Security research · Threat intelligence

Chi-en Ashley
Shen

$ codex

tell me about Chi-en Ashley Shen

codex

沈祈恩 is a cybersecurity researcher and technical leader from Taiwan 🇹🇼, currently at Cisco Talos, with APT and threat-intelligence experience at Google TAG and Mandiant, plus global conference and women-in-security leadership.

沈祈恩 is a cybersecurity researcher and technical leader from Taiwan 🇹🇼, currently at Cisco Talos, with APT and threat-intelligence experience at Google TAG and Mandiant, plus global conference and women-in-security leadership.

RESEARCHER_CHIEN_SHENTHREAT_INTELLIGENCE
Portrait of Chi-en Ashley Shen in a white blouse SECURITY RESEARCH // ASHLEY SHEN
TAIWAN →︎ GLOBAL● CURRENT ROLE · CISCO TALOS
01 Threat Intelligence Research
02 Malware analysis

01 / UPCOMING EVENTS

Next,
on the calendar.

02 / RESEARCH

03 / SPEAKING

Research,
out loud.

2026
DISTRICTCON · WASHINGTON, DC

Knife Cutting the Edge: Dissecting A Gateway Surveillance & MitM Framework

Jan 25 · 1:00–1:20 p.m. ET · Disco In The Dark

↗︎
2026
JSAC · TOKYO

Knife Cutting the Edge: Dissecting A Gateway Surveillance & MitM Framework

Presentation · Jan 22 · 10:40–11:20

↗︎
2025
LABSCON · SCOTTSDALE

Knife Cutting the Edge: Dissecting a Modular Gateway Implant for Domestic Surveillance

Solo briefing · Sept 17–20 · on-site only

↗︎
2025
AAVAR KNOWLEDGE SERIES · ONLINE

Redefining IABs: Impacts of Compartmentalization on Threat Tracking & Modeling

Aug 22 · 17:30 SGT · recorded session

↗︎
2025
BLACK HAT USA · LAS VEGAS

Hacking the Status Quo: Tales From Leading Women in Cybersecurity

Leadership panel with Valentina Palmiotti, Kymberlee Price and Natalie Silvanovich

↗︎
2025
CYCON · TALLINN

Exploit Hunter: How We Turn Your 0day into Nday

International Conference on Cyber Conflict · May 27–30

↗︎
2025
PIVOTCON · MALAGA

Redefining IABs: Impacts of Compartmentalization on Threat Tracking & Modeling

With Vitor Ventura · May 9

↗︎
2025
DEVCORE CONFERENCE · TAIPEI

Exploit Hunter: How We Turn Your 0day into Nday

Mar 15 · 10:50–11:20

↗︎
2024
LABSCON · SCOTTSDALE

Jumping Hurdles to Verify Vulnerabilities on Chinese Instant Messaging

Solo briefing · Sept 18–21

↗︎
2024
PIVOTCON · MALAGA

Follow the Moonshine: Unravelling Poison Carp’s Trail to a Chinese Mercenary’s Arsenal

Mobile surveillance, infrastructure pivots and mercenary attribution · May 9

↗︎
Expand complete speaking archive+15
2021
SAPS SUMMIT

YouTube Botnets Abuse Cloud

Cloud-service abuse and botnet infrastructure

2021
VISCON · ZURICH

Threat Hunting and Campaign Tracking

Oct 16 · 14:35

↗︎
2020
HITCON CTI VILLAGE

From Threat Hunting to Campaign Tracking

Workshop · with Steve Su

↗︎
2020
SPAS SUMMIT

Fighting Against the Cookie Monster

Threat research briefing

2020
BLACK HAT ASIA · VIRTUAL

Locknote: Conclusions and Key Takeaways From Day 1

Oct 1 · panel

↗︎
2019
RESET CONFERENCE · CONFIDENCE CONFERENCE

Into the Fog: The Return of ICEFOG APT

Campaign tracking and malware evolution · authored slide deck

↗︎
2019
FIREEYE CYBER DEFENSE SUMMIT · WASHINGTON, DC

Into the Fog: The Return of ICEFOG APT

Technical Track · Oct 9 · archived event page; original player offline

↗︎
2019
SECTOR · TORONTO

Into the Fog: The Return of ICEFOG APT

Oct 10 · 13:30 · presentation deck

↗︎
2019
CODE BLUE · TOKYO

Cyber Threat Landscape in Japan

Revealing threats in the shadow · with Oleg Bondarenko

↗︎
2018/17
BLACK HAT ASIA 2018 · BLACK HAT EUROPE 2017

Nation-State Moneymule’s Hunting Season

APT attacks targeting financial institutions

↗︎
2017
SECTOR · HITB GSEC

A Deep Dive Into the Digital Weapons of the North Korean Cyber Army

With Moonbeom Park · presentation deck

↗︎
2017/16
VXCON · TAIWAN CYBER SECURITY SUMMIT · HITCON

Catching the Golden Snitch

Leveraging threat-intelligence platforms to defend against cyber attacks

↗︎
2017
FIRST SYMPOSIUM · TAICHUNG

Respond Before Incident

How we rescued and secured an APT target

↗︎
2016/15
TROOPERS16 · HITCON

Let’s Play Hide and Seek in the Cloud

The APT malware favored in cloud services · with Belinda Lai

↗︎
2015
CODE BLUE · HITCON

Failures of the Security Industry in the Last Decade

Lessons learned from hundreds of cyber-espionage breaches

↗︎

04 / MEDIA

Conversations
& transmissions.

05 / PODCASTS

Behind
the microphone.

The Hacks Between Us podcast cover 12 EPISODES · 2020—2021 · 中文
MY ORIGINAL SERIES

我們與駭的距離The Hacks Between Us

I created this series to open up the world of hackers, threat research and practical security for a Mandarin-speaking audience.

PLAY A SAMPLE EPISODEEP 00 · JUN 01, 2020 · 10:36
資安工程師突然想開 podcast? 追駭客也是一種工作?
GUEST CONVERSATIONS

06 / SOCIAL MEDIA

Social
media.

Reflections from OffensiveCon: moving from defensive threat intelligence into practical iOS reverse engineering, fuzzing and exploit research.

LINKEDIN · OWN POST, NOT A REPOST ↗︎

08 / COMMUNITY

Giving back to the community.

CO-FOUNDER

HITCON GIRLS

Taiwan’s first information-security community for women.

ORGANIZER

RHACKLETTE

A Swiss security community for FINTA.

REVIEW BOARD

BLACK HAT

Reviewing and shaping security-research programming.

REVIEW BOARD

HITCON

Supporting strong technical content for Taiwan’s security community.

09 / EXPERIENCE

From regional signals
to global intelligence.

2023—NOW

CISCO TALOS

Security Research Engineering Technical Leader

Emerging threats, nation-state operations, financially motivated crime and spyware campaigns.

Threat researchTechnical leadership
PREVIOUS

THREAT ANALYSIS GROUP

Security Engineer

Hunted zero-day exploits used in the wild and tracked botnet activity.

Exploit huntingBotnets
PREVIOUS

Global Research Team

Tracked APAC threat groups and co-authored major research on APT41 and ICEFOG.

APT41ICEFOG
FOUNDATION

TAIWAN

Co-founder & Senior Threat Analyst

Focused on targeted attacks, malware analysis and emerging cyber-espionage activity in APAC.

Reverse engineeringAPAC

10 / OPEN CHANNEL

Let’s talk
security.