Christopher Aziz is a security researcher and founder of Bombadil Systems, specializing in detection methodology validation. He recently presented format destruction techniques at DEF CON DC862, demonstrating how security controls rely on format signatures rather than behavioral analysis. His work focuses on providing penetration testing firms with systematic frameworks for testing client security controls.

Darryl G. Baker is a security researcher and seasoned Active Directory security assessment professional focused on identity threat detection and response (ITDR). He specializes in evaluating AD security posture end-to-end, including adversary emulation, authentication and authorization pathways, privileged access models, and translating findings into actionable remediation roadmaps. Darryl’s background includes 12 year in the US Army including Special Operations, shaping a leadership style grounded in operational rigor, clear communication, and accountability under pressure. His research approach is similarly practical: build reproducible labs, validate attack paths, and convert “interesting” techniques into measurable detections, defensive controls, and guardrails defenders can deploy in real environments.

Matt Barnett is a nationally-recognized expert on physical and cybersecurity, incident response, identity theft, and digital forensics. His expertise is backed by decades of combined information security and law enforcement experience as well as the CISSP and GCFA certifications.

Craig Birch is a Principal Technologist at Cayosoft with over 25 years of hands-on experience across identity security, Active Directory engineering, and hybrid Microsoft environments. He has led large-scale AD modernization and security initiatives and is known for translating attacker tradecraft into practical defensive guidance for overstretched IT teams. Craig previously held senior roles at Tenable and Quest Software, and his work focuses on exposing hidden identity attack paths, toxic permission combinations, and real-world privilege escalation chains. He speaks in a blunt, practical style built for engineers who need answers, not theory

Paul comes from a chemical engineering background. He spent three years working in a refinery as an industrial process control engineer. He is very familiar with human machine interfaces, telemetry, sensor data and other SCADA system and has hands-on experience of installing, programming and bug fixing on process control systems. He understands the intricacies and unusual nature of serial networks, IP to serial convertors, PLCs and RTUs. Since moving into cybersecurity, he has become actively involved in penetration testing. His practical experience of process control and cyber security make him a capable and highly competent OT cyber engineer.

Chicago-based and proudly a natural creature of winter, I thrive on snow, OSS, and just the right amount of chaos. Whether sipping Grand Mayan Extra Añejo or warding off cyber threats with a mix of honeypots, magic spells, and a very opinionated flamingo named Sasha, I keep things interesting. Honeypots and refrigerators rank among my favorite things, though my neighbors would likely disagree.

Tyler Hudak is Director of Incident Response at Inversion6 and a seasoned incident response and digital forensics expert with over 25 years of hands-on experience, including roles at the Mayo Clinic and General Electric. He has led incident response teams and security operations, conducted extensive forensic investigations, and worked closely with legal teams to manage ransomware, business email compromise, and APT incidents.

Diptendu Kar is a security researcher focused on supply chain and dependency risk. He works on triaging open-source vulnerabilities, writing detection rules, and exploring how AI can automate tedious parts of security research. He also teaches Software Security Practices at Northeastern University part time and holds a Master’s in Cybersecurity. Before security, he worked as a Java developer at TCS. He’s especially interested in patch diffing, vulnerable function detection, and the use of LLMs in AppSec.

Suzanne is a tech leader, educator, and lifelong learner who believes skills—not job titles—drive real career growth. With 26 years of experience in tech training, she has helped more than 10,000 IT professionals advance, pivot, and future-proof their careers. As CEO of Computer Coach, she works with organizations and individuals to close skills gaps in IT, leadership, and emerging technologies. She’s known for practical, no-nonsense career growth strategies that help professionals stand out, adapt, and stay relevant as technology evolves. When she’s not teaching, speaking, or advising, Suzanne is focused on one thing: preparing today’s workforce for what’s coming next.

Victoria St. John is a security engineer and incident response specialist with experience in threat investigation, detection engineering, and purple team operations, holding industry certifications including GCIH and CISSP. She draws on a multidisciplinary background that includes years of teaching, deep systems analysis, and creative pattern work to bring structural thinking to cybersecurity challenges. Her work bridges technical rigor with cognitive strategy to help responders improve accuracy and efficiency under pressure.

Derian Stenglein is a recent graduate of the Rochester Institute of Technology with a Bachelor's degree in Computing Security. Throughout college, he experienced two internships. One was at Rockstar Games, performing binary reverse engineering and automation. The other was at Assured Information Security, reverse engineering a hardened version of the Linux kernel. Today, he is a Security Researcher at Semgrep. Having recently moved to Boston and bringing two cats with him, he is open to any suggestions about restaurants, activities, and other hobbies to get involved with!

Mike Thom is an Offensive Security Consultant specializing in internal network compromise, lateral movement, and identity-driven attack paths. He works on penetration testing engagements focused on realistic attacker tradecraft rather than exploit-centric testing. His work centers on executing realistic attacker tradecraft that abuses legitimate access and protocols to move through enterprise environments under real operational constraints.

James Troutman is a technology consultant and entrepreneur with over 30 years of experience in Internet infrastructure, cybersecurity, and IT leadership. He has served as a fractional CIO, CISO, and network architect, helping organizations align technology strategies with business goals while still ensuring security and resilience. He recently co-authored and helped design Maine’s MOOSE Net project, a 530-mile open-access fiber optic network enabling new lower-latency routes across Maine between Atlantic Canada and Quebec. James is the volunteer Co-founder and Director of the Northern New England Neutral Internet Exchange (NNENIX) [https://nnenix.net] and a lead organizer of SkyTalks [https://skytalks.info], an off-the-record cybersecurity forum held in Las Vegas during “hacker summer camp.

Dimitri Weaver works at the intersection of hacking, cybersecurity, and real‑world security practice. His background blends military‑grade OPSEC, IT operations, system administration, and hands‑on security research. He’s not the type to claim expert status; just someone who’s put in enough time to know what he knows, what he doesn’t, and how to keep learning. Whether he’s probing a network, tightening an operation, or digging into a new vulnerability, he brings curiosity, discipline, and a practical mindset to every job.

Throughout his 25-year career in the IT field, Eric has sought out and held a diverse range of roles. Currently the Chief Identity Architect for Semperis; Eric previously was a member of the Security Research and Product teams. Prior to Semperis, Eric worked as a Security and Identity Architect at Microsoft partners, spent time working at Microsoft as a Sr. Premier Field Engineer, and spent almost 15 years in the public sector, with 10 of them as a technical manager. Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem.