Zachary Mathis

Graduate of Purdue University with dual degrees in Computer Science and East Asian studies, Zach is a trailblazing security professional in Japan. Founding a security team and delivering various services from pen-testing to DFIR since 2006, he’s a rare non-Japanese specialist in Japan, leading major corporate security for two decades. A popular speaker since 2007 and founder of the Yamato Security community, he's contributed to top security guides and competitions. When not teaching or working in the field, he creates free DFIR tools such as Hayabusa. His bilingual proficiency bridges cultural gaps, making him a unique force in cybersecurity education.

More About Zachary


Zach Mathis started off with security and computers as a kid when his grandfather, a locksmith, taught him how to pick locks and his uncle, a tech enthusiast, taught him how to build computers and programs in assembly. When AOL and 14.4 Kbps dial-up modems came out, he would spend all his days and nights online teaching himself as much as he could. In the late 90s when RATs (Remote Access Trojans) like Sub7 and NetBus became popular, he would spend his time analyzing their source code, perform malware analysis, and create anti-virus tools to detect and remove them.

After graduating from Purdue University in 2003 with a double degree in Computer Science and East Asian studies, he moved to Kobe, Japan to work for Kobe Digital Labo (KDL), a domestic IT company. While also working at Carnegie Mellon CyLab Japan's master’s degree program for information security, he created the security team "Proactive Defense" at KDL as well as a wide range of services from penetration testing to DFIR. He is one the very few non-Japanese security professionals who work in purely Japanese environments. For nearly two decades, the team that he created has provided security services for thousands of companies across Japan and he has personal experience leading both offensive operations as well as incident response and forensics of major incidents for Fortune Global 500 Japanese corporations. 

Zach has been speaking at various conferences around the world since 2007 including Shmoocon, CODE BLUE, AV Tokyo, Blackhat Asia Arsenal, SANS DFIR Summit, etc... In 2012, he created one of the first security communities in Western Japan, "Yamato Security", to improve the local community and inspire a new generation of young hackers. Many Yamato Security members have gone on to become experts in their field, speak at international conferences, author books, and start their own companies. Yamato Security has now grown into one of the most popular communities throughout Japan. Zach also has contributed to the creation of JSSEC's Android Application Secure Coding Guidebook, helps run JNSA's SECCON CTF, the Hardening Project, as well as various bug bounty and CTF events. 

He now spends much of his time providing free and open source DFIR tools featured in SANS 504 and 608 courses such as Hayabusa, Takajo, WELA, Yamato Security's Windows Event Log Configuration Guide for DFIR And Threat Hunting, and more.

Zach's biggest passion is teaching security, having taught in over 15 countries around the world and teaching for SANS since 2016 in both English and Japanese. He possesses a rare and nuanced understanding of cultural and educational differences, cultivated by having spent two decades each immersed in the opposite cultures of the USA and Japan. These deep insights allow him to adeptly tailor his teaching methods to resonate with and best serve the unique needs of his students.


In his limited free time, he enjoys hobbies such as rock climbing, snowboarding, aikido, world travel, renovating traditional Japanese houses and gardening, meditation, capoeira and playing ethnic traditional and fusion music (shakuhachi, shinobue, tabla, nadaswaram, bansuri, ney, darbuka, etc...)