TROOPERS11 - Speaker


Chema Alonso

Chema Alonso, is one of the most prominent names regarding Computer Security and hacking in the world. Ph.D in Information Security, Computer and Systems Engineer, he graduated from Universidad Politécnica de Madrid where he was honored as Ambassador. He has been awarded as a Most Valuable Professional in Enterprise Security by Microsoft. Before getting into Telefonica to manage the new innovative company “Eleven Paths” focus in creating security technologies, he was working Informatica64 to create FOCA, Evil FOCA, Dust RSS, or publishing hacking papers such as Connection String Parameter Pollution or Blind LDAP Injection Techniques.

Ravishankar Borgaonkar

Ravishankar works as a research fellow in Oxford University. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE network security to end-user device security.

Rodrigo Branco

Rodrigo Rubira Branco (BSDaemon) works as Principal Security Researcher at Intel Corporation and is the Founder of the Dissect || PE Malware Analysis Project. Held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011 he was honored as one of the top contributors to Adobe Vulnerabilities in the past 12 months. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest and biggest security research conference in Latin America. He is an active contributor to open-source projects (like ebizzy, linux kernel, others). Accepted speaker in lots of security and open-source related events as H2HC, Black Hat, Hack in The Box, XCon, VNSecurity, OLS, Defcon, Hackito, Ekoparty, Troopers and others.

Sergey Bratus

Sergey Bratus is a Research Assistant Professor the Computer Science Dept. at Dartmouth College. His research interests include designing new operating system and hardware-based features to support more expressive and developer-friendly debugging, secure programming and reverse engineering; Linux kernel security (kernel exploits, LKM rootkits, and hardening patches); data organization and other AI techniques for better log and traffic analysis; and all kinds of wired and wireless network hacking.

Before coming to Dartmouth, he worked on statistical learning methods for natural text processing and information extraction at BBN Technologies. He has a Ph.D. in Mathematics from Northeastern University.

Steve Dispensa

Steve is the Chief Technology Officer and co-founder of PhoneFactor, a provider of phone-based authentication services. Steve is a regular speaker and writer on issues surrounding authentication.

André Egners

Holds a Diploma degree in Computer Sciences from RWTH Aachen University. Since September 2009 he has been working for the Research Group IT-Security, as part of the UMIC Cluster in Aachen since September 2009. His primary interest is security for wireless mesh networks, which also includes detection of malicious node behavior. In addition, he has experience in mobile security and has been working on botnet detection and mitigation for mobile networks.

Mark Gall

Mark Gall received his diploma in computer science from the Technical University of Munich (TUM). After an internship at Siemens Corporate Research, he worked several years as a software engineer at Capgemini on industrial software projects as well as software projects for government agencies. Last year he joined Fraunhofer SIT as a member of the research staff for cloud computing security, where he is strongly involved in the cloud security lab activities (<a href="" target="_blank"></a>).

Chris Gates

Chris Gates (CG/carnal0wnage) is currently a Sr Security Consultant for Rapid7 and is a member of the Metasploit Project and Attack Research. He enjoys business logic flaws, misconfigured databases and the occasional client-side attack. He has spoken at various other security conferences includimang BlackHat USA, Defcon, CSI 2009, Brucon, SOURCE Boston, Toorcon, Notacon, and Chicagocon. He is a regular security blogger at <a href="" target="_blank"></a> and securitytwit <a href="" target="_blank">@carnal0wnage</a>

George Hedfors

George Hedfors has been working for 12 years as a professional in the field and brings a lot of experience with IT- and information security. He has worked with well known security consultancies and is recently employed at Cybercom Sweden AB. Read his blog at <a href="" target="_blank"></a> or follow him on Twitter <a href="!/georgehedfors" target="_blank">@georgehedfors</a>.

Heiko Kirsch

Heiko Kirsch is currently engaged in the ASMONIA project. He carries a Bachelor Degree in Computer Science, a Master Degree in Security Management and is currently working on his Ph. D. thesis in the domain of mobile security at the Technical University at Darmstadt. His current research interests are technologies for secure mobile communication.

Friedwart Kuhn

Friedwart Kuhn is a renowned expert for Active Directory security and has performed a huge number of projects both in the concept and design space and in the pentesting and incident analysis field.

Meder Kydyraliev

Meder Kydyraliev has been working in the area of web app security for the past 6 years. He’s worked as a security consultant for one of the Big 4 and currently works in Google Security Team. Meder has contributed some of his time to open-source projects such as xprobe2 and webscarab and was a speaker at various security conferences.

Felix Leder

Felix Leder is a senior researcher at the Fraunhofer FKIE and a PhD student at the University of Bonn. After working for Nokia he turned to his favourite field of research: IT-Security. His current research interests are botnet mitigation tactics and new methodologies for executable and malware analysis. A lot of hispare-time is spent on involvement in the Honeynet Project.

Matthias Luft

Matthias Luft is a security researcher and heads the German security research company ERNW Research. He is interested in a broad range of topics (such as DLP, virtualization, and network security) while keeping up with the daily consulting and assessment work.

Joachim Lüken

Joachim Lüken is with the research division at Nokia Siemens Networks. He has more than 25 years’ experience in telecommunications covering software development in digital public-switched telephone network switches to systems engineering for ATM and IP-based products. Joachim was also an active member in standardization bodies such as ITU-T, ETSI, DVB and BBF and supported standardization work in the area of PSTN signaling as well as in IP protocols. Currently Joachim is responsible for security aspects of web application and cloud computing solutions within Nokia Siemens Networks.

Graeme Neilson

Graeme Neilson, Chief Research Officer, RedShield Security.

Mariano Nuñez Di Croce

Mariano Nunez Di Croce is the CEO at Onapsis. Mariano is a renowned researcher in the ERP & SAP Security field, being the first to present on real-world security attacks to SAP platforms. Since then, he has been invited to lecture in some of the most important security conferences in the world, such as BlackHat DC/USA/EU, RSA, SAP, HITB Dubai/EU, Troopers, Ekoparty, HackerHalted, DeepSec, Sec-T, and, as well as in Fortune-100 companies and military organizations.

Mariano has discovered 50+ vulnerabilities in SAP, Microsoft, Oracle and IBM applications. He leads the strategic development of Onapsis X1, has been the developer of the first open-source SAP & ERP Penetration Testing Frameworks and leads the “SAP Security In-Depth” publication. Mariano is also a founding member of, the Business Security Community. Because of his research work, he has been interviewed and featured in mainstream media such as CNN, Reuters, IDG, New York Times, eWeek, PCWorld, Darkreading and others.

Twitter: @marianonunezdc

Marsh Ray

Marsh Ray is a Software Development Engineer at PhoneFactor, Inc., a maker of two-factor authentication software, where he is responsible for security software development.

Kevin Redon

Kévin Redon first learned about telecommunication networks during a lecture at University. He preferred computer networks though, which are far less complicated and cumbersome. Later another teacher gave him the opportunity to play with a base station. Since then he looked at the security of different aspects, going from the SIM card, through basebands, to femtocells. After showing several vulnerabilities at conferences, he joined the product security team of Qualcomm to try improve the state.

Enno Rey

Enno Rey @Enno_Insinuator is an old school network security guy who has been involved with IPv6 since 1999. In the last years he has contributed to many IPv6 projects in very large environments, both on a planning and on a technical implementation level.

Edmond Rogers

Edmond Rogers is a Smart Grid Cyber Security Engineer at the University of Illinois Information Trust Institute. His research efforts focus on assessment of electric grid SCADA systems. Prior to his tenure at the university Edmond was a Security Analyst at a fortune 500 utility in the Midwest of the United States.

Michael Schaefer

Unidentified TROOPER. Recon team deployed to gather more information.

Dmitry Sklyarov

Dmitry Sklyarov is a Head of Reverse Engineering Department at Positive Technologies. Former Security Researcher at Elcomsoft and a lecturer at Moscow State Technical University. He did a research on the security of eBooks and on the authentication of digital photos. Recent research projects involved smartphone forensics.

Marco Slaviero

Marco Slaviero is the lead researcher at Thinkst. Marco has presented research at conferences all over the world on topics ranging from timing attacks to python shellcode. He is rumoured to harbor a personal dislike for figs.

Richard Thieme

Richard Thieme (<a href="" target="_blank"></a>) is an author and professional speaker focused on the deeper implications of technology, religion, and science for twenty-first century life. He speaks professionally about the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change.

Michael Thumann

Michael Thumann is Chief Security Officer and head of the ERNW application security team. He has published security advisories regarding topics like ‘Cracking IKE Preshared Keys’ and Buffer Overflows in Web Servers/VPN Software/VoIP Software. Michael enjoys sharing his self-written security tools (e.g. ‘tomas – a Cisco Password Cracker’, ‘ikeprobe – IKE PSK Vulnerability Scanner’ or ‘dnsdigger – a dns information gathering tool’) and his experience with the community. Besides numerous articles and papers he wrote the first (and only) German Pen-Test Book that has become a recommended reading at german universities.

In addition to his daily pentesting tasks he is a regular conference-speaker (e.g. Blackhat, HITB and RSA Conference) and has also contributed exploit code to the Metasploit Framework. With more than 10 years of experience in computer security Michaels’ main interest is to uncover vulnerabilities and security design flaws from the network to the application level and reverse almost everything to understand the inner working.

Andreas Wiegenstein

Andreas Wiegenstein has been working as a professional SAP security consultant since 2003. He performed numerous SAP security audits and received credit for more than 80 SAP security patches related to vulnerabilities he discovered in various SAP products. As CTO at Virtual Forge GmbH he leads Research & Innovation, a team focusing on SAP specific security research and new security solutions. Andreas has trained large companies and defense organizations on SAP security and has spoken at multiple SAP-specific conferences (like TechEd, DSAG, BIZEC and SAPience) as well as at general security conferences such as Troopers, Black Hat, HITB, IT Defense, DeepSec and RSA. He researched the ABAP Top 20 Risks published by the German Federal Office for Information Security (BSI) and is co-author of the first book on ABAP security (SAP Press 2009). He is also member of, the Business Security Community.

Julia Wolf

Julia solves puzzles and finds the answers to the questions which no one knows the answers to.