2018京东HITB安全峰会特邀演讲嘉宾
  • Mobile Security Researcher, ZimperiumAdam Donenfeld
    Adam Donenfeld
    Mobile Security Researcher, Zimperium
    Adam Donenfeld is a mobile security researcher at Zimperium with vast experience in the mobile research field. Researching vulnerabilities and exploiting them for both PC and mobile environments, Adam has given talks at several international security conferences including Black Hat, DEF CON and HITB. In his past, Adam served in the IDF in an elite intelligence unit.
  • Ofir Arkin
    Vice President, Israel Engineering and Operations @Forcepoint
    Ofir Arkin is the Vice President, Israel Engineering and Operations at Forcepoint where he leads the Israeli R&D Center of the company. Previously Ofir served as the Vice President of Security at Mellanox Technologies where he was responsible for creating, driving and coordinating the overall vision and product strategy for security across all products. Prior to his tenure at Mellanox Technologies, Ofir served as Vice President and Chief Architect at Intel Security (McAfee) where he was responsible for driving and coordinating the overall architectural vision across Intel Security products. Prior to his role as Chief Architect, Ofir served as CTO for the Security Management Business, and was responsible for driving the vision and product strategy for McAfee’s security management business unit. Joining McAfee as part of the acquisition of Insightix, Ofir pioneered the use of messaging in the field of security to share information in real-time, between different security products and solutions through the use of a single API, to enable an adaptive security infrastructure (also known as the Data Exchange Layer). Ofir led cross-functional teams on the architecture, strategy and execution of this adaptive security infrastructure. His work in this area created the design and accelerated the development of DXL, culminating in the release of McAfee Threat Intelligence Exchange, the first technology fully leveraging DXL. Prior to his tenure at McAfee, he founded Insightix, an innovator of real-time security intelligence and control solutions where he served as CTO. He has also authored numerous research papers, patents, patent applications, advisories and influential articles covering adaptive security, information warfare, network visibility, access control, VoIP security and remote OS fingerprinting.
  • Independent Security ResearcherHendrik Scholz
    Hendrik Scholz
    Independent Security Researcher
    Hendrik Scholz is a product manager in the telecoms space with a focus on real-time network monitoring, fraud prevention and analytics. In his spare time he enjoys traveling. When not traveling he digs into the global distribution systems to find great air fares and messes with hotel chains to go with the flights.
  • CEO, ElcomSoft Co.Ltd.Vladimir Katalov
    Vladimir Katalov
    CEO, ElcomSoft Co.Ltd.
    Vladimir Katalov is CEO, co-owner and co-founder of ElcomSoft Co.Ltd. Born in 1969 and grew up in Moscow, Russia. He studied Applied Mathematics in Moscow Engineering-Physics Institute (State University); from 1987 to 1989, was sergeant in the Soviet Army. Vladimir works in ElcomSoft from the very beginning (1990); in 1997, he created the first program the password recovery software line has started from: Advanced ZIP Password Recovery. Now he coordinates the software development process inside the company and develops strategic plans for future versions. Vladimir regularly visits various IT security- related events, conferences and trainings all over the world. He has shared his expertise through dozens of conference sessions. Here is an incomplete list of the events: TechnoSecurity, BlackHat, CEIC, Infosecurity Europe, Infosecurity Russia, Infosecurity Japan, IT Security Area (it-sa), European Police Congress, e-Crime, Troopers, EuroForensics, FT-Day, China Computer Forensic Conference, Ruxcon, Nuit du Hack, Nullcon, CanSecWest, DeepSec, Interpolitex, etc. Vladimir manages all technical researches and product developments in the company. He regularly presents on various events and also regularly runs it security and computer forensics trainings both for foreign and inner (Russian) computer investigative committees and other organizations.
  • IoT / Blockchain dude at JD Security (JD.COM)Kai Jern Lau
    Kai Jern Lau
    IoT / Blockchain dude at JD Security (JD.COM)
    KaiJern (xwings) is a senior security researcher in JD.COM. His research topic mainly on embedded device, hardware security, blockchain security, reverse engineering and various security topics. He presented his findings in different international security conferences like HITB, Codegate, QCon, KCon, Brucon, H2HC few different Defcon group and etc. He conducted hardware Hacking course in various places around the globe. He is also part of core team member/review board for Hack In The Box Security Conference and advisor for UnicornTeam/HACKNOWN Team.
  • Nanyang Technological University, SingaporeNguyen Anh Quynh
    Nguyen Anh Quynh
    Nanyang Technological University, Singapore
    Dr.Nguyen Anh Quynh is a regular speaker at various industrial conferences such as Blackhat USA/Europe/Asia, DEFCON, RECON, Eusecwest, Syscan, HackInTheBox, Hack.lu, Deepsec, XCon, Confidence, Hitcon, Opcde, Shakacon, Brucon, Zeronights, etc. He also presented his researches in academic venues such as Usenix, IEEE, ACM, LNCS. As a passionate coder, Dr. Nguyen is the founder and maintainer of several open source reversing frameworks: Capstone (http://capstone-engine.org), Unicorn (http://unicorn-engine.org) & Keystone (http://keystone-engine.org).
  • Research Lead, Talos GroupRichard Johnson
    Richard Johnson
    Research Lead, Talos Group
    Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently the Research Manager of Talos Group for Cisco, Richard offers 15 years of expertise and leadership in the software security industry. Current responsibilities include research and development of advanced fuzzing and crash analysis technologies facilitating the automation of the vulnerability triage and discovery process. Richard has presented annually at top-tier industry conferences worldwide for over a decade and was co-founder of the Uninformed Journal.
  • Chief Information Security Officer, KPNJaya Baloo
    Jaya Baloo
    Chief Information Security Officer, KPN
    Jaya Baloo has been working internationally in Information Security for fifteen years. Her focus has been on secure network architecture design, and she has completed projects ranging from Lawful Interception, Deep Packet Inspection, VoIP & Mobile Security to designing national MPLS infrastructures and ISP architectures. She has worked for a number of telecom providers, Verizon and France Telecom among others, and currently works for KPN Telecom in the Netherlands where she is the Chief Information Security Officer (CISO).
  • Co-Founder/CTO, Opposing Force s.r.l.Matteo Beccaro
    Matteo Beccaro
    Co-Founder/CTO, Opposing Force s.r.l.
    Matteo is a security researcher enrolled in computer engineering course at Politecnico of Torino. As Opposing Force’s Chief Technical Officer, he manages internal security research on network protocols, Near Field Communication (NFC) and access control security. He presented the results of his research to prestigious international conferences such DEF CON 21, 30th Chaos Communication Congress (30C3), Black Hat USA Arsenal 2014, DEF CON 22 SkyTalks, Black Hat Europe 2014, TetCon 2015, DEFC ON 23 and ZeroNights 2015.
  • Associate Professor, Politecnico di MilanoStefano Zanero
    Stefano Zanero
    Associate Professor, Politecnico di Milano
    Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 60 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London; a co-founder of 18Months, a cloud-based ticketing solutions provider; and a co-founder of BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.
  • VP of Platform & Security, CORELLIUMNikias Bassen
    Nikias Bassen
    VP of Platform & Security, CORELLIUM
    Nikias Bassen (@pimskeks on Twitter) has been into reverse engineering for more than a decade. The breakthrough was back in 2011 when he joined the Chronic-Dev team to work on the iOS 5 + 5.1 jailbreaks. Ongoing research was focusing mostly on iOS, and in early 2013 he became part of the famous @evad3rs who released the evasi0n and evasi0n7 jailbreaks for iOS 6 and 7. He joined Zimperium zLabs (@zLabsProject) back in 2015 to continue his efforts in security research and reverse engineering targeting iOS. Earlier in 2018, he joined the mobile device virtualization company Corellium (@CorelliumHQ) as VP Platform & Security to focus on providing the next generation platform for security research and mobile development. Nikias studied Computer Science at the University of Bremen, Germany, and holds a Diploma degree. He is also one of the masterminds and maintainer of the libimobiledevice project (http://libimobiledevice.org) – an open source implementation of the iOS device-computer communication protocols.
  • Threat Researcher at Trend MicroDr. Fyodor Yarochkin
    Dr. Fyodor Yarochkin
    Threat Researcher at Trend Micro
    Fyodor is a researcher with TrendMicro Taiwan and holds a Ph.D. from EE, National Taiwan University. An early Snort developer, and open source evangelist as well as a “happy” programmer. Prior to that, Fyodor professional experience includes several years as a threat analyst and over eight years as an information security analyst responding to network, security breaches and conducting remote network security assessments and network intrusion tests for the majority of regional banking, finance, semiconductor and telecommunication organizations. Fyodor is an active member of local security community and has spoken at a number of conferences regionally and globally.
  • Leader of Radio Security Research Institute, 360 TechnologyLin Huang
    Lin Huang
    Leader of Radio Security Research Institute, 360 Technology
    Lin HUANG is the leader of Radio Security Research Institute in 360 Technology, senior wireless security expert. She received Ph.D degree from BUPT. She is the 360 Technology’s 3GPP standard SA3 delegate and a research supervisor for Master students in BUPT. Her interests include security issues in wireless communication, especially cellular network security. She was a speaker at BlackHat, DEFCON, and HITB security conferences.
  • Founder, Vulnerability LabBenjamin Kunz
    Benjamin Kunz
    Founder, Vulnerability Lab
    Benjamin Kunz is active as a penetration tester and security analyst for private and public security firms, hosting entities, banks, isp(telecom) and ips. His specialties are security checks(penetrationtests) on services, software, applications, malware analysis, underground economy, military intelligence/cyberwar, reverse engineering, lectures and workshops about IT Security. During his work as a penetration tester and vulnerability researcher, many open- or closed source applications, software and services were formed more secure. In 1997, Benjamin K.M. founded a non-commercial and independent security research group called, “Global Evolution – Security Research Group” which is still active today. From 2010 to 2011, Benjamin M. and Pim C. (Research Team) identified over 300 zero day vulnerabilities in well known products from companies such as DELL, Barracuda, Mozilla, Kaspersky, McAfee, Google, Cyberoam, Safari, Bitdefender, Asterisk, Telecom, PBX & SonicWall. In 2010 he founded the company “Evolution Security”. After the firm’s establishment arose the Vulnerability Lab as the legal european initiative for vulnerability researchers, analysts, penetration testers, and serious hacker groups. Ben is also the leader of the Contest + Vulnerability-Lab Research Team. He have a lot of stable references by solved events or contests like ePost SecCup, SCS2, EH2008, Har2009, Da-op3n & exclusive zero-day exploitation sessions/releases.
  • Senior Security Researcher, UnicornTeam, Qihoo360Jun Li
    Jun Li
    Senior Security Researcher, UnicornTeam, Qihoo360
    Jun Li is a senior security researcher at UnicornTeam,Qihoo360,He is the founder of DEFCON Group 010. He had spoken at conferences like DEFCON, HITB, KCon, Syscan360, ISC etc. His research interests include IoT security, connected car security.Jun Li, along with his colleagues, have previously found several automobile vulnerabilities in Volvo,BMW,Audi,Mercedes Benz and BYD.
  • Security Researcher / Machine Learning Engineer, Cisco Umbrella (OpenDNS)David Rodriguez
    David Rodriguez
    Security Researcher / Machine Learning Engineer, Cisco Umbrella (OpenDNS)
    David Rodriguez is a security researcher and machine learning engineer at Cisco Umbrella (OpenDNS). He has co-authored multiple pending patents with Cisco in distributed machine learning applications centered around deep learning and behavioral analaytics. He has an M.A. in mathematics from San Francisco State University and previously worked at Location Labs by Avast and Esurance. David has spoken at the SAI Computing Conference, Black Hat, Virus Bulletin, Flocon, Flink Forward Berlin, and at Data Science meetups in the Bay Area. Virus Bulletin 2017 https://www.virusbulletin.com/blog/2017/11/vb2017-paper-beyond-lexical-and-pdns-using-signals-graphs-uncover-online-threats-scale/ Flink Forward Berlin, September 2017 https://www.youtube.com/watch?v=ge8tNcswMp4
  • Senior Vice President – Special Projects, DarkMatter LLCNajwa Aaraj
    Najwa Aaraj
    Senior Vice President – Special Projects, DarkMatter LLC
    Senior Vice President – Special Projects at DarkMatter LLC, with 12+ years experience in information and systems security. International Experience: USA, Middle East, Australia, Africa, Asia Education * Ph.D. with Highest Honors in Computer Engineering from Princeton University * Masters Degree in Computer Engineering from Princeton University * B.Eng. in Computer and Communication Engineering from American University of Beirut Employment History * Lead Senior Associate, Booz & Company, USA and Middle East * Research Staff Member, NEC Labs-Princeton University, NJ, USA * Research Staff Member, IBM T. J. Watson, NY, USA * Research Staff Member, Intel Corporation, Oregon, USA Cyber Security – Related Experience Patents: Optimizing performance of integrity monitoring; Patent number: 8949797 Analysis and design of a hardware/software trusted platform module (TPM) for embedded systems Energy and execution time analysis of a software-based trusted platform module (TPM) INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment – A framework for defending embedded systems against software attacks Dynamic Binary Instrumentation-Based Framework for Malware Defense Hybrid Arch. for Efficient and Secure Face Authentication in Embedded Systems – Architectures for efficient face authentication in embedded systems Neighbor stranger discrimination: a new defense mechanism against DDOS attacks
  • GoogleHalvar Flake
    Halvar Flake
    Google
    Thomas Dullien / Halvar Flake started work in reverse engineering and digital rights management in the mid-90s, and began to apply reverse engineering to vulnerability research shortly thereafter. He pioneered early windows heap exploitaiton, patch diffing / bindiffing and various other reverse engineering techniques. In 2004, he started zynamics, a company focused on reverse engineering technologies. He continued to publish about reverse engineering, ROP gadget search, and knowledge management technologies in relation to reverse engineering. In 2011, zynamics was acquired by Google, and Halvar spent the next few years working on defensive technologies that leveraged the then hot buzzwords “big data” and “machine learning”. In summer 2015, Halvar received the lifetime achievement Pwnie, and decided to take a year off to travel, read, and surf. Since November 2016, he is back at Google.
  • Challenge Designer, Counter Hack ChallengesEvan Booth
    Evan Booth
    Challenge Designer, Counter Hack Challenges
    Evan Booth loves to build stuff out of other stuff, he tends to break things for curiosity’s sake. Throughout 2013 and into 2014, in an effort to highlight hypocrisy and “security theater” brought about by the TSA, through a research project called “Terminal Cornucopia,” Evan created an arsenal ranging from simple, melee weapons to reloadable firearms to remotely-trigger incendiary suitcases—all solely comprised of items that anyone can purchase inside most airport terminals *after* the security checkpoint. Given the right ingredients, a big cardboard box can be a time machine, spaceship, minecart, or a telephone booth that only calls people named “Steve” who live in the future.
  • Head of Hardware Security - F-Secure, Founder - Inverse PathAndrea Barisani
    Andrea Barisani
    Head of Hardware Security - F-Secure, Founder - Inverse Path
    Andrea Barisani is an internationally recognized security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies, developing unconventional attack vectors and exploring what makes things tick…and break. His experiences focus on large-scale infrastructure defense, penetration testing and code auditing with particular focus on safety critical environments, with more than 15 years of professional experience in security consulting. Being an active member of the international open source and security community he contributed to several projects, books and open standards. He is the founder of the oCERT effort, the Open Source Computer Security Incident Response Team. He is a well known international speaker, having presented at BlackHat, CanSecWest, Chaos Communication Congress, DEFCON, Hack In The Box, among many other conferences, speaking about innovative research on automotive hacking, side-channel attacks, payment systems, embedded system security and many other topics.
  • VNSECURITY创始人Thanh Nguyen
    Thanh Nguyen
    VNSECURITY创始人
    Thanh Nguyen是一名独立安全研究员,在高度可扩展和分布式架构,低级操作系统开发,BIOS,固件,芯片组和微架构的各种技术方面拥有超过15年的经验。 Thanh曾是英特尔公司的安全架构师。在英特尔服务期间,他专注于保护和利用各种下一代英特尔关键技术,包括Silvermont Atom和SoC平台,英特尔博锐和管理引擎,Ivy Bridge/ Haswell微架构和GPU 等等。他也是VNSECURITY和CLGT Capture-The-Flag团队的创始人,以及THC的成员。 THC是2006年第一个能够一分钟之内破解A5 GSM的团队。
  • Lab Mouse Security创始人Don Bailey
    Don Bailey
    Lab Mouse Security创始人
    Don A. Bailey非常爱他的三个孩子Pierce,tacos和loT。 作为一名享誉国际的安全研究人员,他因在移动和嵌入式安全领域取得的突破而闻名。在过去八年中,Don在美国及世界各地举办了30多场安全技术讲座,讲座内容涉及多种安全领域的进步和发展。CNN,路透社,NPR,BBC,FOX和CBS等多家媒体曾经重点报道过他的研究突破。 Don最近在IEEE Security&Privacy杂志上发表了他最近研究的逆向工程M2M系统,如车辆安全模块。
  • Senior Research Scientist, Trend MicroDr. Marco Balduzzi
    Dr. Marco Balduzzi
    Senior Research Scientist, Trend Micro
    Dr. Marco Balduzzi holds a Ph.D. in applied security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo. His interests concern all aspect of computer security, with particular emphasis on real problems that affect systems and networks. Some topics of interest are web and browser security, code analysis, malware detection, cybercrime, online privacy, and threats in the IoT space. He has been involved in IT security for over 10 years with international experiences in both industry and academia. With previous experience as security consultant and engineer, he is now a full-time research scientist at Trend Micro. With over 30 talks in major security events like BH and HITB, he is considered a veteran speaker. His work has been published in the proceedings of top peer-reviewed conferences like NDSS, RAID and ACSAC, and featured by distinguished media like Forbes, The Register, Slashdot, InfoWorld, DarkReading, BBC and CNN. He now sits in the review board of conferences, including HITB, OWASP, eCrime, DIMVA and IEEE journals.
  • CEO, QUARKSLABFred Raynal
    Fred Raynal
    CEO, QUARKSLAB
    Founder and CEO of QUARKSLAB, a cybersecurity company specialized in cutting edge solutions to complex security problems. We rely on innovative, efficient and practical solutions based on deep knowledge and years of internationally recognized experience in the fields of reverse engineering, software assessment, vulnerability research, operating systems and cryptography. Our team is mainly composed with senior experts. We propose a range of customized services and products completely dedicated to your precise needs. Before that, to sum it up: – I got a PhD on steganography – I created MISC Magazine, the 1st IT security magazine. – I was co-founder and president of SSTIC, the main security related conference in France. – I started working at EADS as research engineer. – I created the Sogeti ESEC R&D team I am speaker at several conferences (CanSecWest, PacSec, SSTIC, HITB, …) and also wrote for security magazines/websites (securityfocus, IEEE Security & Privacy, Journal of computer virology, …)
  • Security Researcher, Google Project ZeroJames Forshaw
    James Forshaw
    Security Researcher, Google Project Zero
    James is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he’s been listed as the #1 researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.
  • Aperture Labs 董事Adam Laurie
    Adam Laurie
    Aperture Labs 董事
    Adam Laurie是电子通信领域的安全顾问,也是Aperture Labs公司(http://aperturelabs.com)的董事。他主要从事安全嵌入式系统的逆向工程。七十年代后期,他开始进入计算机行业,是PDP-8和其他迷你计算机的计算机程序员,之后八十年代负责各种基于Unix,Dos和CP / M的微型计算机程序。他很快就对底层网络和数据协议产生了兴趣,并将注意力转移到这些领域,远离编程,并创办了一家数据转换公司,该公司迅速发展成为欧洲A.L.下载服务领域最权威的公司。
  • TSTF创始人Emmanuel Gadaix
    Emmanuel Gadaix
    TSTF创始人
    SVC成员Emmanuel Gadaix 20多年来一直在探讨电信系统的安全问题。他发表过许多关于电信安全的公开演讲,但大多数并未受到网络运营商的重视。他仍坚持向这些网络运营商宣导这些日益严重的安全性威胁,这些威胁正危害着我们赖以生存的关键基础设施。
  • F-Secure 公司航空网络安全服务主管Hugo Teso
    Hugo Teso
    F-Secure 公司航空网络安全服务主管
    Hugo Teso是F-Secure 公司的航空网络安全服务主管。过去16年来,他一直致力于西班牙地区的信息安全。作为商业飞行员,他对于航空安全的重视和关注是必然。除了开发Inguma和Bokken等一些开源项目,他还花了大量时间进行航空安全研究,并在RootedCon等会议上展示了一些成果。
  • Net-Square创始人兼首席执行官Saumil Shah
    Saumil Shah
    Net-Square创始人兼首席执行官
    Saumil Shah是Net-Square的创始人兼首席执行官,为全球客户提供最前沿的信息安全服务。 Saumil是国际公认的演讲者和讲师,经常出席Deepsec,Blackhat,RSA,CanSecWest,PacSec,EUSecWest,Hack.lu,HITB等重要会议。他撰写了Web Hacking:Attacks and Defense和The Anti-Virus Book两本书。