ROOTCON 17 - Speakers

Aden Yap
Aden is a penetration tester with BAE Systems based in Malaysia and has 6 years of experience in the field of Cybersecurity. He is responsible for delivering red teaming exercise and various penetration testing for numerous industries and reported critical vulnerabilities in their application and infrastructure. He holds CRTO, OSCP, CREST-CRT, CEH and industry certifications. Apart from projects, He also contributed in bug bounty program for health and financial industries and vulnerability research program for internet spaces.

Ali Radzali
Ali started his first step in Cybersecurity while participating in Capture The Flag (CTF) competitions. From that, he develops more interest in cybersecurity skills by writing a blog, creating a tool and joining CTF globally and locally. He is a penetration tester with BAE Systems based in Malaysia and has reported several critical vulnerabilities. He also holds OSCP, CRTO, and CREST-CRT industry certifications. Ali also has contributed back the knowledge he gained to local students in Malaysia and will continue doing so in the future.

Azrul Zulkifli
Azrul started his journey in cybersecurity in his early teens, where he found a flaw in a dial-up internet access and people can surf the internet for free. Since that, he developed interest in hacking. He believes that hacking is not just a career, but a way of life. His current work involves identifying security vulnerabilities and conduct ethical hacking to software application. Throughout his career, he has perform various penetration tests for numerous agencies, especially major banks in Southeast Asia, to help ensure that their systems are more secure against cyber criminals. He spends his free time improving his methodology to hunt for a new CVE and zero day. As of today, he obtained 5 CVE under his name in VDP and BBP programmes. He holds several industrial cybersecurity certifications such as Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP) and Comptia security+.

Eric Reyata
Eric is a Cyber Security professional who has been working as a TI Analyst focused on CTI Collection, OSINT, HUMINT, Criminal Underground monitoring and tools development and automation. After working at iSight Partners and FireEye, he joined the Fox-IT InTELL team in The Netherlands. He is also the founder of Rightsec, a cyber security solutions and services provider based in Manila, Philippines.

IJ Puzon
A child of a Pastor & School Teacher, IJ is an Information Security Professional with ~7 years of experience in the field. He specializes in Vulnerability Assessment & Penetration Testing (VAPT) primarily focusing on Host, Web & Mobile Assessments as a member of the Synack Red Team & with his current employer. He is also skilled in Digital Forensics & Incident Response (DFIR), having handled multiple incidents in his previous employments & testifying as an expert witness in a case involving Computer-related Grave Threats & Unjust Vexation.

Kamel Ghali
Kamel is a veteran of the automotive cybersecurity community, having spent over 3 years as an expert car hacker, technical trainer, and contributor to worldwide industry-focused communities such as the SAE, ASRG, and the Car Hacking Village. His particular areas of focus within vehicle security are Bluetooth, RF, and in-vehicle networks. Outside the garage, Kamel is an amateur chef, ukulele player, and fighting game enthusiast.

Kirk Trychel
Kirk Trychel is a lifelong hacker. He has lead Red Teams with the Department of Defense, Secureworks Adversary Group, and CrowdStrike Adversary Emulations. Always eager to hack the newest technology, Kirk has produced original research across many areas of offensive security. His diverse experience combines with a passion to understand and expand attack surfaces, and do what defenders have not considered. Besides breaching systems, Kirk loves sharing his knowledge with the community and helping enhance organizations’ security posture.

Nader Zaveri
Nader Zaveri has over 15 years of experience in IT security, infrastructure, and risk management. Nader has led both investigation and remediation efforts for client’s to understand the storyline of the attack for the most allusive nation-state threat actors and assist in eradicating their access.

Sheikh Rizan
Rizan is a passionate information security professional with more than 20 years of experience. He loves anything Linux or open-sourced. He had spent over 13 years securing one of the largest oil and gas company in the world from cyber threats. He holds several industry relevant certifications including OSCP, OSCE, OSWE, Burp Certified Practitioner & CISSP. He had reported security bugs to the US Department of Defense (US DoD), Spotify, Amazon, General Motors, Toyota, Alibaba, Airbnb, Dell, Starbucks & Rockstar Games.

Jay Turla (@shipcod3)
Jay Turla is Principal Security Consultant at VikingCloud, and one of the goons of ROOTCON. He has presented at international conferences like ROOTCON, HITCON, Nullcon, DEFCON, etc. He used to work for HP Fortify and Bugcrowd in the areas of appsec. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.

Tan Jing Zhi
Jing Zhi is an undergraduate at Singapore Management University and a hardware padawan.

Yu Pengfei
Pengfei is a full time Cybersecurity firefighter and part time red/purple team member in GovTech