CFP Review Board

Dan Duplito is the CISO of PSBank for 14 years and has donned several consulting hats prior to that, from web development to system and security administration. Comfortable working in six-pockets while hacking or doing penetration testing, he is also equally proficient in a 3-piece suit during Boardroom presentations. He's a certified paranoid geek who can (somewhat) write, draw and hip-hop dance, too. And he keeps boasting about his only award in his career: One of the Outstanding ASEAN CSO of 2013 (IDG)







Jay Turla is an application security engineer at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework: Host Header Injection Detection, BisonWare BisonFTP Server Buffer Overflow, Zemra Botnet CnC Web Panel Remote Code Execution, Simple Backdoor Shell Remote Code Execution, w3tw0rk / Pitbul IRC Bot Remote Code Execution, etc. He used to work for HP Fortify where he performs Vulnerability Assessment, Remediation and Advance Testing.




Jerwin Cuason started in the 80s playing games in an i286, programming using BASIC and eventually made his way out of university with a degree in Computer Science. He's since dabbled in the Information Technology world having churned through Programming (now called 'developing'), Database Administration, Systems Administration, Telecommunications Systems, Information Security, Privacy and Physical Security. He enjoys tinkering through devices and figuring out how things work, from Software and applications to Hardware and Physical Security Devices. He's currently struggling through a changing world of Content Creation and Influencers on social media.






Raymond Nuñez provides security consulting, with a special focus to financial services, government systems, and telecommunications industries. He does this simultaneously with teaching Computer and Network Security for graduate students in the University of the Philippines, Diliman, and taking his PhD in Computer Science also from UP Diliman.

He earned his SANS GIAC Security Expert (GSE) certification from the Global Information Assurance Certification (GIAC) organization. Only 240 people across the globe are GSE certified since its inception in 2003, and Raymond is the only one from the Philippines to hold this top and sought-after certification.

At DEF CON 24 in Las Vegas, he and his teammate Siege was awarded with the much-coveted DEF CON Black Badge for winning the CTP Contest. They are now free for life at DEF CON aside from bragging rights. To enhance his skills to be able to continuously provide cutting-edge services, and sometimes also as a form of entertainment, Raymond regularly takes certifications such as GSEC, GXPN, GNFA, GWAPT, GCIH, GASF, GCIA, GCDA, GMON, CISA, CISM, among others.

Past Review Board Members

Bill Breen is a computer security subject matter expert in several domains. He is currently living in SE Asia and continues to work in the computer security arena. Mr. Breen has spent the last 17 years doing information security work for a Fortune 100 company. Work related to incident response, forensics, risk assessments, perimeter security and implementing security policy on a global scale. Mr. Breen has been a senior planner for the DEF CON security conference for over 12 years, and is on the CFP review board for DEF CON. Mr. Breen is a very proud member of the Ninja Network hacker group, and has been involved in the hacking community for over 20 years.


Maxi Soler has more than 10 years of experience in Information Security, his work has been oriented towards Penetration Testing, for Web and Mobile Application Security. Maxi is part of Black Hat Arsenal Review Board and has had the opportunity to deliver lectures in conferences such as Black Hat, DEF CON, OWASP AppSec, EKOParty, Andsec, H2HC, 8dot8 and many important conferences. He is the CTO of ArtsSEC a company securing the digital transformations.