The speaker’s profile picture
An Gaiser

An Gaiser is a Forensic Behavioral expert, Investigative Interviewer and Author of “Verborgen Signalen" ("Hidden Signals"). Her GIN-method: a practice-based framework combining behavioral analysis, interactional awareness, and non-verbal intelligence.

With over 23 years of experience, she served with the Probation service, as well as the Dutch General Intelligence and Security Service (AIVD), and worked in forensic compliance at KPMG. She now trains, coaches and consults global security and compliance teams in high-stakes communication, resistance handling, and strategic interviewing.

An’s work bridges psychological insight with operational clarity, helping professionals stay cognitively sharp under pressure and decode what others miss, even before a word is spoken.

  • Flooding the Zone: Emotional Hijack, AI Bias & Critical Thinking in Cybersecurity
The speaker’s profile picture
Annelies Verhelst

While studying ICT back in the day, Annelies discovered early on that ICT is not accessible for many (if not most) people. Even though after that she didn't go into hardcore IT, she always kept connecting to the tech industry in various ways, for example by having a blog about consumer tech. Since 2018, she has been diving into accessibility and what this means for businesses and the people who make the digital world. She has been spreading awareness and sharing insights and tools in several podcasts, webinars, (international) events and more for a few years now. Annelies is an accessibility expert at Accessibility Desk/Digitaal Toegankelijk in Utrecht, The Netherlands.

  • The Value of Digital Accessibility and Inclusivity in Cybersecurity
The speaker’s profile picture
Daan Keuper

Daan Keuper is the head of security research at Computest Security. This division is responsible for advanced security research on commonly used systems and environments.

Daan participated five times in the internationally known Pwn2Own competition by demonstrating zero-day attacks against the iPhone, Zoom and multiple ICS applications. In addition Daan did research on internet connected cars, in which several vulnerabilities were found in cars from the Volkswagen Group.

  • From WAN to NAS: A Pwn2Own Journey Through the SOHO Attack Surface
The speaker’s profile picture
Didier Stevens

Didier Stevens (SANS ISC Senior Handler) is a Senior Analyst working at NVISO. Didier has developed and published more than 100 open-source tools mostly for malware analysis, several of them popular in the security community. You can find his open source security tools on his IT security related blog https://blog.DidierStevens.com

  • Analyzing Cobalt Strike Beacons, Servers and Traffic
The speaker’s profile picture
Dr Nestori Syynimaa

Dr Nestori Syynimaa is a Principal Identity Security Researcher at Microsoft Threat Intelligence Center. He has over a decade of experience with the security of Microsoft cloud services and is known as the creator of the AADInternals toolkit. Before joining Microsoft in early 2024, Dr Syynimaa worked as a researcher, CIO, consultant, trainer, and university lecturer for over 20 years.

Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat USA, Europe, and Asia, Def Con, RSA Conference, and TROOPERS.

  • (Deep-)dive to Entra ID Token Theft Protection
The speaker’s profile picture
Ellen Mok

Ellen Mok is the founder of De Digitale Doetank, a mission-driven consultancy focused on digital sovereignty. As a former employee of the Dutch General Intelligence and Security Service (AIVD), specializing in cyber threats from China and Russia, she brings expertise to the table on the use and abuse of technology in our society. Ellen operates at the intersection of technology and politics, two key pillars of digital sovereignty.

  • Locknote: Digital Sovereignty
The speaker’s profile picture
Frank Cozijnsen

Frank Cozijnsen is a seasoned ethical hacker at KPN, the leading telecommunications provider in the Netherlands, where he has worked for over 25 years. Previously, he held roles as a VoIP engineer and system administrator within the same organization.

Frank likes to focus on assessing mobile networking equipment and telecom infrastructure, with a particular interest in binary exploitation and hacking complex environments. He likes to play CTF's and has discovered vulnerabilities in several products using custom fuzzing techniques.

  • Calling Across the Fence: Exploiting Roaming Protocols from the Telco Next Door
The speaker’s profile picture
Jorge Martínez

Mission Critical Security Engineer at Schuberg Philis

Trying to stay 100% human, mistakes and all. I'm passionate about engineering, understanding how things work and just learning about the amazing world that surrounds us. Born and raised in Guatemala, where I studied Computer Science, went directly into security as a pentester. Switched to the blue team on my journey to the Netherlands. I'm a big fan of programming, reading and spending time with my wife and kids.

  • Deep Dive into Container Security
The speaker’s profile picture
Juriaan Spierenburg

Juriaan is a senior threat analyst at the Cyber Threat Intelligence team within the NCSC

  • Inside NCSC’s CTI Team: Tracking Threat Actors Targeting the Netherlands
The speaker’s profile picture
Marco Balduzzi

Marco Balduzzi is a principal researcher and team leader in computer and network security, currently serving as technical research lead at Trend Micro. With a Ph.D. in system security from Télécom ParisTech and an M.Sc. in computer engineering from the University of Bergamo, he brings over two decades of international experience in both academia and industry. His work focuses on real-world security issues including web security, malware detection, cybercrime, online privacy, and threats to industrial control systems.

  • Keynote: Geeks to Giants: The Journey from Hacking Subculture to Modern Cybersecurity
The speaker’s profile picture
Nikos Mantas

I’ve always admired those that said “You will not have to work for the rest of your life if you make money from your hobby”. Especially if it meant a true “impact that matters” for people and networks, so my goal was to become one of the best incident responders out there. While it was fun to study and play with my friends in “Aggressive Cake” (a fitting name for a CTF team) in an effort to break into the cybersecurity industry, it soon became apparent that reality is far from the innocent dream of doing what you love.

4 years forward, and really started wondering, if it would be better to become a fisherman. After all, the sea tides are less harsh than the life of a responder. Working overtimes to get the thrill of catching the bad guys was not worthy. Sometimes I pray that AI takes this job (and auditing) away. Thankfully my remaining soul shards and weekends were saved by switching to purple teaming. I now craft detections and research cloud security within FalconForce. I like petting stray dogs and watching sunsets.

  • AWS Enumeration for Purple Teams
The speaker’s profile picture
OrangeCon Orga

🍊

  • Closing
  • Opening
The speaker’s profile picture
Quentin Roland

Quentin Roland is a 28-year-old pentester working for a bit more than 3 years for Synacktiv, a French firm dedicated to offensive information security.

He enjoys working on Active Directory, releasing open-source exploitation tools or enhancing existing tooling. He worked on known, trendy Active Directory exploitation primitives as well as on more obscure research topics.

  • Old Tricks, New Depths: Exploring the Hidden Relaying Capabilities of Local Name Resolution Poisoning
The speaker’s profile picture
Riadh Bouchahoua

An offensive security engineer with experience in penetration testing and tool development, with a background in web development.

  • Silent Infiltration: Chromium Preference Attacks
The speaker’s profile picture
Roald Nefs

As a Chief Technolog Officer at Warpnet, Roald uses his acquired skills daily within a variety of context related to cybersecurity. He understands both IT security and IT compliance. Bridging between teams, organizations and people is one of his key skills. He has made several contributions to open source. Roald enjoys tinkering with electronics, hardware hacking and software development.

  • Hands-on Hacking Automotive Systems
The speaker’s profile picture
Robin Bruynseels

I'm Robin Bruynseels, 26 years old cyber passionate. Besides enjoying sports and time with family and friends, I'm working in cybersec. Next up, i'll describe my current roles.

My day-to-day role is in our Security Operations Center (SOC), where I coordinate part of the team, assist in decision-making, and support deeper analysis of alerts and investigations. I also focus on optimizing processes and procedures to ensure the SOC runs efficiently.

In addition to my SOC responsibilities, I work closely with the sales team as a technical pre-sales. Together, we design and deliver tailored cybersecurity solutions that meet our customers' needs.

As co-chairman of the Cyber Security Coalition's CIDR (Cyber Incident Detection and Response) focus group in Belgium, I help facilitate meetings and foster collaboration within the community. My goal is to contribute to shared knowledge and advance cybersecurity practices.

  • The Fairytale of KPI's in the World of MDR
The speaker’s profile picture
Roy Reinders

Roy is a Red Team Operator with a background in software engineering, infrastructure and
network security. At Northwave he leads adversary simulation exercises for customers with
complex organizations and/or IT infrastructures, as well as TIBER and ART exercises. His
experience in incident response and threat intelligence give Roy the ability to put himself in the
shoes of any advanced attacker to penetrate environments and simulate realistic attacks, with the goal of helping organizations understand and defend against their biggest risks.

  • Talk Nerdy To Me: Orchestrating Red Team Operations in Natural Language
The speaker’s profile picture
Ruben Homs

My name is Ruben Homs, and I’m an ethical hacker at Warpnet specializing in social engineering and offensive cybersecurity techniques. I’ve spent over a decade in the tech industry, starting as a software engineer and later transitioning into systems engineering at a VoIP company, where I developed a deep understanding of network and systems architecture.

I’ve always been fascinated by the offensive side of cybersecurity. Over the years, I’ve sharpened my skills in exploiting both human and technical vulnerabilities. My expertise in social engineering allows me to design and execute campaigns that challenge the boundaries of security, helping organizations better understand and prepare for evolving threats.

  • Not Just Email: Rethinking Phishing in a Hardened World
The speaker’s profile picture
Sebastiaan Groot

Sebastiaan is an Ethical Hacker at KPN with an interest in binary analysis and exploitation, system security and breaking programs in general. Before that, he worked as an incident responder and forensic analyst at KPN-CERT. Whenever opportunity arises, he can be found at CTF events.

  • Calling Across the Fence: Exploiting Roaming Protocols from the Telco Next Door
The speaker’s profile picture
Talha Ucar

Talha is a Cyber Threat Intelligence Specialist at the National Cyber Security Centre Netherlands (NCSC-NL), where he plays a role in safeguarding the nation's critical and vital infrastructure. Prior to his current position, Talha gained extensive experience at Fox-IT, a leading cybersecurity firm known for its advanced threat detection and response capabilities. At NCSC-NL, he focuses on detecting and mitigating risks posed by nation-state actors, leveraging his experience in threat analysis and strategic defense. Furthermore, he works closely with the National Detection Network to enhance the resilience of the Dutch government against cyber threats.

  • Inside NCSC’s CTI Team: Tracking Threat Actors Targeting the Netherlands
The speaker’s profile picture
Tijme Gommers

As reverse engineer & red teamer, Tijme supports in the development of adversary simulation & security testing services. The research he did in the past years mainly focused on (nation-state) adversary tactics, and converting this research into useful tools for TIBER & ART (adversary simulation) engagements. His current and primary professional occupation is his role as Offensive Security Expert at ABN AMRO Bank.

  • In Memory of In-Memory Detection
The speaker’s profile picture
Wilco van Beijnum

Wilco van Beijnum is a researcher at the Dutch Institute of Vulnerability Disclosure (DIVD), focusing on devices in the energy domain. He also works at ElaadNL via Scyon, where he tests EV charging infrastructure for vulnerabilities. With extensive experience in both software and hardware hacking, he uncovers and reports vulnerabilities in charging stations to strengthen their defenses, resulting in over 20 CVEs. His expertise in embedded system security, firmware analysis, and reverse engineering helps strengthen the security and resilience of the next generation of energy-related devices.

  • Breaking and Remaking ESP32 Devices: A Practical Guide to Reverse Engineering and Patching
The speaker’s profile picture
Yaniv Miron

Yaniv Miron – Cloud Threat Research Manager at Proofpoint
With a lifelong passion for cybersecurity, Mr. Miron has spent years working as a security consultant and researcher.
He holds multiple certifications, including CISO, CEPT, CREA, CSSA and Exploit Development.
Mr. Miron has discovered multiple 0-day vulnerabilities in Microsoft, Oracle, and other major vendors' products, and have reported and credited for these issues.
He is a recognized global speaker at leading cybersecurity and hacking conferences such as Black Hat, HackFest, Power of Community, CONFidence, IL.Hack, and Hacker Halted.
In addition to his technical expertise, Mr. Miron is an entrepreneur and inventor.
LinkedIn profile: https://www.linkedin.com/in/yanivmiron/

  • From Phishing to Persistence: How Attackers Take Over Cloud Accounts