Bart is an Incident Response and Forensics Specialist in MANDIANT's Security Consulting Services team helping clients restore confidence in an event of a breach. He holds a degree in Computer Forensics, is a keen developer, enjoys inspecting network traffic and specialises in Windows forensics with fascination in volatile memory.

Having worked on Incident Response engagements around the world, Bart routinely develops new tools and ideas to solve on-the-job problems and to ensure Mandiant remains an industry leader. Some of these developments led to Bart's contributions to the Volatility project.

After spending 8 years in England, Bart recently relocated to APJ region as he believes it's still the most fascinating, culturally diverse, and opportunistic region in the world. The relative immaturity in Cyber Security in most countries, but also the "hunger to learn" that most businesses and government organizations display, offer a significant growth opportunity.

• Lead attack simulation projects for many companies ranging from Fortune 10 to Fortune 500, and SMEs. Experiences focused on financial, manufacturing, retail, and aviation industries.
• World recognized in the offensive cyber security space for advanced adversary simulation services and operating on production infrastructure.
• Known for spreading offensive cybersecurity experience through the “Red Team Tips” series.
• Speaker at various security conferences, such as HITB GSEC 2017 and 2018, SSC 2018, JD.com 2017, Steelcon 2017, BSides Manchester 2017, Snoopcon 2017 and 2016.
• Regular blogger: www.vincentyiu.co.uk
• On-going development of innovative tools to automate large-scale offensive cyber security simulations: MaiInt, LinkedInt, DomLink, CACTUSTORCH, RDPInception, ANGRYPUPPY, morphHTA, genHTA, and more.
• Past: Accenture FusionX UK Lead, MDSec ActiveBreach CHECK Team Leader, MWR InfoSecurity.
• Certifications: OSCP, OSCE, CCT INF.
• UK National Cybersecurity Challenge Finalist in 2015 (3-day competition).
• Researching topics:
• Zero-day vulnerabilities in SOC stack such as ELK, and Splunk.
• Extensions of Domain Fronting and covert Command and Control.
• Large-scale cloud security research in significant providers such as Amazon, Azure, and Alibaba.
• Domain and resource hijacking.
• EDR bypasses and limitations.
• Developing practical, relevant, and easy to use tooling.
• Weaponizing 1-day vulnerabilities.

Brian serves as the Financial Services Information Sharing and Analysis Center (FS- ISAC) Intelligence Officer for Asia-Pacific. Previous to his time at FS-ISAC, Brian worked for the Pharmaceutical Security Institute as the Senior Intelligence Analyst producing intelligence on criminal involvement with global counterfeit pharmaceutical networks, including cyber-based networks. Prior to that he served in the U.S. Department of Defense in intelligence and foreign affairs roles of increasing responsibility for twenty-six years culminating as the Principal Intelligence Officer for the Deputy Assistant Secretary of Defense, with responsibility for Taiwan, China, Japan, North and South Korea and Mongolia. Brian received his Master of Arts degree in Global Affairs from George Mason University focusing on global conflict and security. He is fluent in Mandarin Chinese, Portuguese and Spanish.

I am a forensic researcher at the Institute of Best of the Best in south Korea and currently holds a master's degree in Information Security.

I am interested in analyzing incidents caused mainly by 1-day exploit and APT attacks.

In this conference, I will explain which artifacts is left in system when 1-day exploit works and describes how to make connection between normal information and abnormal infornaion to figure out which software vulnerabilities are causing the attack.

Jay Spreitzer has over 20 years of information security experience and is currently the CISO at Protocol 46. Over the last 13 years, he was the team lead for the cyber threat intelligence team at a large financial institution. Prior to working in the private sector, Jay retired from the US Army, after 23 years of service working in various technology and information security roles. Roles included system administrator, database administrator, Information Assurance Security Officer, and culminating as Information Management Officer. As Information Management Officer, he managed and developed all facets of the organization’s information security program. Jay is also the co-founder of Protocol 46, a US-based company extending cyber security to small and medium businesses.

Jay has completed his Bachelor of Science in Information Technology and a Master of Science in Information Assurance and Security. Some of his other training includes Network Penetration Testing and Ethical Hacking, Advanced Security Essential, the Criminal Intelligence Analyst Course, and the FBI Citizen’s Academy. He holds GIAC Continuous Monitoring and Security Operations, Enterprise Defender, and Incident Handler certifications.

Jay is a member of InfraGard and the High Technology Crime Investigators Association. Jay has been an active member of the Board of Directors for the FBI Citizens Academy Alumni Association and Minnesota InfraGard.