ROOTCON 17 - Speakers

Aaron Ng
Aaron Aubrey Ng is a Senior Systems Engineer at Crowdstrike where he advises customers on their security needs and solutions. He is currently based in Dubai, and is responsible for the Crowdstrike business across the Middle East - in particular Saudi Arabia, Egypt, and Qatar. Prior to the current stint, Aaron served as a Strategic Threat Advisor where he actively evangelised for the value and pertinence of Threat Intelligence to organisations across the public and private sectors.

Prior to Crowdstrike, Aaron was an Intelligence Consultant at Recorded Future. In that role, he was responsible for the design and implementation of Threat Intelligence strategies and solutions across a broad spectrum of organisations. Before joining industry, Aaron served 12 years of Active Duty in the Singapore Armed Forces as a Military Intelligence Officer. He served in multiple command appointments in classified Intelligence units, and garnered staff experience in the areas of strategic planning and policy development. In his penultimate tour of duty, Aaron was instrumental in architecting the Digital and Intelligence Service (DIS) - the recently inaugurated fourth service of the Singapore Armed Forces.

Aden Yap
Aden is a penetration tester with BAE Systems based in Malaysia and has 6 years of experience in the field of Cybersecurity. He is responsible for delivering red teaming exercise and various penetration testing for numerous industries and reported critical vulnerabilities in their application and infrastructure. He holds CRTO, OSCP, CREST-CRT, CEH and industry certifications. Apart from projects, He also contributed in bug bounty program for health and financial industries and vulnerability research program for internet spaces.

Ali Radzali
Ali started his first step in Cybersecurity while participating in Capture The Flag (CTF) competitions. From that, he develops more interest in cybersecurity skills by writing a blog, creating a tool and joining CTF globally and locally. He is a penetration tester with BAE Systems based in Malaysia and has reported several critical vulnerabilities. He also holds OSCP, CRTO, and CREST-CRT industry certifications. Ali also has contributed back the knowledge he gained to local students in Malaysia and will continue doing so in the future.

Azrul Zulkifli
Azrul started his journey in cybersecurity in his early teens, where he found a flaw in a dial-up internet access and people can surf the internet for free. Since that, he developed interest in hacking. He believes that hacking is not just a career, but a way of life. His current work involves identifying security vulnerabilities and conduct ethical hacking to software application. Throughout his career, he has perform various penetration tests for numerous agencies, especially major banks in Southeast Asia, to help ensure that their systems are more secure against cyber criminals. He spends his free time improving his methodology to hunt for a new CVE and zero day. As of today, he obtained 5 CVE under his name in VDP and BBP programmes. He holds several industrial cybersecurity certifications such as Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP) and Comptia security+.

Dexter Chen
Dexter Chen is a threat researcher at TXOne Networks Inc. with primary focus on penetration testing, red teaming, and Active Directory security. He spoke at several international cyber security conferences including CODE BLUE, HITCON, Black Hat MEA, and CYBERSEC. He used to be a red teamer that specialized in lateral movement and operation security in Trend Micro. He was the instructor of several trainings including HITCON training, Cybersecurity Center of Excellence (CCOE), and Ministry of National Defense. Dexter is a cyber security enthusiast who likes playing labs, researching vulnerabilities, and exploring various attack techniques and he is currently the holder of OSCP and OSWE.

Eric Reyata
Eric is a Cyber Security professional who has been working as a TI Analyst focused on CTI Collection, OSINT, HUMINT, Criminal Underground monitoring and tools development and automation. After working at iSight Partners and FireEye, he joined the Fox-IT InTELL team in The Netherlands. He is also the founder of Rightsec, a cyber security solutions and services provider based in Manila, Philippines.

IJ Puzon
A child of a Pastor & School Teacher, IJ is an Information Security Professional with ~7 years of experience in the field. He specializes in Vulnerability Assessment & Penetration Testing (VAPT) primarily focusing on Host, Web & Mobile Assessments as a member of the Synack Red Team & with his current employer. He is also skilled in Digital Forensics & Incident Response (DFIR), having handled multiple incidents in his previous employments & testifying as an expert witness in a case involving Computer-related Grave Threats & Unjust Vexation.

Jay Turla (@shipcod3)
Jay Turla is Principal Security Consultant at VikingCloud, and one of the goons of ROOTCON. He has presented at international conferences like ROOTCON, HITCON, Nullcon, DEFCON, etc. He used to work for HP Fortify and Bugcrowd in the areas of appsec. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.

JJ Giner
I am a professional working in [industry/profession]. I have [number of years] of experience in [specific area of expertise]. Passionate about [specific interest], I strive to [specific goal or objective]. I enjoy [hobbies/activities], and I am committed to [personal/professional values].

Tldr: Taxpayer/Son/Husband/Father/Servant of God.

Kamel Ghali
Kamel is a veteran of the automotive cybersecurity community, having spent over 3 years as an expert car hacker, technical trainer, and contributor to worldwide industry-focused communities such as the SAE, ASRG, and the Car Hacking Village. His particular areas of focus within vehicle security are Bluetooth, RF, and in-vehicle networks. Outside the garage, Kamel is an amateur chef, ukulele player, and fighting game enthusiast.

Dan McInerney
Dan has been on the red team of the security field for 15 years. He has written dozens of security tools and is a top ranked Python GitHub developer. Dan was a senior penetration tester focusing on high level Google, Azure, and Amazon offerings specializing in new machine learning services. Researching novel attacks in emerging fields such as 3D printing and machine learning has been a continuing passion as shows from his 7 CVEs in AI tools. Additionally, Dan has taught his skills to other penetration testers for multiple years as a highly reviewed BlackHat instructor.

Mars Cheng
Mars Cheng (@marscheng_) is the Threat Research Manager of TXOne Networks PSIRT and Threat Research Team. In this role, he is responsible for coordinating product security and threat research, and serves as the Executive Director of the Association of Hackers in Taiwan. Mars has a background and experience in both ICS/SCADA and enterprise cybersecurity systems. He has directly contributed to more than ten CVE-IDs and has been published in three Science Citation Index (SCI) applied cryptography journals.

Before joining TXOne, Mars worked as a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). He is a frequent speaker and trainer at several international cybersecurity conferences such as Black Hat USA/Europe/MEA, RSA Conference, DEFCON, CODE BLUE, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, CYBERSEC, and CLOUDSEC. Mars was the General Coordinator of HITCON (Hacks in Taiwan Conference) PEACE 2022 and HITCON 2021, and Vice General Coordinator of HITCON 2020.

Orange Tsai
Cheng-Da Tsai, aka Orange Tsai, is the principal security researcher of DEVCORE and the core member of CHROOT security group in Taiwan. He is also the champion and the “Master of Pwn” title holder in Pwn2Own 2021/2022. In addition, Orange has spoken at several top conferences such as Black Hat USA/ASIA, DEF CON, HITCON, HITB GSEC/AMS, CODE BLUE, POC, and WooYun! Currently, Orange is a 0day researcher focusing on web/application security. His research got not only the Pwnie Awards for “Best Server-Side Bug” winner of 2019/2021 but also 1st place in “Top 10 Web Hacking Techniques” of 2017/2018. Orange also enjoys bug bounties in his free time. He is enthusiastic about the RCE bugs and uncovered RCEs in numerous vendors such as Twitter, Facebook, Uber, Apple, GitHub, Amazon, etc. You can find him on Twitter @orange_8361 and blog

Raunak Parmar
Raunak Parmar works as a security consultant at @notsosecure whose areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He has 3+ years of experience in information security. He likes to research new attack methodologies and create open-source tools that can be used during Cloud Red Team activities. He has worked extensively on Azure and AWS. He is the author of Vajra, an offensive cloud security tool. He has spoken at multiple respected security conferences like Black Hat, Defcon, and Nullcon and also at local meetups.

Ravi Rajput
Ravi Rajput is well-known for his work in automotive security and discovering vulnerabilities in systems. He has spent over eight years in this area, mainly focusing on making vehicles safer. Currently, he's involved in four research projects on vehicle security. Before this, he led a group called Null Ahmedabad, dedicated to cyber security.

Ravi has a knack for public speaking and often shares his knowledge at various conferences. He has spoken at UnitedCon, Null, Bounty Bash, Bsides in cities like Delhi, Maharashtra, and Ahmedabad. He discusses various topics, such as reverse engineering, exploit development, web reconnaissance, as well as complex subjects like post-exploitation, persistence, and antivirus evasion.

One of his notable achievements was presenting at BlackHat Asia 2023, a well-regarded conference in the security world. At this event, he launched AutoHackOS, a unique system designed for testing car security. This added to his recognition in the industry.

Scott Jarkoff
Scott Jarkoff is the Director, Intelligence Strategy, APJ & META, at CrowdStrike, where he directs the Asia-Pacific & Japan, and Middle East threat intelligence business. Scott serves on a global team entrusted with empowering the sales of CrowdStrike's world renowned, best-of-breed, government-grade threat intelligence. He advises and guides customers on operationalizing and integrating threat intelligence within a holistic intelligence-led security strategy. Scott demonstrates the value of actionable threat intelligence and external attack surface management provides in today's highly contested threat landscape.

Scott is based in Tokyo where he masterminds all facets of the threat intelligence business. He has over twenty-five years defense-grade cyber security and intelligence experience, throughout the US Department of Defense, and the private sector. Scott regularly presents at events in Japan and internationally, and is frequently interviewed by Japanese media on cyber security news topics.

Beyond his professional achievements, Scott's one claim to fame is for co-founding deviantART, the precursor to much of today's social media, pioneering many of the concepts in use by Facebook, Twitter, etc.

Sheikh Rizan
Rizan is a passionate information security professional with more than 20 years of experience. He loves anything Linux or open-sourced. He had spent over 13 years securing one of the largest oil and gas company in the world from cyber threats. He holds several industry relevant certifications including OSCP, OSCE, OSWE, Burp Certified Practitioner & CISSP. He had reported security bugs to the US Department of Defense (US DoD), Spotify, Amazon, General Motors, Toyota, Alibaba, Airbnb, Dell, Starbucks & Rockstar Games.

Sol Yang
Security Engineer. He is interested in OT security, Crypto, Malware. He shared his research on Code Blue, Cybersec before.

Tan Jing Zhi
Jing Zhi is an undergraduate at Singapore Management University and a hardware padawan.

Vic Huang
He is interested in Web/Mobile/Blockchain Security and privacy issues. Vic shared his research on HITB, CODE BLUE, REDxBLUE pill, HITCON, CYBERSEC, GDG TW before.

Yu Pengfei
Pengfei is a full time Cybersecurity firefighter and part time red/purple team member in GovTech