Past SAINTCON Keynote Speakers


2021 Keynote Speaker

The Lock Picking Lawyer is one of the most well-known names in the world of lock picking and covert entry. He is best known for his extremely popular, eponymous YouTube channel. This channel features over 1,000 videos exposing weaknesses and defects found in locking devices so that consumers can make better security decisions. What’s less well-known is that he also works with lock manufacturers to improve their products, private companies to improve their security, tool-makers to improve their products, and government agencies. As his name suggests, the Lock Picking Lawyer was a business litigator for nearly 15 years, but recently retired from practicing law to devote all of his time to security work.

2021 Keynotes

Sherri Davidoff

2019 Keynote Speaker

Sherri Davidoff is the CEO of LMG Security and BrightWise, Inc. As a recognized expert in cybersecurity and data breach response, Sherri has been called a ”security badass” by The New York Times. She has conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC, and many more. She is a faculty member at the Pacific Coast Banking School, and an instructor for Black Hat, where she teaches her “Data Breaches” course. She is also the co-author of Network Forensics: Tracking Hackers Through Cyberspace (Prentice Hall, 2012), a noted security text in the private sector and a college textbook for many cybersecurity courses. Sherri is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in Computer Science and Electrical Engineering from MIT. She has also been featured as the protagonist in the book, Breaking and Entering: The Extraordinary Story of a Hacker Called “Alien”.

Russ Rogers

2019 Keynote Speaker

Russ is a hacker/researcher with 30+ years experience in hacking, coding, exploits, pentesting, red teaming, and forensics. He was Program Chair for a NetSec degree program for 13 years and retired as Chief of Operations from DEF CON in 2016, after 19 years on staff; and still participates on the Black Hat Training Review Board. Russ is an author, co-author, contributor, or technical editor on 20+ books on hacking and security, and was Executive Producer on the DEF CON Documentary. Russ has five degrees, including a B.S. in Game Programming related to his research into applied virtual worlds, and an Honorary Doctorate. Russ is currently part of MS’ Detection and Response Team (DART) providing Incident Response services to key Microsoft customers.

Rachel Tobac

2019 Keynote Speaker

Rachel is the CEO of SocialProof Security where she helps people and companies keep their data safe by training and pentesting them on social engineering risks. Rachel was also a winner of DEF CON’s wild spectator sport, the Social Engineering Capture the Flag contest, 3 years in a row. Rachel has shared her real life social engineering stories with NPR, Huffington Post, Business Insider, TWiT, USA Today and many more. In her remaining spare time, Rachel works as the Chair of the Board for the nonprofit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields.

2019 Keynotes

Bonnie Anderson

2018 Keynote Speaker

Bonnie Brinton Anderson is the Douglas and Effie Drigss Professor of Information Systems in the Marriott School of Business at Brigham Young University. She also serves as the department chair of the Information Systems Department. She has been at BYU since receiving her PhD from Carnegie Mellon University in 2001. In addition to teaching classes on user experience design and technical leadership, Dr. Anderson is currently engaged in research in the intersection of neuroscience (fMRI, EEG, eye-tracking) and behavioral information systems security. Dr. Anderson and her colleagues use these neurophysiological tools to examine not only how computer users respond to computer security messages, but also why users respond the way they do. Her work is funded by the National Science Foundation and the White House Brain Initiative as well as a Google Faculty Research Grant. She has presented her work internationally and published in MIS Quarterly, Information Systems Research, and other top journals. Dr. Anderson has a husband and four daughters. Her hobbies include traveling, playing the harp, family activities and the occasional shark encounter.

Richard Thieme

2018 Keynote Speaker

Richard Thieme ( is an author/professional speaker who addresses challenges posed by new technologies, how to redesign ourselves to meet these challenges, and creativity in response to radical change. His speaking generally addresses “the human in the machine,” technology-related security and intelligence issues as they come home to our humanity. He has published hundreds of articles, dozens of stories, five books, and has delivered hundreds of speeches. When a friend at NSA said, “The only way you can tell the truth is through fiction,” he returned to writing short stories (35 published) and “Mind Games,” a collection of nineteen stories about anomalies, infosec, professional intelligence and edgy realities, was published in 2010. Many speeches address creativity, shifts in identities, and technology-related security and intelligence issues. He spoke in 2017 at Def Con for the 22nd year. He has keynoted conferences around the world and clients range from GE, Microsoft, Medtronic, and Johnson Controls to the NSA, FBI, US Dept of the Treasury. Los Alamos Lab, and the US Secret Service.
2018 Keynotes

Ryan Clarke

2017 Keynote Speaker

DEF CON Mystery Challenge creator and badge designer. Curator and consumer of fine puzzles, cryptography, synthesizers, and so much more.

Melanie Ensign

2017 Keynote Speaker

Melanie spent time at Facebook and Uber developing relationships between her passion, public relations, and the security teams at those businesses.

Neil Wyler “Grifter”

2017 Keynote Speaker

Neil has been a part of DEF CON and Black Hat for two decades, and speaks during conventions all over the world. DEF CON Myster Challenge winner several times, and serial troublemaker since he found out what phreaking was in the mean streats of NY.
2016 Keynotes

Clutch and Crypt

2016 Keynote Speakers

Two members of the Curious Codes crew, who spread the gospel of cryptography, codes, puzzles, riddles, and other ways to encode and obfuscate. They run a company who has done work for [REDACTED] and consult with businesses large and small.

Georgia Weidman

2016 Keynote Speaker

In this talk, Shevirah Founder and CTO Georgia Weidman will discuss strategies for security and audit professionals to update their penetration and vulnerability assessment approaches to reflect the reality of Mobility. Topics covered will include: – Blind spots in Enterprise audit and assessment programs – Penetration testing strategies to peer into these blind spots – What role vulnerability assessment programs play in mobile and cloud – Emerging trends in mobility and the IoT

2017 Keynotes

Dan Bowden

2015 Keynote Speaker

“The important thing about security systems isn’t how they work, it’s how they fail” — Cory Doctorow, Little Brother

Is your security program a success or failure? Are those terms defined? Does everyone in your organization share the same opinion? There are numerous reasons security programs and systems fail. This discussion will cover key aspects of security risk management, and how those may help define success and mitigate failure.

Don Welch

2015 Keynote Speaker

The threat to enterprises across the Internet from cyber attacks is changing. Attackers have become more skilled, better organized and better resourced. Higher education has become the target for national intelligence agencies, cyber criminal gangs, and hacktavists. Higher education institutions and especially research institutions have what these groups want and it is worth their effort to get the information. Meeting these threats requires a different strategy. During the 20th century most institutions adapted a “perimeter” defense strategy. This approach fell short as the threat evolved. Conventional wisdom evolved to a “defense in depth” strategy, forcing attackers to breach many layers of defense. Still, this required the defender to be strong everywhere and the attacker to be able to concentrate his effort. In the last few years our understanding has changed and many are adopting an “intelligence-driven kill chain” defense. This approach acknowledges that intrusions are inevitable, but flips the paradigm in that a defender only has to be successful once while the attacker must succeed every step on the chain to successfully complete an attack.

Seth Johnson

2015 Keynote Speaker

We all run software in various parts of our lives, and out of date software is a vulnerability as well as a liability.

Sometimes we tell ourselves that we are more secure or more stable by deferring or ignoring these updates.

In this presentation I will explain my formula for performing updates regularly while avoiding pitfalls and issues.

I will also explain how these principles work in real life using example cases.

Theresa Semmens

2015 Keynote Speaker

What is your institution’s posture on cybercrime and espionage? Does your campus have the tools in place protect against the “smash and grab,” “dirt jumpers,” “waterholing,” “living off the land,” “packing” and “fluxing” ploys and techniques currently being used against cyber infrastructure and users? The REN-ISAC community is able to assist institutions with vulnerability and threat prediction, detection, prevention and remediation through an arsenal of tools and an extensive library of knowledge. REN-ISAC’s mission is to aid and promote cybersecurity operational protection and response within the research and higher education (R&E) communities. The mission is conducted through private information sharing within a community of trusted representatives at member organizations, and as a computer security incident response team (CSIRT) supporting the research and education community at-large. When REN-ISAC alerted institutions to the POODLE vulnerability is an example of a situation that provided many institutions the means to strengthen their security posture, protect their assets and promote security awareness on their campus.

Thomas Cheatham

2015 Keynote Speaker

Security considerations are becoming a bigger concern in research computing with increasing usage of IT infrastructure in health sciences research and also as a result of emerging research data mandates at the national level. Moving and managing data securely and sharing resources across institutions adds complexity to the environment and has significant security and compliance implications. This presentation will talk about the development of the “protected environment” at Utah and challenges of export control and FISMA compliance at the university level and beyond.

Troy Jessup (jup1t3r)

2015 Keynote Speaker

Troy is one of the SAINTCON and UtahSAINT founders, and continues to be the driving force behind the conference and organization. He’s relentless in his passion for the community, including being a part of the DEF CON security conference and as part of a CTF organizing team.

2015 Keynotes