Schedule

Please find details for all talks here.

Two Days of Trainings (27./28. November)

Workshop 01 Workshop 02 Workshop 03 Workshop 04 Workshop 05
Fundamentals of Routing and Switching for Blue and Red Team
Paul Coggin (Financial Institution)
Security Risks in Cellular Networks: Phone, RAN, and Core (closed)
David Burgess (YateBTS)
Malware Analysis Intro
Christian Wojner
Attacking Internet of Things with Software Defined Radio
Johannes Pohl (Hochschule Stralsund)
Hunting with OSSEC
Xavier Mertens (Freelance Cyber Security Consultant / SANS ISC)
Workshop 06 Workshop 07 Workshop 08 Workshop 09 Workshop 10
Mobile App Attack 2.0
Sneha Rajguru (Payatu Software Labs LLP)
Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
Dawid Czagan (Silesia Security Lab)
Advanced Infrastructure Hacking
Anant Shrivastava (NotSoSecure)
ERP Security: Assess, Exploit and Defend SAP Platforms
Pablo Artuso & Gaston Traberg (Onapsis)
Advanced Penetration Testing in the Real World
Davy Douhine & Guillaume Lopes (RandoriSec, Cisco)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (29./30. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 29 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
08:00 Registration opens
09:00   Opening DeepSec 2018
DeepSec Organisation Team (DeepSec In-Depth Security Conference)
 
09:10  
T.B.A.
 
10:00 Uncovering Vulnerabilities in Secure Coding Guidelines
Fernando Arnaboldi (IOActive)
Without a Trace – Cybercrime, Who are the Offenders?
Edith Huber & Bettina Pospisil (Donau-Universität Krems)
T.B.A.
10:50 Coffee Break
11:10 IoD - Internet of Dildos, a Long Way to a Vibrant Future
Werner Schober (SEC Consult)
Moving Money: Inside the Global Watchlist for Banking across Borders
Jasmin Klofta & Tom Wills (Investigative Reporter NDR/ARD (Germany) & Datajournalist The Times of London (UK))
T.B.A.
12:00 Suricata and XDP, Performance with an S like Security
Eric Leblond (OISF)
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests
Tomasz Tuzel (Assured Information Security)
T.B.A.
12:50 Lunch
14:00 Efail and other Failures with Encryption and E-Mail
Hanno Böck (-)
Defense Informs Offense Improves Defense: How to Compromise an ICS Network and How to Defend It
Joe Slowik (Dragos)
T.B.A.
14:50 SS7 for INFOSEC
Paul Coggin (Financial Institution)
Security Response Survival Skills
Benjamin Ridgway (Microsoft)
T.B.A.
15:40 Coffee Break
16:00 New Attack Vectors for the Mobile Core Networks
Dr. Silke Holtmanns (Nokia Bell Labs)
Injecting Security Controls into Software Applications
Katy Anton (CA Technologies | Veracode)
T.B.A.
16:50 Left of Boom
Brian Contos (Verodin)
Blinding the Watchers: The Growing Tension between Privacy Concerns and Information Security
Mark Baenziger (FireEye Deutschland GmbH)
T.B.A.
17:40 Open Source Network Monitoring
Paula de la Hoz Garrido (Student)
Attack on Mobile Operators
Aleksandr Kolchanov (n/a)
T.B.A.
20:00 Speaker's Dinner
Conference, day 2 - Fri, 30 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
09:00 Disseting The Boot Sector: The Hunt for Ransomware in the Boot Process
Raul Alvarez (Fortinet)
How to Communicate about IT Security without Getting the Cybers
Hauke Gierow & Tim Berghoff (G DATA Software AG)
T.B.A.
09:50 Cracking HiTag2 Crypto - Weaponising Academic Attacks for Breaking and Entering
Kevin Sheldrake (Not representing employer)
A Tour of Office 365, Azure & SharePoint, through the Eyes of a Bug Hunter
Dr.-Ing Ashar Javed (Hyundai AutoEver Europe GmbH)
T.B.A.
10:40 Coffee Break
11:00 Building your Own WAF as a Service and Forgetting about False Positives
Juan Berner (Booking.com)
Information, Threat Intelligence, and Human Factors
John Bryk (Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC, North America))
T.B.A.
11:50 Pure In-Memory (Shell)Code Injection in Linux Userland
reenz0h (Sektor7)
RFID Chip Inside the Body: Reflecting the Current State of Usage, Triggers, and Ethical Issues
Ulrike Hugl (Innsbruck University, Faculty of Business and Management)
T.B.A.
12:40 Lunch
14:00 DNS Exfiltration and Out-of-Band Attacks
Nitesh Shilpkar (PwC Singapore)
Global Deep Scans - Measuring Vulnerability Levels across Organizations, Industries, and Countries
Luca Melette & Fabian Bräunlein (Security Research Labs)
T.B.A.
14:50 Leveraging Endpoints to Boost Incident Response Capabilities
Francisco Galian, Mauro Silva (Nirvan and IBM X-Force IRIS, Telefonica UK (O2))
Orchestrating Security Tools with AWS Step Functions
Jules Denardou & Justin Massey (Datadog)
T.B.A.
15:40 Coffee Break
16:00 Drones, the New Threat from the Sky
Dom (D#FU5E) Brack (Reputelligence)
Security as a Community Healthcare: Helping Small Non-Profit Organisations Stay Secure
Eva Blum-Dumontet (Privacy International)
T.B.A.
16:50 Anomaly Detection of Host Roles in Computer Networks
Yury Kasimov (Avast)
Can not See the Wood for the Trees - Too Many Security Standards for Automation Industry
Frank Ackermann (Yokogawa Deutschland GmbH)
T.B.A.
17:40 Mapping and Tracking WiFi Networks / Devices without Being Connected
Caleb Madrigal (Mandiant/FireEye)
Manipulating Human Memory for Fun and Profit
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
T.B.A.
18:20 Closing Ceremony
18:30 - .:.
19:00 - T.B.A.