Bringing new and exciting ideas to the forefront of the information security industry would not be possible with the wonderful speakers who work hard to research, discover, and teach their ideas with our attendees. We’re so excited to welcome the speakers below to BSides Delaware 2025!
2025 Speaker Bios
Chris Glanden
Talk: Algorithmic Fate
Bio: Chris is a cybersecurity influencer, advisor, and prolific content creator with over 25 years of frontline experience. A former security enterprise engineer, he now owns and operates BarCode Security LLC, a boutique security services firm that helps small to medium-sized organizations strengthen their security posture. He also hosts the award-winning podcast, BarCode, and is a founding member of the Cyber Circus podcast network.Passionate about creative storytelling, Chris writes and directs indie films and documentaries inspired by stories from the cyberworld, including INHUMAN (2024) and I AM MACHINE (2025). Additionally, he conducts research into AI weaponization and its implications on society. In 2025, Chris was recognized by Code Red and the Merritt Group as one of the Cybersecurity Influencers to Watch, further solidifying his reputation as a trusted thought leader. With a dedicated following and a unique approach of blending knowledge with entertainment, he continues to shape conversations at the intersection of cybersecurity, media, and culture.
Kerry Hazelton
Workshop: Cloud Forensics Workshop: Power, Light, and Intelligence
Bio:Kerry Hazelton, also known as “Professor Kilroy,” has worked in technology and security for over 25 years, crafting his own version of “Protection Against the Dark Arts” across IT systems, data center operations, cloud computing, digital forensics, and incident response.
He founded the Cloud Forensics Workshop and CTF Challenge in 2017, blending technical deep-dives with real-world forensic simulations. His latest evolution of the course incorporates collaboration with Aeris, a digital intelligence partner, bringing human and AI fusion into modern DFIR education. Kerry shares his thoughts on gaming, hacking, and life at @profkilroystories.
Jessica Weiland
Talk: “Shut the Front Door” Forming Attack Profiles from Risky Hiring Practices
Bio: For the last 8 years Jessica has served the community as an Account Executive. She works adjacently with security teams, leveraging conversations to identify issues that exist not just in the technical realm, but beyond it in the day to day interactions of end users. She is an advocate for reducing burnout in the Cyber Community which is why she founded the Cyber Trailblazers, a group that helps leaders pry fingers from keyboards and hit the trails together int he DMV area. The hope being to form real connections and collaborate on roadblocks.
Rene Brandel
Talk: How We Hacked YC Spring 2025 Batch’s AI Agents
Bio: Rene Brandel is the Cofounder & CEO of Casco. Before Casco, he was the Head of Product at AWS and inventor of “Kiro” – AWS’ agentic IDE. He has a long-standing passion for AI, cloud, and developer tools. In fact, he won Europe’s largest hackathon in 2016 with a voice-to-code agent before generative AI became a common-place technology.
Jen Langdon
Talk: Why Teachers are the Best Hackers
Bio: Jen started her professional career as a public middle school science teacher. After transitioning to become a department lead in a private school and writing curriculum, she started to question “What’s the next challenge?” After transitioning to the cyber field, building a cyber computer game, creating a cyber podcast for students, and working on producing podcasts for cyber companies in the industry, she has looped back to help build solutions that teachers can use to help students and schools implement hands-on tech education as a cybersecurity engineer at Cyber Skyline. In her free-time, she trains for and runs marathons in different states.
Diptendu Kar & Derian Stenglein
Talk: npm should-i-install: Attacks, Detection Gaps & Defenses
Bio: Diptendu Kar & Derian Stenglein – Security Researchers (Supply Chain) at Semgrep.
Paul Brownridge
Talk: Hacking Planes. What can we learn on the ground from vulnerabilities in the air?
Bio: Paul comes from a chemical engineering background. He spent three years working in a refinery as an industrial process control engineer. He is very familiar with human machine interfaces, telemetry, sensor data and other SCADA system and has hands-on experience of installing, programming and bug fixing on process control systems. He understands the intricacies and unusual nature of serial networks, IP to serial convertors, PLCs and RTUs. Since moving into cybersecurity, he has become actively involved in penetration testing. His practical experience of process control and cyber security make him a capable and highly competent OT cyber engineer.
Brad Sherman
Talk: Beating the Company Phishing Test with Phish Cutter
Bio: Brad Sherman is a enterprise solutions architect and former software engineer in Delaware. He has experience in enterprise computing and application security. Brad has a Bachelor’s Degree in Computer Science from Drexel University and a Master’s Degree in Software Engineering from the Pennsylvania State University
Jackson Stockstill
Talk: Graylog: An Open-Source Introduction to SIEMs and the Story of “MongoBongo”
Bio: My name is Jackson Stockstill and I am an undergraduate student at Towson University. I will graduate in December 2025 with a B.S. in Computer Science and a minor in mathematics. I have contributed to undergraduate research in large-language model multi-agent systems (LLM-MAS) and cybersecurity, and I have interests in data science and meteorology.
Amera Mohamed
Talk: The Algorithms of Deception: Inside AI-Powered Social Engineering
Bio: Amera Mohamed is a cybersecurity professional and educator whose work bridges technical defense and human behavior. A summa cum laude graduate of Towson University and CompTIA Security+ certified analyst, she coauthored an upcoming Red Team Handbook featuring original labs she developed while working on the Security Operations Center team at Towson’s Center for Interdisciplinary and Innovative Cybersecurity. Amera has traveled to schools across Maryland teaching students from elementary through high school about cybersecurity, sparking early interest in digital safety and ethical hacking. She has also taught in the NSA’s GenCyber program and led research exploring AI-driven deception and social engineering. Passionate about making security approachable, Amera brings fresh insight into how emerging technologies and human behavior intersect in today’s cyber landscape.
Josh Kimmel
Talk: Windows Privileges: The Powers Behind Administrator
Bio:I am an information technology student at Towson University. As the vice-president of the Cyber Defense club, I find defensive security research fascinating.
Jim Gilsinn
Talk: ATT&CK’ing the Death Star while Bow-TIEs D3FEND
Bio: Jim Gilsinn is a Principal ICS Cybersecurity Engineer at MITRE with over 30 years in ICS and over 20 years in cybersecurity assisting customers with developing, designing, implementing, and assessing secure and reliable systems. Jim has been actively involved in the ICS cybersecurity standards community, developing ISA/IEC 62443 since it was formed. Jim was previously a consultant at Dragos and Kenexis Consulting and a researcher at NIST in the Engineering Lab.
Casey Cochran
Talk: Burnout by Design: Let’s Build a Better SOC
Bio: Casey Cochran is a cybersecurity leader with 16 years of cyber security experience, and 6 years building and managing high-performing blue teams across SOC operations, detection engineering, threat hunting, and incident response.
Casey is passionate about solving real-world problems that plague security teams – like alert fatigue, burnout, and inefficient detection rules.
Casey believes the best defense doesn’t come from more alerts or more tools – it comes from clarity, collaboration, and a focus on true risk.
Michael Raymond
Talk: Catching the Catchers: Open Source Stingray Detection in the Wind
Bio: Michael Raymond is a vCISO and compliance professional who thrives on exploring the bleeding edge of tech. In his earlier career, Michael was a security researcher and video producer, delivering live-streamed educational content on channels like Null Byte, SecurityFWD, and Hak5. Outside of his day job, Michael’s curiosity drives him into the realms of hardware, electronics, and aerospace. Whether it’s tracking airplanes through ADS-B, diving into signals intelligence with SDRs, home automation with Home Assistant, or uncovering other obscure niche topics, he brings the same passion and friendly enthusiasm to every new challenge.
Jason Wright
Talk: “Paper-based Table Top Exercise (TTX) – Ransomware Simulation for State and Local Governments (SLG)”
Bio: Jason Wright is a multi-faceted cybersecurity professional whose career is centered on strengthening defensive capabilities. The bulk of his background is rooted in Security Operations, where he specializes in incident response, detection engineering, attack simulation, and purple teaming. Passionate about translating complex adversary techniques into actionable defense strategies, Jason extends his impact beyond his primary roles. He actively contributes to the security community as an engaging speaker, a dedicated adjunct instructor, a mentor to aspiring professionals, and a trusted consultant. In all his work, Jason is driven by a commitment to sharing knowledge and empowering teams to build more resilient security postures.
Amber Kirylak
Talk: Paper-based Table Top Exercise (TTX) – Ransomware Simulation for State and Local Governments (SLG)
Bio: Amber Kirylak is a cybersecurity professional who began her career as a post-production artist and photography assistant, spending over 11 years working on weddings, corporate events, and commercial projects. After discovering her passion for technology and security, she transitioned into cybersecurity, spending 2.5 years in (GRC) before pivoting into security operations with the goal of becoming a security engineer. Amber serves as the Membership Chair for the ISC2 Delaware Chapter, and is also part of WiCyS: Women in Cybersecurity. She was selected as a WiCyS + SANS Security Training Scholarship awardee for the 2024–2025 cohort. Amber holds several industry certifications, including CompTIA Network+ and Security+, ISC2 Certified in Cybersecurity, AWS Certified Solutions Architect: Associate, and multiple SANS certifications (AIS247, GFACT, GSEC, and GCIH). The motto she lives by is “Always stay curious and keep moving forward.”
Kaden Pirmohamed
Talk: Buidling RAG Systems: From PDF to Production with Docker and OPen Source AI
Bio: Senior Computer Science and Cybersecurity student at Towson University, graduating this semester. This RAG system was developed during a summer research project under Professor Michael O’Leary, focusing on practical AI applications in cybersecurity education. The project demonstrates how academic institutions can leverage open-source AI tools to enhance learning without significant infrastructure investment.
https://www.linkedin.com/in/kadenp/
Eric Engman from Insane Cyber
Talk: From nOt to hOT, a quick look at OT cyber security
Bio:I am currently the Senior Solutions Engineer for Insane Cyber. I previously worked for the CyberSentry program focused on critical infrastructure at CISA, and was a member of and then the civilian team lead of a National Cyber Protection Team for the Cyber National Mission Force under US Cyber Command.
Luke Canfield
Talk: The Drone Renaissance – The Attack Surface Now Includes the Sky
Bio: Luke Canfield is a cybersecurity analyst specializing in vulnerability management, RMF compliance, and open-source intelligence, with over eight years of experience supporting federal and state government missions. A native of West Virginia, he brings a practical foundation in cyber defense, combined with academic training in cybersecurity, intelligence, and geography. He holds degrees from Western Governors University and West Virginia University.
Mahender Mangalasri
Talk: Bias in AI – The Underrated Vulnerability
Bio: Mahender is a Cybersecurity consultant with over 14 years of hands-on experience in securing applications, APIs, and Databases across diverse enterprise ecosystems. He specializes in Application Security and data protection, delivering scalable solutions that bridge the gap between product development and Delivery teams. These days, he spends most of his time at the crossroads of AI safety and Security.
Steve Dyson
Talk: Aligning Cyber Defense and Compliance: Leveraging ATT&CK, D3fend, and the Cyber Defense Matrix for Modern Regulatory Readiness
Bio: With a background in law enforcement and cybersecurity, Steve is highly skilled in cyber risk management, cloud security, threat mitigation, and intelligence gathering and analysis. Steve has expertise in a range of cybersecurity incident response and threat hunting tools, as well as in information security system design, management, and analysis. Steve also brings a wealth of specialized experience in both Healthcare and Financial Services sectors and has a legal background focused on regulatory compliance and digital privacy.
Benjamin Sleek @ Proof
Talk: Taming the AppSec Data Deluge: AI-Driven Work Discovery and Prioritization for Security Teams
Bio: I’m an ex-Developer turned Application Security Engineer currently employed by Proof. After 10 years of building applications, I discovered breaking them could be just as fun.
Hampi Thumati
Talk: Re-thinking IAM: A CTF-Driven Approach
Bio: I hold a Bachelor’s degree in Computer Science with a specialization in Cybersecurity and a Master’s degree in Cybersecurity from the University of Delaware. During my graduate studies, I actively participated in Capture the Flag (CTF) competitions, which inspired my passion for hands-on security learning and shaped the foundation for this talk. For the past two years, I have worked in Identity and Access Management (IAM) for the State of Delaware, where I have deployed and managed industry-standard tools such as Okta and CyberArk to strengthen the state’s security posture. My professional and academic experience fuels my commitment to making IAM concepts accessible through interactive workshops, helping others gain practical skills in one of the most critical areas of cybersecurity today.
Robin Noyes
Workshop: DFIR ‘Tools of the Trade’ and Backdoors and Breaches Sessions
Bio: Robin holds multiple degrees and industry certifications and has over twenty years of experience in telecommunication and government industries, to include military service. Her prior roles included: application operations and administration, systems administration, administering and maintaining Splunk, creating content, performing incident response, threat hunting, cyber security analyst and digital forensics functions.
www.linkedin.com/in/robin-noyes
Norris Cornell
Talk: When Cyber Meets the Spectrum: SIGINT and Application Security Lessons for ICS Satellite Communications
Bio: Norris Cornell is a cybersecurity professional with a master’s in SCADA Cybersecurity. His work centers on ICS and AppSec, with ongoing research into SIGINT concepts. He shares insights through projects, blogs, and talks that make complex ICS security challenges accessible.
James Rabe – Head of Global Services – IriusRisk
Talk: First in Threats, First in Defense: Getting Started with Threat Modeling
Bio: James Rabe is the Head of Global Services at IriusRisk and is responsible for designing and implementing threat modeling solutions for customers. He brings over a decade of experience in technology, security, and start ups. In his spare time, he provides free cybersecurity training and assessments to nonprofits and small schools in the mid-Atlantic region. He was a founding member of Threat Modeling Connect and is an active mentor in that community for the annual threat modeling hackathon and mentorship.
Sheshananda Reddy Kandula
Talk: LLMsec 2025: A Practical Guide to Attacks and Mitigations
Bio: With 15 years of experience in Application Security, focusing on web, mobile, and APIs, I have developed deep expertise in identifying and mitigating vulnerabilities, particularly in alignment with the OWASP Top 10 for both web and mobile security. Throughout my career, I’ve gained hands-on experience addressing real-world security challenges and hold certifications such as OSWE, OSCP, and CISSP, which further validate my skills.
Having gained extensive knowledge through real-world security challenges and research, I am passionate about contributing to the security community by sharing insights and advancing best practices in application security, secure coding, and threat modeling. Through my experience and leadership, I strive to empower fellow professionals, foster security awareness, and contribute to building a more resilient digital ecosystem.
William “Winter” Fielder
Talk: We Don’t Like That Part, so we Turned it Off
Bio: By day a Principal Consultant for Red Hat Inc., specializing in infrastructure, identity management, automation, and system security. By night providing for the care, feeding, and medical needs of lost and abandoned domestic rabbits.
Akash Thakur – Global SRE Leader & Architect
Talk: Bridging SRE and Cybersecurity – Operational Resilience at Scale
Bio:Akash Thakur is a globally recognized Site Reliability Engineering (SRE) leader and architect, known for building and scaling reliability and security frameworks across Fortune 100 enterprises. With over 15 years of experience leading global reliability, observability, and security initiatives, Akash has been instrumental in shaping modern SRE models that blend AI-driven automation, cloud-native design, and zero-trust security.
He frequently serves as a judge and reviewer for international technology awards and journals, including the UN Technovation, T& F Journal, and the Journal of Cyber Security Technology. His recent article, “From Cloud to Cognitive Infrastructure: How AI Is Redefining the Next Frontier of SRE” was published on DevOps.com.
Akash is passionate about advancing the intersection of SRE and cybersecurity, helping enterprises achieve resilience by design.
Guy M. Bilyou
Talk: Cyber Heroes to the Rescue: Earning a Nice Living Saving Small Business
Bio: Guy M. Bilyou (CMMC Assessor) CISSP, CMMC CCP, CCA, Lead CCA
Guy started in cybersecurity 25 years ago as a penetration tester, moving into security engineering and risk management mid-career. He’s a 20-year combat veteran decorated for offensive cyber operations in the War on Terror. Guy’s experience in government and the private sector includes assessing electronic weapons systems, engineering security solutions for Big Tech and Finance, and building CMMC compliant programs for DoD contractors. As a small businesses consultant since 2019, he brings understanding of their challenges and appropriate solutions. He was among the first professionals certified in CMMC compliance and holds the Lead CMMC Certified Assessor credential.
Chris Young
@reachchrisyoung
Talk: From Nobody to “KNOWN” – Tactics to Get Connected, Invited, & Referred
Bio:Chris Young is a Data Privacy Engineer and Certified Ethical Hacker with 20 years of experience in digital marketing/lead gen & Search Engine Optimization (SEO), over a decade with information security, and nearly a decade in global consulting.
But he didn’t start that way! After serving in the Marine Security Guard program & joint federal operations with the U. S. Department of State & the Department of Defense, running inter-service pre-deployment training at multiple federal installations, Chris transitioned from the Marine Corps to global consulting and, ultimately, into cybersecurity. It would be 8 months from accidentally stumbling upon what would lead to his first warm-welcoming by an online cybersecurity community before he would land his first conference talk. This stepping stone would launch the roadmap toward breaking through the noise that a newbie experiences to get connected, invited, and referred by seasoned professionals in the industry; now, he shares the roadmap.
Anmol K. Sachan (@FR13ND0x7F)
Talk: The Time Machine v3.0: Digging Through the Past to Hack the Future
Bio: Anmol Sachan (@FR13ND0x7F) is a Sr. Security Consultant at NetSPI specializing in Web Application, Network, and AI/ML Pentesting.
He’s the creator of several open-source tools, including The Time Machine, WayBackup Finder, and more, all focused on automation and offensive recon.
His research has been showcased at Defcon 33 Demo Labs (Las Vegas), BSides Mumbai, OSINTCon, and Null/OWASP Bangalore, and featured in multiple including CERT-In’s Hall of Fame for responsible disclosures.
Anmol is passionate about teaching practical offensive security through automation and data-driven recon.
Arjun “T3R4_KAAL” Chaudhary
Talk: The Time Machine v3.0: Digging Through the Past to Hack the Future
Bio: Arjun is a dedicated and certified cybersecurity professional with extensive experience in web security research, vulnerability assessment, penetration testing (VAPT), and bug bounty programs. His background includes leading VAPT initiatives, conducting comprehensive security risk assessments, and providing remediation guidance to improve the security posture of various organizations. With a Master’s degree in Cybersecurity and hands-on experience with tools such as Burp Suite, Wireshark, and Nmap, he brings a thorough understanding of application, infrastructure, and cloud security. As a proactive and self-motivated individual, he is committed to staying at the forefront of cybersecurity advancements
Joshua Marpet
Talk: Value Chain Visibility and Risk Quantification
Bio: Entrepreneur, Fortune 1000 advisor on Information & Physical Security, Compliance, and Risk Management. CMMC author, podcast co-host, and Chief Information Security Officer at Cyturus.