RC18 @ SPEAKERS





Aaron Ng
Aaron is a Senior Systems Engineer at CrowdStrike where he advises customers on their security needs and solutions. He is currently based in Dubai, and is responsible for the CrowdStrike business across the Middle East, Turkey, and Africa (META) region. Prior to his current stint, Aaron served as a Strategic Threat Advisor where he actively evangelised for the value and pertinence of Cyber Threat Intelligence to organisations across the public and private sectors in the Asia Pacific (APAC) and META regions. Aaron represented CrowdStrike Intelligence, speaking at various Security Conferences including BlackHat MEA, MENA ISC, GovWare, RootCon, AVAR, BSides SG, and SINCON.

Prior to joining the Cybersecurity industry, Aaron served 12 years of Active Duty in the Singapore Armed Forces as a Military Intelligence Officer. He served in multiple command appointments in classified Intelligence units, and garnered staff experience in the areas of strategic planning and policy development. In his penultimate tour of duty, Aaron was instrumental in developing the masterplan for the Digital and Intelligence Service (DIS), the military branch responsible for providing military intelligence to the armed forces, building up Singapore's digital defence capabilities, and protecting the psychological defence of its military personnel.




Alex Bazhaniuk
Alex Bazhaniuk is a distinguished leader and one of the industry's top experts in firmware security, both in research and product development. Throughout his notable career, Alex has spearheaded teams and driven innovative projects at prominent technology firms such as Eclypsium, Intel, and McAfee. His expertise is not only recognized in corporate circles but also in the open-source community, where he has significantly contributed as one of the founding developers of CHIPSEC, a platform security assessment software.

At Eclypsium, as CTO and co-founder, Alex oversees the company's strategic direction in research and development. Under his leadership, the Eclypsium research team has pioneered numerous groundbreaking security discoveries. These include uncovering major firmware vulnerabilities such as the TrickBoot malware module, the BootHole vulnerabilities, and the widely-publicized Screwed Drivers flaws, which collectively have redefined industry standards and practices in hardware security.

Beyond his technical achievements, Alex is a thought leader in the cybersecurity field, frequently speaking at major conferences and contributing insights on advanced security topics and emerging threats. His work not only enhances Eclypsium's product offerings but also contributes to shaping the future of security in an increasingly interconnected world.




Bianca Gadiana
Bianca Gadiana is an Offensive Security Team Lead at a prominent American business data center and cloud computing security company, with 4 years of hands-on experience in cybersecurity. Throughout her career, Bianca has honed her skills in vulnerability assessment and exploitation techniques. She is also dedicated to giving back to the cybersecurity community, regularly delivering talks at universities to inspire and mentor the next generation of professionals. Bianca holds several certifications, including CRTP, eWPT, and eJPT.




Captain (a.k.a. Forensics and Hardware Ninja)
Captain (a.k.a. Forensics and Hardware Ninja) is an independent security researcher. He focuses on hardware, UAS (Drone) security research, and digital forensics analysis. He was the first and the only Asian who led a group of white-hat hackers to hold an in-depth, hands-on drone and hardware hacking village in BLACK HAT and DEFCON. He was also a frequent speaker and trainer in different top-notch security and forensics conferences including SANS, HTCIA, DFRWS, GCC, CodeBlue, HITB, SINCON, AVTokyo and HITCON.




CJ Villapando
CJ is a security consultant guiding organizations in identifying security weaknesses in their infrastructure. He serves as an Offensive Security Manager at Red Rock IT Security Inc., helping build the organization's research and training programs and leading various security assessments. His six years of progressive industry experience working with public and private entities have given him a well-rounded understanding of how organizations deal with security.

When not working on consulting projects, he is teaching upcoming and seasoned information security professionals. He currently teaches graduate courses for the Master of Information Security Program at De La Salle University Manila and, more recently, the SEC560: Enterprise Penetration Testing course of the SANS Institute.

He holds multiple industry certifications, including GX-PT, GPEN, GX-IH, GCIH, GX-CS, GSEC, GDAT, GMOB, GSTRT, CISSP, OSEP, and OSCP. He has a Master's degree in Information Security from De La Salle University and is taking the Master of Science in Information Security Engineering at the SANS Technology Institute.




Doan Minh Long
Long Doan Minh – Threat Analyst with 5 years of experience in cyber security, especially in reverse engineering, malware analysis, tracking and analyze 50+ threat actor (APT, Ransomware) targeting the Southeast Asia Region, handled 30+ incidents in big enterprises, government organizations in Vietnam





Echo Lee
Echo Lee is a cybersecurity researcher at CyCraft Technology, specializing in network and cloud security. He has presented at several industry conferences, including InfoSec Taiwan and CyberSec. Additionally, Echo has served as a lecturer for training courses for government agencies and universities.





Ely Tingson
Ely Tingson is a senior vice president for Cyber Threat Intelligence in the Cyber Risk practice, based in Metro Manila. Carlos leverages more than 10 years of experience in assisting some of the region's most critical national security teams with managing and mitigating their cyber risk.

Prior to joining Kroll, Ely served as Data Protection Officer at the Presidential Security Group (PSG) and led the Technical Surveillance Countermeasures (TSCM) and Electronic Countermeasures (ECM) teams. While at the PSG, he concurrently held the title of cyber security consultant at the National Security Council, Office of the President, Republic of the Philippines. Ely is also a member of the Philippine Military Academy “Mandala” Class of 2006, having earned his commission in the Philippine Army, and served in the 2nd Infantry Division and the Special Operations Command.




Elvin Gentiles (@CaptMeelo)
Elvin Gentiles is an Offensive Security Consultant with years of experience conducting various types of penetration testing services and security assessments against several organizations of varying sizes, and across diverse sectors - from SMEs to Fortune 500 companies. Throughout his career, he has earned multiple certifications, published several blog posts (at https://captmeelo.com/) and security advisories, participated in different bug bounty programs, and became a speaker at SANS HackFest 2022.




Henry N. Caga
Henry N. Caga is a seasoned cybersecurity professional with extensive experience in penetration testing and independent security research. As a Lead Penetration Tester, Henry holds certifications in CEH, ECSA, LPT (Master), and eCPTXv2, showcasing his proficiency in ethical hacking and advanced security assessments.

Beyond his professional role, Henry actively contributes to the security community as an independent researcher. His efforts have been acknowledged by leading tech companies, including Google, where he holds a Hall of Fame Rank of 547, as well as Yahoo!, Cloudflare, eBay, PayPal, Twitter, Globe Telecom, and others.

With 15 years of experience in law enforcement, His combined expertise in cybersecurity and law enforcement enables him to offer valuable insights into emerging threats and defenses. Henry's journey in cybersecurity began with his first notable appearance in 2004, and he has since been a dedicated contributor to the field, continually working to enhance digital security and share his knowledge with the broader community.




Jay Turla
Jay Turla is Principal Security Researcher at VicOne, and one of the goons of ROOTCON. He has presented at international conferences like ROOTCON, HITCON, Nullcon, DEFCON, etc. He used to work for HP Fortify and Bugcrowd in the areas of appsec. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.






Keith Wojcieszek
Keith Wojcieszek is the global head of threat intelligence in Kroll’s Cyber Risk practice, based in Washington, D.C. office. Keith joined Kroll from the U.S. Secret Service, where he served with distinction for 15 years. Keith founded and leads Kroll’s Cyber Threat Intelligence program, manages a wide range of cybercrime, data loss and incident response investigations and is a trusted advisor to clients involved in compliance-related or sensitive local and global cyber security matters. He also has extensive experience working with international stakeholders on complex transnational investigations and initiatives.




Konstantin Polishin
Team Lead of the Red Team SE group, Penetration Testing Department at PT SWARM, Positive Technologies

Speaker of the international cybersecurity conference Positive Hack Days, HITB

The main activity is related to participation in complex Red Team operations in the largest companies in the country, where coordinated teamwork is required at the stage of initial access for rapid development in the corporate network and obtaining maximum privileges in the infrastructure, bypassing the radars of the SOC team.

I specialize in the implementation of financial business risks in large banks with a demonstration of the possibility of withdrawing funds, bypassing the Anti-APT mail stack and developing expertise in social engineering using the results in our project work.




Marianne Bermejo
I'm Marianne Bermejo, a dedicated Associate Malware Research Engineer passionate about cybersecurity, both offensive and defensive strategies . I hold a degree in Electronics and Communications Engineering, which has equipped me with the foundation in technology and both analytical and critical skills. My journey involves diving deep into malicious code, uncovering sophisticated attack techniques, and devising innovative solutions to mitigate risks. My goal is to contribute to a safer digital ecosystem by staying one step ahead of cyber adversaries.




Niko Akatyev
As Vice President of Security, IT, and Compliance at Horangi, a Bitdefender company, Niko’s experience includes leading engineering and product development teams, and his current role is managing the internal IT, security, and compliance strategy and execution. One of Niko’s passions is mentoring young cybersecurity professionals—he has been a mentor for the past nine years for the Best of the Best (BoB) cybersecurity program in South Korea. Additionally, in 2022 he began mentoring students at Red Alpha in Singapore. He is a regular speaker and contributor in the international cybersecurity community, from Asia to the Caribbean. He actively participates in the Div0 community and is one of the founding members of the Global Cybersecurity Camp (GCC).




Pramod Rana
Pramod Rana is author of below open source projects:
1) Omniscient - LetsMapYourNetwork: a graph-based asset management framework
2) CICDGuard - Orchestrating visibility and security of CICD ecosystem
3) vPrioritizer - Art of Risk Prioritization: a risk prioritization framework

He has presented at BlackHat, Defcon, nullcon, OWASPGlobalAppSec, HackMiami, HackInParis and Insomnihack before. He is OWASP Pune chapter lead.

He is leading the application security team in Netskope with primary focus on integrating security controls in the development process and providing security-testing-as-a-service to engineering teams.




Scott Jarkoff
Scott Jarkoff is the Co-Founder of Praeryx, a new startup currently developing some insanely deep services and technology. Prior to that Scott Jarkoff was the Director, Intelligence Strategy, APJ & META, at CrowdStrike, where he directed the Asia-Pacific & Japan, and Middle East threat intelligence business. He advised and guided customers on operationalizing and integrating threat intelligence within a holistic intelligence-led security strategy.

Scott's creative genius does not stop at cyber security. He is also the visionary Co-Founder and mastermind behind deviantART, the largest and most vibrant online art community in the world. Under his guidance, deviantART blossomed into a bustling hub where millions of artists and art enthusiasts connect, share, and thrive in a kaleidoscope of creativity. Scott's profound impact on the art world through deviantART mirrors his innovative spirit in tech, making him a true renaissance man in both realms.

Scott is based in Tokyo where he masterminds all facets of multiple opeartions. He has twenty-five years cyber security and intelligence experience, between his time with the US Department of Defense, and the private sector.

Prior to joining CrowdStrike, Scott worked at McAfee in Tokyo, Japan as a Senior Security Advisor focusing on evangelizing US DoD-centric cyber security solutions, with a strong emphasis on the Japanese government and critical infrastructure sectors. He also directed and led the introduction of McAfee threat intelligence services in the Japanese market.

Before joining McAfee, Scott worked for the US government for just under twenty-five years, the most recent as the Chief of Cyber Security at United States Forces Japan. At USFJ he was responsible for overseeing DoD cyber security strategy and cyber situational awareness for the U.S. military components in Japan. Scott leveraged DoD intelligence capabilities to develop U.S. and Japan cross-government cyber security strategy, managing the USFJ cyber security program, and commanding the USFJ security incident response team.




Vic Huang
Vic is interested in Web / Mobile / ICS Security and privacy issues. He has shared his research at CODE BLUE, Ekoparty, HITB, RedxBlue Pill,HITCON, CYBERSEC, DEFCON village.






Zeze Lin
Zeze, a Windows security specialist working with TeamT5. He's credited with discovering and reporting numerous CVEs pertaining to Windows. In addition to his role at TeamT5, Zeze serves as a volunteer staff member at HITCON and actively participates in CTF games. Notably, he clinched the 3rd place position with TWN48 in DEF CON CTF 2023 (and qualified to DEF CON CTF 2024 with the team "if this works we'll get fewer for next year"). Moreover, Zeze is a speaker having presented at esteemed conferences such as CodeBlue, HITCON, VXCON, and CYBERSEC.