Two Days of Trainings (27./28. November)

Workshop 01	Workshop 02	Workshop 03	Workshop 04	Workshop 05
Fundamentals of Routing and Switching for Blue and Red Team Paul Coggin (Financial Institution)	Security Risks in Cellular Networks: Phone, RAN, and Core (closed) David Burgess (YateBTS)	Malware Analysis Intro Christian Wojner	Attacking Internet of Things with Software Defined Radio Johannes Pohl (Hochschule Stralsund)	Hunting with OSSEC Xavier Mertens (Freelance Cyber Security Consultant / SANS ISC)

Workshop 06	Workshop 07	Workshop 08	Workshop 09	Workshop 10
Mobile App Attack 2.0 (closed) Sneha Rajguru	Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation Dawid Czagan (Silesia Security Lab)	Advanced Infrastructure Hacking Anant Shrivastava (NotSoSecure)	ERP Security: Assess, Exploit and Defend SAP Platforms Pablo Artuso & Yvan Genuer (Onapsis)	Advanced Penetration Testing in the Real World Davy Douhine & Guillaume Lopes (RandoriSec)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (29./30. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 29 Nov

	Left Pirouette	Right Pirouette	Riding School (ROOTS)
08:00	Registration opens
09:00		Opening DeepSec 2018 DeepSec Organisation Team (DeepSec In-Depth Security Conference)
09:10		Keynote: We're All Gonna Die Peter Zinn
10:00	Uncovering Vulnerabilities in Secure Coding Guidelines Fernando Arnaboldi (IOActive)	Without a Trace – Cybercrime, Who are the Offenders? Edith Huber & Bettina Pospisil (Donau-Universität Krems)	Keynote: Automatic Exploitation - The DARPA Cyber Grand Challenge, what came after, and what is next Kevin Borgolte (Princeton University)
10:50	Coffee Break
11:10	IoD - Internet of Dildos, a Long Way to a Vibrant Future Werner Schober (SEC Consult)	Moving Money: Inside the Global Watchlist for Banking across Borders Jasmin Klofta & Tom Wills (Investigative Reporter NDR/ARD (Germany) & Datajournalist The Times of London (UK))	How Android's UI Security is Undermined by Accessibility Anatoli Kalysch (Friedrich-Alexander-Universität Erlangen-Nürnberg)
12:00	Suricata and XDP, Performance with an S like Security Eric Leblond (OISF)	Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Tomasz Tuzel (Assured Information Security)	The Swift Language from a Reverse Engineering Perspective Malte Kraus & Vincent Haupert (Friedrich-Alexander University Erlangen-Nuremberg)
12:50	Lunch
14:00	Efail and other Failures with Encryption and E-Mail Hanno Böck (-)	Defense Informs Offense Improves Defense: How to Compromise an ICS Network and How to Defend It Joe Slowik (Dragos)	Library and Function Identification by Optimized Pattern Matching on Compressed Databases Maximilian von Tschirschnitz (Technical University of Munich)
14:50	SS7 for INFOSEC Paul Coggin (Financial Institution)	Security Response Survival Skills Benjamin Ridgway (Microsoft)	Kernel-Assisted Debugging of Linux Applications Tobias Holl, Philipp Klocke, Fabian Franzen (Technical University of Munich)
15:40	Coffee Break
16:00	New Attack Vectors for the Mobile Core Networks Dr. Silke Holtmanns (Nokia Bell Labs)	Injecting Security Controls into Software Applications Katy Anton (CA Technologies | Veracode)	T.B.A.
16:50	Offpath Attacks Against PKI Markus Brandt (Fraunhofer Institute for Secure Information Technology SIT)	Blinding the Watchers: The Growing Tension between Privacy Concerns and Information Security Mark Baenziger (FireEye Deutschland GmbH)	T.B.A.
17:40	Open Source Network Monitoring Paula de la Hoz Garrido (Student)	Attacks on Mobile Operators Aleksandr Kolchanov (n/a)	T.B.A.
20:00	Speaker's Dinner

Conference, day 2 - Fri, 30 Nov

	Left Pirouette	Right Pirouette	Riding School (ROOTS)
09:00	Everything is connected: how to hack Bank Account using Instagram Aleksandr Kolchanov (-)	How to Communicate about IT Security without Getting the Cybers Hauke Gierow & Tim Berghoff (G DATA Software AG)	T.B.A.
09:50	Cracking HiTag2 Crypto - Weaponising Academic Attacks for Breaking and Entering Kevin Sheldrake (Not representing employer)	A Tour of Office 365, Azure & SharePoint, through the Eyes of a Bug Hunter Dr.-Ing Ashar Javed (Hyundai AutoEver Europe GmbH)	Project Introduction: Data over Sound - Risks and Chances of an emerging Communication Channel Matthias Zeppelzauer (St. Pölten University of Applied Sciences)
10:40	Coffee Break
11:00	Building your Own WAF as a Service and Forgetting about False Positives Juan Berner (Booking.com)	Information, Threat Intelligence, and Human Factors John Bryk (Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC, North America))	T.B.A.
11:50	Pure In-Memory (Shell)Code Injection in Linux Userland reenz0h (Sektor7)	RFID Chip Inside the Body: Reflecting the Current State of Usage, Triggers, and Ethical Issues Ulrike Hugl (Innsbruck University, Faculty of Business and Management)	Discussion: Mobile Network Security DeepSec Speaker & Digital Guardian (Security Community)
12:40	Lunch
14:00	DNS Exfiltration and Out-of-Band Attacks Nitesh Shilpkar (PwC Singapore)	Global Deep Scans - Measuring Vulnerability Levels across Organizations, Industries, and Countries Luca Melette & Fabian Bräunlein (Security Research Labs)	T.B.A.
14:50	Leveraging Endpoints to Boost Incident Response Capabilities Francisco Galian, Mauro Silva (Nirvan and IBM X-Force IRIS, Telefonica UK (O2))	Orchestrating Security Tools with AWS Step Functions Jules Denardou & Justin Massey (Datadog)	T.B.A.
15:40	Coffee Break
16:00	Drones, the New Threat from the Sky Dom (D#FU5E) Brack (Reputelligence)	Security as a Community Healthcare: Helping Small Non-Profit Organisations Stay Secure Eva Blum-Dumontet (Privacy International)	T.B.A.
16:50	Anomaly Detection of Host Roles in Computer Networks Yury Kasimov (Stratosphere IPS / Avast)	Can not See the Wood for the Trees - Too Many Security Standards for Automation Industry Frank Ackermann (Yokogawa Deutschland GmbH)	T.B.A.
17:40	Mapping and Tracking WiFi Networks / Devices without Being Connected Caleb Madrigal (Mandiant/FireEye)	Manipulating Human Memory for Fun and Profit Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)	T.B.A.
18:20	Closing Ceremony
18:30 - ∞	.:.
19:00 - ∞	T.B.A.