Speakers

TROOPERS10 is pleased to announce some of the hottest and „leet“ speakers from all around the world.

Alonso, Chema ES

Chema Alonso is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the Politécnica University of Madrid. He has been working as security consultant last eight years and had been awarded as Microsoft Most Valuable Professional since 2005 to present time. He is a Microsoft frequent speaker in Security Conferences. He writes monthly in several Spanish Technical Magazines. He is currently working on his PhD thesis about Blind Techniques. Recently spoke in BH Europe 2008 about LDAP Injection & Blind LDAP Injection attacks, in Defcon 16 about Time-Based Blind SQL Injection using heavy Queries and in Toorcon X about RFD (Remote File Downloading).

This year has released FOCA, a tool to fingerprint networks using metadata, hidden info and lost data in public files, in BlackHat Europe 2009 and Defcon17 and also be presenting at Yahoo! Security Week, ShmooCon 2k9, HackCON 4 in Oslo, , Ekoparty in Buenos Aires and CONFidence 2.0 in Warsaw.

Baier, Dominick DE

Dominick Baier works as a security consultant at thinktecture (www.thinktecture.com). His main focus is security, identity and access control in distributed applications using the Microsoft technology stack. He's the author of "Writing more-secure ASP.NET Applications" (MS Press) and the security curriculum lead at Developmentor. You can find his blog at www.leastprivilege.com.

Bigezy, US

Bigezy works as a security analyst at a Fortune 500 Electric Utiltity in the United States. He has previously worked on securing the Financial Industry working for the largest Mutual Fund transfer agency in the US. Before that he founded one of the first Internet Service Providers in the Midwestern US.

Branco, Rodrigo BRAZIL

Rodrigo Rubira Branco (BSDaemon) is a Senior Vulnerability Researcher and Kernel Developer. He is also a member of RISE Security (http://www.risesecurity.org) and a veteran TROOPER.

Rodrigo's talk is based on shared research together with Udi Shamir. He is a Senior Malware Researcher, creator of many improvements in automated malware analysis.

Bratus, Sergey US

Sergey Bratus is a Research Assistant Professor the Computer Science Dept. at Dartmouth College. His research interests include designing new operating system and hardware-based features to support more expressive and developer-friendly debugging, secure programming and reverse engineering; Linux kernel security (kernel exploits, LKM rootkits, and hardening patches); data organization and other AI techniques for better log and traffic analysis; and all kinds of wired and wireless network hacking.

Before coming to Dartmouth, he worked on statistical learning methods for natural text processing and information extraction at BBN Technologies. He has a Ph.D. in Mathematics from Northeastern University.

Criscione, Claudio IT

Claudio spends his work hours as principal consultant at Secure Network, a security firm based in Milan. He used to be a pure web application security guy and graduated with a master thesis on anomaly detection on web applications. He got interested in virtualization from a practical perspective as a penetration tester since its birth and has been doing research since then.

He's a columnist at virtualization.info and a member of nibblesec.org.

Dispensa, Steve US

Steve Dispensa is co-founder and Chief Technology Officer of PhoneFactor, an authentication software development firm. He is a regular speaker and writer on security issues, a five-time Microsoft MVP for kernel-mode software development, and is Cisco CCIE #5444.

Fite, Bryan US

Bryan K. Fite a committed security practitioner and entrepreneur is currently a Global Program Security & Compliance Director with British Telecom (BT). Having spent over 20 years in mission-critical environments, Bryan is uniquely qualified to advise organizations on what works and what doesn't. Bryan has worked with organizations in every major vertical throughout the world and has established himself as a trusted advisor: "The challenges facing organizations today require a business reasonable approach to managing risk and protecting information assets."

He is also the creator of PacketWars™ (packetwars.com) the World's premier Cyber Sport.

Freiss, Martin DE

Martin Freiss is managing director of secunomic GmbH, a security and audit consultancy. In previous lifes, he was managing director of atsec information security GmbH, CISO at Vodafone TeleCommerce GmbH and consultant and team-leader for IT-Security at Siemens AG and Siemens Nixdorf AG in Paderborn and Cologne. He focuses on pragmatic project management for risk management, audits and compliance-management in large and small enterprises. He has authored several books and articles on security management, security certifications and penetration testing.

Gunasekera, Sheran LK

Sheran Gunasekera (chopstick) is a security professional that specializes in Web Application Security, Mobile Security and Digital Forensics. He is the Director of Research & Development for ZenConsult, a technology consulting firm based in the Asia Pacific region. Disliked by banking software vendors and now, possibly telcos, Sheran sees no need to sugar-coat findings from security assessments. A firm believer that information should be free, he releases his research and tools on his blog, Chirashi Security (chirashi.zensay.com), in the hopes that others can benefit from them.

Herzog, Pete USA

Pete Herzog is the Managing Director of the security research organization ISECOM and the creator of the OSSTMM.

Hund, Ralf DE

After having studied mathematics and computer science at the University of Mannheim in Germany, Ralf Hund joined the there resident Laboratory for Dependable Distributed Systems as a Ph.D. student. His research interests tend towards the practical aspects of computer security; more specifically, this particularly includes software reverse engineering, static and dynamic malware analysis, mobile malware, and P2P-botnets.

Menard, Ray

Ray has over 25 years of experience in technology leadership roles including 16 years in the US Air Force, 12 of which was installing, securing and maintaining voice and data communications circuits around the world. After leaving the Air Force he worked as National Field support Manager for Network Solutions, installing and maintaining communications links for government agencies throughout the US. He designed, installed and supported communications projects for companies including InterVoice, ENTEX, Telequoent Communications and Internet Security Systems. He is one of Q1 Labs earliest employees and has preformed many roles in pre and post sales as well as management positions.

Neilson, Graeme NZ

Graeme Neilson is a Senior Security Researcher and Consultant at Aura Software Security based in Wellington, New Zealand. Originally from Scotland he has 10 years of security experience with specialities in critical network infrastructure and reverse engineering. Graeme has previously presented at security conferences in New Zealand, Australia and the US including Black Hat.

Polyakov, Alexandr RU

Alexander Polyakov is a Chief IT Security Auditor at Digital Security company. His expertise covers enterprise applications and database security. He has found a lot of vulnerabilities in products of such vendors like SAP and Oracle. He is author of a book named Oracle Security from the Eye of the Auditor. Attack and Defense [In Russian].

He is also the head of Digital Security Research Group (dsecrg.com), Expert Council member of PCIDSS.RU association and one of the contributors of Oracle with Metasploit project.

Ray, Marsh US

Marsh Ray is a Software Development Engineer at PhoneFactor, Inc., a maker of two-factor authentication software, where he is responsible for security software development.

Rey, Enno DE

Enno Rey is a seasoned information security professional working as the "consulting right hand" for a number of CISOs. He has vast experience in designing, operating and securing large environments and has passed the typical transformation from a technology-centric to a process-oriented infosec guy. He initially got certified as a BS 7799 LA in 2001 and has been devoted to a risk based approach of steering information sec. as a supporting process since more than ten years. His current research focus is on trust models, policies and their interaction with real-world infosec and risk analysis tools useful in practice. He's a regular speaker at events all over the world (including Black Hat several times and many other events) and has published a number of books, articles and white papers.

Enno is your TROOPERS host.

Roeschke, Oliver DE

Oliver Roeschke is a seasoned pentester and hacker with vast experience in corporate environments. Over the years he developed his own approach to attack technologies. For the last two years his research focuses on enterprise WLAN environments. Protocol design flaws and crucial implementation failures are most interesting for him to bring down security of large-scale WLAN deployments. In his free time he's coding hacking tools that implement practical attacks on the vulnerabilities he found. Oliver is a frequent speaker at international security conferences and will happily share his knowledge with the audience.

Schumacher, Markus DE

Dr. Markus Schumacher is co-founder of Virtual Forge GmbH, an independent security product company based in Heidelberg, Germany. The members of the Virtual Forge team are leading experts for SAP® application security. Virtual Forge’s unique ABAP™ security knowledge has been captured into CodeProfiler, the first static code analysis tool for ABAP™ security and compliance testing. Markus Schumacher has a PhD in computer science and is a frequent speaker at international conferences. He co-authored numerous articles and books (recently: “Sichere ABAP Programmierung” published by SAP Press).

Slaviero, Marco ZA

Marco Slaviero (MSc) is an associate at SensePost, a South African information security company focused on providing penetration testing services to global clients in the financial services, mining and telecommunications sectors. Marco specializes in web application assessments with a side interest in thick applications and network assessments. He detests figs.

Thumann, Michael DE

Michael Thumann is Chief Security Officer and head of the ERNW "Research" and "Pen-Test" teams. He has published security advisories regarding topics like 'Cracking IKE Preshared Keys' and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. 'tomas—a Cisco Password Cracker', ikeprobe—IKE PSK Vulnerability Scanner' or 'dnsdigger—a dns information gathering tool') and his experience with the community. Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at German universities. In addition to his daily pentesting tasks he is a regular conference-speaker and has also contributed exploit code to the Metasploit Framework. With more than 10 years of experience in computer security Michaels' main interest is to uncover vulnerabilities and security design flaws from the network to the application level.

Werner, Tillmann DE

Tillmann Werner used to work as an incident handler at the German national CERT and is currently employed as a computer scientist at the University of Bonn. He is a member of the Honeynet Project and has been doing research in the area of network-based attacks for almost a decade.