Please find details for all talks here.

Two Days of Trainings (26./27. November)

Workshop 01 Workshop 02 Workshop 03 Workshop 04 Workshop 05
Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
Dawid Czagan (Silesia Security Lab)
Mobile Hacking
Davy Douhine and Guillaume Lopes (RandoriSec)
IoT/Embedded Development - Attack and Defense
Lior Yaari (Security Researcher and Founder of Imperium Security)
Threat Hunting with OSSEC (closed)
Xavier Mertens (Freelance)
Analysing Intrusions with Suricata (closed)
Peter Manev & Eric Leblond (Open Information Security Foundation / Suricata)
Workshop 06 Workshop 07
Pentesting Industrial Control Systems
Arnaud Soullie (RS Formation & Conseil)
Incident Response Detection and Investigation with Open Source Tools
Thomas Fischer & Craig Jones (FVT SecOps Consulting, Sophos)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (28./29. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 28 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
08:00 Registration opens
09:00   Opening Ceremony
René Pfeiffer (DeepSec In-Depth Security Conference)
09:10   Computer Security is simple, the World is not.
Raphaël Vinot and Quinn Norton (-)
10:00 Comparing GnuPG With Signal is like Comparing Apples with Smart Light Bulbs
Hans Freitag (Conesphere GmbH (CEO), Metalab (Hackspace), CCC)
Chinese Police and CloudPets
Abraham Aranguren (7ASecurity)
RevEngE is a dish served cold: Debug-Oriented Malware Decompilation and Reassembly
Marcus Botacin (Federal University of Paraná / UNICAMP / University of Campinas - Institute of Computing / UFPR)
10:50 Coffee Break
11:10 SD-WAN Secure Communications Design and Vulnerabilities
Denis Kolegov (Bi.Zone,Tomsk State University)
Mastering AWS Pentesting and Methodology
Ankit Giri (Independent Security Researcher)
Automatic Modulation Parameter Detection In Practice
Johannes Pohl (University of Applied Sciences Stralsund)
12:00 Still Secure. We Empower What We Harden Because We Can Conceal
Yury Chemerkin (Advanced Monitoring)
Security Analytics and Zero Trust - How Do We Tackle That?
Holger Arends (Telstra)
Harzer Roller: Linker-Based Instrumentation for Enhanced Embedded Security Testing
Katharina Bogad (Fraunhofer Institute for Applied and Integrated Security)
12:50 Lunch
14:00 Android Malware Adventures: Analyzing Samples and Breaking into C&C
Kürşat Oğuzhan Akıncı & Mert Can Coşkuner (STM AS & Trendyol)
Beyond Windows Forensics with Built-in Microsoft Tooling
Thomas Fischer (FVT SecOps Consulting)
Shallow Security: on the Creation of Adversarial Variants to Evade ML-Based Malware Detectors
Fabricio Ceschin (Federal University of Parana / University of Waikato)
14:50 The Turtle Gone Ninja - Investigation of an Unusual Crypto-Mining Campaign
Ophir Harpaz, Daniel Goldberg (Guardicore)
30 CVEs in 30 Days
Eran Shimony (CyberArk)
15:40 Coffee Break
16:00 Emoji, how do they even work and how they break Security
MacLemon (-)
“The Daily Malware Grind” – Looking Beyond the Cybers
Tim Berghoff, Hauke Gierow (G DATA Software AG)
Hands-On Workshop: Attacks on the Diffie-Hellman Protocol
Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
16:50 Demystifying Hardware Security Modules - How to Protect Keys in Hardware
Michael Walser (sematicon AG)
The Future Is Here - Modern Attack Surface On Automotive
Lior Yaari (Cymotive & Imperium Security)
Hands-On Workshop: Attacks on the Diffie-Hellman Protocol
Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
17:40 Practical Security Awareness - Lessons Learnt and Best Practices
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
New Tales of Wireless Input Devices
Matthias Deeg (SySS GmbH)
Hands-On Workshop: Attacks on the Diffie-Hellman Protocol
Denis Kolegov, Innokentii Sennovskii (BiZone LLC / Tomsk State University)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 29 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
09:00 What Has Data Science Got To Do With It?
Thordis Thorsteins (Panaseer)
How To Create a Botnet of GSM-devices
Aleksandr Kolchanov (Independent security researcher)
09:50 500.000 Recalled Pacemakers, 2 Billion $ Stock Value Loss – The Story Behind
Tobias Zillner (Alpha Strike Labs GmbH)
Mobile Network Hacking, All-over-IP Edition
Luca Melette, Sina Yazdanmehr (Security Research Labs)
10:40 Coffee Break
11:00 Saving Private Brian
Michael Burke (Grant Thornton)
IPFS As a Distributed Alternative to Logs Collection
Fabio Nigi (Philip Morris international)
Panel Discussion: Mobile Network Security
Jim Swiatko, Aleksandr Kolchanov, Luca Melette & René Pfeiffer
11:50 Lauschgerät - Gets in the Way of Your Victim's Traffic and Out of Yours
Adrian Vollmer (SySS R&D)
Extracting a 19-Year-Old Code Execution from WinRAR
Nadav Grossman (Check Point Software Technologies)
Panel Discussion: Mobile Network Security
Jim Swiatko, Aleksandr Kolchanov, Luca Melette & René Pfeiffer
12:40 Lunch
14:00 Setting up an Opensource Threat Detection Program
Lance Buttars (Ingo Money)
Well, That Escalated Quickly! - A Penetration Tester's Approach to Windows Privilege Escalation
Khalil Bijjou (SEC Consult)
Workshop: Applied Cryptography for Embedded Engineers - No fear about cryptography
Michael Walser (sematicon AG)
14:50 S.C.A.R.E. - Static Code Analysis Recognition Evasion
Andreas Wiegenstein (SERPENTEQ GmbH)
Once Upon a Time in the West - A story on DNS Attacks
Valentina Palacín, Ruth Esmeralda Barbacil (Deloitte)
15:40 Coffee Break
16:00 What’s Wrong with WebSocket APIs? Unveiling Vulnerabilities in WebSocket APIs.
Mikhail Egorov (Independent security researcher)
Lost in (DevOps) Space – Practical Approach for “Lightway” Threat Modeling as a Code
Vitaly Davidoff (Citi Bank Security Innovations Lab TLV)
16:50 Abusing Google Play Billing for Fun and Unlimited Credits!
Guillaume Lopes (RandoriSec)
A Threat-based Security Monitoring Approach Using Mitre ATT&CK Matrix
Patrick Bareiß (Splunk)
17:40 Overcoming the Limitations of TLS Fingerprinting for Malware Detection
Blake Anderson (Cisco Advanced Security Research)
Techniques and Tools for Becoming an Intelligence Operator
Robert Sell (Trace Labs)
18:20 Closing Ceremony
18:30 - .:.
19:00 - T.B.A.