Please find details for all talks here.

Two Days of Trainings (18./19. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5
IPv6 Attacks and Defenses - A Hands-on Workshop
Enno Rey (ERNW GmbH)
Understanding x86-64 Assembly for Reverse Engineering and Exploits
Xeno Kovah (MITRE)
Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more
Dawid Czagan (Silesia Security Lab / Future Processing)
Workshop 6 Workshop 8 Workshop 7 Workshop 9
Powershell for Penetration Testers
Nikhil Mittal (Hacker)
Suricata Training Event
Victor Julien (Open Information Security Foundation)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (20./21. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 20 Nov
Left Pirouette Right Pirouette
08:00 Registration opens
09:00   Welcome To DeepSec 2014
Michael Kafka & René Pfeiffer (DeepSec Organisation Team) (DeepSec)
09:10   Keynote: The Measured CSO
Alexander Hutton (IANS Research, "Systemically Important Financial Institution")
10:00 On the Effectiveness of Full-ASLR on 64-bit Linux
Hector Marco (Departamento de Informática de Sistemas y Computadores - Universitat Politècnica de València)
A Tale of an Unbreakable, Context-specific XSS Sanitizer
Ashar Javed (Ruhr University Bochum)
10:50 Coffee Break
11:10 Java's SSLSocket: How Bad APIs Compromise Security
Dr. Georg Lukas ( GmbH)
Addressing the Skills Gap
Colin McLean (Abertay University, Dundee, Scotland)
12:00 A Myth or Reality – BIOS-based Hypervisor Threat
Information Security Specialist
Safer Six - IPv6 Security in a Nutshell
Johanna Ullrich (SBA Research)
12:50 Lunch
14:00 Reliable EMET Exploitation
René Freingruber (SEC Consult Unternehmensberatung GmbH)
MLD Considered Harmful - Breaking Another IPv6 Subprotocol
Enno Rey, Antonios Atlasis & Jayson Salazar (ERNW GmbH)
14:50 Trusting Your Cloud Provider. Protecting Private Virtual Machines.
Armin Simma (Vorarlberg University of Applied Sciences, FHV)
The IPv6 Snort Plugin
Martin Schütte (DECK36)
15:40 Coffee Break
16:00 An innovative and comprehensive Framework for Social Vulnerability Assessment
Enrico Frumento (CEFRIEL Center of Excellence for Innovation, Research and Education in the field of ICT)
Bending and Twisting Networks
Paul Coggin (Dynetics, Inc)
16:50 Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks
Juraj Somorovsky (3curity / Ruhr University Bochum)
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT)
Benjamin Brown (Akamai Technologies)
17:40 Build Yourself a Risk Assessment Tool
Vlado Luknar (Orange Slovensko a.s. (France Telecom Orange Group))
Why IT Security Is Fucked Up And What We Can Do About It
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 21 Nov
Left Pirouette Right Pirouette
09:00 Mobile SSL Failures
Tony Trummer & Tushar Dalvi (Linkedin)
Cyber Security Information Sharing
Oscar Serrano (NATO Communication and Information Agency)
09:50 Social Authentication: Vulnerabilities, Mitigations, and Redesign
Marco Lancini (CEFRIEL - Politecnico di Milano)
TextSecure and RedPhone-bring them to iOS
Christine Corbett (Open WhisperSystems)
10:40 Coffee Break
11:00 Advanced Powershell Threat: Lethal Client Side Attacks using Powershell
Nikhil Mittal (Hacker)
SAP BusinessObjects Attacks: Espionage and Poisoning of Business Intelligence platforms
Juan Perez-Etchegoyen (Onapsis, Inc.)
11:50 SENTER Sandman: Using Intel TXT to Attack BIOSes
Xeno Kovah (MITRE)
Suricata Intrusion Detection
Victor Julien (Open Information Security Foundation)
12:40 Lunch
14:00 The prime Suspect is the Butler cause he holds all the “Keys”
Sergio de los Santos (Head of Labs 11Paths) & Jesús Torres (Senior Developer)
Trap a Spam-Bot for Fun and Profit
Attila Marosi (SophosLab, Senior Threat Researcher)
14:50's Daily Business in a Nutshell
Christian Wojner, Alexander Riepl (
Cloud-based Data Validation patterns… We need a new approach!
Geoffrey Hill (Artis-Secure Ltd.)
15:40 Coffee Break
16:00 Why Antivirus Software fails
Daniel Sauder
Creating a kewl and simple Cheating Platform on Android
Milan Gabor & Danijel Grah (Viris)
16:50 Memory Forensics and Security Analytics : Detecting Unknown Malware
Fahad Ehsan (UBS AG)
Security Operations: Moving to a Narrative-Driven Model
Josh Goldfarb (FireEye)
17:40 Political Solutions to Technical Challenges
Linus Neumann (Chaos Computer Club e. V.)
Introduction to and survey of TLS Security
Aaron Zauner
18:20 Closing Ceremony
20:00 - Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien