations Command. Andrew holds a master's in cybersecurity from Georgia Tech and teaches a graduate cybersecurity course at the University of Virginia School of Engineering.

Bailey is a cybersecurity and political science student at Old Dominion University and a contributor to the WhiteRabbitNeo open-source project. She is passionate about cybersecurity education and is excited about the growing integration of AI into cybersecurity.

Breanne Boland is a product security engineer at Gusto. She's also done vendor security at Salesforce and spent time in the infra mines. Before that, she had a whole other career in online content, and she may never recover. When she's not encouraging engineers to do things a little differently than planned, she's writing speculative fiction novels, taking long walks around New York City, or saying hi to your pet on Zoom. She lives in Brooklyn, and you can find her @toxoplasmosis@mastodon.social

Dr. Catherine J. Ullman is the Principle Technology Architect, Security at the University at Buffalo. She is a contributor to O’Reilly’s 97 Things Every Information Professional Should Know, the author of Wiley’s The Active Defender, and has presented at many infosec/hacker conferences. In her (minimal) spare time, she enjoys visiting her adopted two-toed sloth Flash at the Buffalo Zoo, researching death and the dead, and learning more about hacking to make the world a more secure place.

Dan is a technical leader and developer currently working at the intersection of application security and generative AI to enable high-quality automated vulnerability remediation.

Jeff Man is a respected security advocate, advisor, hacker, evangelist, mentor, teacher, international keynoter, speaker, former host of Security & Compliance Weekly, co-host on Paul's Security Weekly, Tribe of Hackers contributor, and a member of the Cabal of the Curmudgeons.

Danny’s career has run the gamut of cyber security. From hands-on-keyboard to positions in leadership, he's been on the outside looking in and the inside looking out. The horrors persist on both sides, but so does he.

Darryl G. Baker is a security consultant at Trimarc Security, where he conducts in-depth security assessments against Active Directory and Entra ID. He is also the Principal Instructor for all Trimarc Attack and Defense courses. He has developed multiple tools and scripts,as well as written whitepapers on Active Directory security. When he is not presenting at conferences, he enjoys radio engineering. Find him on the 12m band!

Grey Fox is a U.S. military veteran with over 20 years of intelligence and cybersecurity experience, specializing in offensive cyberspace operations, digital network intelligence, and software defined radio instruction. He has presented at DEF CON and B-Sides, and has earned CISSP, GCTI, GPEN, GASF, GAWN, GMOB, CySA+, and CWNA.

Harry Coker was appointed by MD. Governor Wes Moore as Secretary of the Maryland Department of Commerce in January 2025. Prior to this appointment, Coker served as the United States National Cyber Director from 2023-2025, serving as principal advisor to the President of the United States on cybersecurity strategy and policy.

Coker is a graduate of the United States Naval Academy, the Naval Postgraduate School, and Georgetown University Law Center. After serving nearly 20 years as a naval officer, retiring in 2000 with the rank of commander, Coker joined the United States Central Intelligence Agency, spending 17 years in leadership posts in the agency’s Directorate for Digital Innovation and Directorate of Science and Technology. In addition, he served as the agency’s director of the Open Source Enterprise and deputy director of the CIA’s Office of Public Affairs. From 2017-2019, Coker served as executive director of the United States National Security Agency—the agency’s third-highest ranking post—and was responsible for supporting the strategic and day-to-day leadership of the NSA.

Coker’s distinguished service and leadership within the national intelligence community has earned him a number of awards, including the National Intelligence Distinguished Service Medal, the NSA Director’s Distinguished Service Medal, the Presidential Rank Award, and the CIA’s prestigious Don Cryer Award.

Jenko Hwong leads threat research and product at Widefield Security. He was formerly a Principal Threat Researcher at Netskope, speaks regularly at RSA and DEFCON, and helps with the Cloud VIllage CTF. He brings customer and product experiences from over 25 years in research, product management, and engineering at companies such as Cisco and TIBCO, as well as security startups in markets such as vulnerability scanning, anti-virus/anti-spam appliances, penetration-testing, threat intelligence, an

Jessica David is a Principal Data Engineer on the Security Intelligence Team at Elastic. With a background in software engineering and data warehousing, she brings her expertise to the security researchers & detection engineers around her by building data pipelines & services for processing first- and third-party threat intelligence.

Jim was doing systems administration & testing security boundaries before Microsoft Windows existed. He enjoys improving environments to create lonely places for adversaries, in-depth research, allowing curiosity to dig deep into security rabbit holes, and the great outdoors. At SpecterOps, Jim does security research with a focus on Microsoft Identity platforms and the ecosystems they support.

Resume Reviews - 1:00 - 2:15pm

Breakout Tabletop Discussions - 2:15-3pm
Room 1 - Interview Strategy Presented by John Stoner
Accomplished CISSP, PMP certified cybersecurity US Army veteran with an 25-year track record in USIC, public sector, and national security industry. Has 15* years of experience focused in cybersecurity with experience in CTI, CI, cyber maturity assessments, APT analysis, course development, and instruction. Passionate about helping others in INFOSEC and volunteers in the community and with several non-profits.

Room 2 - Reputational Impact on Career Hunt Presented by Jen Haverman
30+ years of collected experiences including cyber roles like sysadmin, ISSONSSM, pentester, red/white/blue/purple teamer, operations/incident response leader, adjunct faculty, and more. While she started in tech/cyber without degrees and certs, she is currently pursuing a cyber doctorate.

Resume Reviews - 3:00 - 5:00pm

Jonathan is an active-duty U.S. Marine Corps officer with over 20 years of combined experience in cybersecurity and software development. He has an extensive background in leading and conducting threat hunting, incident response, and vulnerability assessments. Additionally, Jonathan has experience designing and developing secure software solutions and working with cloud security technologies to address modern cybersecurity challenges.

Security Engineer at Amazon's Enterprise Protection Program and a GIAC Certified Security Professional with extensive experience leading security engineering and applied machine learning teams to deploy production-scale, near-real-time threat hunting models. Passionate about leveraging advanced technologies to solve complex cybersecurity challenges, with a proven track record in areas such as purple teaming and incident response.

A junior cybersecurity analyst, graduate of Auburn University, and GIAC certification holder with 3 years of professional experience. When I'm not asking you about your home network or cringing at bad password policies, I'm probably exploring the DMV or sitting on a beach somewhere.

Kenyan graduated from Bowie State University majoring in computer science in December 2023. He was an intern at Praxis Engineering and in both 2023 and 2024 and worked on projects in embedded environments, penetration testing, cloud-services, and more. Now Kenyan is working full time as a software engineer for Praxis

Keyur currently works with Walmart Global Tech as Lead Intrusion Analyst, and has keen interest in the safe use of AI systems. He is a mentor for future workforce on his webpage, www.topmate.io/kpr. Last year, SANS named him as a finalist in Rising Star Category of Difference Maker Awards 2024. He supports the infosec community by volunteering at local conferences, actively contributing to open source bodies (OWASP, Atomic Red Team, CoSAI), and as a panel member of Globee Cybersecurity Awards.

Liz, founder of Silver Key Strategies, brings 20 years of legal experience advising researchers and organizations on business, information security, risk, and privacy matters. She has led operations at threat research startups and served as Sr. Assistant City Attorney for Atlanta’s airport, aiding on its ransomware incident IR team. Liz also mentors and serves on non-profit and educational institution industry advisory boards.

Lorenzo brings over 27 years of extensive experience in Information Technology, with more than 12 years dedicated specifically to Information Security. His career has been marked by impactful roles, including serving as a Marine stationed at Fort Meade, where he specialized in Defensive Cyberspace Operations (DCO). During his tenure there, spanning over eight years, Lorenzo operated at all key levels—tactical, operational, and strategic—securing Department of Defense (DoD) infrastructure against malicious cyber threat actors.

Currently, Lorenzo serves as a Senior Cloud Solutions Architect specializing in Security at Microsoft. In this role, he collaborates closely with customers as a trusted advisor, providing guidance to help secure their hybrid digital estate. His deep understanding of cloud architectures and cybersecurity principles allows him to craft tailored solutions that address complex security challenges effectively. Lorenzo is particularly passionate about empowering organizations to safely navigate the evolving digital landscape, emphasizing proactive threat mitigation, robust security frameworks (e.g. Zero Trust), and comprehensive risk management strategies.

In his role as a Senior Director of Engineering and Research Solutions Architect, Lucas Tamagna-Darr leads the automation and engineering functions of Tenable Research. Luke started out at Tenable developing plugins for Nessus and Nessus Network Monitor. He subsequently went on to lead several different functions within Tenable Research and now leverages his experience to help surface better content and capabilities for customers across Tenable’s products.

Mackenzie is a security researcher and advocate with a passion for code security. He is the former CTO and founder of Conpago, where he learned firsthand the importance of building secure applications. Today, Mackenzie works for Aikido security to help developers and DevOps engineers build secure systems. He also shares his knowledge as a contributor to many technology publications like DarkReading, Financial Times, and Security Boulevard along with appearing as an expert in TV documentaries and

Mia graduated from Virginia Tech majoring in computer science in May 2024. She was a summer intern at Praxis Engineering in 2023 and 2024 and worked on projects in data science, machine learning, and reverse engineering. Now, Mia is working as a full time Software Engineer for Praxis.

Paul Navarro, a Marine Corps veteran and Cybersecurity Chief Architect at Microsoft, is one of Hawk’s core maintainers. He brings firsthand experience in Microsoft Cloud forensics and operationalizing security in cloud environments for customers. He has played a key role in shaping Hawk’s development with a focus on detecting high-risk activities across Microsoft cloud services for cloud customers who need a place to start from. Paul’s passionate about helping anyone who has an interest in security get into the workforce.

We’re a team of three—one a University of Maryland alum (Aakash Raman), one a current student studying there (Rachit Arora), and another from Carnegie Mellon University (Sai Sathvik Ruppa) —coming together for our first talk at BSidesCharm.

After attending as volunteers in February 2024, we decided to face our fears and tackle imposter syndrome by sharing what we've learned. Two of us have earned OSCP, while one of us naturally gravitates toward blue teaming. Combining our mindset and research

With 15 years of experience in Application Security, focusing on web, mobile, and APIs, I have developed deep expertise in identifying and mitigating vulnerabilities, particularly in alignment with the OWASP Top 10 for both web and mobile security. Throughout my career, I’ve gained hands-on experience addressing real-world security challenges and hold certifications such as OSWE, OSCP, and CISSP, which further validate my skills.

https://www.linkedin.com/in/sheshanandak/

Stryker is a cyber threat analyst at GEICO, where she translates technical research and qualitative intelligence into the "so what?" and "what now?" solutions that keep more people safe and secure. You can find her on LinkedIn, Mastodon, or in the Lonely Hackers Club (LHC) Telegram chat, where she once (in)famously ranted about how commercial gun safes do not make for secure off-site data storage options. Stryker lives in Baltimore, growing parsley for butterflies and algae for shrimp.

Tim Pappa is an Incident Response Engineer – Cyber Deception Strategy, Content Development, and Marketing, with Walmart Global Tech’s cyber deception team. Before Walmart, Tim was a Supervisory Special Agent and certified profiler with the FBI’s Behavioral Analysis Unit (BAU), specializing in online influence and cyber deception. Tim is also a Senior Behavioral Consultant with Analyst1 and a Strategy and Statecraft Fellow with the Center for Strategic and International Studies.

Tina is a seasoned Business Intelligence Manager with over 14 years of project management experience, specializing in bridging cybersecurity with business operations to drive meaningful business outcomes. With a focus on aligning business-focused security and risks with central security and risk functions, she excels at delivering solutions that balance technical precision and strategic business goals.

Veronica Merril earned a double major in architectural history and music from the University of Virginia. She is pursuing her JD degree at the same institution, rendering her a “super Hoo.” Through her work with Voterguard, she’s solved the age old question, “how many engineers does it take to write a clear report?” Answer: None— there’s always an editor involved.

Wes Sheppard is a Chief Information and Intelligence Officer, most recently at Canadian logistics start-up OrderGrid. Over the course of his (circuitous) career, Wes has been responsible for cyber-business risk, data privacy, cybersecurity law, cloud security, secure generative AI implementations, and infrastructure-level security. He has worked in various industries and around the world, including the United States, China, Japan, and the Netherlands. Wes is a regular contributor to BSides regional conferences, DEF CON, and ISC2.

Wil has worked in cybersecurity for more than 24 years. Most of that time working in consulting & managed security companies (MSP/MSSP/MDR), and value added resellers (VARs).
He’s lead most areas of the business from: pre-sales / solutioning, GTM, channel, innovation, service delivery, product management, service development, product marketing, and a C-Level strategist.
He has a broad skill set across most domains of cybersecurity. He is a partner & advisor to CISOs, CIOs & CEOs.