BSIDES CHARLOTTE 2026 SPEAKERS
BSides Charlotte is proud to have the following folks as speakers this year, both In Person and Virtual. As we strive to do every year since 2020, we had enough talk submissions that we can have a Virtual Track! Please find more information regarding our schedule here.
BSides Charlotte 2026 Keynote Speakers!
Joseph Blume works as a Senior Cybersecurity Advisor for Peraton, supporting the DoW Cyber Defense Command’s J10 Terrain Assessments Division and Cyber Resilience Directorate. Joseph is also a 20-year Army Veteran, a former Field Artilleryman, and now serves as a Cyberwarfare Officer with the South Carolina Army National Guard. Joseph has led several cybersecurity initiatives fostering collaboration to strengthen information-sharing and cyber defense capabilities.
Mr. Rick Chapman is a 23-year Army Veteran and Senior Cybersecurity Engineer at TeamWorx Security. Throughout his career, Ricky has built and led IT and cybersecurity programs focused on training and certification, compliance, and SOC operations. In his role with the South Carolina Army National Guard, he has led tactical teams for the DoW cyber mission and advised state executive leadership teams of cybersecurity best practices for protecting the community. For the past five years at TeamWorx Security, Ricky has leveraged his expertise to build a robust cybersecurity program that supports both internal operations and the company’s broad customer base across the intelligence community, including the DoW and SLTT organizations. He currently leads cybersecurity policy, incident response, and infrastructure support efforts, and direct support for customers through AI-driven analytic and collaboration capabilities. He has also directly trained more than 3000 students in intelligence analysis, cyber threat and hunting techniques, offensive and defensive cyber planning, and malware analysis.
BSides Charlotte 2026 Track Speakers
Aleksa is a first year in college, crippling homelab addict, and lab manager for UNC Charlotte’s 49th Security Division, supporting enterprise servers. They spend what free time they have configuring clusters, building questionable hardware, and running even more questionable software. Their first ever talk was at BSides CLT 2023, being their youngest speaker at 16, and they’ve since enjoyed sharing what little they know at conferences including Queen City Security, Cackalackycon, Defcon704, and more.
Anurag Swarnim Yadav is a security researcher currently working on QubitAC, a platform focused on cryptographic discovery, inventory, and post-quantum cryptography (PQC) readiness. He holds a Ph.D. in Computer Science from the University of Florida, where his research centered on machine-learning–driven vulnerability detection and automated program repair.
Avinash Gajula is a Senior Security Technologist at Uber with deep experience helping organizations identify, prioritize, and remediate security risks at scale. His work spans multiple domains of security, including M&A security due diligence, Customer trust, Vulnerability management, third-party risk management, and threat defense and response. More recently, he has focused on building AI-driven solutions within Security, Risk, and Compliance organizations to improve automation and decision-making.
Chris is an Information Security Consultant based in Charlotte. With deep corporate experience, Chris understands the kinds of risks that organizations face and knows how to help them stay secure from both a technical and non-technical perspective. He has given numerous presentations around the region and is an advocate for personal privacy. He also volunteers his time in the local community by sitting on non-profit Boards and helping both organizations and individuals understand how to stay cyber safe.
Craig Birch is a Principal Technologist at Cayosoft with more than 25 years of hands‑on experience in Active Directory security and architecture. Craig focuses on how real‑world identity misconfigurations and delegated trust lead to compromise. He is also the host of the Guardians of the Directory podcast, where he shares practical lessons drawn from modern identity attacks. Today, Craig will walk us through how Active Directory attack paths actually form and why overlooked combinations matter.
Doug Garbarino is a Lead Cybersecurity Architect at Duke Energy, where he designs and implements security architectures across IT and OT environments for one of the largest energy providers in the country. His work spans multilevel security design, cross-domain solutions, and aligning cybersecurity strategy with both enterprise IT and industrial control systems. Prior to Duke Energy, he served as a Systems Architect at Wells Fargo, leading strategic IT roadmap development, and as an Enterprise Architect at 3D Systems Corporation, contributing to international e-commerce platform deployment. He holds a Master’s degree from Portland State University.
Edgar Freemantle is the founder of Laminar Research, a boutique technology consultancy built on a simple premise: Entrepreneurs, small businesses, and everyday people deserve the same edge the Fortune 500s pay millions for. Laminar operates open-source first, always, building on tools that belong to the people who use them, not the corporations that sell them. Edgar specializes in prescriptive privacy and security: Zero-trust, mesh networks, digital sovereignty, managed GrapheneOS deployments, and self-hosted infrastructure that puts clients back in control of their own digital lives. Recently, he’s been deep in the weeds with AI, local inference, and agentic systems, because he believes the next fight for digital autonomy will be over who owns the intelligence layer. With a career spanning IT, telecom, financial services, retail, and software development, Edgar has spent decades at the intersection of strategy and implementation. He is also an avid but slow runner, a dedicated hiker, and a family man based in Charlotte, NC. He documents none of this on social media.
Metal Snake, or Everett, is a passionate hobbyist ethical hacker. His goal is to eventually become a red teamer and CNO developer. He is currently working toward his CRTO certification and plans to pursue the OSCP as well. So far, he has focused primarily on malware development for Windows environments, but he hopes to move into exploit development soon. One area he would eventually like to research is the exploitation of Intel ME (Management Engine) or AMD PSP (Platform Security Processor). He is also actively looking for work.
Gabriel is a Purple Team and Adversary Emulation Lead for Advanced Services at MorganFranklin Cyber, with hands-on experience spanning GRC, cyber resilience, and time spent as a SOC analyst. Day to day, he leads purple team and adversary emulation exercises for clients across industries, working alongside his counterparts in Advanced Services to bridge the gaps between threat intelligence, detection engineering, and threat hunting.
Jaimeet Singh Suri is a Computer Systems Analyst with 4+ years of experience implementing enterprise IAM solutions across Microsoft Entra ID, Active Directory, and Microsoft 365 environments. Skilled in identity lifecycle management, access governance, Conditional Access, and authentication technologies including SSO, MFA, and federation (SAML, OAuth). Experienced in strengthening identity security, supporting IAM audits, and aligning governance practices with NIST 800-53 and ISO 27001 frameworks.
James Donlon is a penetration tester and red team operator with experience in adversarial emulation and security research.
Jason Gillam is the CIO of Secure Ideas, a security consulting and penetration testing firm. A professional penetration tester and programmer with over 25 years of experience in enterprise software, system architecture, and application security, Jason has held technical leadership roles at both startups and Fortune 100 companies. He is the author of the Burp CO2 and Paramalizer Burp Suite extensions and has contributed to open source security projects including Laudanum and MobiSec. As OWASP project lead for SamuraiWTF and a member of the OWASP Project Committee, he is committed to application security education, responsible AI integration, and embedding security practices throughout the SDLC.
Jeff Goeke-Smith has spent over two decades working for academia in networking, security, and software development. He currently works as a systems architect and systems administrator at a digital humanities research unit. Twenty years of chasing the same problems has culminated in a desire to change the game.
Justin Varner is a seasoned and passionate security professional with over 20 years of experience dating back to his work with NASA on the ISS in 2006 to his current physical security shenanigans and work on quantum cryptology.
With over two decades of expertise in Cyber Security Operations, Levone Campbell stands at the forefront of digital defense as the Cyber Security Lead and Incident Coordinator for his organization. A veteran in Information Technology, Levone has honed his skills to become a formidable expert in Cyber Threat Intelligence and Cyber Crime Espionage, consistently staying ahead of emerging threats in our ever-evolving digital landscape. Levone’s academic prowess is evident in his impressive educational background: Dual bachelor’s degrees in management and marketing from North Carolina A&T State University; Masters in business administration from Walden University; & Masters in technology management from Georgetown University. His commitment to professional growth is further exemplified by his numerous industry-recognized certifications, solidifying his status as a multifaceted cybersecurity leader. Based in Houston, TX, Levone balances his high-stakes career with a fulfilling personal life, sharing 19 years of marriage with his wife Lindsay and raising their two children. This grounding in family life brings a unique perspective to his approach in safeguarding digital assets and fostering a secure cyber environment.
Nick Newell is the Founder of Rival IT, where he focuses on helping organizations leverage AI and modern technology to drive operational efficiency and security resilience. With a background in IT strategy, cybersecurity, and automation, Nick works closely with businesses to translate complex technical challenges into practical, scalable solutions. He is passionate about the intersection of AI and security, and how emerging technologies are reshaping the threat landscape.
Pranay Singh Suri is a cybersecurity engineer with 4+ years of experience securing financial systems, cloud infrastructure, and enterprise environments. He currently works as an Associate Security Engineer at Coalfire Systems, where he designs Zero Trust security architectures, implements identity-based access controls, and builds multi-cloud security frameworks across AWS and Azure. His work includes strengthening threat detection and incident response by integrating SIEM and SOAR platforms such as Splunk Enterprise Security, Cortex XSOAR, and CrowdStrike to improve security visibility and reduce response times across critical workloads. Previously, Pranay worked as a Cyber Security Analyst supporting SOC operations, vulnerability management, and threat detection for large-scale financial systems. He has experience conducting vulnerability assessments using Tenable and Qualys, investigating security incidents through SIEM platforms, and developing automated threat intelligence workflows to improve detection capabilities. Pranay holds an M.S. in Cybersecurity Analytics and Operations from The Pennsylvania State University and a B.Tech in Computer Science Engineering. He is certified in Security+, CCSK, ISO 27001 Lead Auditor, CISA, and eJPT, with expertise spanning cloud security, DevSecOps automation, and compliance frameworks such as NIST, PCI DSS, and SOC 2.
Pravallika (Pravi) Devineni, Ph.D. is a Lead AI Scientist at Duke Energy, where she leads a team building production AI systems across regulated energy infrastructure. Her work spans agentic AI architecture, AI governance frameworks, and security controls for autonomous systems in safety-critical environments. She publishes the AI Briefing Room, a technical series on agentic AI design patterns, security, and governance for enterprise practitioners. She holds a PhD in Computer Science from UC Riverside, with prior research at Department of Energy’s Oak Ridge and Lawrence Livermore National Laboratories.
Srija Reddy Allam is currently working as a Cloud Security Architect at Fortinet, where she partners with global customers to design, architect, and deploy full suite of security solutions in public cloud environments. Srija also serves as the Subject Matter Expert (SME) for Web Application and API Security (WAAP), specializing in protecting modern applications and microservices-driven architectures. She helps organizations implement Web Application Firewall and API protection capabilities to defend against advanced web and API-based attacks. With a focus on AI/ML-driven threat detection and adaptive protection, she enables enterprises to stay ahead of evolving attack techniques while ensuring resilience, application availability, and compliance with global standards such as PCI DSS, HIPAA, and GDPR. Prior to her current role, Srija gained diverse experience working across different industries in the field of network and security.
Stryker is the director of threat analysis at Fable Security, where she translates technical research and qualitative intelligence into the “so what?” and “what now?” solutions that keep more people safe and secure. Before Fable, she produced threat intelligence for GEICO, Blackpoint Cyber, and other cybersecurity vendors. You can often find her playing “Backdoors & Breaches” in the hallway after her talks at DEF CON, SecTor, and Bsides conferences around the United States. Stryker lives in Baltimore, growing parsley for butterflies and algae for shrimp.
Thomas Richards is a principal security consultant with UltraViolet Cyber. Thomas is currently responsible for overseeing UltraViolet Cyber’s infrastructure testing services. He currently holds the Offensive Security Certified Professional (OSCP) certification and has publicly disclosed dozens of vulnerabilities.