Alonso, Chema

Chema is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the Politecnica University of Madrid. He has been working as security consultant in the last ten years and had been awarded as Microsoft Most Valuable Professional since 2005 to present time. He is a frequent speaker at security conferences and is currently working on his PhD thesis about Blind Techniques.

Borgaonkar, Ravishankar

Ravi received his joint master degree in Security and mobile computing from Royal Institute of Technology (KTH) and from Helsinki University of Technology (TKK). After finishing his master degree, he works as a researcher in the the Security in Telecommunications department at Deutsche Telekom Laboratories (T-labs) and is pursuing his PhD studies. His research themes are related to data security challenges in new telecommunication technologies. His research interest includes Wireless networking security (in particular, security in 2G/3G networks), M2M security, and malware & botnet analysis.

Branco, Rodrigo

Rodrigo Rubira Branco is the founder of the Dissect || PE Project, funded by Qualys. As the Chief Security Research in Check Point he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. Previous to that, he worked as Senior Vulnerability Researcher in Coseinc. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest and biggest security research conference in latin america.

Editor’s note: Rodrigo is one of our veteran TROOPERS. Rodrigo’s highly technical talks are among the most demanding ones TROOPERS has to offer.

Bratus, Sergey

Sergey Bratus is a Research Assistant Professor the Computer Science Dept. at Dartmouth College. His research interests include designing new operating system and hardware-based features to support more expressive and developer-friendly debugging, secure programming and reverse engineering; Linux kernel security (kernel exploits, LKM rootkits, and hardening patches); data organization and other AI techniques for better log and traffic analysis; and all kinds of wired and wireless network hacking.

Before coming to Dartmouth, he worked on statistical learning methods for natural text processing and information extraction at BBN Technologies. He has a Ph.D. in Mathematics from Northeastern University.

Editor’s note: Sergey is a veteran TROOPER. He delights the TROOPERS audience with his unchallenged intellect and genius since day one.

Dispensa, Steve

Steve is the Chief Technology Officer and co-founder of PhoneFactor, a provider of phone-based authentication services. Steve is a regular speaker and writer on issues surrounding authentication.

Editor’s note: Despite the humble and short bio provided by Steve we feel strongly that every TROOPER should know that he and his colleague Marsh are the people behind the finding and disclosure of the “TLS Authentication Gap“.  An achievement of superb research which raised world-wide attention within the community and was presented for example at TROOPERS10 (link to the video).

Egners, André

Holds a Diploma degree in Computer Sciences from RWTH Aachen University. Since September 2009 he has been working for the Research Group IT-Security, as part of the UMIC Cluster in Aachen since September 2009. His primary interest is security for wireless mesh networks, which also includes detection of malicious node behavior. In addition, he has experience in mobile security and has been working on botnet detection and mitigation for mobile networks.

Gall, Mark

Mark Gall received his diploma in computer science from the Technical University of Munich (TUM). After an internship at Siemens Corporate Research, he worked several years as a software engineer at Capgemini on industrial software projects as well as software projects for government agencies. Last year he joined Fraunhofer SIT as a member of the research staff for cloud computing security, where he is strongly involved in the cloud security lab activities (http://www.cloudsecuritylab.de).

Gates, Chris

Chris Gates (CG/carnal0wnage) is currently a Sr Security Consultant for Rapid7 and is a member of the Metasploit Project and Attack Research. He enjoys business logic flaws, misconfigured databases and the occasional client-side attack. He has spoken at various other security conferences includimang BlackHat USA, Defcon, CSI 2009, Brucon, SOURCE Boston, Toorcon, Notacon, and Chicagocon. He is a regular security blogger at http://carnal0wnage.attackresearch.com and securitytwit @carnal0wnage

Hedfors, George

George Hedfors has been working for 12 years as a professional in the field and brings a lot of experience with IT- and information security. He has worked with well known security consultancies and is recently employed at Cybercom Sweden AB. Read his blog at george.hedfors.com/blog or follow him on Twitter @georgehedfors

Kirsch, Heiko

Heiko Kirsch is currently engaged in the ASMONIA project. He carries a Bachelor Degree in Computer Science, a Master Degree in Security Management and is currently working on his Ph. D. thesis in the domain of mobile security at the Technical University at Darmstadt. His current research interests are technologies for secure mobile communication.

Kuhn, Friedwart

Friedwart Kuhn is a senior security consultant, head of the ERNW PKI team and co-owner of ERNW. He is a frequent speaker at conferences and has published a number of whitepapers and articles. Besides the daily consulting and assessment work, Windows enterprise security and aspects of technical and organizational PKI related topics are areas of special interest for him. In his (sparse) free time Friedwart likes to play music and loves literature.

Kydyraliev, Meder

Meder Kydyraliev has been working in the area of web app security for the past 6 years. He’s worked as a security consultant for one of the Big 4 and currently works in Google Security Team. Meder has contributed some of his time to open-source projects such as xprobe2 and webscarab and was a speaker at various security conferences.

Leder, Felix

Felix Leder is a senior researcher at the Fraunhofer FKIE and a PhD student at the University of Bonn. After working for Nokia he turned to his favourite field of research: IT-Security. His current research interests are botnet mitigation tactics and new methodologies for executable and malware analysis. A lot of hispare-time is spent on involvement in the Honeynet Project.

Luft, Matthias

Unidentified TROOPER. Recon team deployed to gather more information.

Lüken, Joachim

Joachim Lüken is with the research division at Nokia Siemens Networks. He has more than 25 years’ experience in telecommunications covering software development in digital public-switched telephone network switches to systems engineering for ATM and IP-based products. Joachim was also an active member in standardization bodies such as ITU-T, ETSI, DVB and BBF and supported standardization work in the area of PSTN signaling as well as in IP protocols. Currently Joachim is responsible for security aspects of web application and cloud computing solutions within Nokia Siemens Networks.

Neilson, Graeme

Graeme Neilson is lead security researcher at Aura Software Security based in Wellington, New Zealand. Originally from Scotland he has 10 years of security experience. Graeme specialises in secure networks, network infrastructure, reverse engineering and cryptanalysis. Graeme is a regular presenter at international security conferences and has spoken at conferences in Australia, Europe and the US including Black Hat.

Nuñez Di Croce, Mariano

Mariano Nuñez Di Croce is the Director of Research and Development at Onapsis. Mariano has a long experience as a Senior Security Consultant, mainly involved in security assessments and vulnerability research. He has discovered critical vulnerabilities in SAP, Microsoft, Oracle and IBM applications.
Mariano leads the SAP Security Team at Onapsis, where he works hardening and assessing the security of critical SAP implementations in world-wide organizations. He is the author and developer of the first open-source SAP & ERP Penetration Testing Frameworks and has discovered more than 50 vulnerabilities in SAP applications. Mariano is also the lead author of the “SAP Security In-Depth” publication and founding member of BIZEC, the Business Security community.
Mariano has been invited to hold presentations and trainings in many international security conferences such as BlackHat USA/EU, HITB Dubai/EU, DeepSec, Sec-T, Hack.lu, Ekoparty and Seacure.it as well as to host private trainings for Fortune-100 companies and defense contractors. He has also been interviewed and quoted in mainstream media such as Reuters, IDG, NY Times, PCWorld and others.

Ray, Marsh

Marsh Ray is a Software Development Engineer at PhoneFactor, Inc., a maker of two-factor authentication software, where he is responsible for security software development.

Editor’s note: And again we have to add some lines to fight this understatement: Marsh and his colleague Steve are the people behind the finding and disclosure of the “TLS Authentication Gap“.  An achievement of superb research which raised world-wide attention within the community and was presented for example at TROOPERS10 (link to the video).

Redon, Kevin

Kevin received bachelor of Computing from Napier University Edinburgh, Scotland. He is now finishing his Master degree in Computing with specialization in Communication Systems at the Technical University of Berlin. This is also where he joined the Security in Telecommunication work group in cooperation with the Deutsche Telekom Laboratories (T-labs). His research interest includes network security, in particular telecommunication network as GSM/UMTS, peer to peer networks, and smart cards.

Rey, Enno

Unidentified TROOPER. Recon team deployed to gather more information. Oh wait – what we already know: He’s your TROOPERS host. We’ll soon feature details on his person and his motivation to invest a lot of time and thoughts into this project in a blog post.

Rogers, Edmond

Known to TROOPERS last year as only “bigezy” when he did a talk on Contriol System Security at Troopers 10. Edmond is returning this year to share SCADA war stories. Fresh from his deployment at a Fortune 500 Investor Owned Utility, Edmond will be moving on from this year’s Troopers to his new assignment working at the University of Illinois’ Information Trust Insitute. He will be at TROOPERS to share the latest trends on securing SCADA networks, performing a vulnerability assessment on a critical system, and the challenges of Smart Grid security.

Schaefer, Michael

Unidentified TROOPER. Recon team deployed to gather more information.

Sklyarov, Dmitry

Dmitry is Security Researcher at ElcomSoft in Russia. Besides fiddling with Canon’s latest security features he is teaching at Moscow State Technical University, his own former university.

Slaviero, Marco

Marco Slaviero is an associate at SensePost where he heads up the SensePost Labs team (current headcount: 1). He harbours a personal dislike for figs.

Thieme, Richard

Richard Thieme (www.thiemeworks.com) is an author and professional speaker focused on the deeper implications of technology, religion, and science for twenty-first century life. He speaks professionally about the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change.

Thumann, Michael

Michael Thumann is Chief Security Officer and head of the ERNW “Research” and “Pen-Test” teams. He has published security advisories regarding topics like ‘Cracking IKE Preshared Keys’ and buffer overflows in web servers/VPN software/VoIP software. Michael enjoys sharing his self-written security tools (e.g. ‘tomas — a Cisco Password Cracker’, ikeprobe — IKE PSK Vulnerability Scanner’ or ‘dnsdigger — a dns information gathering tool’) and his experience with the community. Next to numerous articles and papers he wrote the first German Pen-Test Book that has become a recommended reading at German universities. In addition to his daily pentesting tasks he is a regular conference speaker and has also contributed exploit code to the Metasploit Framework. With more than 10 years of experience in computer security Michael’s main interest is to uncover vulnerabilities and security design flaws from the network to the application level.

Wiegenstein, Andreas

Andreas Wiegenstein has been working as a professional SAP security consultant for 8 years, with a special focus on application security. He is founder and CTO of Virtual Forge GmbH, a Heidelberg (Germany) based company specialized in SAP (application) security.

Andreas performed countless SAP / ABAP code audits and has been researching security defects specific to SAP / ABAP applications.
He detected numerous zero-day defects in SAP applications, but in the past has not publically discussed his findings/research.

Andreas has spoken at SAP TechEd on security on several occasions and is co-author of the first book on ABAP security (SAP Press 2009).

Wolf, Julia

Julia solves puzzles and finds the answers to the questions which no one knows the answers to.