Program Overview

All times are listed in Central Standard Time – San Mexico City, CDMX, Mexico (GMT-6)

• TLP:GREEN

  Advanced Signals: NextGen Threat Hunting using Active and Passive DNS and Internet NetFlow Telemetry

  Ed Gibbs (WHOIS), Ernesto Guzmán (Digital Forensics Incident Response and ES Consulting)

  Ed Gibbs, is a seasoned cybersecurity executive with WHOISXMLAPI.Com and a Forbes Technology Council member. With decades of experience spanning roles at Cisco, McAfee, Symantec, and most recently leading technical and research efforts at WhoisXML API, Ed has cultivated a reputation for advancing cyber threat intelligence, DNS analytics, and internet infrastructure security. His work involves spearheading domain and subdomain discovery techniques, overseeing passive DNS research, and managing complex security data ecosystems used by governments, cybercrime units, and market researchers globally. As an accomplished team leader, Ed has built and led diverse groups of security professionals and researchers while fostering collaborations with internet registrars and infrastructure providers to combat abuse and elevate security standards. Ed brings a deep well of knowledge on security operations, firewalls, VPNs, and cutting-edge threat intelligence methodologies. His insights into DNS and domain-based research especially how passive DNS and domain enrichment can expose malicious activity make him an ideal guest for discussions on emerging cyber threats, operational security challenges, and innovations in managing external attack surfaces. Whether it's discussing AI's role in cybersecurity, sharing real-world insights from enterprise security leadership, or examining the future of DNS infrastructure, Ed delivers compelling, informed perspectives tailored for both technical and strategic audiences.

  Ernesto Guzmán leads the Digital Forensics and Incident Response team at ES Consulting, bringing more than 15 years of experience in technology, cybersecurity, and digital forensics. He holds certifications as ISO/IEC 27035 Lead Incident Manager, ISO/IEC 27001 Lead Auditor, ISO/IEC 9001 Lead Auditor, Certified Ethical Hacker (CEH), among other international credentials.

  Throughout his career, he has successfully led critical incident response operations and complex forensic investigations, strengthening his expertise in digital asset protection, threat intelligence, and comprehensive security incident management. His work includes the development of practical methodologies for forensic analysis and data recovery, enhancing organizational resilience after security incidents. Currently, he leads the cyber defense team at ES Consulting, driving advanced strategies for digital resilience and incident management aligned with international standards.

  October 27, 2025 11:00-11:50

•  USTLP:GREEN

  Agentic CTI: Automating Threat Intelligence with MCP-Powered AI Agents

  Ensar Şeker (SOCRadar, US)

  Ensar Şeker received his undergraduate and graduate degrees in Electronics and Computer Engineering at New York Tech. He continued his academic career by pursuing a Ph.D. in Information and Communication Technologies at TalTech (Tallinn University of Technology). He began his professional journey in the United States as an IT Specialist at Solaris between 2010 and 2013. Subsequently, he served as the Head of the IT Department at Turkish Petroleum Corporation (TPAO) in Turkey from 2013 to 2015. In 2016, Ensar took on an important role as a security researcher at the NATO Cooperative Cyber Defense Centre of Excellence (CCD COE) in Tallinn, Estonia, a role he held until 2018. Additionally, from 2015 to 2021, he continued his role as a senior researcher at the Turkish Scientific Council. Since 2021, he has held various roles in cyber security firms, including leadership positions in the Blue Team and Red Team and roles such as VP of Research and CISO at SOCRadar.

  October 28, 2025 09:00-10:50

• TLP:CLEAR

  Are You Talking to Me? Tailoring CTI Communication for Maximum Impact

  Demian García (CTI Analyst Sr)

  Demian García, CTI Analyst Sr, is a cybersecurity professional with over 12 years of experience, specializing in Cyber Threat Intelligence to support digital forensics and incident response (DFIR), threat detection, data loss prevention, and insider threat investigations. Passionate about knowledge sharing, Demian is also dedicated to mentoring and teaching the next generation of cybersecurity professionals. In his free time, he serves as a professor at the largest university in Mexico.

  October 28, 2025 12:15-13:00

• TLP:CLEAR

  Beyond Incident Reponse: Mastering the Art of Cyber Crisis Forecasting

  Maricarmen García de Ureña (Secure Information Technologies)

  Maricarmen García de Ureña is a seasoned entrepreneur, international consultant, speaker, and official Instructor/Spokesperson for bsi (British Standards Institution) on numerous ISO standards, including ISO 27001, ISO 27035, ISO 22301, ISO 31000, ISO 42001 and ISO 27701. With 34 years of experience in the field, she is a recognized expert in Information Security, Personal Data Protection, Business Continuity, Risk Management, and Organizational Resilience. She is the Founder and CEO of Secure Information Technologies, a consultancy firm with a strong presence across the Americas. Academically, she holds an IT Service Administration Master's degree from Universidad IBERO.

  Her expertise is critical in the global cybersecurity ecosystem; she is an active member of various associations WOMCY, OMCS, ISACA, AMCS, ALAPSI). Her contributions were recognized with the Top Women in Cybersecurity Award for the LATAM and USA regions in 2021 and 2022. Furthermore, she is a certified expert witness (Perito Profesional) in cybersecurity and intelligence for the investigation of technology-related crimes, and she delivers regular academic lectures at major universities, focusing on IT Governance, Information Security, and Risk Systems.

  October 27, 2025 15:00-15:50

• TLP:CLEAR

  Building a Threat Landscape: The Foundation of an Effective Cybersecurity Strategy

  Juan Muñoz (Infomatec)

  Juan Muñoz, CISO (Infomatec), is Chief Information Security Officer at a leading Financial Group in Mexico. Specialized in Cybersecurity, with more than 20 years of experience in different sectors in Mexico and the United States. Beyond his professional role, He is passionate about bridging the gap between executive leadership and Cybersecurity, focusing on monetizing risk to build awareness at the board level. Currently, Juan is focused on creating Cybersecurity strategies for financial services organizations in Mexico.

  October 28, 2025 13:00-13:50

• TLP:GREEN

  Communicating and Reporting

  Marc Lanzerdorfen (Trend Micro)

  Marc Lanzerdorfen is a seasoned cybersecurity professional currently serving as a Senior Incident Response Analyst at Trend Micro, where he has been a vital member of the European Incident Response Team for the past six years. With a strong background in incident response and digital forensics, Marc brings deep technical expertise and analytical precision to handling complex security incidents across the region. Before stepping into his current role, Marc worked as a Senior Technical Trainer at Trend Micro, where he delivered in-depth training sessions to both internal teams and external clients. His passion for knowledge sharing and education continues to be a driving force in his career, as he remains committed to empowering others through skill development and cybersecurity awareness. Marc’s professional interests lie at the intersection of threat detection, forensic investigation, and proactive defense strategies, making him a trusted expert in the field.

  October 29, 2025 16:00-16:45

• TLP:GREEN

  From Breadcrumbs to Breaches: OSINT in the Heat of Incident Response

  Evelyn Hernández (Sr. Cyber Threat Intelligence Analyst)

  Evelyn Hernández, Sr. Cyber Threat Intelligence Analyst, is a Computer Engineer graduated from FES Aragón, UNAM, México, with over 9 years of experience in the cybersecurity field. Currently working as a Cyber Threat Intelligence Analyst, specializing in the detection and analysis of digital threats. Holding a Diploma in Information Security and a certification in Open Source Intelligence (GOSI - OSINT). I have been speaker at events such as NotPinkCon Security Conference and BugCON contributing to the dissemination of knowledge in cybersecurity and technology.

  October 28, 2025 15:35-16:30

• TLP:GREEN

  How to Become One of Them

  Sean Jones (Groupsense, cognyte)

  Sean Thomas Jones is a highly accomplished Senior Information Security Professional with extensive experience across information technology and cybersecurity. Recognized for his analytical precision, innovative problem-solving, and steady leadership, he has built and implemented tools and automation processes that have enhanced efficiency and strengthened organizational resilience. Guided by strong principles and a sense of purpose, Sean consistently delivers reliable, forward-thinking solutions that safeguard organizations in a constantly evolving digital landscape. Beyond his professional accomplishments, Sean values integrity, family, and meaningful leadership. He approaches both work and life with humility, service, and gratitude—striving to elevate others while maintaining excellence in everything he does. This purpose-driven mindset defines his reputation as a trusted cybersecurity leader and a person dedicated to creating lasting, positive impact.

  October 28, 2025 11:00-11:50

• TLP:GREEN

  How to Cook Hora-bot... The Long and Slow Way.

  David Martin (CERT Arteria)

  David Martin is a dedicated and creative professional with +10 years of experience. He is passionate about technology, security, intelligence, hacking and cryptography. He is a strategic/analytic thinker with skills and experience in leadership and teamwork. He has a Master’s degree in Cybersecurity and a Cybersecurity Specialist degree, (both graduated with honors) from La Salle University. He has extensive experience in Cyber Threat Intelligence (CTI), has founded Computer Emergency Response Teams (CERTs) and achieved FIRST (Forum of Incident Response Security Teams) international certification for it, he is also a member of Special Interest Group CTI-SIG on FIRST. He has experience working with financial entities and National Bank Guilds. He holds several certifications from DEF-CON, U.S. Homeland Security, I-intelligence and UNAM among others. He is a lifelong martial artist and an eternal student of the Warrior's Path, from which he has acquired the discipline and focus that he applies in every other realm of his life. Top Skills: Cyber Security, Strategic Thinking, Cyber Threat Intelligence & analysis, Cryptography and Ethical Hacking.

  October 27, 2025 13:00-13:50

•  MXTLP:CLEAR

  Incident Response: Making It Everyone’s Business

  Juan Pablo Castro (Trend Micro, MX)

  Juan Pablo Castro es Director de Innovación Tecnológica y Estrategia de Ciberseguridad en Trend Micro Latinoamérica, con más de 20 años de experiencia en ciberseguridad, ciber riesgo y privacidad de datos. A lo largo de su carrera, ha guiado a organizaciones en la implementación de estrategias de ciberseguridad en un panorama de amenazas en constante evolución. Colabora con organismos internacionales como INTERPOL y la OEA, y trabaja estrechamente con entidades gubernamentales y cuerpos de seguridad especializados en cibercrimen en distintos países de Latinoamérica. Su enfoque está en desarrollar soluciones innovadoras para los sectores gubernamental, financiero y de seguridad nacional. Además de su rol en la industria, Juan Pablo ha sido profesor en programas de maestría en ciberseguridad y blockchain en tres prestigiosas universidades. También es el creador de varios conceptos clave en el sector, como el Cybersecurity Compass, el Ciclo de Gestión de Riesgos Cibernéticos (CRML) y el Centro de Operaciones de Riesgos Cibernéticos (CROC), los cuales han influido en las mejores prácticas de la industria. Como conferencista, Juan Pablo ha participado en numerosos eventos en toda Latinoamérica, compartiendo su visión y experiencia con sectores clave como el financiero, gubernamental y académico, destacando siempre la importancia de la ciberseguridad para organizaciones e individuos.

  October 27, 2025 10:00-11:00

•  MXTLP:GREEN

  Know Your Enemy: Unveiling the Most Prevalent TTPs in Latin America 2025

  Arturo Torres (FortiGuard Labs , MX)

  Arturo Torres es Director de FortiGuard Labs LATAM, liderando estrategias de ciberseguridad y análisis de inteligencia de amenazas en la región de América Latina y el Caribe. Desde este rol, ha llevado a cabo investigaciones sobre el panorama de amenazas, generando informes trimestrales con alcance nacional e internacional, citados en medios de seguridad y tecnología, así como en prensa tradicional. Además, dirige el programa de intercambio de inteligencia de amenazas de FortiGuard para LATAM. Cuenta con múltiples certificaciones en ciberseguridad, incluyendo CISSP, CEH, CTIA, MITRE ATT&CK, entre otras. Además de su trayectoria en la industria, Arturo es un reconocido académico y líder en educación en ciberseguridad. Es coordinador de la Maestría en Ingeniería en Seguridad de la Información en la Universidad Autónoma de Nuevo León (UANL), una de las más prestigiosas de México. Posee una Maestría en Administración, Negocios y Relaciones Industriales, así como un Doctorado en Ingeniería y Tecnologías de la Información con especialidad en Inteligencia Artificial. Ha participado como conferencista y autor en diversos foros tecnológicos y de ciberseguridad en el ámbito académico, empresarial e industrial, incluyendo OWASP LATAM, CICESE, DEF CON Porto Alegre, EkoParty, DragonJAR y la European Alliance for Innovation (EAI).

  October 28, 2025 14:45-15:35

•  RUTLP:GREEN

  Privacy Digital Identity by Criminal Eyes: Insights From Russian-Speaking Underground

  Vladimir Kropotov (Trend Micro, RU)

  Vladimir Kropotov is an Advisor and principal researcher with the Trend Micro Forward-Looking Threat Research team. Active for over 20 years in information security projects and research, he previously built and led incident response teams at Fortune 500 companies. He holds a master's degree in applied mathematics and information security. He also participates in various projects for leading financial, industrial, and telecom companies. His main interests lie in cyber and business risks of the new technologies, strategic threat intelligence, incident response, and botnet and cybercrime investigations. Vladimir was a speaker at a variety of cyber security events, including BHEU, BHAsia, HITB, hack.lu, FIRST and others.

  October 27, 2025 12:15-13:00

• TLP:GREEN

  Session: Introduction and Recent Case Example

  Marc Lanzerdorfen (Trend Micro)

  Marc Lanzerdorfen is a seasoned cybersecurity professional currently serving as a Senior Incident Response Analyst at Trend Micro, where he has been a vital member of the European Incident Response Team for the past six years. With a strong background in incident response and digital forensics, Marc brings deep technical expertise and analytical precision to handling complex security incidents across the region. Before stepping into his current role, Marc worked as a Senior Technical Trainer at Trend Micro, where he delivered in-depth training sessions to both internal teams and external clients. His passion for knowledge sharing and education continues to be a driving force in his career, as he remains committed to empowering others through skill development and cybersecurity awareness. Marc’s professional interests lie at the intersection of threat detection, forensic investigation, and proactive defense strategies, making him a trusted expert in the field.

  October 29, 2025 09:00-11:15

• TLP:GREEN

  XDR-Driven Incident Response

  Marc Lanzerdorfen (Trend Micro)

  Marc Lanzerdorfen is a seasoned cybersecurity professional currently serving as a Senior Incident Response Analyst at Trend Micro, where he has been a vital member of the European Incident Response Team for the past six years. With a strong background in incident response and digital forensics, Marc brings deep technical expertise and analytical precision to handling complex security incidents across the region. Before stepping into his current role, Marc worked as a Senior Technical Trainer at Trend Micro, where he delivered in-depth training sessions to both internal teams and external clients. His passion for knowledge sharing and education continues to be a driving force in his career, as he remains committed to empowering others through skill development and cybersecurity awareness. Marc’s professional interests lie at the intersection of threat detection, forensic investigation, and proactive defense strategies, making him a trusted expert in the field.

  October 29, 2025 11:30-13:00, October 29, 2025 13:45-15:45

• 2025 Mexico City Technical Colloquium
  • Call for Speakers
  • Registration
  • Program Overview
  • Venue Details
  • Hotel Suggestions
  • Sponsorship
  • Event Sponsors