Alissa Torres is a blue team practitioner/educator turned consultant, laser-focused on the people element of the SecOps equation. With 3 dog-years of experience spanning roles in IT and Security Operations, she discovered her passion for adversary hunting while serving in the trenches as an incident analyst with a third-party services company, and later, leading an incident response team for a global manufacturing company.

Carson Zimmerman is a veteran cybersecurity specialist, author, and speaker. In his current role at Microsoft, Carson leads an investigations team responsible for defending the M365 platform and ecosystem. In his previous role, at The MITRE Corporation, Carson specialized in cybersecurity operations center (CSOC) architecture and CSOC consulting. His experiences over 20 years as a CSOC analyst and engineer led Carson to author Ten Strategies of a World-Class Cybersecurity Operations Center, and co-authored its second edition, Eleven Strategies… which may be downloaded for free at mitre.org/11Strategies.

CerealKiller or Cereal is a Cyber Defense Practitioner with over 10yrs of experience.

Charlie has worked in threat intelligence for over a decade, focusing mostly on financial services but has also worked for an email security vendor providing threat intelligence to a variety of verticals. He is now a part of a team that provides threat intelligence to banks of all sizes.

David Roman is a Senior Incident Response Consultant at Cisco Talos Incident Response, with 26 years of experience in the IT and security industry. David leads investigations to help customers on their worst career day recover from security incidents and help them better prepare for the future. Volunteering and helping others learn about cybersecurity is a passion for David. He helps run local DEF CON and CitySec groups and guest lectures at Oklahoma State University.

DE&TH

Danny "B4nd1t0" Henderson Jr has over 11 years in the IT field from the U.S. Public Sector to life in the Private Sector and supported operations such as Cyber Warfare. Danny currently works at Novartis in Czech Republic as a Threat Hunter. He holds a master's degree in Cyber and Information Security from Capitol Technology University and certifications such as GCIH, GCFA, and CISSP. His skillset includes digital forensics, threat intelligence, and malware analysis. Outside of the field, Danny is fond of fantasy-themed tabletop games and retro RPGs which is displayed through his Bandit's Bytes website.

I work in public transportation IT doing cybersecurity and network infrastructure work. In the past, I have worked as a Linux sysadmin, Windows sysadmin, network engineer, and security engineer. I will happily geek out about anything computer related.

A Principal Consultant at CrowdStrike and frequent security conference speaker, Kelly is passionate about bringing the best of tabletop roleplaying games into high-level security tabletop simulations. She has designed and facilitated single-scenario and multi-table games for companies ranging from VC-stage startups to multi-billion dollar megacorps, and for audiences including both the information security and indie tabletop RPG game spaces.

Mooom, trained therapist, recovering attorney, gnome.

"Talk about hard things. Do hard things. Throw soft things." -- ShmooCon 2022(+1)

Gyle first got connected to the internet via her reliable 56k US Robotics modem and has been fascinated ever since with technology and security. She got her Graduate Certificate in Incident Response from the SANS Institute and her master’s in cyber security – Digital Forensics from UNSW Canberra. In her day job as an incident responder, she uses her skills and knowledge to help protect and defend the organisation she works for. In her spare time, she mentors other people who are new to the field, presents in different cyber security events and volunteers with different community-based organisations.

BlueTeam DFIR helping people to grow

Visit me at kobaltfox.com

Lauren Proehl is the Director of Global Cyber Defense at Marsh McLennan. She is an experienced incident responder and threat hunter who has helped identify and mitigate cyber adversaries in Fortune 500 networks. After leading investigations ranging from data breaches to targeted attacks, she now works to define some part of the limitless unknowns in cyberspace and make cybersecurity less abstract, and more tangible. Lauren sits on the CFP board for BSides Kansas City, heads up SecKC parties, and tries to escape computers by running long distances in the woods.

Cats and violins.

Matt has been a dual-stack responder for 27 years. He began his career in the fire & rescue service and began focusing on hacking and security in the early 2000's. He currently works at a large tech company, bringing lessons learned from large-scale disaster management into Security Incident Response. To relax, he plays Cello and Guitar, and helps rehabilitate abused or neglected parrots.

Experienced in penetration testing, red team activities, and incident response

Mick fell in love with the idea of cyberspace around 9-years-old after reading “Neuromancer,” thinking “I could do that.” He is still trying to do “that.”
Former perennial spot the fed participant, Mick has seen threat intelligence work, and... not.
After spending too long in government and a stint in South Bend, Mick is a Global Security Advisor on Splunk's SURGe team.

Taking a break from Gooning at DEFCon, he's back for another year to moderate a spicy panel you'll want to see.

Combine expertise in Cloud Security, Incident Response and Security
Operations, and you have Nathan Case. Nate is a successful executive
and builder, pushing for change in security and the culture surrounding it.
He is constantly pushing the bounds of threat detection and response. In
fact, in 2022, Nate was awarded a Challenge Coin and received a personal
note of thanks from the Canadian Ambassador for the recovery and
restoration of a biomanufacturing system that saved thousands of lives.

Intrusion detection, analytics, packet forensics, security engineering and product engineering. 20+ years of being an entrepreneur building teams, solving big challenges.

Plug started his journey in computer security in 1996 when he discovered a 2600 magazine, eventually leading him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. He is a Sr. Defcon Blue Team Village member and leads detection and observability at a tech company. In his free time, he enjoys building Legos and playing with synthesizers, and when possible, he volunteers his time to computer security events.

Russ McRee, Ph.D. is currently Director, GCP Enterprise Protection, for Google’s Trust & Safety Cloud group, and was Partner Director, MSRC Operations at Microsoft prior.
He writes toolsmith via holisticinfosec.io, a column for cyber-security practitioners, and has written extensively for additional publications as well. Russ has spoken at numerous security conferences including Derby Con, BlueHat, Black Hat, SANSFIRE, and RSA, DEFCON. He serves as a joint-forces operator and mission commander on behalf of Washington Military Department’s cyber and emergency management missions.

SamunoskeX is an Information Security Professional who works as part of a Security Operations Team and is also an Information Security instructor at a college. He is a Blue Team enthusiast and enjoys sharing all things Blue Team with the world.

SamunoskeX has attended DEFCON Events since DC26.

Scott Brink is a hacker and manager within X-Force Red who specializes in network penetration testing. He graduated with a degree in computing security with a minor in networking and system administration from Rochester Institute of Technology. While there, he was the captain of the school’s team for the Collegiate Penetration Testing Competition. His research includes a presentation at Thotcon 0xA that looked into visitor management systems, where he found 19 zero-day vulnerabilities in these products. He has also presented a workshop at Red Team Village at Defcon 30 about Active Directory.

Shea Nangle does not now, nor has he ever, worked for a three letter agency. He has, however, been accused on several occasions of being a Fed, and there was a multiyear period when his wife really thought he worked for a front company. To the best of his knowledge, only one of his previous employers has ever been investigated by the US government as a potential front for foreign intelligence. GLOMAR.

In his spare time, he enjoys long walks on the beach and reruns of Magnum, P.I.

Silas Cutler is an experienced security researcher and malware analyst. His focus has been researching organized cyber-crime groups and state-sponsored attacks.

After thirteen years as a controls engineer within the Automotive Manufacturing and Oil & Gas Exploration Manufacturing industries, ThatDeadGuy was converted over to cyber security. His experience on the design and implementation of the equipment gave him a perspective into the OT realm that was not shared with most of the security team. Over the last five years he has built up cyber security architectures, implemented detection tools and created the IR processes for multiple critical infrastructure process environments.

A caffeinated muppet with a day job of Enterprise Field Strategist/Chief Taco Officer for Expel and a night job of maybe being The Batman.

Tino has over 30 years experience in Cyber Security. His work experience spans diverse industries, a world-renowned children's hospital, a world leading Energy Company, an enterprise application service provider, a fortune 100 global manufacturing company, and a Global Financial Services Institution. His primary experience involves developing and implementing processes for Cyber Threat Hunting, Malware Analysis/Reverse Engineering, Digital Forensics/Incident Response (DFIR), and Purple Teaming. In addition, his favorite hobby is doing Cyber Security Research. He says he would do this job for free, but don't tell anyone.