Post-event resources

Exploring bold ideas in Singapore’s cybersecurity ecosystem.

Our second Division Zero (Div0) x CREST Meetup of the year brought together Singapore’s cyber community for an evening of unconventional thinking and real-world insights.

Paul Craig, CEO of Vantage Point Security Group, showed how creative, lateral thinking can crack problems traditional methods miss using an Ethereum private key challenge to illustrate the power of curiosity and hacker mindset.

Sandeep Hodkasia, Founder and CEO of AppSecure Security, shared how attacker psychology drives deeper, more impactful penetration testing, spotlighting discoveries like the Meta.AI prompt leak and WeWork data exposure.

Thank you to Div0 and our Member community for inspiring conversations and fresh perspectives.

The next Div0 x CREST Meetup, in partnership with our Community Supporter, Division Zero (Div0), and CyberSG TIG Collaboration Centre!

This month, we will be featuring two speakers from our Member community:

– Paul Craig (CEO, Vantage Point Security Group) takes on the impossible — attempting to break an Ethereum private key through pure creativity and hacker mindset. The odds of breaking an Ethereum private key based on an ECC curve within a 256bit field are roughly 1 in 115 quattuorvigintillion (115 and 75 zeros). In theory, there is a higher chance that Paul cures cancer, the world explodes, and aliens land on earth. These incredible odds are his starting point, armed with an attitude of “nothing is really impossible, only incredibly difficult,” Paul sets on the task of guessing a private key to find real cryptocurrency money using only creativity, curiosity, and a positive hacker attitude. Was he successful? Come see his talk and find out.

– Sandeep H. (Founder & CEO, AppSecure Security) shows how thinking like an attacker led to real-world discoveries — from Meta.AI’s prompt leak to WeWork’s data exposure.In this session, Sandeep will share how a hacker-focused mindset has shaped his approach to penetration testing — moving beyond automated scans and compliance checks to real-world attack simulations that uncover impactful vulnerabilities. Sandeep will walk you through some of his notable findings, including the Meta.AI prompt leak, a WeWork data exposure, and a Zomato blind XSS that escalated from a mobile app to the admin portal, to illustrate how thinking like an attacker reveals what traditional testing often misses. He will also discuss how he applies red-team scenarios, offensive research techniques, and attacker psychology to identify critical security vulnerabilities and secure modern tech companies — from AI systems and APIs to complex cloud-native infrastructures.

To RSVP and confirm your attendance, register on BOTH links below:

🔗 Meetup Page: https://www.meetup.com/div0_sg/events/311850604/

🔗 Google Form: https://docs.google.com/forms/d/e/1FAIpQLSfquNcX_rUqoyoOXcamhnNSyYi9ZCPbz7TxcmiTqZsM1Ft9ng/viewform

Agenda

• 6:30 PM: Registration & Networking (30mins)
• 7:00 PM: Introduction & Announcement (15mins)
• 7:15 PM: “y² = x³ + 7 (Breaking the Curve)” by Paul Craig (30mins)
• 7:50 PM: “Hacker-Focused Penetration Testing: Harnessing Human Intelligence in the Age of AI” by Sandeep H. (30mins)
• 8:25 PM: Q&A Discussion (15mins)
• Till Late: Networking

See you there!