The Important People

Ben Gras

Ben is currently a security research intern with Cisco Systems and has been part of the systems security research group at the Vrije Universiteit Amsterdam since 2015 where he is pursuing a PhD in mischief. Recently publicized attack research has included a reliable Rowhammer attack presented at Blackhat Europe in 2016.

Previously, he was a scientific programmer working on the Minix operating system under Andy Tannenbaum for 10 years.


Mikhail Davidov

Mikhail Davidov is a Principal Security Researcher at Duo Labs specializing in vulnerability research and reverse engineering. After spending years in the consulting bug mines and developing crash dump analysis tools for DARPA, Mikhail now helps keep software and hardware vendors accountable for their security claims. His recent published research includes an in depth analysis of OEM updaters and an EMET bypass.


Dr. Ang Cui, PhD & Rick Housley

We’re very happy to have Dr. Ang Cui and Rick Housley from Red Balloon Security in our Summercon 2017 speaker series.

Red Balloon Security was founded in 2011 by two of the world's leading cyber-security researchers. They are a Columbia Portfolio Company and a Microsoft Ventures Accelerator Company.

Dr. Angu Cui, CEO and Chief Scientist, and Rick Housley, Research Scientist, will be presenting on defeating the secure boot using electromagnetic pulses and badFET.

"We’d like to present badFET as an open, low-cost platform for conducting EMFI research. We believe electromagnetic fault injection is a fascinating sub-field of study. The cost of commercial EMFI equipment is prohibitively expensive for many researchers. We would like to democratize this area of research by sharing our low-cost open EMFI platform with the security research community."

We promise you will not have seen anything like this before – check out the Presentations page for more details.

Red Balloon Security

Geoff Chappell

Geoff Chappell is the author of the Windows programming resource at, of some articles for Poc||GTFO, and long ago of the book "DOS Internals". He has been reverse engineering since before many attendees were born. He developed it to be a better programmer but he occasionally moonlights as a security researcher. Some years he does well from being a bit of both. Others he can't get work as either.

Sarah Zatko

Sarah Zatko is the Chief Scientist at the Cyber Independent Testing Lab (CITL), where she develops testing protocols to assess the security and risk profile of commercial software. She also works on developing automated reporting mechanisms to make such information understandable and accessible to a variety of software consumers. The CITL is a non-profit organization dedicated to empowering consumers to understand risk in software products. Sarah has degrees in Math and Computer Science from MIT and Boston University. Prior to her position at CITL, she worked as a computer security professional in the public and private sector.

@Cyber ITL

Sophia D'Antoine and Ryan Stortz

Sophia is a senior researcher at Trail of Bits and spends too much time going to noise concerts. Noise, or Noize, not music, found its roots in early electronic and industrial musics. A typical example today is some insane Japanese sound sculptor screaming and pounding sound through endless feedback loops of overdriven distortion pedals and short wave radios, producing waveforms in chaotic and unpredictable shapes. On the other hand you have ‘sounds of refrigerator.’ Sometimes it's work that comes with the following suggestion in its liner notes: LISTEN AT NIGHT WHILE SNOW FALLS SILENTLY UNDER STREET LIGHTS. The work is not cathartic.

Ryan is a principal researcher and tifosi at Trail of Bits.

@trailofbits    @withzombies

Marion Marschalek

Marion takes things apart, with a passion. She works as an independant researcher and focusses on targeted threats and incident response cases. Marion started her career within the anti-virus industry and also worked on advanced threat protection systems where she built a thorough understanding of how threats and protection systems work and where both fail, only occasionally. Also, Marion teaches malware analysis at University of Applied Sciences St. Pölten and frequently contributes to articles and papers. She has spoken at international conferences around the globe, among others Blackhat, ReCon, SyScan, and Troopers. Marion organizes an annual and free reverse engineering bootcamp for women named BlackHoodie.