Thomas Lim is the Founder and CEO of COSEINC and SyScan. Previously as the head of IT Security in one of the largest IT services companies in Singapore, he was highly disappointed with the so-called Security seminars organised by the various vendors to be nothing but a sales and marketing pitch.

In 2004, he founded SyScan, a true-blue technical-based and vendor neutral IT security conference with a strong emphasis on cutting edge security research. Today, in its 7th year, SyScan is one of the most recognised security conference in the security community.

As for COSEINC, this is the only privately based and funded security research company in Singapore, which became highly prominent in the security community after the publication of "BluePill" - the first hardware based VM rootkit back in 2006.

The Founder and CTO of Immunity, Dave Aitel, was a consultant with @stake and a research scientist with the National Security Agency. Dave's background lies in Linux and Unix systems. His focus changed to Windows exploitation after founding Immunity, and in more recent years has expanded to include web applications and engine development for CANVAS such as MOSDEF, the engine's C compiler. Dave continues to write CANVAS exploits and conduct security research while leading the technical team and product and service direction at Immunity. He oversees all technical projects at Immunity.

Edgar Barbosa is a senior security researcher in the Advanced Malware Lab (AML) of COSEINC. He was a member of the team within AML to develop �Blue Pill�, a virtual machine rootkit, and has published several papers. Edgar is an expert in kernel development, rootkit research, reverse engineering and virtualization technologies.

Stephen Ridley is a Senior Researcher at Matasano Security LLC, an independent security research and development firm specializing in software security and reverse engineering.

Prior to Matasano, Stephen worked at McAfee as a founding member of the Security Architecture research group. Before that, Stephen did reverse engineering and software vulnerability research in a "skunkworks" team at a leading U.S. Defense/Intel contractor. He is privately credited with vulnerability discoveries in popular COTS packages as well as open-source software. Stephen has written for several trade magazines and been quoted in publications such as "Wired" and "Security Focus". He has also taught reverse engineering companies from the Fortune 500 and to Military and Defense agencies. Stephen currently lives in Manhattan, New York.

Ben Nagy is a security researcher with COSEINC, currently working out of Kuala Lumpur. For the past few months he has been working full time in the guts of the Word 2007 Binary Format and integrating the results into Metafuzz, his ruby-based fuzzing framework. Previously working on liver destruction with eEye in Geneva and Bangkok, Ben has written whitepapers on a number of subjects and presented at several conferences in Europe (Infosecurity in London) and Asia (Ruxcon). These papers include:

• "SEH security changes in XPSP2"
• "Generic Anti-Exploitation Technology for Windows"

Charlie Miller: Pwn2Own winner 2008, 2009. Popular Mechanics top 10 hackers 2008. Previous publications/presentations:

• "The Mac Hacker�s Handbook", with Dino Dai Zovi, ISBN-13: 978-0470395363, Wiley, March 2009.
• "Fuzzing for Software Security Testing and Quality Assurance", Ari Takanen, Jared DeMott, Charles Miller, ISBN-13 9781596932142, Artech House, June 2008.
• "Open Source Fuzzing Tools", with Noam Rathaus, Gadi Evron, Charles Miller, ISBN-13 978-1597491952, Syngress, Aug 2007.
• "Fun and Games Using In-Memory Execution on Mac OS X and iPhone", with Vincenzo Iozzo, to be presented at BlackHat Europe 2009.
• "Hacking Macs for Fun and Profit", with Dino Dai Zovi, presented at CanSecWest 2009
• "Hacking and Securing iPhones", presented at InfoSec World 2009
• "Pulling a John Connor, Defeating Android", presented at Shmoocon 2009
• "iPwning the iPhone", presented at Hack in the Box Malaysia 2008.
• "Owning the Fanboys: Hacking Mac OS X", presented at BH Japan 2008.
• "Iron chef: Fuzzing Challenge", with Brian Chess and Jacob West, presented at BH USA 2008
• "Engineering Heap Overflow Exploits with JavaScript", with Jake Honoroff and Mark Daniel, presented at WOOT, USENIX 2008.
• "Adventures in Disclosure: Inside the Legal Exploit Sales Market", presented at AuCert 2008
• "Virtual Worlds - Real Exploits", Charles Miller, Network Security, April 2008. ISSN: 1353-4858.
• "Breaking Security Systems: From Vulnerability Discovery to Disclosure", presented at RSA 2008
• "Fuzz by Number", presented at CanSecWest 2008
• "Virtual Worlds - Real Exploits", with Dino Dai Zovi, presented at ShmooCon 2008
• "Fuzzing with Code Coverage by Example", presented at Toorcon 2007
• "Real World Fuzzing", presented at Toorcon 2007
• "How Smart is Intelligent Fuzzing - or - How Stupid is Dumb Fuzzing?", presented at DEFCON 2007
• "Hacking Leopard: Tools and Techniques for Attacking the Newest Mac OS X", presented at Black Hat USA 2007

Justine Osborne is a Security Consultant for iSEC Partners, an information security organization. At iSEC, Justine specializes in application security, focusing on web application penetration testing, code review, and secure coding guidelines. She also performs independent security research, and has presented at security conferences such as Blackhat, Defcon and DeepSec. Her research interests include emerging web application technologies, dynamic vulnerability assessment tools, Rich Internet Applications (RIA), and mobile device security.

cmlh is from Sydney, Australia and is the Project Leader of the OWASP "Google Hacking" Project and "Download Indexed Cache" and "TCP Input Text" code projects. cmlh has contributed to the "Spiders/Robots/Crawlers" and "Search Engine Reconnaissance" sections of the OWASP Testing Guide v3 and invented the "Speak English" Google Translate Workaround. cmlh has presented at RUXCON (AU), SecTor (CA), OWASP (US and AU) and ToorCon (US) and has a Public Profile on LinkedIn at http://www.linkedin.com/in/ChristianHeinrich

Matthew Conover is a principal software engineer in the Symantec Resarch Labs. He has worked at Symantec for the last five years. He has been involved in security since the late 1990s, publishing one of the first papers on heap overflows in 1999. He has presented at numerous security conferences, including SyScan, Xcon, CanSecWest, and RSA. Matthew is a member of the SyScan CFP committee.

Nguyen's research interests include computer security, networking, data forensic, virtualization, trusted computing and operating system. Being an academic guy, he also loves to get involved with the industry by presenting his research results at various hacking conferences around the world. Quynh obtained his PhD degree in computer science from Keio University, Japan. He is also a member of Vnsecurity, a pioneer information security research group in Vietnam.

Having conducted vulnerability assessments, network reviews, and penetration tests for the majority of the large companies in New Zealand, Insomnia founder Brett Moore brings with him over six years experience in information security. During this time, Brett has also worked with companies such as SUN Microsystems, Skype Limited and Microsoft Corporation by reporting and helping to fix security vulnerabilities in their products. Brett has released numerous whitepapers and technical postings related to security issues and has spoken at security conferences both locally and overseas, including BlackHat, Defcon, Ruxcon, and the invitation only Microsoft internal security conference called BlueHat.

Berne Campbell is a security professional at a large telecommunications company. He has a strong background in network security and enjoys both software and protocol vulnerability research.

Berne has previously presented at the Ruxcon 2009 security conference[1].

Stefan Esser is best known in the security community as the PHP security guy. Since he became a PHP core developer in 2002 he devoted a lot of time to PHP and PHP application vulnerability research. However in his early days he released lots of advisories about vulnerabilities in software like CVS, Samba, OpenBSD or Internet Explorer. In 2003 he was the first to boot linux directly from the harddisk of an unmodified XBOX through a buffer overflow in the XBOX font loader. In 2004 he founded the Hardened-PHP Project to develop a more secure version of PHP, known as Hardened-PHP, which evolved into the Suhosin PHP Security System in 2006. Since 2007 he works as head of research and development for the german web application company SektionEins GmbH that he co-founded.

Marc Schoenfeld started his IT career in the early 80s with a C64, a datasette and a 6502 book from Rodney Zaks. After a university detour and a degree showing that he is able to arbitrarily mix business administration with IT, he returned to core IT. There he focussed on security research and presents on major internal conferences since 2002, focussing on JDK and JEE security. He discovered major security flaws in OpenOffice, JEE application servers (Glassfish, JBoss, Geronimo), and Sun and OpenJDK Java distributions.

After being in the banking IT sector for over 10 years, since 2007 he joined a operating system vendor, working on security testing and response tasks. In his free-time he chases his dogs, looks for the best chow mein in the world, tortures his Wii, explores the endless world of free software and listens to Ennio Morricone's music.

Alfredo Ortega:
Alfredo Ortega works at Core Security Technologies as an exploit writer, OpenBSD, FreeBSD and Linux platform manager. He is pursuing a PhD at ITBA (Instituto Tecnologico de Buenos Aires) and has been a speaker at several security and computer science conferences, including Blackhat, Defcon, Cansecwest and Ekoparty. He is turning into a unholy hybrid of academic and hacker.

Anibal Sacco:
Anibal Sacco is a SSr Exploit Writer and Reverse Engineer at CORE Security Technologies. He has been researching vulnerabilities and developing exploits for Windows, OS X and Linux for 3 years. He first focused on windows kernel-mode vulnerabilities, and lately has moved on to OS X vulnerabilities. He also loves to apply obscure moves to understand and improve any kind of firmware found out there. And he enjoys origami, too.