Matt Conover is a Principal Software Engineer at Symantec in Security Response. Recently, he has been focusing on Windows heap exploitation, and developing tools to reverse engineer worms/rootkits. He has been active in computer security since the late 90's and has worked at security companies such as Bindview, Guardent, and Entercept. He is well respected as a long-time security researcher, and a pre-eminent authority in the field. He has previously presented at CanSecWest, SANS, and the University of Utah.

San is a security researcher, who has been working in the Research Department of NSFocus Information Technology (Beijing) Co., Ltd for more than three years. He's also the key member of XFocus Team, the pre-eminent security research group in China, who has discovered and published many Microsoft vulnerabilities.

His focus is on researching and analyzing application security, and he's also the main author of "Network Penetration Technology" (Chinese version book).

Dave McKay is currently an independent security consultant. McKay has been involved in the information security field for 9 years. McKay's prior employment includes an impressive list of companies where he served in a security capacity including, Hotmail, Google, Microsoft, US Department of Defense and @stake (now Symantec). McKay is now in Rome writing a book.

Ilja van Sprundel has a passion for somewhat offensive computer security. Among other things he has previously imlemented a secure creditcard transaction solution. Ilja also attended the RWTH-Aachen summerschool of applied I.T. security where he learned a great deal about offensive and defensive security mechanisms. He is also the winner of the 21c3 stacksmashing contest and a member of the Netric security research group.

IIja an Sprundel currently works for Suresec.org.

Fyodor Yarochkin is a security hobbyist and happy programmer with a few years spent in business objectives and the "security" service delivery field. These years, however, weren't completely wasted - Fyodor has been contributing his spare time to a few open and closed source projects that attracted limited use among non-business oriented computer society. He has a background of system administration and programming and holds Engineering degree in Software Engineering.

Meder Kydyraliev has been involved has been involved in research and development of Xprobe2 active OS fingerprinting tool. Some of his personal interests include: network reconnaissance and information gathering techniques, applications of distributed computing in information security tools. His senior project was titled "Multi-threaded, distributed platform for information security tools". Meder has obtained his Bachelor of Science degree in software engineering from AUK/Kyrgyzstan and is at early stage of getting to know what real security industry is.

Emmanuel has been involved in the information security and telecommunications fields for over 12 years. Originally from Western Europe, Emmanuel has been living in Southeast-Asia since 1993. After few years spent at Nokia commissioning mobile networks' NMS and IN systems, he started his own security consulting company in 1997, which eventually got acquired by TruSecure in 2001. Emmanuel now runs the Telecom Security Task Force, a specialized research firm focusing on GSM, GPRS and 3G/UMTS security. Personal interests included SS7 signalling, VoIP protocols and legacy X.25 networks."

He is a CISSP, a Certified ISO-8583 Financial Transaction Protocol Engineer and a Certified Oracle DBA.

Neil Archibald is a security professional from Sydney Australia. He has a strong interest in programming and security research. Neil is employed by Suresec (http://www.suresec.org) as a Senior Security Researcher. He has coauthored two books published by Syngress - "Aggressive Network Self Defense" and "Ethereal, Snort & Nessus Power Tools".

Pukhraj Singh is the CTO and Co-Founder of SigInt Network Defense Pvt Ltd, a leading provider of information security services in North India. At SigInt he is leading a team of entrepreneurial think-tanks.

Previously he worked with Network Intelligence India, a leading provider of Managed Security Services to global client�les, as a security researcher. There in he performed the penetration testing of some leading Indian companies and international banks.

Later he joined the Indian R&D arm of a top-tier funded Silicon Valley based Security start-up, called Blue Lane Technologies (still in stealth mode). He was a part of the team working on a next-generation Intrusion Prevention System based on a patent-pending technology, which will guard against hacker intrusions in a novel way.

Having an innate interest in making people more aware about security and its importance in present scenario, he has spoken in many conferences (Hack In The Box, Bahrain), technology meets and has conducted professional grade ethical hacking workshops. His articles are also cited leading information security resources on Web (www.SecurityFocus.com) and newspapers.

Marcel Holtmann is the maintainer and the core developer of the official Linux Bluetooth stack which is called BlueZ. He started working with the Bluetooth technology back in 2001. His work includes new hardware drivers, upper layer protocol implementations and the integration of Bluetooth into other subsystems of the Linux kernel. In January 2004 he overtook the maintainer role from the original developer Max Krasnyansky. Together with Jean Tourrilhes he maintains the OpenOBEX project. He is also responsible for the IrDA and Bluetooth integrations of the Gnokii project.

Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company which rapidly grew to become Europe 's largest specialist in that field (A.L. downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and, with help from his brother Ben, wrote the world's first CD ripper, 'CDGRAB'. At this point, he and Ben became interested in the newly emerging concept of 'The Internet', and were involved in various early open source projects, the most well known of which is probably their own�'Apache-SSL'�which went on to become the de-facto standard secure web server. Since the late Nineties they have focused their attention on security, and have been the authors of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of re-using military data centres (housed in underground nuclear bunkers - http://www.thebunker.net ) as secure hosting facilities. Adam has been a senior member of staff at DEFCON since 1997, and also acted as a member of staff during the early years of the Black Hat Briefings.

Major Malfunction is a security professional by day, and a White Hat hacker by night. He is a good example of what happens to TheGoodGuys(tm) when you force them to travel, eat junk food, drink too much coffee, and stay in cheap hotels. If your hotel has a hole in it, Major Mal will find it... He has been involved in DEFCON, as a Goon, since DC5, and the computer industry since the early Eighties. He was co-founder of the world's first full time Internet pirate radio station, InterFACE, and wrote the first ever CD ripper, 'CDGRAB', disproving the industry lie that computers could not read music CDs. In his spare time, he likes to play with guns. Big guns. Little guns. As long as it goes BANG, it will be his friend, and he will love it, care for it, and feed it plenty of ammo. Let him fondle your weapon, and you'll have a friend for life...

Fabrice is the manager of FMA-RMS, a small dedicated security consulting firm based in Singapore. Developer by trade for many years, he has been involved in the information security field for over 6 years. His interests are in secure programming, cryptography, open source and firewalling techniques. For the last few years he has been breaking mostly bank and telecom web applications in the Asia Pacific region, as well as performing penetration tests for them. Originally from France, Fabrice has been staying in Singapore for the last 5 years.

Alex Stamos is a founding partner of iSEC Partners, LLC, a strategic digital security organization, with several years experience in security and information technology. Alex is an experienced security engineer and consultant specializing in application security and securing large infrastructures, and has taught multiple classes in network and application security.

Before he helped form iSEC Partners, Alex spent two years as a Managing Security Architect with @stake. Alex performed as a technical leader on many complex and difficult assignments, including a thorough penetration test and architectural review of a 6 million line enterprise management system, a secure re-design of a multi-thousand host ASP network, and a thorough analysis and code review of a major commercial web server. He was also one of @stake's West Coast trainers, educating select technical audiences in advanced network and application attacks.

Before @stake, Alex had operational security responsibility over 50 Fortune-500 web applications while at Loudcloud, Inc. The technical aspects of his position required advanced knowledge of Unix and Windows based application servers, experience with datacenter level administration and monitoring tools, and a deep understanding of network architecture and security.

Alex has also worked in a security role at a DoE National Laboratory. He holds a BSEE from the University of California, Berkeley, where he participated in research projects related to distributed secure storage and automatic C code auditing.

Shreeraj founded Net-Square to establish the company as a strong security research and security software development company. He leads research and development arm of Net Square. He has over 7 years of experience with system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. In the past Shreeraj worked with Foundstone, Chase Bank and IBM in area of web security.

Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his graduate degree in Computer Engineering from Gujarat University, and an MBA from Nirma Institute of Management, India. Shreeraj has also authored a book titled "Web Hacking: Attacks and Defense" published by Addison Wesley. Shreeraj spoke at conferences like HackInTheBox, RSA, Blackhat, Bellua, CII and NASSCOM etc. in the past.

Himanshu Dwivedi is a founding partner of iSEC Partners, LLC, a digital security organization, with 11 years experience in security and information technology. Before forming iSEC, Himanshu was the Technical Director for @stake’s Bay Area practice. His professional experience includes application programming, infrastructure security, and secure product design with an emphasis on storage security for the past 5 years.

Himanshu is considered an industry expert in the area of SAN security, specifically Fibre Channel Security. Himanshu specializes in SAN and NAS security. His research includes Fibre Channel (FC), iSCSI, and NAS (CIFS/NFS) storage devices. The technical publications including the following:

PATENTS:

• U.S. Patent Serial No. 10/198,728
  Patent pending for Fibre Channel security design techniques (including authentication, authorization, and auditing) for storage architectures and devices used in SANs

ISSUED BOOKS:
- Implementing SSH: Strategies for Optimizing the Secure Shell, Wiley Publishing
- The Complete Storage Reference (Ch. 25, Security Considerations), McGraw-Hill
- Storage Security, NeoScale Publishing

PAPERS:
Protecting Intellectual Property Whitepaper
Storage Security Whitepaper

After 4 years as IT security consultant, performing audits and penetration testing, Cedric joined EADS Corporate Research Center to perform R&D within the network security field, including wireless technologies. He is an active member of Rstack team and French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He regularly authors technical presentations and articles, and gives lectures at university. Strongly involved in Free Software community, he delivers GNU/Linux security trainings accross Africa for an IT sustained development program.

Krisztian Piller (29) is M.Sc.E.E. and he is working for the European Central Bank (ECB) as a security expert. He plans and analyzes the security of IT Projects, performs security assessments and penetration testing. Formerly he has been worked for Ernst & Young as a senior advisor for IT security where he analyzed the security of computer systems and networks of national as well as international large-scale enterprises. He has been a speaker several times at various IT security-related conferences all over Europe.

(24) is a student of business & computer science at the University of Cooperative Education in Stuttgart/Germany and is working for Ernst & Young Risk Advisory Services (RAS) department for two years now. Together with his colleagues he analyzes the security of computer systems and networks of national as well as international large-scale enterprises. He has published more than a dozen articles for various German IT magazines and two books for the Addison & Wesley publishing house.

Amnesia has been researching the Linux kernel for a year. I focus mainly on rootkit detection, binary/kernel object modification and exploit code development.

Clflush has a keen interest in computer security and loves exploring and testing both offensive and defensive techniques in his spare time. He has been researching on the Linux kernel for a year. He is also interested in code emulation and poly/meta-morphic engines as well as virus techniques.