Agenda -c0c0n @16

October 4-7, 2023
Grand Hyatt, Kochi, India

Day 4  - ( 07 Oct, 2023 )

  • TRACK 01

    Management, GRC, Policy, Strategy, Legal

  • TRACK 02

    Technology | Innovation | Research

  • TRACK 03

    FinTech

  • TRACK 04

    Activity Villages and Capture the Flag Competitions

09:45 - 10:15 IST

Arun Kumar Sinha IPS

Chairman , National Technical Research Organisation (NTRO) , New Delhi

KEYNOTE ADDRESS

Arun Kumar Sinha IPS

Arun Kumar Sinha IPS

Chairman

National Technical Research Organisation (NTRO)

New Delhi





10:30 - 11:10 IST

Aditya Vasekar

Sr. Principal Product Security , Microsoft

Putting a leash on AI

Aditya Vasekar

Aditya Vasekar

Sr. Principal Product Security

Microsoft

Aditya Vasekar is a Principal Product Security Engineer working with Microsoft with a 10+ years of experience in security. He mostly works on architecture reviews, threat modeling for the cloud hosted  products.


11:10 - 11:30 IST

Valligayatri Rachakonda

Cybersecurity Consultant , Societe Generale Global Solutions , India

Guardians of the Galactic Gateways: Securing Space Systems

Valligayatri Rachakonda

Valligayatri Rachakonda

Cybersecurity Consultant

Societe Generale Global Solutions

India

I am a Penetration Tester and Application Security Engineer with over 11 years of experience in the field of cybersecurity. I have a strong passion for space and avionics, and my work has allowed me to combine these interests and specialize in space security.
As a Penetration Tester, I am constantly looking for vulnerabilities in software and systems that could be exploited by malicious actors. My knowledge and experience in avionics have been particularly valuable in securing space vehicles, satellites, and other critical components used in space exploration.
I take pride in my work, and I am committed to ensuring the safety and security of space missions by identifying and mitigating potential threats to critical space infrastructure. My expertise in space security has become increasingly important in an evolving threat landscape, where the need for robust cybersecurity measures is critical.
Overall, I am thrilled to bring my unique perspective and expertise to the field of space security, and I am passionate about contributing to the advancement of space technology.

11:30 - 11:45 IST

TEA BREAK

11:45 - 12:15 IST

Sathwik Ram Prakki

Security Researcher II , Quick Heal , India

Evasion Tactics of SideCopy & APT36: Persistently targeting Indian Defense Orgs

Sathwik Ram Prakki

Sathwik Ram Prakki

Security Researcher II

Quick Heal

India

Sathwik Ram Prakki is working as a Security Researcher in Security Labs at Quick Heal. His focus areas are Threat Intelligence, Threat Hunting, and writing detections. He has a background in Offensive Security & Windows Internals and is keen on exploring new detection techniques through Reverse Engineering and Malware Research. He was a speaker at the AVAR 2022 conference presenting on 'Indian Power Sector targeted with latest LockBit 3.0 variant'.
His previous experience at C-DAC under the Ministry of Electronics & IT gave a jumpstart in his cybersecurity career. He graduated from Osmania University in 2019 with a degree in Electronics & Communication and has also completed his Post Graduate Diploma in Embedded Systems & Design at C-DAC in 2020.

12:15 - 12:35 IST

Rahul Sharma

Founder , The Perspective & Grade Ace , India

The DPDPA Effect: Jubilation, Twinge and Reticence that followed

The Digital Personal Data Protection Act got enacted on 11th August 2023 after more than a decade of efforts to adopt a comprehensive privacy/ data protection regime for India. The bill covers substantive requirement of a horizontal framework with specific rules and timelines for enforcement waiting to be notified. The text underwent significant updates since the first draft, with addition, eliminiation, reversal and upholding of fundamentals and some key provisions. What does the Bill do to India's digital economy? How does it impact our lives? Does it provide a balance between theory and pragmatism? Will Privacy community thrive? Are organizations ready to demonstrate compliance? This and more around the subject will be covered in the session.

Rahul Sharma

Rahul Sharma

Founder

The Perspective & Grade Ace

India

Rahul is founder – The PerspectiveTM & Grade AceTM with more than fourteen years experience working in Technology, Public Policy, Cyber Security & Privacy space, engaging with a range of stakeholder locally and globally to address the challenges in the evolving cyber ecosystem & value add as a Trusted Advisor. He recently worked as Cyber Security Liaison – Partner in International Business, Hague Security Delta, Netherlands in India & as Country Leader- India for International Association of Privacy Professionals (IAPP). Rahul also worked as ‘Senior non key Expert’ on 'International Digital Cooperation-Enhanced Data Protection and Data Flows' project with Directorate – General for Justice and Consumers (DG JUST) European Commission.

Rahul is member of Working Group (WG) on “Anonymization of Data" set forth by the Ministry of Electronics and Information Technology (MeitY), Government of India and member of Bureau of Indian Standards (BIS) WG that developed Indian Standard on Data Privacy (IS 17428). In his past role, Rahul has worked with Data Security Council of India (DSCI) anchored its policy, privacy, standards, government and international relations functions. Rahul undertakes various sessions for corporates and govt agencies such as iCISA (CAG of India), NLU and NLIU, Sardar Vallabhbhai Patel National Police Academy, CBI Academy on Cyber Security, Data Protection, Cyber Laws, Internet Governance etc. He has authored various articles and talks frequently on the subject.

Previously, he worked as a senior security analyst with HCL Technologies and as a telecom engineer with Nokia Siemens Network. He holds Engineering degree in Electronics and Communication from Indraprastha University in New Delhi.

Rahul has been fellow:
a) International Visitor Leadership Program (IVLP)- Dept. of State, US Govt, 2018
b) Global Governance Futures - Data Governance (GGF 2027) – Global Public Policy Institute (GPPi), Berlin, Germany, 2017
c) Internet Corporation for Assigned Names and Numbers (ICANN) – 2013 and 2014


12:35 - 13:00 IST

Ajit Hatti

Founder, Director - Pure ID

Trust Resiliency - A Lesson Learned from Russia Ukraine War

Ajit Hatti

Ajit Hatti

Founder, Director - Pure ID

Ajit Hatti is a serial inventor and innovator and founder of PureID. He has been developing enterprise class security products over a decade and a half. Ajit regularly presents his research & tools at conferences like Black Hat, COCON & DEF CON. He is also the co-founder of Null - Open Security Community & is the founder of Blockchain Village which he organizes at DEF CON.

13:00 - 14:00 IST

LUNCH BREAK

14:00 - 14:45 IST

,  

[PANEL DISCUSSION] ELITE CISO

14:45 - 15:15 IST

Jordan Kastrinsky

  ,   ,  

Global Startup Expansion Via Digital Asset Building

Jordan Kastrinsky

Jordan Kastrinsky

 

 

 




15:15 - 15:30 IST

TEA BREAK

15:30 - 16:00 IST

Niranjan Jayanand

Senior Manager, WatchTower Threat Hunting , SentinelOne , India

Chinese APT against Government officials using G7 summit lure

Niranjan Jayanand

Niranjan Jayanand

Senior Manager, WatchTower Threat Hunting

SentinelOne

India

Experienced Principal Threat Intel Analyst with a demonstrated history of Threat group hunting , malware reversing, yara, Anti virus signature creation , Threat report writing for customers etc. 60 plus proactive hunting and reporting of MENA origin threat attacks and PRC origin attacks ahead of competitors. Sound knowledge on leveraging and pivoting through internal telemetry data.

16:00 - 16:30 IST

Bhushan Gulabrao Borase

Deputy Director (I.T.) , Sardar Vallabhbhai Patel National Police Academy , Hyderabad, India

Cryptocurrencies and challenges to Law Enforcement Agencies

With more than 9250 Cryptocurrencies, 670 crypto exchanges and total market capitalization of 1 trillion USD, cryptocurrencies have marked their presence in every conventional crime that had component of fiat currencies. According to many surveys, our country figures among the countries with highest number of cryptocurrency users. This talk covers the types of cryptocurrency frauds that are happening in the country, various tools for detection of crypto crimes and need for capacity building in this area. Talk will also cover the issues like need of wallets and crypto repositories for government organizations and need of general awareness among public to safeguard them from crypto frauds. This talk will highlight the most prominent cryptocurrencies and exchanges that are getting used in the crimes in our country. Talk will also cover about the wallets and challenges in their use.

Bhushan Gulabrao Borase

Bhushan Gulabrao Borase

Deputy Director (I.T.)

Sardar Vallabhbhai Patel National Police Academy

Hyderabad, India

Batch – 2009, Karnataka Cadre


Education – BE, M Tech, Masters Degree in Police Management

Experience

  • Served as - SP of two districts in Karnataka
  • SP Cyber Crime, CID Karnataka
  • DCP, Bengaluru City Police.

Awards & Recognitions –
  • Union Home Minister’s Medal for Excellence in Police Training – 2021
  • Director's Commendation and Insignia (Gold Plated)) – 2021 at SVP NPA
  • National Award for e-Governance in 2015 for Citizen Centric Services.
  • Best Probationer in co-curricular activities in SVP NPA in 2009 Batch

Interests - He is a keen learner in the field of blockchain technology and cryptocurrencies
Publications -He has published five papers in various journals on topics of cryptocurrency, effective database management and other policing issues.
Workshops/ Conferences/ Seminars – He has delivered talks in two international and six national level workshops / Conferences on the topic of cryptocurrency Investigation.



16:30 - 17:00 IST

Lt General MU Nair, AVSM, SM

National Cyber Security Coordinator , Government Of India

KEYNOTE ADDRESS

Lt General MU Nair, AVSM, SM

Lt General MU Nair, AVSM, SM

National Cyber Security Coordinator

Government Of India


Lt General MU Nair, Ati Vishisht Seva Medal, Sena Medal is an internationally recognised Cybersecurity mentor, who has recently tenanted the prestigious appointment of National Cyber Security Coordinator in the National Security Council Secretariat, Government of India. In this capacity he was responsible for coordinating all activities across multiple sectors to ensure a secure and resilient cyberspace within the nation.

General Nair was commissioned into the Corps of Signals of the Indian Army on 15 December 1984. He is a graduate of the National Defence Academy, Pune and a post graduate from the Defence Services Staff College, Wellington, India. He holds a degree in Bachelor of Technology in Electronics and Telecommunication Engineering from the Jawaharlal Nehru University and two Master of Philosophy degrees on Defence and Strategic Studies from Indore University and the Madras University.

He has extensive experience in operational planning at tactical and strategic levels and has attended the Army Higher Command Course from the Army War College, Mhow, and the prestigious National Defence College, New Delhi. He has held multiple command and staff assignments and has served along India’s Northern and Western borders. As a Colonel, he has managed operational logistics for an Infantry Division along the Western borders, and was responsible for planning of operations in Network and Electro Magnetic Spectrum domain as a Director at the Military Operations, Directorate of the Indian Army.

His area of specialisation includes development of information and communication technology, cyber, space, cryptology and intelligence, reconnaissance and surveillance applications. He has been the Chief Information Security Officer of the Ministry of Defence and of the Indian Armed Forces, and has been responsible for protection of critical information infrastructure in defence domain, as part of one of his responsibilities. He has represented the Indian Armed Forces at several meetings at National and International levels, and has been part of working groups on Cyber Security and Technology related issues. He was instrumental in raising of the Indian Defence Cyber Agency, and subsequently headed the Signal Intelligence Directorate of the Indian Armed Forces. He has the rare distinction of being a Chief of Staff of an Operation Corps along Indian Northern borders, besides being a Chief of Staff of the Indian Army’s Central Command at Lucknow. He has been the Commandant of the Military College of Telecommunication Engineering at Mhow from December 2020 to June 2022, during which time he was instrumental in establishment of the 5G Test Bed and the Centre of Excellence for AI at the College.

During his last assignment as the Signal Officer in Chief he was responsible for induction of new technologies in ICT domain for the Armed Forces and over saw the fructification of a large number of projects. He was the technical advisor on niche technology domains for Armed Forces and responsible for conduct of Network Centric Operations.

He took over as India’s third National Cyber Security Coordinator, on 01 July 2023.

He has also held the post of Government Director on the Board for M/s ITI Ltd and has been a member of the National Level Apex Committee on Development of 6G Communication constituted by the Government of India.

17:00 - 17:30 IST

CLOSING CEREMONY

14:00 - 14:45 IST

Sandeep Agarwal

Cloud Security and Compliance , Google Cloud

Sandeep Agarwal

Sandeep Agarwal

Cloud Security and Compliance

Google Cloud

Sandeep Agarwal is a Security Specialist at Google Cloud and comes with an extensive background in security, risk, and compliance, particularly in the Financial Services domain. He was the CISO for Max Life Insurance and Moody's Analytics in India.

Most recently he was VP, InfoSec, and Data Protection Officer for OakNorth - a cloud-based fintech in the UK. In this role, he was in charge of managing the security, privacy, resiliency, and compliance posture for the OakNorth SaaS offering successfully adopted by several global banks in North America and Europe. Before OakNorth, he was leading security conversations with Government and Education customers at Amazon Web Services in India.

Sandeep is passionate about evangelizing the security, risk and compliance benefits that cloud computing brings to organizations of all shapes and sizes.

11:15 - 11:30 IST

TEA BREAK

11:30 - 12:15 IST

Aswin Raj

Associate Manager - Application Security Assurance , CyberPWN Technologies , India

Shruti MG

Deputy Manager - Application Security Assurance , CyberPWN Technologies , India

Start Left SDLC Security with Open-Source DevSecOps Tooling

Aswin Raj

Aswin Raj

I am a security researcher, blogger currently specialized in DevSecOps and Cloud Security. I have 3 years of experience in Cyber Security Domain.

I am exploring new areas in DevSecOps and Cloud Security which is gaining a lot of momentum in the current industry due to the rise of Supply Chain Attacks. Hope our research paper can help organizations struggling to get security integrated into the SDLC.

I am a weekend traveler, I play carroms and capture photos.


Shruti MG

Shruti MG

Deputy Manager - Application Security Assurance

CyberPWN Technologies

India

I have been working in the Cyber Security domain for the last 6 years. Have extensive experience in Web application pen testing, API, Mobile, DevSecOps and Threat Modelling.

I play Badminton, which is my favorite game.


12:15 - 13:00 IST

Anjali Shukla

Senior Security Consultant , Notsosecure , India

Divyanshu Shukla

Senior Security Engineer , Meesho , India

Serverless Siege: AWS Lambda Pentesting

Anjali Shukla

Anjali Shukla

Anjali Shukla is a security consultant with over 6+ years of experience in the cybersecurity and DevOps field. Her areas of expertise include pentesting, DevSecops, AWS, GCP, CI/CD, Kubernetes, and IAC security. Anjali joined NotSoSecure in 2021 as a DevSecops and infrastructure security specialist. She is involved in various DevSecops integrations for training and infrastructure lab setups, and she ensures that all components in the pipeline are functioning as expected. Anjali is also part of the Infosec Girls mentorship program and loves to publish her research on various DevOps security topics.
Anjali has worked with Opstree as a DevOps engineer and worked with clients like Paytm, and Blackbox & gained experience as a Linux admin, and Cloud engineer. Also, she has interned in the Cyber Security Cell of Gurugram Police.
She has actively participated in various training programs for RHCSA, RHCE, CEH, and ECHSA to enhance her knowledge in the field of cybersecurity and DevOps. Anjali is comfortable writing code in Python and bash and writing Ansible and Terraform scripts for automation purposes. She is also part of the Defcon Cloud Village.


Divyanshu Shukla

Divyanshu Shukla

Senior Security Engineer

Meesho

India

Senior security engineer with more than 5 years of experience in Cloud Security, DevSecops, Web Application Pentesting, Mobile Pentesting, Automation, and Secure Code Review. He has reported multiple vulnerabilities to companies like Airbnb, Google, Microsoft, AWS, Apple, Amazon, Samsung, Zomato, Xiaomi, Alibaba, Opera, Protonmail, Mobikwik, etc, and received CVE-2019-8727 CVE-2019-16918, CVE-2019-12278, CVE-2019-14962 for reporting issues. Author Burp-o-mation and very vulnerable serverless application. Also part of AWS Community Builder for security and Defcon Cloud Village crew member. He has also given training and seminars in events like Nullcon, Parsec IIT Dharwad, GirlScript Chandigarh University, and Null community.


13:00 - 13:45 IST

LUNCH BREAK

13:45 - 14:30 IST

Nitesh Surana

Threat Researcher , Trend Micro , India

Uncovering Azure's Silent Threats: A Story of Cloud Vulnerabilities

Nitesh Surana

Nitesh Surana

Threat Researcher

Trend Micro

India

Nitesh Surana works as a Senior Threat Researcher with Trend Micro. His passion revolves around Cloud Vulnerability & Security Research, Developer Security, Threat Hunting, building honeypots targeting container environments and finding abuse vectors for cloud services. Previously, Nitesh has been credited for reporting security issues to various companies, startups, and governments. His findings have been recognized by the US Department of Defense, the Zero Day Initiative and his research has been mentioned across ZDNet, BleepingComputer, TheHackerNews, Dark Reading, The Register amongst others. In addition to his previous work in a Managed Security Operations Center and Purple Teaming, he has presented on existing and new research in communities and conferences such as Null/OWASP Bangalore, DecodePH, c0c0n, Security BSides, NDC. Apart from playing with packets and syscalls, Nitesh is found attending concerts and playing music.


14:30 - 15:00 IST

David Baptiste

IT-Security Analyst & Researcher , ERNW - Ennor Rey Netzwerke GmbH , Germany

Beyond the Surface: A Comprehensive Look at Windows Driver Security Analysis

David Baptiste

David Baptiste

IT-Security Analyst & Researcher

ERNW - Ennor Rey Netzwerke GmbH

Germany

Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…

15:00 - 15:30 IST

Shayak Tarafdar

Manager, Threat Research , Quick Heal , India

The planning behind successful Ransomware attacks

Shayak Tarafdar

Shayak Tarafdar

Manager, Threat Research

Quick Heal

India

Shayak Tarafdar works as an engineering manager in Quick Heal Security Labs,. He has more than 12 years of experience in this domain. He is responsible for the threat research and detection which happens as part of Quick Heal Security Labs . This includes Emerging threats, APT research using Dark Web, and analysing all the attack and infection vectors of the latest malwares.His passion lies in identifying the new techniques used by attackers to infect enterprises and research on innovating ways to prevent such attacks in the future.

15:30 - 15:45 IST

TEA BREAK

15:45 - 16:20 IST

Pranav Sivvam

Offensive Security Consultant , Appsecco , India

Enhancing Red Team OPSEC: Abusing Stealthy In-Memory Binary Execution Techniques in Linux

Pranav Sivvam

Pranav Sivvam

Offensive Security Consultant

Appsecco

India

Pranav Sivvam loves to break apps and infra with a strong passion for hacking and security research. Skilled in application security, network security, container and cloud security, he spends most of his time setting up and hacking apps on the cloud. As a red team enthusiast, Pranav takes pleasure in finding ways to bypass security mechanisms, improve his opsec techniques and share his hacks with his team (and anyone who will listen, really).

Throughout his journey in infosec, he has identified and reported vulnerabilities in various companies' software, earning him 5 CVEs. He has also reported critical issues in several companies for which he has been thanked.

Pranav is also a contributor in open-source projects like SecLists and GTFObins.

Outside of work, he enjoys experimenting with new tech, participating in CTF challenges, lockpicking, and engaging in bug bounty programs. He can often be found working on software development projects or finding ways to improve his hacker mindset.

17:00 - 17:30 IST

CLOSING CEREMONY

10:30 - 11:15 IST

Tejaswa Rastogi

Security Auditor & Researcher , Consensys Diligence , India

Tejaswa Rastogi

Tejaswa Rastogi

Security Auditor & Researcher

Consensys Diligence

India

Security Auditor and Researcher @ Consensys Diligence, Creator/Founder 1- CipherShastra : A Platform to help everyone learn smart contract/ blockchain security by solving CTF challenges, 2- RazzorSec: A structured library of resources and community to help everyone learn blockchain security in an organized manner, 3- Unchained: A blockchain security conference to promote security awareness in the field of blocksec


11:15 - 11:30 IST

TEA BREAK

11:30 - 12:15 IST

Dhanith Krishna

Attack & Red Team Lead , EY GDS , India

Dhanith Krishna

Dhanith Krishna

Attack & Red Team Lead

EY GDS

India

Dhanith leads Attack & Red Team services for EY Global Delivery Services, leading a global team of 250+ ethical hackers. He is a hardcore practitioner with rich experience working with the world’s leading financial institutions helping them to secure their digital presence. Dhanith is a member of OWASP and has contributed to several open source infosec projects, including OWASP WSTG. Dhanith is passionate about educating the community on cybersecurity and makes use of every opportunity to share his knowledge and expertise on the topic.


12:15 - 13:00 IST

Anish Koshy

Vice President - Information Security Risk Officer , Standard Chartered GBS , India

Anish Koshy

Anish Koshy

Vice President - Information Security Risk Officer

Standard Chartered GBS

India

A creative adventurer with extensive experience in the field of Information & Cyber Security, Risk Management, Regulatory Compliance, Business Continuity, Quality Compliance and Service Delivery roles; governing both the Cloud and On-Premises applications & infrastructure in the Banking and Financial Domain.
Have been involved in strategizing and governing transformational Information & Cyber Security programs and proficient experience in risk management and regulatory and global financial requirements and standards such as Singapore MAS, Hong Kong MA, UAE NESA, SOX, PCI DSS, NIST, IT Act India, UK PRA etc. Has vast expertise in performing risk assessment especially pertaining to cyber security risks across various domains.

Has been involved with various organizations and educational institutes with an immense desire to cultivate a risk awareness culture and pass on a legacy of cyber security risks to the next generation.

Am a gourmet, sportsman, Liverpool FC fan, a traveller and enjoys associating with multi ethnic groups.

Have presented papers in C0c0n XV (2022) conference and also at ISACA Chennai Chapter.


13:00 - 14:00 IST

LUNCH BREAK

TBA

ORGANIZED BY

Information Security Research Association Kerala Police

ORGANIZING PARTNERS

UNICEF UNICRI Centre for Artificial Intelligence and Robotics International Centre for Missing & Exploited Children WeProtect Global Alliance CESP | Conseil Européen des Syndicats de Police

PLATINUM SPONSORS

Federal Bank Synthite RP GRPUP

GOLD SPONSORS

Keyzotrick Intelligence Pvt. Ltd National Critical Information Infrastructure Protection Centre Bharat Petroleum Imperva MTECH -Cyber Security and Network Performance Solutions Provider Palo Alto Networks Cyble - Cybersecurity Threat Intelligence Platform & Solutions Seqrite

SILVER SPONSORS

Cochin Shipyard ICICI Bank State Bank of India SBI Life Geojit SFS Homes Cochin International Airport Manage Engine

BRONZE SPONSORS

Canara Bank Elite Foods CSB Bank Kerala IT Mission Petronet LNG Luker India Trend Micro AVT Natural CYFIRMA Indian Oil Corporation Cochin Port Trust Kerala State Industrial Development Corporation

COMMUNITY PARTNERS

EliteCISOs GTech - Group of Technology Companies - Technopark, Infopark, Cyberpark

NETWORKING PARTNER

WTC Kochi

MEDIA PARTNERS

Information Security Media Group The 420

STRATEGIC PARTNER

CXOCywayz

Jet Suit demo partner

Synthite

c0c0n @16

c0c0n is a 15 years old platform that is aimed at providing opportunities to showcase, educate, understand and spread awareness on Information Security, data protection, and privacy...

Where & When?

Oct 04th to 07th 2023
Grand Hyatt, Kochi, India

Reach us @

(+91) 974-690-6654
m@is-ra.org