Two Days of Trainings (26./27. November)

Workshop 01	Workshop 02	Workshop 03	Workshop 04	Workshop 05
Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation Dawid Czagan (Silesia Security Lab)	Mobile Hacking Davy Douhine and Guillaume Lopes (RandoriSec)	IoT/Embedded Development - Attack and Defense Lior Yaari (Security Researcher and Founder of Imperium Security)	Threat Hunting with OSSEC (closed) Xavier Mertens (Freelance)	Analysing Intrusions with Suricata (closed) Peter Manev & Eric Leblond (Open Information Security Foundation / Suricata)

Workshop 06	Workshop 07
Pentesting Industrial Control Systems Arnaud Soullie (RS Formation & Conseil)	Incident Response Detection and Investigation with Open Source Tools Thomas Fischer & Craig Jones (FVT SecOps Consulting, Sophos)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (28./29. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 28 Nov

	Left Pirouette	Right Pirouette	Riding School (ROOTS)
08:00	Registration opens
09:00		Opening Ceremony René Pfeiffer (DeepSec In-Depth Security Conference)
09:10		Computer Security is simple, the World is not. Raphaël Vinot and Quinn Norton (-)
10:00	Comparing GnuPG With Signal is like Comparing Apples with Smart Light Bulbs Hans Freitag (Conesphere GmbH (CEO), Metalab (Hackspace), CCC)	Chinese Police and CloudPets Abraham Aranguren (7ASecurity)	RevEngE is a dish served cold: Debug-Oriented Malware Decompilation and Reassembly Marcus Botacin (Federal University of Paraná / UNICAMP / University of Campinas - Institute of Computing / UFPR)
10:50	Coffee Break
11:10	SD-WAN Secure Communications Design and Vulnerabilities Denis Kolegov (Bi.Zone,Tomsk State University)	Mastering AWS Pentesting and Methodology Ankit Giri (Independent Security Researcher)	Automatic Modulation Parameter Detection In Practice Johannes Pohl (University of Applied Sciences Stralsund)
12:00	Still Secure. We Empower What We Harden Because We Can Conceal Yury Chemerkin (Advanced Monitoring)	Security Analytics and Zero Trust - How Do We Tackle That? Holger Arends (Telstra)	Harzer Roller: Linker-Based Instrumentation for Enhanced Embedded Security Testing Katharina Bogad (Fraunhofer Institute for Applied and Integrated Security)
12:50	Lunch
14:00	Android Malware Adventures: Analyzing Samples and Breaking into C&C Kürşat Oğuzhan Akıncı & Mert Can Coşkuner (STM AS & Trendyol)	Beyond Windows Forensics with Built-in Microsoft Tooling Thomas Fischer (FVT SecOps Consulting)	Shallow Security: on the Creation of Adversarial Variants to Evade ML-Based Malware Detectors Fabricio Ceschin (Federal University of Parana / University of Waikato)
14:50	The Turtle Gone Ninja - Investigation of an Unusual Crypto-Mining Campaign Ophir Harpaz, Daniel Goldberg (Guardicore)	30 CVEs in 30 Days Eran Shimony (CyberArk)	T.B.A.
15:40	Coffee Break
16:00	Emoji, how do they even work and how they break Security MacLemon (-)	“The Daily Malware Grind” – Looking Beyond the Cybers Tim Berghoff, Hauke Gierow (G DATA Software AG)	Hands-On Workshop: Attacks on the Diffie-Hellman Protocol Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
16:50	Demystifying Hardware Security Modules - How to Protect Keys in Hardware Michael Walser (sematicon AG)	The Future Is Here - Modern Attack Surface On Automotive Lior Yaari (Cymotive & Imperium Security)	Hands-On Workshop: Attacks on the Diffie-Hellman Protocol Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
17:40	Practical Security Awareness - Lessons Learnt and Best Practices Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)	New Tales of Wireless Input Devices Matthias Deeg (SySS GmbH)	Hands-On Workshop: Attacks on the Diffie-Hellman Protocol Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
20:00	Speaker's Dinner

Conference, day 2 - Fri, 29 Nov

	Left Pirouette	Right Pirouette	Riding School (ROOTS)
09:00	What Has Data Science Got To Do With It? Thordis Thorsteins (Panaseer)	How To Create a Botnet of GSM-devices Aleksandr Kolchanov (Independent security researcher)	T.B.A.
09:50	500.000 Recalled Pacemakers, 2 Billion $ Stock Value Loss – The Story Behind Tobias Zillner (Alpha Strike Labs GmbH)	Mobile Network Hacking, All-over-IP Edition Luca Melette, Sina Yazdanmehr (Security Research Labs)	T.B.A.
10:40	Coffee Break
11:00	Saving Private Brian Michael Burke (Grant Thornton)	IPFS As a Distributed Alternative to Logs Collection Fabio Nigi (Philip Morris international)	Panel Discussion: Mobile Network Security Jim Swiatko, Aleksandr Kolchanov, Luca Melette & René Pfeiffer
11:50	Lauschgerät - Gets in the Way of Your Victim's Traffic and Out of Yours Adrian Vollmer (SySS R&D)	Extracting a 19-Year-Old Code Execution from WinRAR Nadav Grossman (Check Point Software Technologies)	Panel Discussion: Mobile Network Security Jim Swiatko, Aleksandr Kolchanov, Luca Melette & René Pfeiffer
12:40	Lunch
14:00	Setting up an Opensource Threat Detection Program Lance Buttars (Ingo Money)	Well, That Escalated Quickly! - A Penetration Tester's Approach to Windows Privilege Escalation Khalil Bijjou (SEC Consult)	Workshop: Applied Cryptography for Embedded Engineers - No fear about cryptography Michael Walser (sematicon AG)
14:50	S.C.A.R.E. - Static Code Analysis Recognition Evasion Andreas Wiegenstein (SERPENTEQ GmbH)	Once Upon a Time in the West - A story on DNS Attacks Valentina Palacín, Ruth Esmeralda Barbacil (Deloitte)	T.B.A.
15:40	Coffee Break
16:00	What’s Wrong with WebSocket APIs? Unveiling Vulnerabilities in WebSocket APIs. Mikhail Egorov (Independent security researcher)	Lost in (DevOps) Space – Practical Approach for “Lightway” Threat Modeling as a Code Vitaly Davidoff (Citi Bank Security Innovations Lab TLV)	T.B.A.
16:50	Abusing Google Play Billing for Fun and Unlimited Credits! Guillaume Lopes (RandoriSec)	A Threat-based Security Monitoring Approach Using Mitre ATT&CK Matrix Patrick Bareiß (Splunk)	T.B.A.
17:40	Overcoming the Limitations of TLS Fingerprinting for Malware Detection Blake Anderson (Cisco Advanced Security Research)	Techniques and Tools for Becoming an Intelligence Operator Robert Sell (Trace Labs)	T.B.A.
18:20	Closing Ceremony
18:30 - ∞	.:.
19:00 - ∞	T.B.A.