PHDays video



Review board

Donato Ferrante

Prior to founding ReVuln Ltd., Donato was a Security Researcher for Research In Motion (Blackberry), where his daily job was performing security research and vulnerability assessments of RIM authored code, products and services including infrastructure, devices, and QNX operating system. Before moving to RIM Donato analyzed and reversed several rootkits, malware, mobile malware and exploits for Sophos Antivirus. He presented one of his research projects on Java malware and Java Virtual Machine exploits (inREVERSE) during the CARO workshop in Prague. Donato found several vulnerabilities in well-known commercial products and open source software and his first public disclosed security advisory was released in 2003.

Luigi Auriemma

Luigi has been in the security field for more than a decade, as an Independent Security Researcher ( he is a world recognized expert in this field and discovered more than 2000 vulnerabilities in widely used software. The following are some key points of Luigi's work. Highest number of security vulnerabilities disclosed in SCADA/HMI software: General Electric, Siemens, ABB, Rockwell, Invensys, Schneider, InduSoft, CoDeSys and many others. Most known server-side Microsoft vulnerabilities found by him: ms12-020, ms11-035. Research on Smart TV vulnerabilities. Security vulnerabilities affecting the most diffused multiplayer game engines, libraries, middleware and games.

Sergey Gordeychik

Sergey Gordeychik is captain of team and Web Application Security Consortium (WASC) contributor. ICS industrial disasters researcher and speaker at S4, CCC, PacSec, CodeBlue, POC, etc. The main areas of his interest are the product management for enterprise security products, hands-on security research and incident investigation. Sergey has developed a number of training courses, including "Wireless Networks Security" and "Security Assessment of Web Applications," published several dozens of articles in various titles and a book called "Wireless Networks Security". MCSE (starting from NT 4.0), CISSP and MVP in Enterprise Security: R&D.

Andrey Petukhov

Graduated from the MSU Faculty of Computational Mathematics and Cybernetics in 2004. Andrey is a research assistant in the MSU Information Systems Security Laboratory. He is interested in web security, and specifically in logic vulnerabilities. In his researches, he focuses on discovering vulnerabilities in web applications with dynamic user interface. In 2009, Andrey created the Bushwhackers CTF team.

He also describes himself as a graphomaniac

Dmitry Evteev

Dmitry Evteev is an expert in practical information security with 10+ years of related experience. He specializes in studying techniques employed to attack information systems and in penetration testing.

Dmitry graduated from the Department of Applied Information Science of Moscow State University of Service in 2006. In his third year of study, he began to work for I.T. Group as an engineer of the information security management service. Dmitry joined Positive Technologies in 2008 to grow from an information security expert to the head of the security analysis department. He was one of the creators of the international information security forum Positive Hack Days in 2011. In 2015, he set up a company named HeadLight Security where he still works.

Dmitry speaks at key conferences, leads training seminars. He regularly publishes his technical articles and researches on information security.

Alexander Matrosov

Alexander Matrosov has more than ten years of experience with malware analysis, reverse engineering, and advanced exploitation techniques. He is currently a senior security researcher in the Advanced Threat Research team at Intel Security Group. Prior to this role, he spent four years focused on advanced malware research at ESET. He is co-author of the numerous research papers, including “Stuxnet Under the Microscope,” “The Evolution of TDL: Conquering x64,” and "Mind the Gapz: The most complex bootkit ever analyzed?". Alexander is frequently invited to speak at security conferences such as REcon, Ekoparty, Zeronigths, AVAR, CARO, and Virus Bulletin. Nowadays, he specializes in the comprehensive analysis of advanced threats, modern vectors of exploitation, and hardware security research.

Mohd Noor Amin

As Founder and Chairman of the International Multilateral Partnership Against Cyber Threats (IMPACT), Datuk Mohd Noor Amin leads the first United Nations-backed global cybersecurity organisation. Under his stewardship, IMPACT became the cybersecurity executing arm of the UN’s International Telecommunication Union (ITU) with 147 partner countries—making it the world’s largest cybersecurity alliance.

Datuk Amin was instrumental in shaping IMPACT to become the first international platform to bring together governments, industry and academia in the global fight against cyber threats. His strategic vision and leadership allowed IMPACT and its stakeholders to play a key role towards improving cybersecurity and enhancing the international community’s capacity to prevent, defend against and respond to cyber threats.

In addition to his role in IMPACT, Datuk Amin also currently serves as Chairmen of Ascendsys—Southeast Asia’s leading managed security services provider; and Nuemera—a technology company focussed on mobile security services.

Datuk Amin’s involvement in the area of international diplomacy has seen him being honoured by the President of the Republic of Guatemala to serve as the nation’s honorary envoy to Malaysia—a position he has held for more than a decade. Datuk Amin had previously served as the Secretary-General of the Washington DC-based Malaysia-US Friendship Council.

Datuk Amin had also previously served as personal legal counsel to two successive Prime Ministers of Malaysia and was the general counsel to Malaysia’s ruling party. In recognition of his contributions, His Majesty the King of Malaysia in 2009 awarded Datuk Amin the “Panglima Jasa Negara” award which carries the honorific Datuk, making him then one of the youngest recipients of the Federal award.

Datuk Amin is an English trained barrister who was admitted to the English Bar at Gray’s Inn. He is also an advocate and solicitor of the Malaysian Bar. Datuk Amin holds a Masters in Commercial and Corporate Law from King’s College, London.

Alexander (Solar Designer) Peslyak

Alexander Peslyak, better known as Solar Designer, has been professionally involved in computer and network security since 1997, and he has been professionally developing software long before that. Alexander is an Open Source software author & team leader at Openwall Project and Openwall GNU/*/Linux, computer security expert, Founder & CTO at Openwall, Inc., information security consultant at DataForce ISP, member of informal and semi-formal computer security communities. Alexander has presented on computer security and Open Source software topics at international conferences (HAL2001, NordU, FOSDEM, CanSecWest), served as the technical reviewer for a novel computer security book (Michal Zalewski's Silence on the Wire) and wrote the foreword for it. He is recognized in the “security community” primarily for the security tools (software) released to the public under liberal Open Source licenses, and for many contributions to other popular Open Source software (primarily Linux and related applications).

Jean Luc Moliner

Jean Luc MOLINER is SVP, “Head of Orange Group Security” since 2011; he is in charge of the definition and control of the Global security policy for the Orange Group, from physical security, to IT&N security and including BCM activities. Previously he was VP “Sales & Marketing” in Cassidian Systems a division of AIRBUS group in charge of large systems integration market in homeland security with main focus in Middle East. Prior to this, he was head of IT security in the French MoD, and got other operational assignment. Jean Luc graduated from the Saint-Cyr Military Academy, the “Ecole Nationale Supérieure des Télécommunications” and the War College.

Rodrigo Rubira Branco (BSDaemon)

Rodrigo Rubira Branco (BSDaemon) works as Senior Security Researcher at Intel Corporation in the CPU Team. Held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important  software. In 2011 he was honored as one of the top contributors to Adobe Vulnerabilities in the past 12 months. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM
Toolchain (Debugging) Team for PowerPC Architecture. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers
Conference (H2HC), the oldest security research conference in Latin America. Accepted speaker in lots of security and open-source related
events as H2HC, Black Hat, Hack in The Box, XCon, VNSecurity, OLS, Defcon, Hackito, Ekoparty, Troopers and others.

Dmitry Sklyarov

Dmitry Sklyarov is the Head of Application Analysis Department at Positive Technologies and the author of “Hidden Keys to Software Break-ins and Unauthorized Entry”. He graduated from the Computer-Aided Design Department of Bauman Moscow State Technical University and now teaches information security at his alma mater. He became worldwide known for disclosing insecurities of PDF files and introducing Advanced eBook Processor at DEFCON in 2001 when he was accused of copyright infringement by Adobe and arrested by the FBI officials. Two years later, he was acquitted.

Alexey Sintsov

Alexey graduated from Saint-Petersburg State Polytechnic University with a degree in Information Security of Computer Systems department (Russia). Since 2001 he has been working on practical questions in the field of security analysis and searching for vulnerabilities and exploit development. Now he works for Nokia as a Senior Security Engineer and also doing column in the ][akep magazine. Alexey is a co-founder of first Russian DEF CON group — DCG#7812, and is also a co-organizer of the Zeronights conference. Some fruits of his labor can be found here:

Berlin, Germany

Dhillon Kannabhiran

Dhillon Kannabhiran is the Founder and Chief Executive Officer of Hack in The Box, organizer of the HITBSecConf series of network security conferences which has been held annually for the past decade in various countries (Malaysia, the Netherlands and the UAE).

Andreas Bogk

Andreas Bogk is a hacker from the well-known German hacker organization Chaos Computer Club (ССС). He has more than 20 years of experience in reverse engineering, exploitation and cryptography; and more than 10 years in compiler construction and language design. He has been active for the CCC with a wide range of presentations at its annual conference, served as a member of the board and CEO. His focus is defense and building secure systems. He is currently working for Nokia as Principal Security Architect.


CEO of HNS. One of the organizers of POC (Power of Community), the international hacking and security conference in Korea.

Dave Monnier

Dave Monnier is a Team Cymru Fellow and the Director of Sales and Marketing at Team Cymru, a specialized Internet security research firm based in Lake Mary, Florida, USA. Team Cymru specializes in understanding the economic aspects of online crime, and Dave excels at describing the complex nature of the underground economy to both executives and technologists alike. Understanding that real-world security involves both technology and business considerations, Dave helps organizations to fully consider their security and policy decisions in real-world terms. Dave has traveled the world presenting security ideas and solving organizations’ hardest problems. With over seventeen years of experience in a wide-range of technologies, Dave brings a wealth of knowledge and understanding to every situation. Dave began his career performing UNIX and Linux administration in academic and high performance computing environments where he helped to build some of the most powerful computational systems of their day. Subsequent to systems administration, Dave moved into Internet security, having served as a Lead Security Engineer for a Big Ten university and later helped to launch the Research and Education Networking ISAC, part of the formal U.S. ISAC community. Dave joined Team Cymru in 2007 where he has served as their Senior Engineer and later as a Security Evangelist. In 2010, Dave was granted the title of Team Cymru Fellow, a highest honor of Team Cymru. Dave has managed multiple teams as part of Team Cymru ranging from engineering, outreach, threat intelligence, sales, and marketing.

Dmitry Ustyuzhanin

Dmitry has 20+ years of experience in the field of information security. He is one of the leading experts in cryptography, specialized computer complexes creations, algorithms analysis. He is a certified professional in the field of information security systems (CISSP – Certified Information Systems Security Professional), a member of the international institute of business continuity maintenance (MBCI – Member of Business Continuity Institute).
From 2000 Dmitry is in charge for Information Security Department in the telecommunication company VympelСom (Beeline), he is responsible for IT Security, Business Continuity and SOX Compliance in the field of IT.
Dmitry has established the Information Security function in VympelСom using best practices based on the standard ISO27001 (in combination with ITIL) and supervising documents of the Russian legislation in the field of Information Security.
Dmitry implemented projects ensuring granting services continuity, including creation of a reserve data center, implementation of Cyber Process Certification for provided IT services by the international criteria of safety SYSTRUST, implementation of identity management, card management, vulnerability analysis, intrusion detection and prevention systems, and organization of the protection of services based on WAP, MMS, GPRS, WiFi, etc. He also introduced the employees’ awareness program.

Ahmad Hassan

Eng. Ahmad Hassan has 10 years of hands-on experience in Information Security. He is currently the Director of Risk Management and Compliance at du Telecom. He used to work for aeCERT/TRA as he was leading the Threat Intelligence Operations Center as well as the Research and Analysis section. Before that, he was leading the Enterprise Network Security in Etisalat. He is also the founder of the UAE Honeynet Chapter. Eng. Ahmad is an active member and a volunteer in multiple security boards and working groups. He has a Bachelor’s Degree in Computer Engineering. In addition, he holds two Master’s degree, the first is the Master in International Business and the second is the Master of Science in Information Security.