Security Fest 2026

Adam Toscher is a New York–based security engineer and red team operator with over two decades of experience in offensive security, adversary simulation, and automation. Born in New York City and raised upstate, Adam built his career as an “IT vagabond,” beginning as a freshman IBM intern porting Linux applications to mainframe system. Mainframe work tgrounded him in large-scale computing, operating systems, and complex enterprise environment, before transitioning into offensive security.

He later progressed through senior security roles at Adobe, Optiv, Accenture, IBM X-Force, and NYC Cyber Command, where he focused on realistic adversary emulation and advanced red-team operations.

Most recently, Adam has been working with Cobalt Labs, supporting advanced red-teaming and offensive security engagements for private-sector organizations. Prior to this, he led red-team and adversary simulation efforts in support of critical public infrastructure with NYC Cyber Command and the FDNY.

His work centers on penetration testing, red teaming, adversary emulation, and practical automation across both private-sector companies and government agencies. Outside of security, Adam values balance and lifelong learning, and is an avid reader, runner, swimmer, and gamer.

Adrian is a Threat Intelligence Analyst at Government Unit CSIRT.SK within the Ministry of Investment, Regional Development and Informatization of the Slovak Republic. He specializes in threat intelligence, process automation, and the administration of the local MISP instance network within the public sector, and has been working at CSIRT.SK since 2023. He is also a core member of the Afrodita project, where he contributes to providing Threat Intelligence to the constituency of CSIRT.SK.

In addition to his professional role, he runs a computer repair shop as a personal endeavor and leads courses on the fundamentals of network technologies at the Faculty of Informatics and Information Technologies, Slovak University of Technology (STU) in Bratislava.

Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field. Mr. Holden researches minds and techniques of cyber criminals and helps our society to build better defenses against cyber-attacks.

Alexander is a Principal Forensic Consultant at Truesec. Alexander has a background in red teaming and software development. Today, he spends most of his time providing incident response services to companies that have suffered from an attack. He has led hundreds of complex investigations into everything from full-scale ransomware attacks to zero-day exploits and APT campaigns. Whenever not in an active incident, Alexander spends time in research and development with a focus on both novel forensic techniques and offensive vulnerability research.

Christian Zäske is an IT security consultant for the pentest company SySS GmbH located in Germany. By starting his Bachelor's degree in computer science in cooperation with SySS GmbH in 2020, he turned his hobby into his profession: Security research. Being passionate about embedded security, he specialized in analysing hardware of various types. From tiny hearing aids to full size EV charging stations.

Claire Vacherot is a pentester and researcher at Orange Cyberdefense in France. She likes to test systems and devices that interact with the real world, and to play with industrial network protocols. Sometimes, she also speaks about all of this at conferences such as GreHack, Defcon, Hack.lu or SSTIC. As a former software developer, she never misses a chance to write scripts and tools.

Dan is the founder of Phobos Group, a boutique information security consulting and architecture firm, specializing in assessment work, security architecture, remediation efforts, advisory and simulation services. Dan's been at this a long time. Come talk to him about Phobos Airlock!

I am a Researcher with Black Hills Information Security. I develop malware and build automation pipelines for engagements. As a hobby, I like diving into IDA disassemblies and WinDBG to find increasingly complex way to do things which would annoy EDRs and Reverse Engineers. When I am not looking at screens, I am riding motorcycles, trekking along the himalayas or reading history and philosophy.

Emil Trägårdh is a Swedish hacker, entrepreneur and Blueteamer. At the age of 14 he created his first botnet and in high school he hacked a small city. At the age of 20 he founded a web dev agency and four years later he did his first large scale government contract with the Swedish authorities. In between, he traveled the world with his family for a year and he no longer works like regular people. Instead he devotes most of his time to security because it's fun!

With a background that bridges technical engineering and product strategy, Harshita has a unique perspective on scaling complex systems while maintaining a high bar for quality and security. She was awarded the Dan Kohn Scholarship to attend KubeCon EU 2023 and recently co-presented the session "From Noise to Clarity: Humanizing Observability" at KubeCon + CloudNativeCon North America 2025 in Atlanta.

Harshita is an active international speaker, with upcoming engagements at ContainerDays London 2026. Traveling from India, she is passionate about fostering a "Security-First" culture within DevOps teams and advocating for more inclusive, sustainable open-source communities.

Hey, I'm Lora. I build tools that live in other people’s memory space. I’m a Linux security researcher and the developer of Aether, a 32/64-bit process injection framework. My recent work involves weaponizing Rust’s safety features to create more stable and undetectable C++ hybrids. I’m here to show you how process injection is evolving on Linux and why the future of offensive tooling is polyglot.

Michal is a PhD candidate and lecturer at the Faculty of Law of Comenius University in Bratislava, the Institute of Information Technology Law and Intellectual Property Law. He is a Slovak attorney and lawyer of Slovak Government CSIRT unit.
His practice and academic research focuses on ICT law, cybersecurity law, and criminal law. His recent research address issues such as legal aspects of OSINT, CTI and information sharing, as well as legal protection of good-faith security researchers and coordinated vulnerability disclosure (CVD),

Nikita Verma is a Platform Engineer and Cloud Native Advocate with over three years of experience building resilient, automated infrastructure. A dedicated open-source contributor, Nikita has worked on core Kubernetes projects and cloud-native automation, including impactful work with Moja Global during an Outreachy internship.

Beyond engineering, Nikita is a passionate educator who has mentored over 10,000 students in Data Structures, Algorithms, and Cloud Native technologies. As an active member of the global tech community, she has shared her expertise at major conferences across the globe, including KubeCon + CloudNativeCon North America 2025 in Atlanta, ContainerDays London, and SeleniumConf Valencia.

Yuqiao Ning is the Technical Director of CATARC Intelligent and Connected Technology Co., Ltd. He has extensive experience in computer systems and software security research. In his current role, he is primarily responsible for pioneering research in automotive penetration technology and the development of automated detection tools. His work focuses on analyzing security risks within automotive open-source software, with a particular emphasis on understanding the critical intersection of automotive security vulnerabilities and functional safety. He has played a pivotal role in organizing numerous automotive information security attack and defense challenges, contributing significantly to the advancement of safer and more secure automotive technologies. Furthermore, he has played an instrumental role in shaping national automotive information security standards, contributing to the drafting of several key national standards.