Who Are We?

Chris, the founder of BSides Hong Kong, is a highly experienced professional in the field of bug hunting. With a career spanning over 10 years, he has developed an extensive expertise in various areas including web application security, penetration testing, and malware analysis. Chris has earned numerous certifications, including an impressive count of 10 Common Vulnerabilities and Exposures (CVEs) and the prestigious Offensive Security Certified Expert (OSCP | OSCE | OSEE | OSWE | OSWP | OSEP | OSED | OSCE3 | OSMR) certification.

Throughout his career, Chris has actively contributed to the security community by reporting vulnerabilities to tech giants such as ASUS, Yahoo, eBay, and Apple. His contributions have not been limited to bug hunting alone, as he has also played a vital role in malware analysis for a Hong Kong Threat Intelligence Sharing Platform. With his vast experience and valuable contributions, Chris continues to be a active researchers in the cybersecurity field. He is also Blackhat USA and Blackhat MEA trainer.

Jason is the Penetration Testing Lead for a virtual bank and has a wealth of cyber security experience from both consultaning and working at various Fintechs. He has spoken at conferences such as BSides Cape Town and continues to actively participate in the community.

Boris is a software security specialist specializing in software development, security engineering, threat modeling, defensive coding, security testing, code obfuscation, steganography, as well as rootkit research. Currently Boris is working in a major US cloud service provider, where he joined from one of the world’s leading US financial services institutes. Apart from his full-time work, Boris also serves as part-time lecturer for a Bachelor degree in ethical hacking and cybersecurity in a university from UK.

He is also the OWASP HK chapter lead, core member of VXCON, HITB CFP review board member, organizer of DEFCON village, BlackHat Arsenal, and OpenSSF meetup group of Linux Foundation. Boris regularly speaks in cybersecurity conferences. He holds 3 US patents, 2 bachelor degrees and 2 master degrees. Boris is an enthusiast in aviation and he holds a private pilot license. During his free time, he is probably spending his time flying while not hacking.

As the organizer of BSides Hong Kong, Krecendo plays a pivotal role in bringing together cybersecurity professionals and enthusiasts to share knowledge and innovations. Krecendo is an experienced Cybersecurity Manager currently working at DracoSec Research Limited, where he has been advancing the field of cybersecurity for 5 years. His expertise spans Red Teaming, Penetration Testing, and Security Risk Assessment and Analysis (SRAA), and he holds prestigious certifications such as OSEP, OSCP, CRTP, and ACP-Sec.

Krecendo's passion for the cybersecurity community extends beyond his professional responsibilities. He has served as a speaker at the HKCSS Protecting Information Assets and Enhancing Employee Information Security Awareness Seminar in 2023, underscoring his commitment to educating others about the importance of cybersecurity.

His current interests focus on cloud security, offensive cloud operations, and configuration reviews. Krecendo continuously evolves his knowledge and skills to stay ahead of emerging threats. His dedication, experience, and leadership in the cybersecurity field make him an invaluable asset to any organization.

Anthony Lai is a security researcher is not only marked by his rich experience and academic excellence but also by his active participation in the global cybersecurity community. With a Ph.D. in Computer Science emphasizing vulnerability and malware analysis, and a suite of prestigious certifications like SANS GXPN, GCIH, Offsec OSEE, CSSLP, and CISSP, he is a beacon of knowledge in the industry. His recognition with the ISLA award further attests to his leadership and expertise.

With over 20 years in the field, Anthony has played a pivotal role in security risk management and auditing for Japanese banking sectors and European listed companies, where he applied his skills to protect against sophisticated cyber threats. His contributions extend to performing extensive code reviews for multinational corporations and government entities, enhancing their security infrastructure. A well-recognized figure at top-tier hacker conferences, he has shared his insights as a speaker at Blackhat, DEFCON, HITCON, HITB, AVTokyo, and VXCON. These platforms have allowed him to disseminate cutting-edge research and practical knowledge, establishing him as an influential voice in cybersecurity circles.

Kenneth is a senior consultant at a local IT security consulting firm, with 15+ years of hands-on experience. He leads a team of ethical hackers to provide professional services to the customers from MNC, government,  to SME. Throughout his experiences, he has reviewed diversed targets such as web/mobile applications, end user devices, robots, and complex systems with multiple components involved. While hacking and breaking stuff (in a good and controlled way) is in his everyday routine, he is also experienced in identifying practical solutions to security problems with risk-based approaches. Kenneth can often be found in local information security community events, where he enjoys having fun with his geeky fellows and friends.

Kelvin Chan is a key member of the Microsoft Windows Kernel Team, spearheading the modernization of the Windows Kernel, Hypervisor, and Hardware Abstraction. His responsibilities encompass enabling next-generation silicon across the Windows Kernel Architecture. This includes areas such as processor power management, OS idle management, CPU feature virtualization, ACPI features enablement and spec iteration, among others.

Prior to his work with the Kernel team, Kelvin played a pivotal role in the Kernel and Firmware Security Research team. He was instrumental in the development of the first generation of the UEFI scanner in the Defender engine. In addition to his contributions at Microsoft, Kelvin has also made significant strides in the field of Game Security Product Research and Development during his tenure at Tencent. His diverse experience and innovative approach make him a valuable asset in the tech industry.

William is a Cybersecurity and CTF enthusiast, mainly focus on Web Exploit, Red Teaming, and Programming.

He worked in UD as a Cyber Security Engineer for three and a half years. He is also interested in reverse engineering, blue teaming, and little gadget design (hardware, PCB).