Speaker: Shubham Shah

Security Analyst @BishopFox
Shubham Shah is a Security Analyst at Bishop Fox, a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. Shubham’s primary areas of expertise are application security assessment, source code review, and mobile application security. Shubham is a former bug bounty hunter who has submitted high-critical risk bugs to the bug bounties of large corporations such as PayPal, Facebook, and Microsoft. The InfoSec Institute named him as one of “Fifteen Famous Bug Bounty Hunters.” He regularly conducts web application security research and frequently contributes to the security of open-source projects. He has presented at Ruxcon, Wahckon and Kiwicon. Shubham is known in Australia for his identification of high-profile vulnerabilities in the infrastructures of major mobile telecommunication companies. Prior to joining Bishop Fox, Shubham worked at EY. At EY, he performed web application security assessments and application penetration tests. Additionally, Shubham has been a contractor for companies such as Atlassian. As a contractor, he conducted external web application security penetration tests. Shubham also develops and maintains open-source projects such as Websec Weekly that assist the web application security industry.

Find Shubham Shah at

Talk: Nihilist’s Guide to Wrecking Humans and Systems

Other talks from the same track

Author of The Core Protocols: A Guide to Greatness
Security at Slack Technologies, Inc
Penetration Tester & Social Engineer @BishopFox
Founder & CSO @SignalSciences, Previously @Etsy


Covering innovative topics

Monday, 7 March

Tuesday, 8 March

Wednesday, 9 March