Aaron is an information security and technology engineer who secures Critical National Infrastructure and national interests across the North West of England. He advises Defence, Nuclear and Oil & Gas organisations and implements pragmatic security frameworks for SMEs. His standout achievement is leading an ISO27001 transition to the 2022 standard in seven weeks, and he’s currently supporting SMEs to make meaningful security choices that enable business opportunities.

A student of Computing & IT at The Open University and a member of the British Computer Society, Aaron combines hands‑on technical implementation with governance, compliance and assurance expertise. He focuses on delivering measurable risk reduction, rapid certification readiness, and resilient controls tailored to high‑assurance environments.

Outside work he’s an avid reader, craft‑beer enthusiast and amateur radio operator, volunteering with the Raynet amateur radio emergency communications service.

Alex has worked in within the cyber sector for 6 years in both blue and red team roles across Pe testing and Security Analyst.

Andy has been working in the industry for a little over 15 years, working across the spectrum of red and blue with a short stint of GRC peppered in. A seasoned pentester turned adversarial simulation specialist with deep interests in helping blue teams better understand how to hunt out adversaries in the wild and better his tradecraft in the process. He is also an avid believer in paying it forward and continues to write blog posts and help others in the industry where he can by mentoring, posting, sharing content and trying to enable those around him to improve.

Nuclear Physicist to embedded computing to cyber security, by way of medical imaging and defence. Now working at preschool.

I work in threat intelligence.

Hi there! I am Ehren, a CHECK team member working at KPMG in Leeds (though I am from South Wales!).
I am a huge web application enthusiast and spend alot of my free time researching and studying obscure application vulnerabilties, recently delving into creating labs to demonstrate some of them!
In my spare time I boulder and play competitive counter strike, feel free to chat to me about any of the above!

Gabrielle Hempel is a Security Operations Strategist at Exabeam, specializing in threat intelligence, detection engineering, and AI-driven defense. She holds a master’s degree in cybersecurity/global affairs from NYU and serves as an adjunct professor, bridging academic and real-world security operations. Gabrielle has spoken at industry conferences including Black Hat and DEF CON, and contributes to national cybersecurity efforts through the U.S. Coast Guard Auxiliary and National Guard, where she serves as a Division Chief and Deputy Incident Commander. She is currently pursuing her J.D. with a focus on technology and AI law.

The Hack Glasgow organiser team is made up of:

• Gerard Barrett
• David Carson
• Alice McGready
• Scott McGready
• David McKenzie

Jinto Antony is a Senior Investigator at WithSecure, based in the UK, where he leads digital forensics and incident response engagements. Over a 20-year career, he has investigated intrusions spanning a wide range of threat actors and industry sectors.

His open-source projects and community platforms include Kanvas for incident response case management, Zeek App for threat hunting, OneTracker.org, and BlogTrace.com.

He has presented at the SANS DFIR Summit Europe, Black Hat Europe , CONFidence Conference , and multiple BSides events.

His current research focuses on how generative AI is reshaping the threat actor tradecraft particularly the convergence of AI-generated malicious code across independent threat actors, based on post-incident response engagements.

Ken Munro is Partner and Founder of Pen Test Partners, a firm of ethical hackers. He regularly blogs on everything from ICS issues in maritime security to hacking cars and the Internet of Things. This has led to regular appearances on TV and BBC News online as well as the broadsheet press.

Ken has become a voice for reform and legislative change, briefing UK and US government departments as well as being involved with various EU consumer councils. He has also spoken about ICS and IIoT security issues at various events including the Maritime Cyber Security Summit, and CMA Shipping.

He’s also not averse to getting deeply techie, regularly participating in hacking challenges and demos at RSA, Black Hat, 44CON, DEF CON and BSides amongst others. Ken is also a member of the CVE Board.

Lauren has worked in Digital Forensics across both the public and private sector with roles of data retrieval from digital devices and data analysis.
Outside of work Lauren enjoys dancing, socialising and is slowly learning Italian.

Liam was a Dual CHECK Team Leader and is now a Principal Security Researcher at a global bank, but really just a nerd with a love of hacking web apps. He loves writing tools, training pentesters, and nice Irish whiskey. Not necessarily in that order.

Marie Dubremetz is a research engineer at Uppsala University. She is also an activist within associations (Raoull.org, Fripost.org), to free the web from Big Tech.
As an academic, she has observed from within our institution the invasiveness of Microsoft technology.
Finally, she has a degree in Classics and often plays impro theatre.

Michael is a Product Security Specialist at SAP, working with the SAP Cloud Infrastructure security team. His focus areas include vulnerability management, secrets management, and building secure internal services.
He obtained multiple industry certifications such as OSCP, GCPN, and CISSP. A healthy dose of paranoia led him to explore OSINT and the surprising power of publicly available information. Beyond his day-to-day work, Michael is an active member of the cybersecurity community and helps organize BSides Luxembourg.

rand0h is a co-founder of his local DEF CON group, DEF CON 610 in Easton, Pennsylvania, United States, show-runner of the Whose Slide Is It Anyway contest at DEF CON, & a DEF CON SOC Goon. A hacker & a storyteller, he just does things.

Rishi is a London-based security researcher with experience in vulnerability research, threat intelligence, and enterprise risk analysis. His work focuses on identifying zero-day vulnerabilities and emerging CVEs, with a particular interest in building detection logic before threats are publicly weaponised.

He works across both offensive and defensive disciplines, developing threat models grounded in real-world TTPs, writing detection rules, and automating reconnaissance to uncover exposed assets at scale. Attack surface management and OSINT are areas he keeps coming back to, specifically the challenge of mapping exposure that organisations often don't know exists.

Outside of his day job, Rishi contributes to open source security tooling through Project Discovery and OWASP, part of the leadership team of the UK OSINT Community, and occasionally speaks at community events including DEF CON and BSides.

Ryan Standbridge is a Principal Incident Response consultant at Reliance Cyber who has spent years turning up after things have gone badly wrong. He leads high-severity ransomware, BEC, and intrusion responses, and delivers the IR plans, playbooks, and tabletop exercises that organisations hope they never need.

He's also watched enough incidents unfold to have strong opinions about why most of them were worse than they needed to be, and it's rarely a tooling gap.

Scott McCracken is a Principal Solutions Engineer at Wiz, specialising in Cloud Security, Threat Detection and Response, and Runtime Security. His career spans software engineering, DevOps, cloud architecture, and security, helping organisations design, scale, and defend modern cloud environments.
Scott is particularly interested in the messy intersection between cloud infrastructure, runtime behaviour, and software supply chain risk, where theoretical security controls meet real-world attacker tradecraft. Outside of work, you’ll usually find him running trails and exploring the mountains.

I am a cyber threat intelligence analyst in the aviation sector, currently based in Yorkshire. I have been in the aviation sector for four years (with hopes to being in it for years to come). I think planes are cool and I like talking about them... also the best plane is the Concorde (R.I.P Supersonic Bird of Prey), which would of been 50 years old this year :(

I'm a PhD student studying IPv6 at University of Glasgow. I also worked as a SOC analyst then as a threat hunter in industry alongside my studies.