Mackenzie is a developer and security advocate passionate about DevOps and application security. As the co-founder and former CTO of the health tech company Conpago, he learned first-hand how critical it is to build secure applications with robust operations.
Today Mackenzie continues his passion for security by working with the GitGuardian research team to uncover the latest trends malicious actors are using and present them to a wider audience. Mackenzie is also the host of the popular podcast The Security Repo, he is an established security writer with contributions to DarkReading, Wired, Forbes plus many more, and was featured in the national SRF documentary on hackers. Finally, Mackenzie is an experienced global speaker having presented at conferences including DefCon, NDC, DevOxx and many more.
Federico's profound passion for technology encompasses a broad spectrum, with a particularly keen interest in cybersecurity's various dimensions. His expertise spans Penetration Testing, Vulnerability Assessment, Malware Analysis, and the intricate domain of Social Engineering.
Currently, he leads Cleafy's Threat Intelligence and Incident Response team. In this pivotal role, Federico leads a multifaceted array of endeavors, diligently monitoring, detecting, and dissecting emerging threats and the intricate web of attack patterns woven by multiple Threat Actors (TAs).
His expertise has graced prestigious cybersecurity gatherings like HackInBO 2022, BotConf 2023, and Cert-EU 2023, as well as private events convened by CertFIN on Italian territory.
The majority of his latest research can be found here: https://www.cleafy.com/authors/federico-valentini
Alessandro is an experienced Malware Analyst and Cybersecurity Professional with a proven track record in safeguarding digital landscapes. His expertise encompasses a wide spectrum of roles, demonstrating proficiency in conducting penetration testing, vulnerability management, and malware analysis.
As Head of Red Team Operations, he led the OffSec team simulating intricate cyber threats, enhancing company security posture. In his current role as a Malware Analyst at Cleafy, he detects, monitors, and dissects advanced threats related to multiple Threat Actors, improving the digital fraud posture of banking institutions.
Alessandro's dedication extends beyond his work, actively engaging in mentorship and knowledge-sharing, fostering a cyber-resilient future. He was also a speaker at BotConf 2023, and Cert-EU 2023.
Valery has more than seven years of information security experience.
Holds multiple application and cryptocurrency security certifications (OSCP, OSWE, CBSP, CRC). Participated in different security events worldwide: organized various activities (e.g., «Hack this Site» Challenge at DEF CON 27), participated in the organization of multiple conferences and meetups (OFFZONE, Behind the Code), and multiple Capture the Flag challenges (e.g., CTFZone). As a security enthusiast submitted multiple security defects to organizations and received a couple of confirmed CVEs.
Has experience in application security testing and hardening. Huge experience in the automation of information security processes. Has real-world expertise in implementing safe cryptocurrency management processes and services.
Certified with: OSCE | OSEP | OSWE | OSCP | CEH | CPTC | PenTest+ | eWPT | ECIH | CREST
Providing pentesting & security consultation for clients all over the world: Australia, U.S., U.K., Middle East, Singapore, India, Central Africa, Europe.
Founder @ Zerotak Security
President @ National Romanian Cyber Security Training Centre of Excellence (CSTCE RO)
Trainer for U.S. Department of Defense, Slovenian National Bureau of Investigation, Polish Military CERT
Speaker @ Defcamp, HEK.SI, RST Con, HackTheZone, Unbreakable, Multiple BSides
Main Organizer @ Bsides Transylvania
EC-Council Certified Ethical Hacker (CEH) Scheme Committee Member
InfoSec Writer on Medium (in free time)
Security Researcher and "Give back to community" passionate
Marcin is a security researcher, bug bounty hunter, and appsec engineer. He has been a speaker at a number of security conferences like BSides and What The Hack. He started his cybersecurity career a few years ago after moving from a Java Developer role. Marcin has rich experience in both securing and developing applications, as well as architecture.
In his professional life, he is mostly focused on explaining complex security problems to a wider audience. One of Marcin's notable achievements was getting CVE: CVE-2021-43557 for a vulnerability in Apache APISIX Kubernetes ingress. It was a path traversal in the request_uri variable that could lead to access control bypass. He is an enthusiast of SecDevOps and "shift left". You can read more about his work on his blog https://xvnpw.github.io/ or follow him on Twitter https://twitter.com/xvnpw.
Roman is an IT and ITSec professional who has managed to look at the industry from different points of view: integrator's, vendor's, and customer's. He has worked for companies such as Kaspersky and VMware, participating in system analysis as well as solving client cases in the wild.
His current domain of interest is Kubernetes security. Therefore, he understands that "admission control" happens not only in nightclubs and uses YAML to communicate with colleagues. In fact, he likes port cities and the way "ordinary" containers look.
Currently, Roman is responsible for the following tasks at Exness:
Francesco Iubatti has spent many years performing vulnerability assessments and penetration tests on embedded devices used in critical infrastructure and mobile apps. He now works in the Threat Intelligence and Incident Response team of Cleafy.
During his 4 years at Cleafy, he has analyzed tons of mobile malware, discovered four new banking trojan families: SharkBot, TeaBot, Revive, PixPirate, and many new malware variants. When he is not busy reversing malware, he collaborates with other Cleafy’s teams to enhance and improve the detection of malware.
Francesco has spoken at HackInBo 2022 and CyberJourney 2023, and he has written many technical articles about mobile malware. In his free time, he likes studying new things, running, climbing, cycling, and playing chess.
Vangelis began as a developer from Greece. Six years ago he realized that only his dog didn’t have an API, so he decided to steer his focus towards security.
That led him to pursue a PhD in Web Application Security with an extra focus on machine learning. He’s still actively pursuing it.
He currently applies his skills as a Chief Technology Officer at Tremau, and during his free time, Vangelis is helping start-ups secure themselves on the internet and get a leg up in security terms.
His love of a simplistic approach to hacking by exploiting vulnerable APIs led him to publish research regarding API controlling ships, smart locks, IP cameras, car alarms, EV chargers, and many other IoT devices.
Since our lives are nowadays extremely cyber-dependent, his goal is to convince all companies to never neglect their API security as rush-to-market mentality is almost certain to lead to catastrophic security failure.
As a Senior Threat Hunter and member of a global Managed Detection and Response (MDR) team within WithSecure (F-Secure), I'm expected to guide and advise my colleagues during cyber incidents.
My daily routine as a front-line worker involves a lot of research, detection engineering, threat hunting, and knowledge base improvements. The aforementioned tasks bring value to WithSecure's global service and improve customers' cyber security posture and awareness.
I take part in post-incident improvement best practices that help us analyze attacking techniques in-depth to build better detection coverage, which will decrease the dwell time of our response.
On top of my technical duties, I assist during the recruitment process, facilitate the onboarding sessions, and coach our new fellows.
Before joining WithSecure's global Threat hunting team, I was conducting various offensive security operations as a Penetration Tester in Deloitte Cyprus, which helped me develop an out-of-the-box mindset.
I'm constantly seeking ways to contribute to the cyber security community through conference talks, blogging, and my personal GitHub repository. In my free time, I like to read books, travel, and explore Poland.
With a deep passion for technology, Wael has explored diverse areas, from hardware and software to the challenges of cybersecurity. He's made an impact in various sectors, from innovative energy solutions to top-notch software and cybersecurity tools.
His curiosity has led him to share insights on platforms like WebSummit, TEDx, and Huawei Tech4Good, reaching audiences in the tens of thousands.
He's been recognized with several awards for entrepreneurship and innovation, with standout mentions like the NASA SpaceApps and the Presidential Award for Best Innovation of the year.
Beyond these honors, Wael's commitment shines through in his mentorship roles and contributions to global tech events.
Doing security since 2003, first CVE was reported in 2005.
Since then have been working in different areas but always with some security-related focus.
These days he is working in Wargaming in an Infrastructure Lead position, being a 100% manager, but still has a passion to think about security during his free time.
Ivan has spoken at conference talks multiple times in such conferences as ZeroNight, PHDays, HighLoad++, and OffZone.
Ivan has also been a member of the Highload++ program committee for a long time.
Some projects to share:
I'm Anton Bulavin, leading Application Security at Semrush. With a dynamic journey encompassing system administration, penetration testing, and bug bounty hunting, I've honed my expertise in cybersecurity.
My role goes beyond Semrush; I'm an OWASP Chapter Limassol Lead and speaker at various security conferences. I strive to not only enhance technical prowess but also foster a security-conscious culture.
I've fused my technical skills and leadership to drive Semrush's security initiatives. My passion lies in sharing insights to empower others. My journey, marked by growth and innovation, fuels my commitment to advancing application security.
Last year I moved to Cyprus and now happy to be a part of the island security community :)
You can find more about me on LinkedIn: Anton Bulavin - LinkedIn
OWASP Chapter Limassol: OWASP Chapter Limassol
Meetup: OWASP Limassol Meetup Group
I am an adept information security professional with over 15 years of experience spanning diverse sectors such as financial institutions and international government-level endeavors. My unwavering enthusiasm for this field fuels my desire to establish meaningful connections with fellow IT and IS experts.
Amidst my multifaceted role, I find immense joy in every facet, yet the collaborative journey with clients and business unit leaders resonates most deeply.
My academic foundation comprises a BA from the esteemed Kazan Technical University, specializing in the dynamic realm of information security.
My journey in the information security landscape is a testament to my commitment to excellence, continuous learning, and shaping secure digital ecosystems. As an advocate for safeguarding sensitive data and systems, I eagerly anticipate the challenges and triumphs each day brings, all while fostering connections and knowledge exchange within the IT and IS community.
CISO with more than 10 years of practice in information security. Attended different conferences as a speaker, with topics about vulnerability management, security automation, network segregation, and many others - at Positive Hack Days, ZeroNight, OffZone.
Organizer of security meetups in Cyprus - Behind The Code. The meetup was conducted 5 times and every time collected more than 100 people. This event provides a chance for local speakers to present their materials and also to meet each other and discuss important topics for everybody interested in information security.
Co-founder of security startup vulners.com, which is aimed at vulnerability management automation and currently contains the largest amount of information related to vulnerabilities and information security topics. Security developer in a previous role.
Theognosia Aza is a Data Privacy Manager at Aylo since 2021. She holds a Degree in Computer Science from the University of West Attica (Athens, Greece), an MSc in Information Systems from the Athens University of Economics and Business (Athens, Greece), and an MSc in Cybersecurity from the European University Cyprus (Nicosia, Cyprus).
Theognosia has 12 years of work experience in IT Engineering, System, Data & Privacy Analytics, working with telecom operators, fintech companies, and multinational technology and digital content providers. For the past 5 years, she has been focusing on Data Privacy matters and holds a number of certifications in the field, including CIPP/E (Certified Information Privacy Professional/Europe), CIPT (Certified Information Privacy Technologist), CIPM (Certified Information Privacy Manager), C-DPO (Certified Data Privacy Officer), ISO/IEC 27001:2013 Lead Auditor, ISO/IEC 27701:2019 Lead Implementer.
She is also recognized as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals (IAPP).