Meet the Program Committee
We have a group of well respected industry professionals joining us for the 2026 [un]prompted.au program committee.
-
Mark Dowd is the co-founder of Vigilant Labs, and of Unprompted.au (the Australian subsidiary of the US Unprompted conference run by Gadi Evron). Prior to that, he co-founded Azimuth Security (now L3Harris Trenchant) and was an author of “The Art of Software Security Assessment”. He has spent most of his career as a researcher and has uncovered major vulnerabilities in server software, browsers, and mobile platforms.
-
Aaron “dyn” Grattafiori is a Principal Offensive Security Researcher focused on AI at NVIDIA. Prior to this he was an AI Red Teaming lead at Meta. Before that, he spent over six years leading the “cyber” Red Team performing full-scale Operations against a wide array of real world objectives. Before working at Meta, Aaron was a Principal Consultant at NCC Group/iSEC Partners for many years hacking all the things. Aaron has spoken on a wide range of topics at security conferences such as unprompted US, Offensive AI Con, BlackHat US, DEF CON, Enigma, Toorcon, Red Team Summit and more. Aaron can also be found on the slopes, the garage working on an old car or hiking the front range of Colorado.
-
Kylie McDevitt is the CEO of InfoSect, an Australian security research and training company specialising in vulnerability research and exploit development. She has over a decade of experience in the Australian Signals Directorate, where she worked across a range of technical and leadership roles. Kylie is a co-founder and organiser of BSides Canberra, Australia's largest hacker conference, and runs CSides, a monthly technical meetup focused on building the local cyber security community. She is passionate about supporting deep technical research and fostering collaboration across the Australian security ecosystem.
-
Gadi Evron is Founder and CEO at Knostic, an AI agent security company, CISO-in-Residence for AI at CSA, and chairs the [un]prompted conference. Previously, he founded Cymmetria (acquired), was the Israeli National Digital Authority CISO, founded the Israeli CERT, and headed PwC's Cyber Security Center of Excellence. He wrote the post-mortem analysis of the "First Internet War" (Estonia 2007), founded some of the first information-sharing groups (TH-Research, 1997, DA/MWP, 2004), wrote APT reports (Rocket Kitten - 2014, Patchwork - 2016), and the first paper on DNS DDoS Amplification Attacks (2006). Gadi has written two books on cybersecurity, is a frequent contributor to industry publications, and speaker at industry events, from Black Hat (2008, 2015) to Davos (2019) and CISO360 (2022).
-
Window Snyder is founder and CEO of Thistle Technologies. A leading cybersecurity expert, she has built and led security programs at major technology companies including Fastly, Square, Intel, Apple, Mozilla and Microsoft.
She is co-author of Threat Modeling and a frequent keynote speaker on topics including device security, software supply chain integrity, and securing AI systems.
Her work has been recognized with the IEEE Cybersecurity Award for Practice.
-
Thomas Ptacek is a principal at Fly.io and cohost of the Security,
Cryptography, Whatever podcast.
-
Ryan Stortz has over 20 years experience in reverse engineering, vulnerability research, program analysis, and is pretty good at the computers. Lately, he's been focused on Mac and iOS endpoint security.
Mark Dowd
-
Casey is best-known for founding Bugcrowd and co-founding The disclose.io Project. He has spent nearly 30 years inventing things, hacking things, and generally getting technology to do things it isn't supposed to do. A Sydney native based in the San Francisco Bay Area, his current work intersects offensive security, AI, policy, and startups.
-
Mark Dowd is the co-founder of Vigilant Labs, and of Unprompted.au (the Australian subsidiary of the US Unprompted conference run by Gadi Evron). Prior to that, he co-founded Azimuth Security (now L3Harris Trenchant) and was an author of “The Art of Software Security Assessment”. He has spent most of his career as a researcher and has uncovered major vulnerabilities in server software, browsers, and mobile platforms.
-
Gadi Evron
-
Maria Markstedter is the founder of the security training company Azeria Labs. She has spent her career focused on all things Arm, from reverse engineering to exploit development, sharing her passion for the architecture by teaching thousands of people around the world, both for free and through her highly specialized and popular courses. She is the author of the book Blue Fox: Arm Assembly Internals & Reverse Engineering (Wiley, 2023).
Maria has delivered keynote speeches at various conferences, including the Arm Research Summit and Black Hat USA 2023. Her work has earned her recognition as a Forbes "30 Under 30" honoree (2018) and Forbes Person of the Year in Cybersecurity (2020). Beyond her technical research, she serves on the Cybersecurity Advisory Committee for the fashion-conglomerate Inditex, and is an Adjunct Professor at Johns Hopkins SAIS
-
Gadi Evron is Founder and CEO at Knostic, an AI agent security company, CISO-in-Residence for AI at CSA, and chairs the [un]prompted conference. Previously, he founded Cymmetria (acquired), was the Israeli National Digital Authority CISO, founded the Israeli CERT, and headed PwC's Cyber Security Center of Excellence. He wrote the post-mortem analysis of the "First Internet War" (Estonia 2007), founded some of the first information-sharing groups (TH-Research, 1997, DA/MWP, 2004), wrote APT reports (Rocket Kitten - 2014, Patchwork - 2016), and the first paper on DNS DDoS Amplification Attacks (2006). Gadi has written two books on cybersecurity, is a frequent contributor to industry publications, and speaker at industry events, from Black Hat (2008, 2015) to Davos (2019) and CISO360 (2022).
-
Aaron “dyn” Grattafiori
-
Aaron “dyn” Grattafiori is a Principal Offensive Security Researcher focused on AI at NVIDIA. Prior to this he was an AI Red Teaming lead at Meta. Before that, he spent over six years leading the “cyber” Red Team performing full-scale Operations against a wide array of real world objectives. Before working at Meta, Aaron was a Principal Consultant at NCC Group/iSEC Partners for many years hacking all the things. Aaron has spoken on a wide range of topics at security conferences such as unprompted US, Offensive AI Con, BlackHat US, DEF CON, Enigma, Toorcon, Red Team Summit and more. Aaron can also be found on the slopes, the garage working on an old car or hiking the front range of Colorado.
-
Kylie McDevitt
-
Michael Coppola is a Co-Founder and Principal Security Researcher at Catalyst Security. He previously worked at Azimuth Security (now L3Harris Trenchant) and has nearly 20 years of vulnerability research experience. Michael is based in NYC and his main focus areas include mobile exploitation and using AI to automate bug discovery.
-
Kylie McDevitt is the CEO of InfoSect, an Australian security research and training company specialising in vulnerability research and exploit development. She has over a decade of experience in the Australian Signals Directorate, where she worked across a range of technical and leadership roles. Kylie is a co-founder and organiser of BSides Canberra, Australia's largest hacker conference, and runs CSides, a monthly technical meetup focused on building the local cyber security community. She is passionate about supporting deep technical research and fostering collaboration across the Australian security ecosystem.
-
Thomas Ptáček
-
Thomas Ptacek is a principal at Fly.io and cohost of the Security,
Cryptography, Whatever podcast. -
Ryan Stortz
-
Ryan Stortz has over 20 years experience in reverse engineering, vulnerability research, program analysis, and is pretty good at the computers. Lately, he's been focused on Mac and iOS endpoint security.
Window Snyder
-
Window Snyder is founder and CEO of Thistle Technologies. A leading cybersecurity expert, she has built and led security programs at major technology companies including Fastly, Square, Intel, Apple, Mozilla and Microsoft.
She is co-author of Threat Modeling and a frequent keynote speaker on topics including device security, software supply chain integrity, and securing AI systems.
Her work has been recognized with the IEEE Cybersecurity Award for Practice.
-
Casey Ellis
-
Casey is best-known for founding Bugcrowd and co-founding The disclose.io Project. He has spent nearly 30 years inventing things, hacking things, and generally getting technology to do things it isn't supposed to do. A Sydney native based in the San Francisco Bay Area, his current work intersects offensive security, AI, policy, and startups.
-
Maria Markstedter
-
Maria Markstedter is the founder of the security training company Azeria Labs. She has spent her career focused on all things Arm, from reverse engineering to exploit development, sharing her passion for the architecture by teaching thousands of people around the world, both for free and through her highly specialized and popular courses. She is the author of the book Blue Fox: Arm Assembly Internals & Reverse Engineering (Wiley, 2023).
Maria has delivered keynote speeches at various conferences, including the Arm Research Summit and Black Hat USA 2023. Her work has earned her recognition as a Forbes "30 Under 30" honoree (2018) and Forbes Person of the Year in Cybersecurity (2020). Beyond her technical research, she serves on the Cybersecurity Advisory Committee for the fashion-conglomerate Inditex, and is an Adjunct Professor at Johns Hopkins SAIS. -
Michael Coppola
-
Michael Coppola is a Co-Founder and Principal Security Researcher at Catalyst Security. He previously worked at Azimuth Security (now L3Harris Trenchant) and has nearly 20 years of vulnerability research experience.
Michael is based in NYC and his main focus areas include mobile exploitation and using AI to automate bug discovery. -
Submit your paper via Sessionize here
