POSITIVE HACK DAYS



ORGANIZER

Review board

Luigi Auriemma

Founder and owner of the REVULN companies specialized in zero-days R&D, Luigi has been active in vulnerability research for over 15 years.
Independent researcher (aluigi.org) till 2012, he has performed vulnerability research on a wide range of products like SCADA/HMI software (GE, Siemens, ABB, Rockwell, Invensys, Schneider), Microsoft (ms12-020, ms11-035), enterprise software, Smart TV, online multiplayer games, and anything interesting enough to deserve a test.

Sergey Gordeychik

Sergey Gordeychik is captain of SCADAStrangeLove.org team and Web Application Security Consortium (WASC) contributor. ICS industrial disasters researcher and speaker at S4, CCC, PacSec, CodeBlue, POC, etc. The main areas of his interest are the product management for enterprise security products, hands-on security research and incident investigation. Sergey has developed a number of training courses, including "Wireless Networks Security" and "Security Assessment of Web Applications," published several dozens of articles in various titles and a book called "Wireless Networks Security". MCSE (starting from NT 4.0), CISSP and MVP in Enterprise Security: R&D.

Andrey Petukhov

Web Security Researcher for the Information Systems Security Laboratory of the Faculty of Computational Mathematics and Cybernetics at MSU. Participates in CTF events occasionally as a member of the Bushwhackers team. CEO at SolidLab.

Dmitry Evteev

Dmitry Evteev is an expert in practical information security with 10+ years of related experience. He specializes in studying techniques employed to attack information systems and in penetration testing.

Dmitry graduated from the Department of Applied Information Science of Moscow State University of Service in 2006. In his third year of study, he began to work for I.T. Group as an engineer of the information security management service. Dmitry joined Positive Technologies in 2008 to grow from an information security expert to the head of the security analysis department. He was one of the creators of the international information security forum Positive Hack Days in 2011. In 2015, he set up a company named HeadLight Security where he still works.

Dmitry speaks at key conferences, leads training seminars. He regularly publishes his technical articles and researches on information security.

Alexander Matrosov

Alex Matrosov is the Principal Research Scientist at Cylance. He has over a decade of experience with reverse engineering, advanced malware analysis, firmware security, and advanced exploitation techniques. Before joining Cylance, Alex served as Security Researcher at Intel Security Center of Excellence (SeCoE) where he leads BIOS security for Client Platforms. Before this role, Alex spent over six years at Intel Advanced Threat Research team and ESET where he was Senior Security Researcher. He is an author and co-author of the numerous research papers and the book "Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats." Alex is frequently invited to speak at security research conferences, such as REcon, Ekoparty, ZeroNigths, Black Hat and DEFCON. Also, he is awarded by Hex-Rays for the open-source plugin HexRaysCodeXplorer, which is developed and supported since 2013 by REhint's.

Alexander (Solar Designer) Peslyak

Alexander Peslyak, better known as Solar Designer, has been into computer security and open source for over 20 years. He achieved a number of "firsts" in (anti)exploitation, founded Openwall, wrote and co-wrote much of Openwall's software, including John the Ripper password cracker, contributed to third-party projects, runs the oss-security mailing list among many other past and current activities. Alexander spoke at international conferences, including HAL2001, NordU, FOSDEM, CanSecWest, PHDays, and ZeroNights.

Rodrigo Rubira Branco (BSDaemon)

Rodrigo Rubira Branco (BSDaemon) works as Senior Principal Security Researcher at Intel Corporation in the Security Center of Excellence where he leads the Client Core and BIOS Teams. He is the founder of the Dissect || PE Malware Analysis Project. Held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011, he was honored as one of the top contributors of Adobe. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest security research conference in Latin America. He is an active contributor to open-source projects. Accepted speaker in lots of security and open-source-related events as Black Hat, Hack in The Box, XCon, OLS, Defcon, Hackito, ZeroNights, Troopers and many others. Rodrigo published several papers in the fields of exploit writing, reverse engineering, malware analysis, and rootkit development. Rodrigo is also part of the invited review committee for a variety of security research conferences, such as Black Hat, PHDays, Hackito, NoSuchCon, Opcde, CCNC.

Dmitry Sklyarov

Head of Application Analysis Department at Positive Technologies. Dmitry lectured at the Information Security Department of Bauman Moscow State Technical University.
The author of "Hidden Keys to Software Break-ins and Unauthorized Entry." He graduated from the Computer-Aided Design Department of Bauman Moscow State Technical University and taught information security at his alma mater. He became worldwide known for disclosing insecurities of PDF files and introducing Advanced eBook Processor at DEFCON in 2001 when he was accused of copyright infringement by Adobe and arrested by the FBI officials. Two years later, he was acquitted.

Alexey Sintsov

Alexey graduated from Saint-Petersburg State Polytechnic University with a degree in Information Security of Computer Systems department (Russia). Since 2001 he has been working on practical questions in the field of security analysis and searching for vulnerabilities and exploit development. Now he works for HERE as a Senior Security Engineer and also doing column in the ][akep magazine. Alexey is a co-founder of first Russian DEF CON group — DCG#7812, and is also a co-organizer of the Zeronights conference. Some fruits of his labor can be found here: http://www.exploit-db.com/author/?a=549.

Berlin, Germany

Dhillon Kannabhiran

Dhillon Kannabhiran is the Founder and Chief Executive Officer of Hack in The Box, organizer of the HITBSecConf series of network security conferences which has been held annually for the past decade in various countries (Malaysia, the Netherlands and the UAE).

Andreas Bogk

Andreas Bogk is a hacker from the well-known German hacker organization Chaos Computer Club (ССС). He has more than 20 years of experience in reverse engineering, exploitation and cryptography; and more than 10 years in compiler construction and language design. He has been active for the CCC with a wide range of presentations at its annual conference, served as a member of the board and CEO. His focus is defense and building secure systems. He is currently working for HERE as Principal Security Architect.


Vangelis

Vangelis is CEO of POC Security. He is an organizer of POC, Zer0con, MOSEC conference. POC is an international hacking and security company. Zer0con focuses on exploit development and bug hunting and MOSEC focuses on mobile security. He has been appointed as a technical commission member of Cyber Security Subcommittee of NCIS.

Vladimir Dryukov

Vladimir was born in Omsk. Graduated from the Faculty of Mechanics and Mathematics of MSU. Since 2005, he worked at the information security center Jet Infosystems, raising from a trainee engineer to the head of the IS outsourcing unit of the center. Since 2013, he leads the technical department of the first commercial center for monitoring and responding to information security incidents Solar JSOC.

Mona Arkhipova

Mona has 10+ years hands-on experience in IT and 6+ from that in IT security. Now Mona is the Unit Manager of Information Security Architecture and Information Security Monitoring in Acronis. She graduated from RSSU IT faculty with a specialist's degree in complex security. Before Acronis Mona has been working as a Lead information security expert and as a United monitoring team manager at QIWI Group, as a Security Analyst at General Electric Capital, as an independent security consultant for fintech startups. During last years she deployed QIWI Security Operations Center from draft to full operable system. Mona leaded architecture design and technical implementation of SOX, ISO27002 and PCI DSS requirements and controls to different IT infrastructures. Participates as a speaker at many Russian and international IT and security conferences (Positive Hack Days, IDC IT Security Roadshow, IBM Security Day).

Alexey Kachalin

Has been professionally engaged in practical information security for more than 15 years: researching and developing systems for detecting computer attacks and abnormal behavior in information systems, conducting research on assessing security and stability of information systems performance, introducing and developing safe development practices. Deputy Director of Business Development in Russia at Positive Technologies. Takes an active part in development of the information security market in Russia. Program Director of the international forum for practical security Positive Hack Days. Lectures at the Faculty of Computational Mathematics and Cybernetics (MSU).

Dave Monnier

Dave Monnier is a Team Cymru Fellow and the Director of Sales and Marketing at Team Cymru, a specialized Internet security research firm based in Lake Mary, Florida, U.S. Team Cymru specializes in understanding the economic aspects of online crime, and Dave excels at describing the complex nature of the underground economy to both executives and technologists alike. Understanding that real-world security involves both technology and business considerations, Dave helps organizations to fully consider their security and policy decisions in real-world terms. Dave has traveled the world presenting security ideas and solving organizations' hardest problems. With over seventeen years of experience in a wide-range of technologies, Dave brings a wealth of knowledge and understanding to every situation. Dave began his career performing UNIX and Linux administration in academic and high performance computing environments where he helped to build some of the most powerful computational systems of their day. Subsequent to systems administration, Dave moved into Internet security, having served as a Lead Security Engineer for a Big Ten university and later helped to launch the Research and Education Networking ISAC, part of the formal U.S. ISAC community. Dave joined Team Cymru in 2007 where he has served as their Senior Engineer and later as a Security Evangelist. In 2010, Dave was granted the title of Team Cymru Fellow, a highest honor of Team Cymru. Dave has managed multiple teams as part of Team Cymru ranging from engineering, outreach, threat intelligence, sales, and marketing.