Featured Speakers
Adam Meyers
Senior Vice President, Counter Adversary Operations, CrowdStrike
Adam Meyers is Senior Vice President of Counter Adversary Operations at CrowdStrike, leading the company's Threat Intelligence line of business. He directs a globally dispersed team of cyber threat experts tracking criminal, state-sponsored, and nationalist adversary groups, producing actionable intelligence to protect customers. He oversees the development and deployment of AI, machine learning, reverse engineering, and natural language processing to detect and stop sophisticated adversaries. His work combining human intelligence with technology-driven insights continues to transform cybersecurity.
Martin Wendiggensen
AI Research Scientist | PhD Researcher, Dreadnode | Johns Hopkins
Martin Wendiggensen is an AI Research Scientist at Dreadnode and PhD candidate at Johns Hopkins AIST, focusing on how AI is shifting the cybersecurity offensive-defensive balance. He holds a Master's degree in International Relations from Johns Hopkins SAIS and a Bachelor's in Political Science from the University of Mannheim. He has conducted research at NATO, ETH Zurich, and the University of Mannheim, and previously served as a policy advisor to a member of the German Parliament's Foreign Affairs Committee. He also writes a twice-monthly column explaining AI technology for one of Europe's largest newspapers.
Chi-en (Ashley) Shen
Security Research Engineering Technical Leader, Cisco Talos Intelligence Group
Chi-en Shen (Ashley) is a security researcher at Cisco Talos, specializing in emerging threats including APTs, financially motivated crimes, spyware, and mercenary group exploitation. Previously, she worked at Google Threat Analysis Group focusing on zero-day exploit hunting and botnet tracking, and at Mandiant tracking APT groups across APAC. Passionate about supporting women in InfoSec, she co-founded HITCON GIRLS, Taiwan's first security community for women, and organizes Rhacklette in Switzerland. She serves on the review boards for Black Hat Asia, Hacks in the Box, and HITCON, and has spoken at Black Hat, HITCON, FIRST, and CODE BLUE.
Lacie Blythe
Senior Intelligence Analyst, GTAC Vulnerabilities, CrowdStrike
Lacie is a Senior Intelligence Analyst in CrowdStrike's Counter Adversary Operations Global Threat Analysis Cell, specializing in vulnerability intelligence. Her work focuses on tracking emerging vulnerabilities and real-world exploitation trends, providing organizations with clear assessments of the potential impact and risk these evolving threats pose.
Julian-Ferdinand Vögele
Principal Threat Researcher, Recorded Future
Julian-Ferdinand is a Principal Threat Researcher at Recorded Future's Insikt Group, specializing in malware analysis and infrastructure detection. He investigates cybercriminal, state-sponsored, and mercenary spyware operations. He previously worked in offensive security, holds a background in computer science, and is a Virtual Routes fellow.
Jaime Duque
Senior Intelligence Analyst, GTAC Vulnerabilities, CrowdStrike
Jaime is a Senior Intelligence Analyst with CrowdStrike's Counter Adversary Operations Global Threat Analysis Cell. With years of intelligence experience, he provides key insights for long-term strategic assessments by tracking emerging vulnerabilities and exploitation trends, helping organizations maintain decision advantage against adversaries.
Speakers
Tillmann Werner
VP, Intelligence Production, CrowdStrike
Tillmann Werner is VP of Intelligence Production at CrowdStrike, overseeing in-depth analysis, tracking, and reporting of criminal and targeted cyber attacks. He has a passion for proactive defense strategies such as honeypots and botnet takeovers. Werner is actively involved with the global cybersecurity community and is a regular speaker on the international conference circuit.
Hiroshi Takeuchi
Security Researcher, MACNICA
Hiroshi Takeuchi is a security researcher with over 10 years of experience in the industry. His main responsibilities are reverse engineering and incident response within MACNICA, a security service company serving the Asia Pacific and Middle East regions. Alongside his day-to-day work, he has developed internal tools including an intelligence platform, honey network, and Python scripts to support analysis. He writes blog posts and technical reports, and has spoken at security conferences including Virus Bulletin, Botconf, CONFidence, HITCON, and JSAC.
Jonathan Bar Or
Security Researcher, CrowdStrike
Jonathan Bar Or ("JBO") is an information security expert and hacker focusing on binary analysis, vulnerability research, application security, reverse engineering, and cryptography. His research has uncovered critical vulnerabilities impacting millions of users worldwide, shaping security best practices across the industry. Frequently cited by major news outlets, his work has influenced both academia and industry, driving meaningful security improvements. He is also a seasoned public speaker, presenting at top security conferences and sharing deep technical insights on exploitation techniques, mitigations, and emerging threats.
Loucif Kharouni
SVP of R&D & AI Innovation, Auger Security
Loucif Kharouni is SVP of R&D & AI Innovation at Augur Security, leading threat research, engineering, and AI/ML integration across the product portfolio. With over 19 years in cybersecurity and senior roles at ADP, Deloitte, Damballa, and Trend Micro, his work focuses on adversary infrastructure analysis and predictive threat intelligence. His recent research covers Iranian APT targeting of U.S. critical infrastructure, malvertising operations tied to sanctioned bulletproof hosting, and post-sanctions infrastructure rebranding. He has authored more than 30 research papers and has presented at Virus Bulletin, RISE, CERT-EE, TakeDownCon, and ToorCon.
Selena Larson
Staff Threat Researcher, Proofpoint
Selena Larson is a Staff Threat Researcher specializing in tracking advanced cyber threats and emerging adversary behaviors. Her work focuses on deep technical analysis, threat actor profiling, and translating complex security findings into actionable intelligence for defenders. She also hosts two podcasts for security practitioners: DISCARDED and Only Malware in the Building.
Alex Merriam
Sr. Mgr, Global Security - Risk/FSO, CrowdStrike
Alex leads the Insider Risk, Counterintelligence, and Industrial Security Programs at CrowdStrike, ensuring the security and integrity of CrowdStrike's information, employees, and global operations. He also supports threat analytics, security education and awareness, and physical security initiatives. Prior to CrowdStrike, he served as a Senior Industrial Security Representative for the Defense Counterintelligence and Security Agency, overseeing security and insider threat programs across federal contractor companies and academic institutions. He holds a B.A. in Geography from Clark University and is a certified CERT Insider Threat Program Manager.
Anne Marie Zettlemoyer
CSO, Rook9
Anne Marie Zettlemoyer is a cybersecurity executive and advisor with more than two decades of experience building and leading security, threat intelligence, fraud, and risk programs across Fortune 500 companies, high-growth technology firms, government environments, and startups. She specializes in translating adversary intelligence into operational security capabilities across detection engineering, threat hunting, and enterprise security strategy.
Paul Urian
Senior Threat Researcher, CrowdStrike
Paul Urian is a Senior Threat Researcher at CrowdStrike specializing in AI security. With over four years at CrowdStrike and previous experience at Bitdefender and the Ministry of National Defense of Romania, he brings a deep background in malware analysis, reverse engineering, and binary exploitation. His current research sits at the intersection of AI and offensive security — focusing on prompt injection attacks in LLMs and agentic systems, AI vulnerability discovery, and building autonomous systems that can find and exploit vulnerabilities. He is passionate about both securing AI and leveraging AI to advance security research.
Donato Onofri
Principal Red Team Engineer, CrowdStrike
Donato Onofri is a seasoned Red Team Engineer with over fifteen years of experience in reverse engineering, red teaming, threat research, and penetration testing. Passionate about both offensive and defensive cybersecurity, he has worked with industry leaders like CrowdStrike and HPE, as well as governments and financial institutions. His research covers state-of-the-art offensive techniques, malware analysis, and internals, and he holds multiple certifications and recognitions for vulnerability discovery. He has spoken at conferences including Black Hat and AVAR, and is co-author of the book Attacking and Exploiting Modern Web Applications.
Irene K
Security Researcher, CrowdStrike
Irene is a Senior Security Researcher at CrowdStrike's Counter Adversary Operations team, specializing in threat intelligence research with a focus on the Asia Pacific region. Prior to CrowdStrike, she served at Booz Allen Hamilton and the U.S. Army.
SttyK
Threat Intelligence Analyst
SttyK is an Open Source Intelligence Analyst with a background in Dark Web analysis, currently focusing on North Korea's cyber activities. He has presented at AVTOKYO 2023, CYBERWARCON 2024, Black Hat USA 2025, and CODE BLUE 2025.
FAQs
What is Day Zero?
Day Zero is an invite-only threat research summit focused on original, technical cybersecurity research. It brings together a highly vetted group of practitioners working in threat intelligence, reverse engineering, and adversary analysis to share new findings and tradecraft.
When and where is Day Zero?
Day Zero will take place August 30 – September 1, 2026 at Virgin Hotel in Las Vegas.
What is the cost to attend?
Tickets are $895 per person.
How do I get an invite to attend Day Zero?
Click "Apply to attend" at the top of this page. We will be in touch if you have been selected to attend.
Why is Day Zero invite-only?
Day Zero is intentionally limited to approximately 150 highly vetted attendees to maintain a trusted environment for deeper technical discussion and sharing. This format allows speakers to present more sensitive research and enables more meaningful peer interaction.
How long are the talks?
Sessions are either 30 or 45 minutes, depending on the depth and scope of the topic.
What topics are in scope?
Day Zero focuses on original, technical research related to: Threat intelligence, Adversary operations and campaigns, Malware analysis and reverse engineering, Intrusion tradecraft and threat hunting.
Will talks be recorded or streamed?
Talks will not be streamed. Recording is at the discretion of the presenter, allowing them to share sensitive research in a controlled environment.
How many tracks will there be?
The conference will feature a single track in the morning, followed by two parallel tracks in the afternoon focused on denying and disrupting adversaries.