(PANEL) - Moderator: Intelligence led security
(PANEL) - Intelligence led security
(PANEL) - Intelligence led security
Shiju is a technology leader with strong business acumen with more than two decades of vast experience in major operating tenets of driving digital transformation through thought leadership, innovation, analytics & delivering value to stakeholders.
Shiju is currently working as Head – Information Technology for SBI Mutual Fund spearheading Group IT, Including Technology Strategies, Software Development & Cloud Engineering, IT Infrastructure, Enterprise-wide IT Transformation, Technology Security Operations and Analytics Functions.
Shiju comes with successful and steady career growth in reputed organizations viz., CARE Ratings Limited, Poonawalla Finance, IIFL Finance Limited, TransUnion CIBIL Limited, Fullerton India Credit Company Limited, PCS Technology Limited, Gateway Terminals India, Wipro InfoTech and Primus Telecommunications India Limited.
He is a prominent speaker at many industry conferences. Shiju has been recognized as one of the Most Innovative CIOs of India, Top 100 CISOs consistently over the last years by various media groups & forums. He is also associated with Cyberdome, Public Private Partnership initiative started by Kerala Police to combat Cyber Threats. Shiju was recognized as “Security Leader of the Year - Financial Services” in December 2016 by DSCI, NASSCOM.
Shiju holds a Bachelor of Engineering Degree in Computer Science & Engineering from Bangalore University and a Master in Information Management from Mumbai University. He also holds a PhD in Computer Science & Engineering from Hindustan Institute of Technology & Science, Chennai with research focused on securing networked systems against cyber-attacks using compartment models. An accomplished academic and professional, Dr. Shiju has published many research papers in international journals and also holds three patents registered with Indian Patent Authority. He recently received the prestigious Dr. K.C.G. Verghese Award for Best Researcher 2024.
(PANEL) - Intelligence led security
(PANEL) - When Falcon Strikes Back: The Defender's Dilemma
An experienced leader of Datacenter Infrastructure and Information security with major operating tenets of implementing defense in depth, acquiring 360 degree view of security, implementing IT infrastructure setups from the scratch, revamping datacenters and designing & implementing Business Continuity plans and Disaster Recovery sites.
Maya has a demonstrated history of working in the diverse industries of Telecommunication, BFSI and Manufacturing. She succeeded in positioning the Technology function as a Business Transformation initiative, with major contributions in IT infrastructure, Security technology implementations focussing on protection, prevention, monitoring and alerting.
Key achievements in the current and earlier stints include setting up of complete IT and datacenter infrastructure from the scratch, setting up of Security technology and framework from the scratch and operationalising it and designing & implementing Business continuity plans and Disaster recovery sites.
She is associated with Cyberdome ranked as Commander, a Public Private Partnership initiative started by Kerala Police to combat Cyber Threats and to spread awareness among masses
Maya has won many industry accolades and awards in recognition to her contribution to technology and security. She is a regular speaker in industry forums and writes technology articles.
She holds an engineering degree in Electronics engineering and post graduate degree in Software systems with specialisation in Network security. She also holds a management degree in Finance management. She also has many certifications including CISA, ISO 27001 LA, DCPLA to her credit.
(PANEL) - Intelligence led security
Who is holding the Marauders map?
(PANEL) - Intelligence led security
(PANEL) - Moderator: The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - Transitioning from CTF to real world VAPT
Shri. M Nagarajan is an IAS Officer of 2009 Batch, Gujarat Cadre. Currently he is working as the Collector and District Magistrate of Mehsana, Gujarat.
He has a working experience of 22 years in various government departments including Indian Railways, Indian Audit and Accounts Department and Reserve Bank of India (RBI) and in the Indian Administrative Service(IAS).
He worked as District Collector in Arvalli District Gujarat. He contributed in bringing services delivery and industrial development of this tribal area. Later he was the District Collector of Kutch District, which is India’s largest district in terms of area, and is a very strategic location for India’s defence.
Prior to that, he was leading the Surat Smartcity Mission as CEO of the Surat Smart City Development SPV. Under his leadership Surat was awarded by Government of India for showing highest momentum in Smartcity implementation. He is a member of Expert Group on IT and Cyber Security by Ministry of Rural Development, Govt. Of India.
He has made major interventions in health, education and rural development. He believes that technology can be a game changer in India’s development. He has conceived and implemented projects in Digital Village, Smart Village, Rural Startups, Rural Broadband, Smart Cities, Smart Urban Transportation, eHealth and mHealth for Rural and Urban communities.
He has a Masters in Public Policy and Masters in Economics. A bureaucrat by profession he believes that technology is a great enabler of social change. He has been awarded by Election Commission of India (ECI) for Innovative use of Technology in Elections in the Gujarat 2012 elections.
His projects have won major awards that include SKOCH Award of Excellence, CSI-Nihilent Award, Manthan Award, Financial Inclusion Payment Systems award . He has been chosen as District Collector Digital Champion – 2014.He is an avid blogger and a Startup mentor.
(PANEL) - The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
GenAI and Autonomous Security in the Age of Zero Trust
(PANEL) - The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - Moderator: Transitioning from CTF to real world VAPT
(PANEL) - Moderator: The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - Transitioning from CTF to real world VAPT
Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.
He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal
He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).
He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon
His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.
Attack & Defend Android Applications
(PANEL) - Transitioning from CTF to real world VAPT
(PANEL) - Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
We got the Shiny SBoM; what next?
Dhruv is an experienced cybersecurity expert with 10+ years of experience and a key interest in leading and delivering Adversarial Attack (Red/Purple Team) simulations, along with dealing with audiences at all levels, from IT engineers to executives.
Currently, he is the Head of Adversarial Attack Simulation at Starling Bank, a leading UK Bank, where he developed Red Team capabilities to target novel tech stacks such as macOS and Zero-trust architecture. His role involves delivering both technical attack simulations and working closely with executives.
Prior to that, he founded & led the Red Team at Resillion (previously known as Eurofins Cyber Security) - a global consultancy working with a wide range of clients, and achieved revenue of >1M$ per year.
Over the last few years, Dhruv’s core focus has been on developing the red team capability, while focusing on testing less common environments such as Zero-trust & macOS. He has successfully delivered advanced attack simulations across a range of sectors including finance, healthcare, legal, and retail. He possesses extensive experience in executing projects under the UK CBEST/TBEST schemes. His current role encompasses a wide array of responsibilities such as recruitment, training, overseeing sales/finances, as well as enhancing technical methodologies and processes.
Dhruv has delivered talks at 10+ conferences internationally, such as GISEC Dubai 2024, BSides London 2023 & e-crime Denmark 2023, as well been part of panels such as “Ask the Hacker,” “Getting started in Industry” at several conferences.
Earned several industry leading certificates such as CREST Certified Simulated Attack Specialist, CREST Certified Tester INF & WEB, Certified Red Team Expert , Certified Azure Red Team Professional, Offensive Security Certified Professional, Microsoft AZ 900 & 500.
(PANEL) - Transitioning from CTF to real world VAPT
Invisible Invaders: Bypassing Email Security with Legitimate Tools
Burgess Cooper is a Deputy Cybersecurity Leader and Partner & Heads Cyber Security Market with a team of 1300+ professionals.
He has 28+ years of experience in securing some of the biggest brands in the world from potential cyber-attacks. He is also leading the Responsible AI campaign for EY India.
Prior to EY he was a CISO with Vodafone and HSBC and responsible for Information Security, Privacy & Compliance across the Telecom and BFSI sector.
He is a regular speaker and a jury member at prominent industry events - BCCI, ASSOCHAM, CII, CISO, E-crime and a qualified EC-Council’s CEI Master Trainer for Industry CISO certification course.
(PANEL) - Moderator: When Falcon Strikes Back: The Defender's Dilemma
(PANEL) - When Falcon Strikes Back: The Defender's Dilemma
Shiju is a technology leader with strong business acumen with more than two decades of vast experience in major operating tenets of driving digital transformation through thought leadership, innovation, analytics & delivering value to stakeholders.
Shiju is currently working as Head – Information Technology for SBI Mutual Fund spearheading Group IT, Including Technology Strategies, Software Development & Cloud Engineering, IT Infrastructure, Enterprise-wide IT Transformation, Technology Security Operations and Analytics Functions.
Shiju comes with successful and steady career growth in reputed organizations viz., CARE Ratings Limited, Poonawalla Finance, IIFL Finance Limited, TransUnion CIBIL Limited, Fullerton India Credit Company Limited, PCS Technology Limited, Gateway Terminals India, Wipro InfoTech and Primus Telecommunications India Limited.
He is a prominent speaker at many industry conferences. Shiju has been recognized as one of the Most Innovative CIOs of India, Top 100 CISOs consistently over the last years by various media groups & forums. He is also associated with Cyberdome, Public Private Partnership initiative started by Kerala Police to combat Cyber Threats. Shiju was recognized as “Security Leader of the Year - Financial Services” in December 2016 by DSCI, NASSCOM.
Shiju holds a Bachelor of Engineering Degree in Computer Science & Engineering from Bangalore University and a Master in Information Management from Mumbai University. He also holds a PhD in Computer Science & Engineering from Hindustan Institute of Technology & Science, Chennai with research focused on securing networked systems against cyber-attacks using compartment models. An accomplished academic and professional, Dr. Shiju has published many research papers in international journals and also holds three patents registered with Indian Patent Authority. He recently received the prestigious Dr. K.C.G. Verghese Award for Best Researcher 2024.
(PANEL) - Intelligence led security
(PANEL) - When Falcon Strikes Back: The Defender's Dilemma
(PANEL) - When Falcon Strikes Back: The Defender's Dilemma
(PANEL) - When Falcon Strikes Back: The Defender's Dilemma
Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.
He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal
He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).
He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon
His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.
Attack & Defend Android Applications
(PANEL) - Transitioning from CTF to real world VAPT
(PANEL) - Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
We got the Shiny SBoM; what next?
(PANEL) - Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
Ajit Hatti is a serial inventor and innovator and founder of PureID. He has been developing enterprise class security products over a decade and a half. Ajit regularly presents his research & tools at conferences like Black Hat, COCON & DEF CON. He is also the co-founder of Null - Open Security Community & is the founder of Blockchain Village which he organizes at DEF CON.
(PANEL) - Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
(PANEL) - Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
Dr. Abhilasha Vyas is Cloud Security Expert at CloudThat, Core team member of Cloud Security Alliance Bangalore, Core team member of OT security professionals community, member of WiCyS India, and an executive council member of Women in Big Data (WiBD) India. A recognized cybersecurity leader, Dr. Vyas has delivered sessions globally, focusing on DDoS attack detection and awareness. She is a Microsoft Certified Trainer, awarded as a Cyber Security Women Influencer at BSides Bangalore 2024, Cyber Acharya 2024 by AuthinticOne, and was listed among India’s Top Women Influencers in Security 2022.
(PANEL) - Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
The workshop covers the importance of post exploitation research in enterprise environments and use cases. This also covers scenarios that can help people to analyze adversary tactics to get a taste of defensive security. This workshop winds up by introducing the importance of purple teaming and much needed collaboration between red and blue team to better secure their product environments.
Participants will learn to scan and enumerate APIs to identify exposed data, misconfigurations, and security weaknesses, using tools like Nmap and OWASP ZAP. This part also covers exploiting common vulnerabilities, such as flaws in authentication and authorization mechanisms, as well as input validation issues, including SQL injection and cross-site scripting. Through practical exercises, participants will build skills to test for weaknesses in access controls and data validation, enhancing their ability to detect and exploit common security flaws in APIs.
In this final part, participants will tackle advanced API vulnerabilities such as Server- Side Request Forgery (SSRF), Insecure Direct Object References (IDOR), and Mass Assignment, understanding their impact and how to exploit them. The course will also provide hands-on experience with each category in the OWASP API Top 10, ensuring participants can apply these principles to real-world testing scenarios. Finally, participants will learn to document findings in a structured report with clear recommendations, ensuring they can effectively communicate vulnerabilities and solutions to stakeholders.