Thomas Lim is the Founder and CEO of COSEINC and SyScan. Previously as the head of IT Security in one of the largest IT services companies in Singapore, he was highly disappointed with the so-called Security seminars organised by the various vendors to be nothing but a sales and marketing pitch.

In 2004, he founded SyScan, a true-blue technical-based and vendor neutral IT security conference with a strong emphasis on cutting edge security research. Today, in its 7th year, SyScan is one of the most recognised security conference in the security community.

As for COSEINC, this is the only privately based and funded security research company in Singapore, which became highly prominent in the security community after the publication of "BluePill" - the first hardware based VM rootkit back in 2006.

Ben Nagy is a senior security researcher with COSEINC, and recently moved from Kuala Lumpur to hack with a view of the mountains in Kathmandu. For over a year he has been exploring ways to improve fuzzing scalability, especially against complex, closed source targets like Windows and Office. Previously working on liver destruction with eEye in Geneva and Bangkok, he has written whitepapers on a number of subjects and presented at conferences in Europe, Asia and Australia. Ben is probably that guy over there drinking beer and talking about Ruby.

Ling Chuan Lee currently works at Senior Malware Analyst at Malware Research Center in Malaysia Computer Emergency Response Team, CyberSecurity Malaysia. He specializes in reverse engineering to provide in-depth malware analysis on decryption, solution and techniques services. Lee has over 6 years of experience in reverse engineering malware, penetration testing and has worked on a computer incident and response team. He served as senior security consultant at Scan Associates Berhad. Lee also holds a Master of Science from Universiti Kebangsaan Malaysia and professional certificate GIAC Certified Penetration Tester (GPEN).

Now further the study in Universiti Kebangsaan Malaysia as Ph.D (Doctor of Philosophy) student, majoring Antivirus Core Engine Design.

珠海市安德网络科技公司副总经理、技术总监，著作有《数据安全与编程技术》（清华大学出版社出版）、 《数据恢复技术》（电子工业出版社出版）等，是《安德数据恢复》、《安德图片恢复》、《安德闪电文件搜索》、 《安德上网痕迹检查 系统》、《安德上网痕迹擦除系统》、《安德文件粉碎机》等软件核心开发者。

Udi Shamir is a Senior Researcher with the Advanced Malware Labs of COSEINC. His work in the company includes research into Rootkits, Operating Systems, Virtualization Security and Kernel Hacking.

A few of his projects includes:

• The BlueBox is watching Me, (Hacking the Linksys checksum)
• DirStat filesystem security event tracker, http://sf.net/projects/dirstat.
• EM (Enforcement Module) http://sf.net/projects/em-module.
• WMI (re-patch wmi version for linux).

Gallagher - Tom Gallagher has been intrigued with both physical and computer security from a young age. He is currently the lead of the Microsoft Office Security Test team. Tom co-authored the Microsoft Press title "Hunting Security Bugs" and has presented at OWASP (Seattle), Black Hat, CanSecWest, and the TechEd conferences.

List of presentations/publications:

Tom Gallagher

• Book:
  • "Hunting Security Bugs", Tom Gallagher, Bryan Jeffries, and Lawrence Landauer, Microsoft Press, October 2006
• Presentations:
  • Cansecwest 2010 "Under the Kimono of Office Security Engineering", March 2010
  • BlueHat v9 "Under the Kimono of Office Security Engineering", October 2009
  • UNC Charlotte Fall 2009 Cyber Security Symposium "Under the Kimono of Office Security Engineering", October 2009
  • UNC Charlotte Fall 2008 Cyber Security Symposium "Hunting Security Bugs with Fuzz Testing", October 2008
  • TechEd USA 2008 "Making Security Testing Part of Everyday Development", June 2008
  • OWASP Seattle "Hunting Security Bugs in your Code", November 2007
  • UNC Charlotte Fall 2007 Cyber Security Symposium "Hunting Security Bugs in Your Software", October 2007
  • BlackHat USA 2006 "Finding and Preventing Cross-Site Request Forgery", August 2006

Stefan Esser is best known in the security community as the PHP security guy. Since he became a PHP core developer in 2002 he devoted a lot of time to PHP and PHP application vulnerability research. However in his early days he released lots of advisories about vulnerabilities in software like CVS, Samba, OpenBSD or Internet Explorer. In 2003 he was the first to boot linux directly from the harddisk of an unmodified XBOX through a buffer overflow in the XBOX font loader. In 2004 he founded the Hardened-PHP Project to develop a more secure version of PHP, known as Hardened-PHP, which evolved into the Suhosin PHP Security System in 2006. Since 2007 he works as head of research and development for the german web application company SektionEins GmbH that he co-founded.

Laurent has been a security expert at the Commissariat a l'Energie Atomique in France for years, which is the equivalent of the US Dept Of Energy. He is an instructor about network and system security in french schools, and has managed numerous security projects for about ten years.

He's been doing research on defensive technologies highly closed to blackhats activities like honeypots, IPS/IDS, firewalls, sandboxes, etc. He co-founded the French Honeynet along with Nicolas Fischbach, and is a member of the Steering Committee ot the Honeynet Research Alliance.

Laurent is also a frequent contributor to several research papers like Security Focus and MISC magazine, as well as a presenter at computer security and academic conferences like Cansecwest, Pacsec, Black Hat USA-Asia-Europe, Defcon, Hope.

The Grugq is a pioneering information security researcher with over a decade of professional experience. He has worked extensively with digital forensic analysis, binary reverse engineering, rootkits, Voice over IP, telecommunications and financial security. The Grugq’s professional career has included Fortune 100 companies, leading information security firms and innovative start-ups.

Currently living in Thailand, the Grugq works as a senior security researcher for COSEINC. While not on engagements, the Grugq continues his research on security, forensics and beer.

Claims to fame:

• pioneered anti-forensics
• developed "userland exec"
• released voip attack software
• decade of experience in info sec
• long term liaison w/ digital underground
• described as "extremely handsome" [by his mom]
• 1992 sussex County 3-legged race, 2nd place

The Grugq has spoken at dozens of conferences over the last 7 years; provided expert training courses to .gov, .mil, police and businesses; domain expertise on forensics, voip, telecommunications and financial systems.

Lukas Grunwald is the CTO of DN-Systems Enterprise Internet Solutions GmbH (Hildesheim/Germany) a globally acting consulting firm working mainly in the field of security solutions for enterprises and federal governments in Europe and Asia.

He is also the head of the Hacking Lab where new technology is evaluated.

Mr. Grunwald has been working in the field of IT security for nearly 15 years now. He is specializing in security of wireless and wired data and communication networks, forensic analysis, audits and active networking. Mr. Grunwald regularly publishes articles, talks and press releases for specialist publications. He also participates actively at several conferences all over the world.

Mr. Grunwald is co-author of RFDump an RFID attack and audit tool, that is free software and got some attention for the first time clone and attack the ePassport live at BlackHat, Mr. Grunwald spoke at many international security conferences.