Schedule
Please find details for all talks here.
Two Days of Trainings (18./19. November)
| Workshop 1 | Workshop 2 | Workshop 3 | Workshop 4 | Workshop 5 |
|---|---|---|---|---|
| IPv6 Attacks and Defenses - A Hands-on Workshop Enno Rey (ERNW GmbH) |
Understanding x86-64 Assembly for Reverse Engineering and Exploits Xeno Kovah (MITRE) |
Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more Dawid Czagan (Silesia Security Lab / Future Processing) |
T.B.A. |
T.B.A. |
| Workshop 6 | Workshop 8 | Workshop 7 | Workshop 9 |
|---|---|---|---|
| Powershell for Penetration Testers Nikhil Mittal (Hacker) |
T.B.A. |
T.B.A. |
Suricata Training Event Victor Julien (Open Information Security Foundation) |
All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.
Two Days of Conference (20./21. November)
Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.
Conference, day 1 - Thu, 20 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 08:00 | Registration opens | |
| 09:00 | Welcome To DeepSec 2014 Michael Kafka & René Pfeiffer (DeepSec Organisation Team) (DeepSec) |
|
| 09:10 | Keynote: The Measured CSO Alexander Hutton (IANS Research, "Systemically Important Financial Institution") |
|
| 10:00 | On the Effectiveness of Full-ASLR on 64-bit Linux Hector Marco (Departamento de Informática de Sistemas y Computadores - Universitat Politècnica de València) |
A Tale of an Unbreakable, Context-specific XSS Sanitizer Ashar Javed (Ruhr University Bochum) |
| 10:50 | Coffee Break | |
| 11:10 | Java's SSLSocket: How Bad APIs Compromise Security Dr. Georg Lukas (rt-solutions.de GmbH) |
Addressing the Skills Gap Colin McLean (Abertay University, Dundee, Scotland) |
| 12:00 | A Myth or Reality – BIOS-based Hypervisor Threat Information Security Specialist |
Safer Six - IPv6 Security in a Nutshell Johanna Ullrich (SBA Research) |
| 12:50 | Lunch | |
| 14:00 | Reliable EMET Exploitation René Freingruber (SEC Consult Unternehmensberatung GmbH) |
MLD Considered Harmful - Breaking Another IPv6 Subprotocol Enno Rey, Antonios Atlasis & Jayson Salazar (ERNW GmbH) |
| 14:50 | Trusting Your Cloud Provider. Protecting Private Virtual Machines. Armin Simma (Vorarlberg University of Applied Sciences, FHV) |
The IPv6 Snort Plugin Martin Schütte (DECK36) |
| 15:40 | Coffee Break | |
| 16:00 | An innovative and comprehensive Framework for Social Vulnerability Assessment Enrico Frumento (CEFRIEL Center of Excellence for Innovation, Research and Education in the field of ICT) |
Bending and Twisting Networks Paul Coggin (Dynetics, Inc) |
| 16:50 | Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks Juraj Somorovsky (3curity / Ruhr University Bochum) |
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown (Akamai Technologies) |
| 17:40 | Build Yourself a Risk Assessment Tool Vlado Luknar (Orange Slovensko a.s. (France Telecom Orange Group)) |
Why IT Security Is Fucked Up And What We Can Do About It Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung) |
| 20:00 | Speaker's Dinner | |
Conference, day 2 - Fri, 21 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 09:00 | Mobile SSL Failures Tony Trummer & Tushar Dalvi (Linkedin) |
Cyber Security Information Sharing Oscar Serrano (NATO Communication and Information Agency) |
| 09:50 | Social Authentication: Vulnerabilities, Mitigations, and Redesign Marco Lancini (CEFRIEL - Politecnico di Milano) |
TextSecure and RedPhone-bring them to iOS Christine Corbett (Open WhisperSystems) |
| 10:40 | Coffee Break | |
| 11:00 | Advanced Powershell Threat: Lethal Client Side Attacks using Powershell Nikhil Mittal (Hacker) |
SAP BusinessObjects Attacks: Espionage and Poisoning of Business Intelligence platforms Juan Perez-Etchegoyen (Onapsis, Inc.) |
| 11:50 | SENTER Sandman: Using Intel TXT to Attack BIOSes Xeno Kovah (MITRE) |
Suricata Intrusion Detection Victor Julien (Open Information Security Foundation) |
| 12:40 | Lunch | |
| 14:00 | The prime Suspect is the Butler cause he holds all the “Keys” Sergio de los Santos (Head of Labs 11Paths) & Jesús Torres (Senior Developer) |
Trap a Spam-Bot for Fun and Profit Attila Marosi (SophosLab, Senior Threat Researcher) |
| 14:50 | CERT.at's Daily Business in a Nutshell Christian Wojner, Alexander Riepl (cert.at) |
Cloud-based Data Validation patterns… We need a new approach! Geoffrey Hill (Artis-Secure Ltd.) |
| 15:40 | Coffee Break | |
| 16:00 | Why Antivirus Software fails Daniel Sauder |
Creating a kewl and simple Cheating Platform on Android Milan Gabor & Danijel Grah (Viris) |
| 16:50 | Memory Forensics and Security Analytics : Detecting Unknown Malware Fahad Ehsan (UBS AG) |
Security Operations: Moving to a Narrative-Driven Model Josh Goldfarb (FireEye) |
| 17:40 | Political Solutions to Technical Challenges Linus Neumann (Chaos Computer Club e. V.) |
Introduction to and survey of TLS Security Aaron Zauner |
| 18:20 | Closing Ceremony | |
| 20:00 - ∞ | Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien | |