Haroon Meer (Thinkst.com, South-Africa) -- You and your research
Haroon is a well-known security researcher who has recently started his own venture with Thinkst.com, an applied research company. He is also involved with ZACON, a security conference in South-Africa. Haroon is a frequent speaker at conferences such as Blackhat, Defcon, etc.
What does it take to do quality research? What stops you from being a one-hit wonder? Is there an age limit to productive hackery? What are the key ingredients needed and how can you up your chances of doing great work? In a talk unabashedly stolen from far greater minds we hope to answer these questions and discuss their repercussions.
Alex Hutton (Verizon Business, United States)
Alex is a principal in the Verizon Business RISK intelligence team and has been one of the driving forces behind the VERIS (Verizon Risk Information Sharing) Framework and their yearly Databreach Investigations Report (DBIR). He is involved with the SIRA podcast and frequently presents on risk management and data-driven security at conferences such as Blackhat and Source.
Jaron Lanier (Microsoft, United States)
Jaron is a pioneer in the realm of virtual reality and currently works as a principal architect for Microsoft’s Extreme Computing lab. He is the author of the 2010 bestseller “you are not a gadget” and has given talks at conferences around the world on virtual reality and the impact of social networks and web 2.0.
Due to time constraints Jaron will not be able to attend the conference. Instead we are organizing for him to deliver his keynote talk through a video link. We're still privileged to have Jaron on-board for our 2011 edition!
Agnitio: the security code review Swiss army knife (David Rook - Security Ninja)
Its static analysis, but not as we know it
Collective Malicious PDF Analysis (Brandon Dixon - x0ner)
Going beyond one sample at a time
Script Kiddie Hacking Techniques (Ellen Moar & Colin McLean)
How a script kiddie can copy and paste their way to effective hacks
The Web Application Hacking Toolchain (Jason Haddix - jhaddix)
web hacking made better
White Hat Shellcode: Not for Exploits (Didier Stevens)
Learn to use shellcode for defense
Beer brewing (TBD)
Ripping Out Code: Practical Attack Surface Reduction for Open Source Systems (Craig Balding)
Abusing Locality in Shared Web Hosting (Nick Nikiforakis - nikifor)
Botnet Identification and remediation (Barry Irwin)
Cleaning up in your own back yard
Botnets and Browsers - Brothers in a Ghost Shell (Aditya K Sood)
iOS Data Protection Internals (Andrey Belenko)
The 99¢ heart surgeon dilemma (Stefan Friedli)
How to fix penetration testing
Pushing in, leaving a present, and pulling out without anybody noticing (Ian Amit)
Data Exfiltration in highly secure environments
Social Engineering Like In The Movies (Dale Pearson)
The reality of awareness and manipulation
Smart Phones – The Weak Link in the Security Chain (Nick Walker - tel0seh)
Hacking a network through an Android device
Enterprise Wi-Fi Worms, Backdoors and Botnets for Fun and Profit (Vivek Ramachandran)