https://twitter.com/0ldMate_

Abed has been working in the Cyber Security industry for over two decades. Started off as a Unix Guy securing Unix servers. He worked in different organisations and performed various cyber security roles. His most recent role is a Senior Manager at PwC Australia where he helps organisations with their strategic Cyber Security problems.

He mentored and helped hundreds of individuals from all over the world land their first cyber security job, which has become his main passion in recent years.

evildaemond is a person who works in security, with focuses in hardware, web pentesting and physsec, and regularly teaches lockpicking and physsec at conferences across Australia. They've released projects like the physsec-methodlogy, enjoys bug bounty and vulnerability disclosure, and has spent more money on stickers than some companies.

Adrian (@zeroedtech) is a senior threat hunter specialising in IIS, webshells and .NET. He's a firm believer that the best way to learn defensive cyber is to understand offensive cyber.

https://twitter.com/AlannahGuo

Alex, Australia's only hacker, works on the Red Team at Atlassian, committing metaphorical crimes, and writing really really detailed confession letters. Particularly their specialty is malware and post-exploitation.

They're known for one time using Inspect Element to find the passport number of former Australian Prime Minister, Tony Abbott, calling him on the phone about it, and not getting arrested the whole thing (blog post: https://mango.pdf.zone, Darknet Diaries episode 84).

On the side, they organise purplecon, a gentle, pastel, inclusive security conference, happening in Sydney this November 👀

Probably their proudest achievement is getting excommunicated by the Catholic Church in 1633 for insisting the Earth revolves around the sun.

Anurag is a Senior Manager with the CrowdStrike services team, where he leads the Incident Response team for Asia Pacific. He heads an industry leading Incident Response team that responds to several incident response investigations involving nation state and eCrime adversaries. He has led several high profile investigations. He has helped organisations develop cyber defence capabilities to protect against and respond to attacks. Anurag is a Certified SANS Instructor and holds the GIAC Security Expert (GSE# 97) credential.

Ayman is a senior consultant with a decade of experience in cyber security; penetration testing, vulnerability research, exploit development, reverse engineering and malware analysis.

Ben Robertson is a Senior Professional Service Engineer at Puppet, an industry leader in IT automation. Ben has over 15 years' experience working in complex environments with a broad range of technologies across private and Government organisations. He has a passion for infosec security and applies this security mindset to all aspects of his work.

In his role, Ben works as a blend of DevOps Engineer and Client-facing consultant, helping customers to design and implement leading edge automation solutions.

Prior to commencing at Puppet, Ben worked as a gateway specialist at the Australian Government’s Department of Foreign Affairs and Trade and has also worked for Telstra as a Senior Security Specialist.

Ben attained a Bachelor of Computing, network design and security from Swinburne University in Melbourne.

Ben Wilson is a Security Consultant working at Tanto Security. He is interested in physical security and red teaming. You can get in touch with him on LinkedIn at https://www.linkedin.com/in/ben-wilson-b01811208

Director of OverWatch,
CrowdStrike Inc.
@brody_n77

BSides Canberra

Callum is a keen Cyber Security professional. He is currently a Senior Cyber Defence Analyst at Tesserent. Callum is also contributing to Cyber Threat Intelligence Sharing research at Deakin University as a Research Assistant. He holds a number of industry certifications including Blue Team Level 2 and CompTIA CySA+. He regularly volunteers and has been a Mentor for Purple Team Australia and Vets in Cyber.

Chantelle Ralevska is the founder and CEO of Psyber, a startup delivering cybersecurity consulting services and security awareness training to businesses and schools across Australia. Chantelle has delivered cybersecurity training to over 440,000 employees globally, and has worked in Security in organisations spanning retail to finance. Chantelle is currently a Cybersecurity Masters student at UNSW and an avid YouTube content creator, where she captivates and educates over 500K viewers about cybersecurity, careers, university and more!

Connor has experience spanning the Intelligence and Cyber fields in both the ADF and private industry. Connor has experience in DFIR, CTI and Threat Hunting. Much of this time has been spent focusing on large datasets and identifying innovative ways to manipulate these datasets to provide valuable insights to a wide range of organisations.

Courtney works as a technical director, designing and building a lab environment to develop the next gen best practice cyber security advice.

The Cybears will be returning to run the BSides Canberra Capture-The-Flag (CTF) competition in 2024.

Daniel is a Director and Co-Founder at elttam, an Australian security assessment boutique.

Daniel Cooper is a Security Consultant at Tanto Security. He is interested in web security research and occasionally plays in CTFs in teams such as Emu Exploit and Blitzkrieg.

Danielle is a Cyber Security professional with over 2 years of experience in the industry. She has predominately worked as a penetration tester. She tests a range of technologies, including, but not limited to web applications, APIs, cloud and on-prem infrastructure, and containers. She is particularly passionate about facilitating constructive communication between technical teams with different objectives. When she's not hacking things, you will find her reading, knitting, or hanging out with her cats.

Redacted

Dr Silvio Cesare is a founder and Director at InfoSect, a vulnerability research company. He is also one of the 2 founders of BSides Canberra. Silvio has worked in technical roles and been involved in computer security for over 29 years.

This period includes time in Silicon Valley in the USA, France, and Australia. He has worked commercially in both defensive and offensive roles within engineering.

He was previously the Director for Education and Training at UNSW Canberra Cyber, ensuring quality content and delivery. In his early career, he was the lead architect and developer for the startup Qualys, now the industry standard in vulnerability management. He has a Ph.D. from Deakin University and has published in academia, having been cited over 800 times on google scholar. He is a 4-time speaker and also a trainer at the international industry leading Black Hat conference.

He has taken his University research through commercialisation and authored a book (Software Similarity and Classification, published by Springer).

Edward Farrell is a security consultant with 15 years experience in cyber security and 20 years in technology. As the director of one of Australia’s few remaining independent cyber security practices, Mercury, he has conducted or overseen the delivery of over 1000 security assessment activities and incident responses in the past 8 years. His professional highlights include lecturing at the Australian Defence Force Academy, being rated in the top 200 bug bounty hunters in 2015 and running an awesome team of security professionals.

He has volunteered and done things at Bsides Canberra since its inception.

TBA

Harriet Farlow is the CEO of AI Security company Mileva Security Labs, a PhD Candidate in Machine Learning Security, and creative mind behind the YouTube channel HarrietHacks. She missed the boat on computer hacking so now she hacks AI and Machine Learning models instead. Her career has spanned consulting, academia, a start-up and Government, but don’t judge her for that one. She also has a Bachelor in Physics and a Master in Cyber Security. She calls Australia home but has lived in the UK and the US. Her ultimate hack was in founding her own AI Security company but if Skynet takes over she will deny everything and pretend the AI stood for Artificial Insemination, like her Mum thinks it does. (Sorry Mum but I’m not really a Medical Doctor).

Chantelle Ralevska is the Founder and CEO of Psyber, a startup delivering cybersecurity consulting services and security awareness training to businesses and schools across Australia. Chantelle has delivered cybersecurity training to over 440,000 employees globally, and has worked in Security at Macquarie Group, Westpac and Woolworths, to name a few. Chantelle is currently a Cybersecurity Masters student at UNSW and an avid YouTube content creator, where she captivates and educates over 500K viewers about cybersecurity, careers, university and more!

malsec

Jatin is seasoned information security professional with over 10 years of experience in Cybersecurity. Jatin holds a master’s degree in cybersecurity and began his journey on the offensive side of security before transitioning to the defensive side. His expertise spans various domains, including Security Architecture, Cloud Security, Web & Application Security, API Security, and DevSecOps. Currently, Jatin serves as a Lead Security Architect and Subject Matter Expert (SME) for IRAP assessments.

Josh Brown is a Senior Security Engineer at Microsoft with a robust background in Application Security, Penetration Testing, and Static Analysis. Whilst wielding the OSCP and OSWE certifications, Josh has fortified the security of major organizations working under ANZ, Australia Post, EY, and Microsoft.

Josh (or 0ldMate) is a Solutions Engineer at Hack The Box. He works on computers for a living and spends his free time running a mechanical keyboard store and rock climbing.

Kylie is cofounder and coorganiser of BSides Canberra. She is a Canberra native and is passionate about growing the local community.

Founder of XINTRA, Lina is a security researcher, Black Hat trainer, SANS advisory board member and has presented at several international conferences and authored a book on cybersecurity. She currently holds the following certifications: GXPN, GASF, GREM, GCFA and OSCP.

Lynore is a seasoned Cybersecurity professional with extensive experience in working across various industries, delivering key projects that enhance security and mitigate risks. With nine years of experience, Lynore possesses a diverse set of skills that enable her to adapt to any industry and its unique security challenges.

As the first Indigenous ICT Traineeship graduate in South Australia, Lynore is a passionate advocate for women, especially other First Nations women, to explore a career in information technology.

Lynore regularly speaks at industry events and mentors aspiring female cybersecurity professionals, sharing her knowledge and experience to help them achieve their goals. She also works to create inclusive environments in their workplaces and communities, fostering a sense of belonging and support for women in the field.

She believes that diversity in cybersecurity is essential to driving innovation and staying ahead of evolving threats. Her passion and dedication to encouraging more women to pursue careers in cybersecurity makes her a valuable role model and leader in the industry.

Marcio Almeida is one of the Co-Founders and the Director of Technical Services at Tanto Security. He has worked in cyber security for over 15 years and has experience with Penetration Testing, Code Review, Exploit Development, Secure Development, DevSecOps and Red Team Operations. You can connect with him on LinkedIn (marcioalma), X (marcioalm) or get in touch via marcio@tantosec.com.

Matthew Purcell is a Senior Technical Trainer at Amazon Web Services specialising in artificial intelligence and machine learning. His passion is making advanced technologies approachable for everyone, which he does at AWS through teaching highly technical courses and also developing educational content - including for AWS DeepRacer, AI/ML workshops for AWS Summits and AWS re:Invent, authoring AI/ML content for Udacity, plus creating a variety of new AWS training courses providing approachable introductions to generative AI.

Matthew has been a long-time attendee at BSides Canberra, having attended every conference since its inception in 2016.

Matt is a Director and Co-founder of elttam, an industry leader in security assessments. Matt has 20 years of experience in technical roles where he's specialised in security engineering of bespoke systems, vulnerability research, and conducting technical security assessments.

Malsec

Mike worked in IT for decades, the last dozen or so years in cyber security. He's now looking at building a cyber / espionage museum in Australia that will become a historical resource for the cyber industry and help us explain the value and relevance of our work to the wider public.

Helloooooooo!!! Welcome to my profile!!! I'm a 2nd Year uni student at UNSW!! I LOVE teaching and all things education. Inspiring others to be more curious is one of the greatest joys in life!!! Talk to me about freestyle skateboarding, trying to learn one million things at once or the best vegan food spots!

https://twitter.com/nlenevez

Nick joined the Bastion Security Group in December 2021 and is based in Dunedin. However, he has over 18 years’ security experience in both private and public sector organisations.

Nick’s area of expertise are in:
• cyber security ‘thought-leadership’,
• cyber security governance,
• virtual Chief Information Security Officer engagements,
• undertaking cyber security risk and maturity assessments,
• cyber strategy and policy development,
• cyber security work-program development,
• cyber security supply chain management,
• executive cyber security support,
• cyber security user awareness training delivery,
• cyber security in the health sector,
• cyber risk management across the lifecycle of digitally-enabled medical devices, and
• cyber security in the financial services sector.

Key cyber security leadership roles Nick held prior to joining Bastion Security were:
• Chief Cyber Security Adviser: Ministry of Health (MoH); and
• Team Leader - Outreach & Engagement: National Cyber Security Centre.

From a health sector context, Nick’s role at MoH was responsible for driving an increase in the cyber security maturity of the whole of the New Zealand health and disability sector (public and private).

Nick also has many other achievements he is proud of, which can be seen below:
• Navigator Professional Leadership Programme: Outward Bound (2016),
• New Leaders Development Programme: Melbourne Business School (2018),
• NZITF conference speaker (2022),
• Institute of Directors Company Director’s Course (2023), and
• Christchurch Hacker’s Conference speaker (2023).

I do computers for a living, especially where it's important that they only do things we wanted. At home, I dabble in computers doing things we didn't want. Come to the Hardware Village and chat: software defined radio, oil & gas drilling, safety engineering, hypervisors, why {dbus, cgroups, i2c, GaN amplifiers} are so good/awful, side-channels, spectroscopy {GC, Mass, Raman, Cavity Ring-Down, Gamma-Ray}, TLA+, eBPF vs the halting problem, OIDC federation, Zanzibar..
https://twitter.com/csirac2

Redacted Information Security are super excited to return with their friends from Malware Security to bring you the best Black Bag yet.

Ricki Burke is the founder of CyberSec People, helping organisations hire and scale security teams.

As a keen contributor to the infosec community, Ricki is involved as a co-organiser of BSides Gold Coast, SecTalks Gold Coast, host of the Hacking into Security podcast, ran career villages at AISA CyberCon and BSides Melbourne and presented at several conferences, including AusCERT, BSides Canberra, BSides Perth and BSides Melbourne and CHCon.

I like to talk about how Security is fundamental to DevOps, how Kubernetes often isn't the best answer to your problem and my lived experience of SRE.

I've been Automating toil in Linux for 20 years, but when Kubernetes came along I was initially dismissive, after all I was already building everything in Containers with Docker and orchestrating in a variety of semi-manual ways. I've since come to appreciate all it can do, what its limitations are and when NOT to use it. I've taught DevOps courses and Kubernetes courses while also helping large enterprises setup internally managed Kubernetes platforms with a product based mindset.

An IT security professional, a father, and an avid traveler with more than 15 years of professional experience in diverse industries such as Tier 1 banks, telecommunications giants, software development firms, Big4 consulting firms, and oil and gas companies.

I love breaking into K8s cluster and help teams safeguard them. For paying bills, I do perform defensive security assessments for Kubernetes clusters and CI/CD pipelines within cloud-native environments. My expertise extends to performing penetration tests on web applications, APIs, mobile applications, as well as network and infrastructure components.

When not working, I love to go for road trips with my family, exploring destinations around the world, and playing table tennis with my son.

Principal Penetration Tester and Cyber Security Researcher. When I’m not playing with 1’s and 0’s I fly things, travel, scuba dive, make things and read books.

Bio for Shubham Shah:

Shubham Shah is the co-founder and CTO of Assetnote, a leading attack surface management platform. On HackerOne, he's been ranked the #1 bug bounty hunter in Australia for three consecutive years and #27 in the world. Shubham specializes in discovering complex vulnerabilities in enterprise software and engineering security automation.

Bio for Michael Gianarakis:

Michael Gianarakis is the co-founder and CEO of Assetnote. Michael has over 16 years of experience in the offensive security industry, building and managing offensive security teams across the Asia-Pacific region and pioneering the Attack Surface Management category. He has presented security research around the world, including at DEF CON, Black Hat Asia, BSides, Las Vegas, Hack in the Box, AusCert, Thotcon, 44Con, and OWASP. Michael is also one of the organisers of Australia's most professional and well-organised security conference, Tuskcon.

Silvio is cofounder and coorganiser of BSides Canberra. He is passionate about community events and attends far too many, but has the best time at all of them.

Stephen Bradshaw has worked in the cyber security field for almost 20 years in both internally and externally facing roles, across Government as well as the private sector. His current focus includes work such as pentesting, vulnerability hunting, purple and red teaming, working on cyber security incidents and building, designing and maintaining offensive security systems and tools.

With almost 30 years experience working in tech, Stewart is a Managing Director, Security Architect, Lecturer, and Committee Member.

Has specialties in design and implementation of Cryptography/PKI solutions, Essential Eight Solution Design (especially Application Control and Multi-factor Authentication), Privilege Access Management, Active Directory Architecture etc.

Lectures at South Metropolitan TAFE (Murdoch campus), on the subjects of Digital Forensics, Incident Response, Communications, Project Management and other subjects for the Advanced Diploma of Cyber Security.

President-Elect of ISC2 WA Chapter (Chartering) and member of the STOTM Administration Team.

Enjoys dancing, padding fields with false data, and long walks on the beach.

Tania Sadhani is an AI security researcher with Mileva Security Labs; working on investigating and addressing the unique vulnerabilities of machine learning systems.

Taylor currently works as a Red Teamer helping organisations defend themselves against attackers. He has previous experience working in a variety of cyber roles.

Amateur hardware hacker and computer engineering student @ University of Canterbury.

I do tech and security stuff, and enjoy finding fun and interesting side projects to work on. A lot of my spare time is spent far away from computers, usually running long distances out in the wilderness.

Software Engineer

Tristan has over a decade of experience in the cyber security operations space with the last 5 years being dedicated to detection engineering and SOC operations. In 2018 Tristan co-founded Seamless Intelligence which is dedicated to providing managed SOC services to customers around Australia.

As head of detection engineering Tristan spends too many hours each week dissecting and analysing logs and opportunities to detect attack techniques and tools.

Delving ever deeper into logs and how to detect various attack tools has led to a various CVE/Bug Bounties being awarded.

@chompie1337

Zac is a third-year comp-sci student at UNSW - an active part of the community at the uni, he has a love for all things binary exploitation.

Willing to ramble to anyone who'll hear him out, you might've seen him talking at various conferences around Aus.

If not tinkering with his latest project, he can be found playing CTFs with Emu Exploit.

Zoltan is a security consultant at elttam.