Agenda

Agenda

12.10 - 13.00 PANEL

[PANEL]   Intelligence led security

Moderator: 
speakers-image   Midhun Babu 
Midhun Babu

Midhun Babu





15-Nov-2024    12.10 - 13.00

(PANEL) -   Moderator: Intelligence led security

Panel Member(s): 
speakers-image   Sameer Ratolikar , CISO -Chief Information Security Officer, HDFC Bank
Sameer Ratolikar

Sameer Ratolikar

CISO -Chief Information Security Officer
HDFC Bank




15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

Sheshadri MV

Sheshadri MV





15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

speakers-image   Dr. A Shiju Rawther , Head - Information Technology, SBI MUTUAL FUND
Dr. A Shiju Rawther

Dr. A Shiju Rawther

Head - Information Technology
SBI MUTUAL FUND

Shiju is a technology leader with strong business acumen with more than two decades of vast experience in major operating tenets of driving digital transformation through thought leadership, innovation, analytics & delivering value to stakeholders.

Shiju is currently working as Head – Information Technology for SBI Mutual Fund spearheading Group IT, Including Technology Strategies, Software Development & Cloud Engineering, IT Infrastructure, Enterprise-wide IT Transformation, Technology Security Operations and Analytics Functions.

Shiju comes with successful and steady career growth in reputed organizations viz., CARE Ratings Limited, Poonawalla Finance, IIFL Finance Limited, TransUnion CIBIL Limited, Fullerton India Credit Company Limited, PCS Technology Limited, Gateway Terminals India, Wipro InfoTech and Primus Telecommunications India Limited.
He is a prominent speaker at many industry conferences. Shiju has been recognized as one of the Most Innovative CIOs of India, Top 100 CISOs consistently over the last years by various media groups & forums. He is also associated with Cyberdome, Public Private Partnership initiative started by Kerala Police to combat Cyber Threats. Shiju was recognized as “Security Leader of the Year - Financial Services” in December 2016 by DSCI, NASSCOM.
Shiju holds a Bachelor of Engineering Degree in Computer Science & Engineering from Bangalore University and a Master in Information Management from Mumbai University. He also holds a PhD in Computer Science & Engineering from Hindustan Institute of Technology & Science, Chennai with research focused on securing networked systems against cyber-attacks using compartment models. An accomplished academic and professional, Dr. Shiju has published many research papers in international journals and also holds three patents registered with Indian Patent Authority. He recently received the prestigious Dr. K.C.G. Verghese Award for Best Researcher 2024.


15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

16-Nov-2024    12.00 - 12.40

(PANEL) -   When Falcon Strikes Back: The Defender's Dilemma

speakers-image   Maya R Nair , Cyber Security Thought Leader,  
Maya R Nair

Maya R Nair

Cyber Security Thought Leader
 

An experienced leader of Datacenter Infrastructure and Information security with major operating tenets of implementing defense in depth, acquiring 360 degree view of security, implementing IT infrastructure setups from the scratch, revamping datacenters and designing & implementing Business Continuity plans and Disaster Recovery sites.
Maya has a demonstrated history of working in the diverse industries of Telecommunication, BFSI and Manufacturing. She succeeded in positioning the Technology function as a Business Transformation initiative, with major contributions in IT infrastructure, Security technology implementations focussing on protection, prevention, monitoring and alerting.
Key achievements in the current and earlier stints include setting up of complete IT and datacenter infrastructure from the scratch, setting up of Security technology and framework from the scratch and operationalising it and designing & implementing Business continuity plans and Disaster recovery sites.
She is associated with Cyberdome ranked as Commander, a Public Private Partnership initiative started by Kerala Police to combat Cyber Threats and to spread awareness among masses
Maya has won many industry accolades and awards in recognition to her contribution to technology and security. She is a regular speaker in industry forums and writes technology articles.
She holds an engineering degree in Electronics engineering and post graduate degree in Software systems with specialisation in Network security. She also holds a management degree in Finance management. She also has many certifications including CISA, ISO 27001 LA, DCPLA to her credit.


15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

16-Nov-2024    16.00 - 16.30

Who is holding the Marauders map?

speakers-image   Balakrishnan A , MD and CEO, Geojit Financial Services Ltd
Balakrishnan A

Balakrishnan A

MD and CEO
Geojit Financial Services Ltd



15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

14.00 - 14.50 PANEL

[PANEL]   The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

Moderator: 
speakers-image   Aseem Jakhar , Co-Founder, EXPLIoT, Payatu, Hardwear.io, Nullcon
Aseem Jakhar

Aseem Jakhar

Co-Founder
EXPLIoT, Payatu, Hardwear.io, Nullcon




15-Nov-2024    14.00 - 14.50

(PANEL) -   Moderator: The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

16-Nov-2024    10.30 - 11.15

(PANEL) -   Transitioning from CTF to real world VAPT

Panel Member(s): 
speakers-image   M Nagarajan, IAS , Collector and District Magistrate of Mehsana, and Cyber Security Evangelist, Former Executive Director. i-Hub Gujarat
M Nagarajan, IAS

M Nagarajan, IAS

Collector and District Magistrate of Mehsana
and Cyber Security Evangelist
Former Executive Director. i-Hub Gujarat

Shri. M Nagarajan is an IAS Officer of 2009 Batch, Gujarat Cadre. Currently he is working as the Collector and District Magistrate of Mehsana, Gujarat.

He has a working experience of 22 years in various government departments including Indian Railways, Indian Audit and Accounts Department and Reserve Bank of India (RBI) and in the Indian Administrative Service(IAS).

He worked as District Collector in Arvalli District Gujarat. He contributed in bringing services delivery and industrial development of this tribal area. Later he was the District Collector of Kutch District, which is India’s largest district in terms of area, and is a very strategic location for India’s defence.

Prior to that, he was leading the Surat Smartcity Mission as CEO of the Surat Smart City Development SPV. Under his leadership Surat was awarded by Government of India for showing highest momentum in Smartcity implementation. He is a member of Expert Group on IT and Cyber Security by Ministry of Rural Development, Govt. Of India.

He has made major interventions in health, education and rural development. He believes that technology can be a game changer in India’s development. He has conceived and implemented projects in Digital Village, Smart Village, Rural Startups, Rural Broadband, Smart Cities, Smart Urban Transportation, eHealth and mHealth for Rural and Urban communities.

He has a Masters in Public Policy and Masters in Economics. A bureaucrat by profession he believes that technology is a great enabler of social change. He has been awarded by Election Commission of India (ECI) for Innovative use of Technology in Elections in the Gujarat 2012 elections.

His projects have won major awards that include SKOCH Award of Excellence, CSI-Nihilent Award, Manthan Award, Financial Inclusion Payment Systems award . He has been chosen as District Collector Digital Champion – 2014.He is an avid blogger and a Startup mentor.

Sessions

15-Nov-2024    14.00 - 14.50

(PANEL) -   The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

speakers-image   Tarun Wig , Founder, Innefu Labs
Tarun Wig

Tarun Wig

Founder
Innefu Labs



15-Nov-2024    14.00 - 14.50

(PANEL) -   The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

speakers-image   Philip Varughese Vayarakunnil , Global Lead - Platforms, Architecture, Engineering, Automation, Analytics, DXC Security
Philip Varughese Vayarakunnil

Philip Varughese Vayarakunnil

Global Lead - Platforms, Architecture, Engineering, Automation, Analytics
DXC Security



15-Nov-2024    11.50 - 12.00

GenAI and Autonomous Security in the Age of Zero Trust

15-Nov-2024    14.00 - 14.50

(PANEL) -   The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

Nikhil Shrivastava

Nikhil Shrivastava





15-Nov-2024    14.00 - 14.50

(PANEL) -   The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

10.30 - 11.15 PANEL

[PANEL]   Transitioning from CTF to real world VAPT

Moderator: 
speakers-image   Akhilesh Variar , Director, NCIIPC
Akhilesh Variar

Akhilesh Variar

Director
NCIIPC



16-Nov-2024    10.30 - 11.15

(PANEL) -   Moderator: Transitioning from CTF to real world VAPT

Panel Member(s): 
speakers-image   Aseem Jakhar , Co-Founder, EXPLIoT, Payatu, Hardwear.io, Nullcon
Aseem Jakhar

Aseem Jakhar

Co-Founder
EXPLIoT, Payatu, Hardwear.io, Nullcon




15-Nov-2024    14.00 - 14.50

(PANEL) -   Moderator: The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies

16-Nov-2024    10.30 - 11.15

(PANEL) -   Transitioning from CTF to real world VAPT

speakers-image   Anant Shrivastava , Chief Researcher / Founder, Cyfinoid Research Private Limited
Anant Shrivastava

Anant Shrivastava

Chief Researcher / Founder
Cyfinoid Research Private Limited

Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.

He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal

He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).

He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon

His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.

Sessions

Workshop - 13th & 14th November 2024

Attack & Defend Android Applications

16-Nov-2024    10.30 - 11.15

(PANEL) -   Transitioning from CTF to real world VAPT

16-Nov-2024    14.00 - 14.45

(PANEL) -   Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

16-Nov-2024    16:15 - 16:45

We got the Shiny SBoM; what next?

speakers-image   Dhruv Bisani , Head of Adversarial Attack Simulations, Starling Bank, United Kingdom
Dhruv Bisani

Dhruv Bisani

Head of Adversarial Attack Simulations
Starling Bank
United Kingdom

Dhruv is an experienced cybersecurity expert with 10+ years of experience and a key interest in leading and delivering Adversarial Attack (Red/Purple Team) simulations, along with dealing with audiences at all levels, from IT engineers to executives.

Currently, he is the Head of Adversarial Attack Simulation at Starling Bank, a leading UK Bank, where he developed Red Team capabilities to target novel tech stacks such as macOS and Zero-trust architecture. His role involves delivering both technical attack simulations and working closely with executives.

Prior to that, he founded & led the Red Team at Resillion (previously known as Eurofins Cyber Security) - a global consultancy working with a wide range of clients, and achieved revenue of >1M$ per year.

Over the last few years, Dhruv’s core focus has been on developing the red team capability, while focusing on testing less common environments such as Zero-trust & macOS. He has successfully delivered advanced attack simulations across a range of sectors including finance, healthcare, legal, and retail. He possesses extensive experience in executing projects under the UK CBEST/TBEST schemes. His current role encompasses a wide array of responsibilities such as recruitment, training, overseeing sales/finances, as well as enhancing technical methodologies and processes.

Dhruv has delivered talks at 10+ conferences internationally, such as GISEC Dubai 2024, BSides London 2023 & e-crime Denmark 2023, as well been part of panels such as “Ask the Hacker,” “Getting started in Industry” at several conferences.

Earned several industry leading certificates such as CREST Certified Simulated Attack Specialist, CREST Certified Tester INF & WEB, Certified Red Team Expert , Certified Azure Red Team Professional, Offensive Security Certified Professional, Microsoft AZ 900 & 500.

Sessions

16-Nov-2024    10.30 - 11.15

(PANEL) -   Transitioning from CTF to real world VAPT

16-Nov-2024    15.45 - 16.15

Invisible Invaders: Bypassing Email Security with Legitimate Tools

12.00 - 12.40 PANEL

[PANEL]   When Falcon Strikes Back: The Defender's Dilemma

Moderator: 
speakers-image   Burgess Cooper , Deputy Cybersecurity Leader and Partner, Consulting Services, EMEIA Region, EY
Burgess Cooper

Burgess Cooper

Deputy Cybersecurity Leader and Partner
Consulting Services, EMEIA Region, EY

Burgess Cooper is a Deputy Cybersecurity Leader and Partner & Heads Cyber Security Market with a team of 1300+ professionals.
He has 28+ years of experience in securing some of the biggest brands in the world from potential cyber-attacks. He is also leading the Responsible AI campaign for EY India.
Prior to EY he was a CISO with Vodafone and HSBC and responsible for Information Security, Privacy & Compliance across the Telecom and BFSI sector.
He is a regular speaker and a jury member at prominent industry events - BCCI, ASSOCHAM, CII, CISO, E-crime and a qualified EC-Council’s CEI Master Trainer for Industry CISO certification course.


Sessions

16-Nov-2024    12.00 - 12.40

(PANEL) -   Moderator: When Falcon Strikes Back: The Defender's Dilemma

Panel Member(s): 
speakers-image   Shivkumar Pandey 
Shivkumar Pandey

Shivkumar Pandey





16-Nov-2024    12.00 - 12.40

(PANEL) -   When Falcon Strikes Back: The Defender's Dilemma

speakers-image   Dr. A Shiju Rawther , Head - Information Technology, SBI MUTUAL FUND
Dr. A Shiju Rawther

Dr. A Shiju Rawther

Head - Information Technology
SBI MUTUAL FUND

Shiju is a technology leader with strong business acumen with more than two decades of vast experience in major operating tenets of driving digital transformation through thought leadership, innovation, analytics & delivering value to stakeholders.

Shiju is currently working as Head – Information Technology for SBI Mutual Fund spearheading Group IT, Including Technology Strategies, Software Development & Cloud Engineering, IT Infrastructure, Enterprise-wide IT Transformation, Technology Security Operations and Analytics Functions.

Shiju comes with successful and steady career growth in reputed organizations viz., CARE Ratings Limited, Poonawalla Finance, IIFL Finance Limited, TransUnion CIBIL Limited, Fullerton India Credit Company Limited, PCS Technology Limited, Gateway Terminals India, Wipro InfoTech and Primus Telecommunications India Limited.
He is a prominent speaker at many industry conferences. Shiju has been recognized as one of the Most Innovative CIOs of India, Top 100 CISOs consistently over the last years by various media groups & forums. He is also associated with Cyberdome, Public Private Partnership initiative started by Kerala Police to combat Cyber Threats. Shiju was recognized as “Security Leader of the Year - Financial Services” in December 2016 by DSCI, NASSCOM.
Shiju holds a Bachelor of Engineering Degree in Computer Science & Engineering from Bangalore University and a Master in Information Management from Mumbai University. He also holds a PhD in Computer Science & Engineering from Hindustan Institute of Technology & Science, Chennai with research focused on securing networked systems against cyber-attacks using compartment models. An accomplished academic and professional, Dr. Shiju has published many research papers in international journals and also holds three patents registered with Indian Patent Authority. He recently received the prestigious Dr. K.C.G. Verghese Award for Best Researcher 2024.


15-Nov-2024    12.10 - 13.00

(PANEL) -   Intelligence led security

16-Nov-2024    12.00 - 12.40

(PANEL) -   When Falcon Strikes Back: The Defender's Dilemma

Padnya Manwar

Padnya Manwar





16-Nov-2024    12.00 - 12.40

(PANEL) -   When Falcon Strikes Back: The Defender's Dilemma

Kishan Kendre

Kishan Kendre





16-Nov-2024    12.00 - 12.40

(PANEL) -   When Falcon Strikes Back: The Defender's Dilemma

14.00 - 14.45 PANEL

[PANEL]   Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

Moderator: 
speakers-image   Anant Shrivastava , Chief Researcher / Founder, Cyfinoid Research Private Limited
Anant Shrivastava

Anant Shrivastava

Chief Researcher / Founder
Cyfinoid Research Private Limited

Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.

He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal

He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).

He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon

His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.

Sessions

Workshop - 13th & 14th November 2024

Attack & Defend Android Applications

16-Nov-2024    10.30 - 11.15

(PANEL) -   Transitioning from CTF to real world VAPT

16-Nov-2024    14.00 - 14.45

(PANEL) -   Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

16-Nov-2024    16:15 - 16:45

We got the Shiny SBoM; what next?

Panel Member(s): 
speakers-image   Sapan Talwar 
Sapan Talwar

Sapan Talwar





16-Nov-2024    14.00 - 14.45

(PANEL) -   Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

speakers-image   Ajit Hatti , Founder, Director, Pure ID
Ajit Hatti

Ajit Hatti

Founder, Director
Pure ID

Ajit Hatti is a serial inventor and innovator and founder of PureID. He has been developing enterprise class security products over a decade and a half. Ajit regularly presents his research & tools at conferences like Black Hat, COCON & DEF CON. He is also the co-founder of Null - Open Security Community & is the founder of Blockchain Village which he organizes at DEF CON.

16-Nov-2024    14.00 - 14.45

(PANEL) -   Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

speakers-image   Sridhar Govardhan , Senior VP & Head of Information Security, CoinDCX
Sridhar Govardhan

Sridhar Govardhan

Senior VP & Head of Information Security
CoinDCX




16-Nov-2024    14.00 - 14.45

(PANEL) -   Post-Quantum Security: Balancing Opportunities and Overcoming Challenges

speakers-image   Dr. Abhilasha Vyas , Cloud Security Expert, CloudThat
Dr. Abhilasha Vyas

Dr. Abhilasha Vyas

Cloud Security Expert
CloudThat

Dr. Abhilasha Vyas is Cloud Security Expert at CloudThat, Core team member of Cloud Security Alliance Bangalore, Core team member of OT security professionals community, member of WiCyS India, and an executive council member of Women in Big Data (WiBD) India. A recognized cybersecurity leader, Dr. Vyas has delivered sessions globally, focusing on DDoS attack detection and awareness. She is a Microsoft Certified Trainer, awarded as a Cyber Security Women Influencer at BSides Bangalore 2024, Cyber Acharya 2024 by AuthinticOne, and was listed among India’s Top Women Influencers in Security 2022.

16-Nov-2024    14.00 - 14.45

(PANEL) -   Post-Quantum Security: Balancing Opportunities and Overcoming Challenges


Adversary Village



11:00 - 13:00

Workshop 2: Precision Threat tactics adversary techniques on enterprise environments

Amal Joy

Amal Joy

Security Researcher
Altered Security



speakers-image   Amal Joy Security Analyst, HackIT Technology & Advisory Services

The workshop covers the importance of post exploitation research in enterprise environments and use cases. This also covers scenarios that can help people to analyze adversary tactics to get a taste of defensive security. This workshop winds up by introducing the importance of purple teaming and much needed collaboration between red and blue team to better secure their product environments.

14:00 - 16:00

Workshop 1: Leveraging Rust for Offensive Security

Ritik Kumar Jain

Ritik Kumar Jain

Security Analyst
HackIT Technology & Advisory Services



Anekant Singhai

Anekant Singhai

Security Consultant
HackIT Technology & Advisory Services



speakers-image   Ritik Kumar Jain Security Analyst, HackIT Technology & Advisory Services
speakers-image   Anekant SinghaiSecurity Consultant, HackIT Technology & Advisory Services

(Village) Exploring the Unexplored - API Penetration Testing



11:00 - 13:00

Scanning, Enumeration, and Vulnerability Exploitation

Participants will learn to scan and enumerate APIs to identify exposed data, misconfigurations, and security weaknesses, using tools like Nmap and OWASP ZAP. This part also covers exploiting common vulnerabilities, such as flaws in authentication and authorization mechanisms, as well as input validation issues, including SQL injection and cross-site scripting. Through practical exercises, participants will build skills to test for weaknesses in access controls and data validation, enhancing their ability to detect and exploit common security flaws in APIs.


  • Scanning and Enumeration
  • Authentication, Authorization, and Access Control Testing
  • Exploiting Input Validation and Injection Vulnerabilities

    Tools:
  • SQLMap
  • OWASP ZAP
  • Nmap
  • Burp Suite
  • JWT.io
  • Postman
14.00 - 16.00

Advanced Vulnerabilities, OWASP API Top 10 Application, and Reporting

In this final part, participants will tackle advanced API vulnerabilities such as Server- Side Request Forgery (SSRF), Insecure Direct Object References (IDOR), and Mass Assignment, understanding their impact and how to exploit them. The course will also provide hands-on experience with each category in the OWASP API Top 10, ensuring participants can apply these principles to real-world testing scenarios. Finally, participants will learn to document findings in a structured report with clear recommendations, ensuring they can effectively communicate vulnerabilities and solutions to stakeholders.


  • Advanced API Vulnerabilities
  • OWASP API Security Top 10 Practical Overview
  • Reporting and Remediation

    Tools:
  • Burp Suite
  • OWASP ZAP
  • Postman

Sponsors