Preliminary Schedule

Please find details for all talks here

Two Days of Trainings (23./24. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5
Social Engineering Training for IT Security Professionals - Sharon Conheady & Martin Law (First Defence Information Security Ltd.)
Attacks on GSM Networks - Karsten Nohl & Harald Welte (Security Research Labs & HMW-Consulting)
Designing Secure Protocols And Intercepting Secure Communication - Moxie Marlinspike (Institute For Disruptive Studies)
Physical Security - Thomas Hackner (
Pentesting and Securing IPv6 Networks - Marc "van Hauser" Heuse (Baseline Security)
Workshop 6 Workshop 7 Workshop 8
Advanced PHP Hacking - Laurent Oudot (TEHTRI-Security)
Threat Intelligence - Anchises M. G. De Paula (VeriSign)
SAP Security In-Depth - Mariano Nuñez Di Croce (Onapsis)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (25./26. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Day 1 - Nov 25 Pirouette Riding School
Registration Opens
09:00 - 09:10
Welcome & Introduction
DeepSec Organisation Team (
09:10 - 10:00
Stop complaining and solve a security problem instead!
Ivan Ristić (Qualys, Director of Engineering)
10:00 - 10:50
Identicate and Authentify: Improving future implementations to address real security challenges
Jennifer Jabbusch (Carolina Advanced Digital, Inc.)
Cyber Security in High-Speed Networks
Pavel Celeda, Jiri Novotny & Radek Krejci (Masaryk University Brno)
10:50 - 11:10
Coffee Break
11:10 - 12:00
Log Visualization in the Cloud
Raffael Marty (Founder @ Loggly)
Cyber War on the Horizon?
Stefan Schumacher (
12:00 - 12:50
Malware World 2010 - Beware the Predators
Toralv Dirro (McAfee Labs)
Remote Binary Planting – An Overlooked Vulnerability Affair
Mitja Kolsek (ACROS Security)
12:50 - 14:00
14:00 - 14:50
Cyber[Crime—War] - Connecting the dots
Iftach Ian Amit (Security & Innovation)
Targeted DOS Attack and various fun with GSM Um
Sylvain Munaut (Independent Researcher)
14:50 - 15:40
Developers are from Mars, Compliance Auditors are from Venus
Neelay S. Shah, Rudolph Araujo (Foundstone Inc., A Division of McAfee)
Mobile VoIP Steganography: From Framework to Implementation
Rainer Poisel & Marcus Nutzinger (Institute of IT Security Research, St. Polten University of Applied Sciences, Austria )
15:40 - 16:00
Coffee Break
16:00 - 16:50
Mobile privacy: Tor on the iPhone and other unusual devices
Marco Bonetti (CutAway s.r.l.)
Cognitive approach for social engineering
Dr. Mario Andrea Valori (IRIDe (Interdisciplinary Research and Intervention on Decision) Center - Università di Milano )
16:50 - 17:40
Off-Shore Development and Outsourcing - Information Security in Plato’s Cave
Frank Ackermann (CISSP, Security Researcher)
Circumventing common Pitfalls when auditing sourcecode for Security vulnerabilities
Aljosha Judmaier & David White (SEC Consult)
17:40 - 18:40
Night Talk: Security Awareness
Stefan Schumacher (
Traffic Direction System and Sourcing challenges
Max Goncharov (TREND MICRO Inc.)
20:00 - 23:59
Speaker's Dinner
Day 2 - Nov 26/th> Pirouette Riding School
09:00 - 09:50
Application Security and Cloud Computing
Lucas von Stockhausen (Fortify Software)
Debugging GSM
Dieter Spaar, Karsten Nohl (Security Research Labs, Berlin)
09:50 - 10:40
The Future of Social Engineering
Sharon Conheady (First Defence Information Security Ltd)
OsmocomBB: A tool for GSM protocol level security analysis of GSM networks
Harald Welte (hmw-consulting)
10:40 - 11:00
Coffee Break
11:00 - 11:50
Recent advances in IPv6 Insecurities
Marc Heuse (Baseline Security Consulting)
Malware goes to the Movies
Dr. Aleksandr Yampolskiy (Gilt Groupe)
11:50 - 12:40
All your baseband are belong to us
Ralf Philipp Weinmann (University of Luxembourg)
Electronic Locks - are really secure?!
Babak Javadi & Deviant Ollam (TOOOL)
12:40 - 13:40
13:40 - 14:30
Detection of Hardware Keyloggers
Fabian Mihailowitsch (Independent Researcher)
Attacking SAP Users Using sapsploit extended
Alexander Polyakov (Digital Security)
14:30 - 15:20
Payload already inside: data re-use for ROP exploits
Long Le & Thanh Nguyen (Intel Corporation / VNSECURITY)
DYI malware analysis with Minibis
Aaron Kaplan & Christian Wojner (
15:20 - 15:40
Coffee Break
15:40 - 16:30
Passwords in the wild: What kind of passwords do people use, and how do we crack them?
Ron Bowes (
Android: Reverse Engineering and Forensics
Raphaël Rigo (French Network and Information Security Agency (ANSSI))
16:30 - 17:20
Tripoux: Reverse Engineering of malware packers for dummies!
Joan Calvet (Nancy University - LORIA)
LTE Radio Interface structure and its security mechanism
Herbert Koblmiller (T.B.A.)
17:20 - 17:40
Closing Ceremony
20:00 -
Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien