Speakers

Keynote Speaker

Len Noe
Keynote Speaker - The tomorrow threats, today

Len Noe

Transhuman | Cyborg Hacker | Technical Evangelist
CyberArk Software

Len Noe

Len Noe

Transhuman | Cyborg Hacker | Technical Evangelist
CyberArk Software
Unites States

Len Noe, a Technical Evangelist, White Hat Hacker, and Transhuman at CyberArk Software, is a dynamic and influential speaker on the international security circuit. With an impressive track record of delivering impactful presentations in over 60 countries and at renowned security conferences worldwide, Noe's expertise leaves a lasting impression. Notably, he has graced the stage at the prestigious World Conference in The Hague, C.E.R.T. EU, and has been invited to address multiple governments.
Len is the author of Human Hacked: My life and lessons as the worlds first augmented ethical hacker. With his first book Len exposes the subculture of Transhumans and the capabilities available to this new breed of human, along with the cyber security risks they pose.
Len is a co-host of the Cyber Cognition Podcast and a thought leader in the field of Transhumanism. With his upcoming book, he shares a captivating narrative of his personal evolution, solidifying his position as one of the world's foremost authorities in this transformative movement. As a futurist, Len's insights and expertise are highly sought after.
Len's passion for the Transhuman/Human+ movement is unparalleled, and he actively employs microchip implants to pioneer advancements in cyber security and enhance the human experience. His groundbreaking research has garnered global recognition, appearing in multiple global news outlets, while his regular appearances on top-tier security podcasts showcase his ongoing contributions to the field.
With a rich history as a Black/Grey Hat Hacker, Noe's extensive practical experience has shaped his skills. Over the course of 30 years, he has honed his expertise in web development, system engineering/administration, architecture, and coding. For the past ten years, Len has devoted his focus to information security from an attacker's perspective Actively engaging with the Texas information security communities and organizations like the Autism Society, Len continuously demonstrates his commitment to making a positive impact beyond the realm of technology.

Sessions

15-Nov-2024    09:45 - 10:15

[KEYNOTE] The tomorrow threats, today

Speakers

Sunil Varkey

Cyber Security Thought Leadership
Former CISO Wipro & Idea

Sunil Varkey

Sunil Varkey

Cyber Security Thought Leadership
Former CISO Wipro & Idea
Former CTO Symantec & Forescout

Sunil Varkey has over 29 years of cybersecurity leadership experience with large global corporations in banking, telecoms, ITES, software, and manufacturing domains in the Middle East, US and India.

Sunil was earlier Global CISO and Fellow at Wipro, CISO of Idea Cellular, MD at HSBC, and he is also CTO for Symantec and Forescout. Currently is engaged as a Cyber consultant and advisor in the Middle East.

Academically, he holds a Bachelor’s degree in Electronics Engineering with an MBA, along with over 10 security certifications. He also holds security patents in US & EU.

He has published and presented various articles and sessions globally related to information security.

Sessions

13-Nov-2024   10:00 - 10:15

CISO Bootcamp -   Welcome Note

Burgess Cooper

Deputy Cybersecurity Leader and Partner
Consulting Services, EMEIA Region, EY

Burgess Cooper

Burgess Cooper

Deputy Cybersecurity Leader and Partner
Consulting Services, EMEIA Region, EY
India

Burgess Cooper is a Deputy Cybersecurity Leader and Partner & Heads Cyber Security Market with a team of 1300+ professionals.
He has 28+ years of experience in securing some of the biggest brands in the world from potential cyber-attacks. He is also leading the Responsible AI campaign for EY India.
Prior to EY he was a CISO with Vodafone and HSBC and responsible for Information Security, Privacy & Compliance across the Telecom and BFSI sector.
He is a regular speaker and a jury member at prominent industry events - BCCI, ASSOCHAM, CII, CISO, E-crime and a qualified EC-Council’s CEI Master Trainer for Industry CISO certification course.


Sessions

14-Nov-2024   14:00 - 15.30

CISO Bootcamp -   Cyber War Games

MAILLARD Pierre-François

Security Researcher
TCG CREST/ RMVERI

MAILLARD Pierre-François

MAILLARD Pierre-François

Security Researcher
TCG CREST/ RMVERI

Pierre-François Maillard is an engineer in the field of cyber security and operating system. He worked within the CVO laboratory (Operational Cryptology and Virology) in France with a specialization in the UEFI System. He has also worked in various companies in the field of reverse engineering and industrial cybersecurity. In addition, he has contributed to the field through several articles published in MISC, top french cybersecurity magazine, and academic journals based on his research. He has also presented workshops and conferences at C0c0n on his specialties. He is right now finishing his PhD at TCG CREST IAI in the field of adversarial machine learning.


15-Nov-2024    11.45 - 12.15

Malware and AI detection systems: One array to rule them all

David Baptiste

IT-Security Analyst & Researcher
ERNW - Ennor Rey Netzwerke GmbH

David Baptiste

David Baptiste

IT-Security Analyst & Researcher
ERNW - Ennor Rey Netzwerke GmbH
Germany

Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…

Sessions

Workshop - 13th & 14th November 2024

Exploiting with Precision: Windbg Debugging Essentials for Security Professionals

16-Nov-2024    11.30 - 12.00

Kernel Lockdown: Reducing BSOD Risks by Restricting Third-Party Access?talk

Vishal Salvi

Chief Executive Officer
Quick Heal Technologies Limited

Vishal Salvi

Vishal Salvi

Chief Executive Officer
Quick Heal Technologies Limited
India

Vishal Salvi is the Chief Executive Officer at Quick Heal Technologies Limited. Vishal has donned Cybersecurity and IT leadership roles at premier organizations such as Infosys, HDFC Bank and Standard Chartered Bank for nearly three decades.


13-Nov-2024   11.30 - 13.00

CISO Bootcamp -   Navigating the Next for CISOs

Sridhar Govardhan

Senior VP & Head of Information Security
CoinDCX

Sridhar Govardhan

Sridhar Govardhan

Senior VP & Head of Information Security
CoinDCX
India




13-Nov-2024   15:45 - 17.00

CISO Bootcamp -   AI for Cybersecurity and Cybersecurity for AI

Sameer Ratolikar

CISO -Chief Information Security Officer
HDFC Bank

Sameer Ratolikar

Sameer Ratolikar

CISO -Chief Information Security Officer
HDFC Bank
India




13-Nov-2024   10:15 - 11:15

CISO Bootcamp -   Navigating the turbulent times - sharpening the 4Cs

Jacxine Fernandez

VP - Information Security
Bangalore International Airport Ltd

Jacxine Fernandez

Jacxine Fernandez

VP - Information Security
Bangalore International Airport Ltd
India




13-Nov-2024   14.00 - 15.30

CISO Bootcamp -   Sleeping with the Enemy - Adversarial Negotiations - The complex & delicate art of negotiating with threat actors

Maya R Nair

Cyber Security Thought Leader
 

Maya R Nair

Maya R Nair

Cyber Security Thought Leader
 
India

An experienced leader of Datacenter Infrastructure and Information security with major operating tenets of implementing defense in depth, acquiring 360 degree view of security, implementing IT infrastructure setups from the scratch, revamping datacenters and designing & implementing Business Continuity plans and Disaster Recovery sites.
Maya has a demonstrated history of working in the diverse industries of Telecommunication, BFSI and Manufacturing. She succeeded in positioning the Technology function as a Business Transformation initiative, with major contributions in IT infrastructure, Security technology implementations focussing on protection, prevention, monitoring and alerting.
Key achievements in the current and earlier stints include setting up of complete IT and datacenter infrastructure from the scratch, setting up of Security technology and framework from the scratch and operationalising it and designing & implementing Business continuity plans and Disaster recovery sites.
She is associated with Cyberdome ranked as Commander, a Public Private Partnership initiative started by Kerala Police to combat Cyber Threats and to spread awareness among masses
Maya has won many industry accolades and awards in recognition to her contribution to technology and security. She is a regular speaker in industry forums and writes technology articles.
She holds an engineering degree in Electronics engineering and post graduate degree in Software systems with specialisation in Network security. She also holds a management degree in Finance management. She also has many certifications including CISA, ISO 27001 LA, DCPLA to her credit.


14-Nov-2024   15:45 - 16:30

CISO Bootcamp -   Who is holding the Marauders map?

Venkatesh Subramaniam

President & Business Head
Mindsprint

Venkatesh Subramaniam

Venkatesh Subramaniam

President & Business Head
Mindsprint
India



14-Nov-2024   10:00 - 10.45

CISO Bootcamp -   The Privacy Playground: Swinging through regulations

Dr. A Shiju Rawther

Head - Information Technology
SBI MUTUAL FUND

Dr. A Shiju Rawther

Dr. A Shiju Rawther

Head - Information Technology
SBI MUTUAL FUND
India

Shiju is a technology leader with strong business acumen with more than two decades of vast experience in major operating tenets of driving digital transformation through thought leadership, innovation, analytics & delivering value to stakeholders.

Shiju is currently working as Head – Information Technology for SBI Mutual Fund spearheading Group IT, Including Technology Strategies, Software Development & Cloud Engineering, IT Infrastructure, Enterprise-wide IT Transformation, Technology Security Operations and Analytics Functions.

Shiju comes with successful and steady career growth in reputed organizations viz., CARE Ratings Limited, Poonawalla Finance, IIFL Finance Limited, TransUnion CIBIL Limited, Fullerton India Credit Company Limited, PCS Technology Limited, Gateway Terminals India, Wipro InfoTech and Primus Telecommunications India Limited.
He is a prominent speaker at many industry conferences. Shiju has been recognized as one of the Most Innovative CIOs of India, Top 100 CISOs consistently over the last years by various media groups & forums. He is also associated with Cyberdome, Public Private Partnership initiative started by Kerala Police to combat Cyber Threats. Shiju was recognized as “Security Leader of the Year - Financial Services” in December 2016 by DSCI, NASSCOM.
Shiju holds a Bachelor of Engineering Degree in Computer Science & Engineering from Bangalore University and a Master in Information Management from Mumbai University. He also holds a PhD in Computer Science & Engineering from Hindustan Institute of Technology & Science, Chennai with research focused on securing networked systems against cyber-attacks using compartment models. An accomplished academic and professional, Dr. Shiju has published many research papers in international journals and also holds three patents registered with Indian Patent Authority. He recently received the prestigious Dr. K.C.G. Verghese Award for Best Researcher 2024.


14-Nov-2024   11:45 - 13.00

CISO Bootcamp -   Unmasking Cyber Threats: Architecting a Cutting-Edge Threat Intelligence Framework

Suresh Sharma

CISO
PayU

Suresh Sharma

Suresh Sharma

CISO
PayU
India



Jairam Ramesh

Director of Cyber Security
AIA Digital+

Jairam Ramesh

Jairam Ramesh

Director of Cyber Security
AIA Digital+
Malaysia



Dhruv Bisani

Head of Adversarial Attack Simulations
Starling Bank

Dhruv Bisani

Dhruv Bisani

Head of Adversarial Attack Simulations
Starling Bank
United Kingdom

Dhruv is an experienced cybersecurity expert with 10+ years of experience and a key interest in leading and delivering Adversarial Attack (Red/Purple Team) simulations, along with dealing with audiences at all levels, from IT engineers to executives.

Currently, he is the Head of Adversarial Attack Simulation at Starling Bank, a leading UK Bank, where he developed Red Team capabilities to target novel tech stacks such as macOS and Zero-trust architecture. His role involves delivering both technical attack simulations and working closely with executives.

Prior to that, he founded & led the Red Team at Resillion (previously known as Eurofins Cyber Security) - a global consultancy working with a wide range of clients, and achieved revenue of >1M$ per year.

Over the last few years, Dhruv’s core focus has been on developing the red team capability, while focusing on testing less common environments such as Zero-trust & macOS. He has successfully delivered advanced attack simulations across a range of sectors including finance, healthcare, legal, and retail. He possesses extensive experience in executing projects under the UK CBEST/TBEST schemes. His current role encompasses a wide array of responsibilities such as recruitment, training, overseeing sales/finances, as well as enhancing technical methodologies and processes.

Dhruv has delivered talks at 10+ conferences internationally, such as GISEC Dubai 2024, BSides London 2023 & e-crime Denmark 2023, as well been part of panels such as “Ask the Hacker,” “Getting started in Industry” at several conferences.

Earned several industry leading certificates such as CREST Certified Simulated Attack Specialist, CREST Certified Tester INF & WEB, Certified Red Team Expert , Certified Azure Red Team Professional, Offensive Security Certified Professional, Microsoft AZ 900 & 500.

Sessions

16-Nov-2024    15.45 - 16.15

Invisible Invaders: Bypassing Email Security with Legitimate Tools

Anand Kumar Ganesan

Lead Product Security Engineer
Poshmark

Anand Kumar Ganesan

Anand Kumar Ganesan

Lead Product Security Engineer
Poshmark
India

Anand Ganesan is the Lead Product Security Engineer at Poshmark, an e-commerce platform. He has a total of 9 years of experience in the security industry. He has been deeply engaged in driving all the product security efforts. This includes conducting threat modeling for various projects, executing penetration tests across diverse platforms, conducting source code analysis, prioritizing vulnerabilities based on severity, establishing content security policies from the ground up, assisting the compliance team during audits, and supporting them in assessing vendors from a product security perspective.
He is deeply passionate about continuously enhancing his skills and finds great satisfaction in overcoming and bypassing security implementations. Additionally, he also finds fulfillment in mentoring junior team members and guiding them to become proficient.
When he's not engaged in application security activities, he enjoys playing and watching cricket, socializing with friends, and catching up on movies.


Sessions

15-Nov-2024    16.00 - 16.30

PCI 4.0, Javascript Security for product security teams

Mohammad Arif

Senior Product Security Engineer
Poshmark

Mohammad Arif

Mohammad Arif

Senior Product Security Engineer
Poshmark
India

Mohd Arif holds the position of Senior Product Security Engineer at Poshmark, a prominent Ecommerce organization. With three years of experience in the security industry, he has established himself as a skilled practitioner in various domains. His expertise encompasses hacking web applications, mobile apps, API security testing, source code review, architecture review, and threat modeling.
His true passion lies in Cloud security, Hardware security, and IoT security. He derives immense satisfaction from discovering novel methods to bypass security mechanisms and enhancing his operational security (OPSEC) techniques.
He remains deeply committed to the field of cybersecurity and actively seeks opportunities to share his knowledge and experiences. As a result, he has been invited to speak at esteemed conferences and summits, including Seasides Conference, C0C0N Conference, and Redteam Summit. Notably, Mohd Arif has been an enthusiastic volunteer at India's beloved Seasides Conference, where he eagerly shares his hacking insights with a receptive audience.
When he's not immersed in breaking code and applications, you can find him taking delight in photography, playing video games, embarking on biking adventures on weekends, and having a knack for creating amusing memes.


Sessions

15-Nov-2024    16.00 - 16.30

PCI 4.0, Javascript Security for product security teams

Madhukar Raina

Senior Training Developer
Hack The Box Ltd.

Madhukar Raina

Madhukar Raina

Senior Training Developer
Hack The Box Ltd.
India

Madhukar Raina is a Security Researcher with around 9 years of experience in information security and trainings. He works for Hack The Box, where he contributes to the malware analysis, reverse engineering, and detection engineering related content and labs. He has previously worked for Zscaler & Securonix as a Security Researcher and Threat Hunter, mainly focusing on malware analysis, reverse engineering, deception, threat hunting operations, and adversarial research. In his past roles, he has also worked on digital forensics, incident response and compromise assessment projects.

16-Nov-2024    11.30 - 12.15

Active Directory Deception Strategies

Rajesh Thapar

CISO
National Stock Exchange

Rajesh Thapar

Rajesh Thapar

CISO
National Stock Exchange
India

Cyber Security professional with more than 28 years of Information Security and Information Technology experience primarily in driving complex security program in BFSI.

Sessions

14-Nov-2024   10:45 - 11.30

CISO Bootcamp -   Traits and Skills of a Next Gen CISO in evolving hyper-connected world

Pardhasaradhi Chintalapati

Associate Director, Incident Response
Arete IR LLP

Pardhasaradhi Chintalapati

Pardhasaradhi Chintalapati

Associate Director, Incident Response
Arete IR LLP
India

Pardhasaradhi is a seasoned professional in the field of digital forensics and incident response, currently serving as an Associate Director of APAC DFIR Operations at ARETE IR LLP. With over 14 years of experience, he has a proven track record of handling complex cyber security challenges.
Key Areas of Expertise:
* Incident Management: Pardhasaradhi specializes in managing major incidents across organizations of varying sizes, from small to large enterprises. His expertise extends to conducting in-depth forensic investigations to pinpoint the root causes of cyber incidents.
* Digital Acquisitions: He has a deep understanding of digital forensics techniques and tools, enabling him to effectively acquire and analyse digital evidence.
* Cyber Risk Assessment: Pardhasaradhi plays a pivotal role in assessing organizations' cyber risk posture and ransomware readiness. His insights help organizations identify vulnerabilities and implement effective countermeasures.
* Community Engagement: Beyond his professional roles, Pardhasaradhi actively contributes to the Indian security community through volunteer work. His involvement fosters knowledge sharing and collaboration within the industry.

Pardhasaradhi’ s extensive experience and expertise make him a valuable asset in the field of cyber security. His ability to manage complex incidents, conduct thorough forensic investigations, and assess cyber risks positions him as a trusted advisor to organizations seeking to protect their digital assets.

Sessions

13-Nov-2024   14.00 - 15.30

CISO Bootcamp -   Sleeping with the Enemy - Adversarial Negotiations - The complex & delicate art of negotiating with threat actors

Ramakrishna Challagulla

Associate Director, Incident Response
Arete IR LLP

Ramakrishna Challagulla

Ramakrishna Challagulla

Associate Director, Incident Response
Arete IR LLP
India

Ramakrishna is a seasoned professional with a deep understanding of cyber security, focusing on risk mitigation and incident response. His 15+ years of experience in project management and incident response management have equipped him with the skills to help organizations navigate the complexities of the digital landscape.

As an Associate Director at ARETE IR LLP, Ramakrishna specializes in:
• Cyber Risk Quantification: Assessing the potential financial and reputational damage that cyber threats can cause.
• Incident Response Preparedness: Developing strategies to effectively respond to and recover from cyber security incidents.
• Ransomware Response Support: Assisting executives in communicating the impact of ransomware attacks to stakeholders, including investors, board members, and regulators.

Ramakrishna's expertise is further validated by his active participation in industry panels and discussions on data protection and ransomware response.

Sessions

13-Nov-2024   14.00 - 15.30

CISO Bootcamp -   Sleeping with the Enemy - Adversarial Negotiations - The complex & delicate art of negotiating with threat actors

Sayan Mitra

Security Researcher
Zscaler

Sayan Mitra

Sayan Mitra

Security Researcher
Zscaler
India

Sayan is a Security Researcher currently working at Zscaler, part of the Threat Hunting Team. He has around 4+ years of experience in conducting Red Team assessments for Indian banks and providing managed threat hunting services to clients. He has also contributed to research and projects for Zscaler's deception platform, IllusionBlack.

Sessions

Niranjan Jayanand

Niranjan Jayanand



Niranjan has over 16 years experience working on tracking and reporting on eCrime Toolkits, APT campaigns and Ransomware attacks. His research publications were highlighted in multiple journals, conferences, reports, webinars and podcasts. He has reported on over 60 active early attack campaigns ahead of competitors and helped protect global customers.

Sessions

15-Nov-2024    16:30 - 17.00

Know your Enemies: Deep Dive into Ransomware Threat Groups

Rakesh Seal

Rakesh Seal





16-Nov-2024    10.45 - 11.15

Ride on the House - Exploiting Public Transport Ticketing Systems for Free Rides

Diptisha Samanta

Diptisha Samanta





16-Nov-2024    10.45 - 11.15

Ride on the House - Exploiting Public Transport Ticketing Systems for Free Rides

Arpith Rajagopal

Senior Security Engineer
Lendingkart

Arpith Rajagopal

Arpith Rajagopal

Senior Security Engineer
Lendingkart
India

Arpith has presented at Accel Cybersecurity Summit 2024. His interests lie in Application Security, Automation, Red Teaming and CICD Security.

16-Nov-2024    14.45 - 15.30

The Stealth Code Conspiracy: Unmasking Hidden Threats in CI/CD Pipelines

16-Nov-2024    14.45 - 15.30

The Stealth Code Conspiracy: Unmasking Hidden Threats in CI/CD Pipelines

Suchith Narayan

Lead Security Engineer
Razorpay

Suchith Narayan

Suchith Narayan

Lead Security Engineer
Razorpay
India

Suchith has presented at Rootconf, Null, Bsides Delhi, Accel Cybersecurity Summit amongst others. His interests are in CI/CD Security, Red teaming, Application security and Threat Modeling

16-Nov-2024    14.45 - 15.30

The Stealth Code Conspiracy: Unmasking Hidden Threats in CI/CD Pipelines

16-Nov-2024    14.45 - 15.30

The Stealth Code Conspiracy: Unmasking Hidden Threats in CI/CD Pipelines

Ashwath Kumar

Head of Security
Razorpay

Ashwath Kumar

Ashwath Kumar

Head of Security
Razorpay
India

Ashwath Kumar is currently working as Head of Security at Razorpay. Ashwath is a seasoned Principal engineer with extensive expertise in architecture reviews, cloud security, and red teaming. With a Master of Science in Computer Engineering from Texas A&M University, he has a proven track record of building and leading large teams to address complex security challenges. He has also presented at prestigious conferences such as Blackhat, Owasp, Nullcon & has written research papers with over 800 citations.

15-Nov-2024    16.30 - 17.00

Automated Security Engineer Co-Pilot: Leveraging Large Language Models for Enhanced Code Security

Hariprasad Pujari

Sr Software Development Engineer
Razorpay

Hariprasad Pujari

Hariprasad Pujari

Sr Software Development Engineer
Razorpay
India

Hariprasad, a graduate of IIT Kharagpur, is a Security Engineer 2 at Razorpay, specializing in building security tooling and developing in-house solutions that safeguard critical data and infrastructure. His key contributions include integrating security tools into CI/CD pipelines with GitHub Actions, advocating for "shifting left" on security to address vulnerabilities early in the development process, and automating vulnerability management. Hari's innovative approach and commitment to cybersecurity have significantly enhanced Razorpay's security posture.

15-Nov-2024    16.30 - 17.00

Automated Security Engineer Co-Pilot: Leveraging Large Language Models for Enhanced Code Security

Workshop Speakers

David Baptiste

IT-Security Analyst & Researcher
ERNW - Ennor Rey Netzwerke GmbH

David Baptiste

David Baptiste

IT-Security Analyst & Researcher
ERNW - Ennor Rey Netzwerke GmbH
Germany

Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…

Sessions

Workshop - 13th & 14th November 2024

Exploiting with Precision: Windbg Debugging Essentials for Security Professionals

16-Nov-2024    11.30 - 12.00

Kernel Lockdown: Reducing BSOD Risks by Restricting Third-Party Access?talk

Yash Bharadwaj

Co-Founder & Technical architect
Cyberwarfare Labs

Yash Bharadwaj

Yash Bharadwaj

Co-Founder & Technical architect
Cyberwarfare Labs
India

Yash Bharadwaj, Co-Founder & Technical architect at CyberWarFare Labs with over 5.5 Years of Experience as Technologist. Highly attentive towards finding, learning and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Premise & Multi cloud infrastructure. Previously he has delivered hands-on red / blue / purple team trainings / talks / workshops at Blackhat, cocon, Nullcon, X33fCon Poland, NorthSec Canada, BSIDES Chapters (US & Asia Pacific), OWASP Chapters, CISO Platform, YASCON etc.

Sessions

Workshop - 13th & 14th November 2024

Multi-Cloud (AWS, Azure & GCP) Security

15-Nov-2024    14.30 - 15.15

RedCloud : A Multi-Cloud Hacking OS

16-Nov-2024    12.15 - 13.00

Serverless Phishing Factory: Automate, Attack, Adapt

Manish Gupta

Director
Cyberwarfare Labs

Manish Gupta

Manish Gupta

Director
Cyberwarfare Labs
India

Manish Gupta is Director of CyberWarFare Labs having 6.5+ years of expertise in offensive Information Security. Previously he had worked as an operator & team lead at product based companies like Microsoft, Grab & Citrix. He specializes in Red Teaming Activities on enterprise Environment including On-premise & Multi-Cloud. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat, DEFCON, cocon, Nullcon, BSIDES Chapters, X33fcon Poland, NorthSec Canada & other corporate training etc

Sessions

Workshop - 13th & 14th November 2024

Multi-Cloud (AWS, Azure & GCP) Security

15-Nov-2024    14.30 - 15.15

RedCloud : A Multi-Cloud Hacking OS

16-Nov-2024    12.15 - 13.00

Serverless Phishing Factory: Automate, Attack, Adapt

Anant Shrivastava

Chief Researcher / Founder
Cyfinoid Research Private Limited

Anant Shrivastava

Anant Shrivastava

Chief Researcher / Founder
Cyfinoid Research Private Limited
India

Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.

He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal

He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).

He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon

His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.

Sessions

Workshop - 13th & 14th November 2024

Attack & Defend Android Applications

16-Nov-2024    16:15 - 16:45

Breaking the Pipeline: Methodologies for Attacking CI/CD Systems

John Sherchan

Red Team Security Researcher
CyberWarFare Labs

John Sherchan

John Sherchan

Red Team Security Researcher
CyberWarFare Labs
Nepal

John Sherchan is a Red Team Security researcher at CyberWarFare Labs, bringing over 5+ years of experience in Reverse Engineering, Malware Analysis/Development, and Source Code Reviewing, with a specialization in Windows Internals (User and Kernel Modes). Demonstrating an advanced understanding, he has successfully reversed multiple Antivirus (AV) and Endpoint Detection and Response (EDR) systems to comprehend its architecture. Committed to advancing cybersecurity, his additional interests include PWNing Active Directory, conducting Adversary emulation/simulation, writing rootkits, crafting exploits, and strategically overcoming challenges

Sessions

Workshop - 13th & 14th November 2024

Enterprise Purple Teaming: Threat Emulation & Detection

Harisuthan S

Blue Team Security Researcher
CyberWarFare Labs

Harisuthan S

Harisuthan S

Blue Team Security Researcher
CyberWarFare Labs
India

Harisuthan is a seasoned Blue Team Security Researcher at CyberWarFare Labs, with over 3 years of dedicated experience in cyber defense. He has a deep understanding of Blue Team methodologies, including adversarial threat detection and investigation, proactive threat hunting, and conducting adversary emulation and simulation for various investigative purposes

Sessions

Workshop - 13th & 14th November 2024

Enterprise Purple Teaming: Threat Emulation & Detection

V Kumar

Independent Researcher
& Reverse Engineer

V Kumar

V Kumar

Independent Researcher
& Reverse Engineer
India

V Kumar is a independent researcher & reverse engineer. He has spoken at several international security conferences such as BlackHat/Hack-in-the-Box/NullCon etc. He has more than 2 decades of experience in Reverse Engineering Software and Hardware world, Defeating cryptographic solutions, Developing 0-day exploits, Analyzing RF and SatComs for secure communications and protocols, Aiming for few nano seconds in extremely high performance computing environment. He has been active in the scene since DOS era.

16-Nov-2024    14.00 - 14.45

Remote Whispers of Mobile Sim

Hemant Sonkar

Lead Security Consultant
Payatu Security Consulting Pvt. Ltd.

Hemant Sonkar

Hemant Sonkar

Lead Security Consultant
Payatu Security Consulting Pvt. Ltd.
India

Hemant Sonkar presently serves as the Lead Security Consultant at Payatu, demonstrating proficiency in delivering training sessions at prominent events such as NULLCON, NULL, and various internal training programs. With an impressive three-year tenure in the field, he brings extensive expertise to the domain. His professional portfolio includes the examination of a wide range of IoT devices, spanning medical devices, home automation tools, and electric vehicles. Throughout his hardware security research endeavors, he has cultivated invaluable skills in discerning attack surfaces and vulnerabilities within real-world IoT devices.

Sessions

Workshop - 13th & 14th November 2024

Hack the IoT: A practical guide to IoT Security

Pugal Selvan

Associate Security Researcher
Payatu Security Consulting Pvt. Ltd.

Pugal Selvan

Pugal Selvan

Associate Security Researcher
Payatu Security Consulting Pvt. Ltd.
India

Pugal Selvan began his journey in binary exploitation and reverse engineering through CTFs and is now a Security Researcher at Payatu, where he specializes in firmware analysis and reversing of many IoT and embedded devices. Recently, his curiosity has led him to explore hardware attacks, an area he is passionate about. By day, Pugal serves as a dedicated Security Consultant, and by night, he delves into the world of hardware hacking, continually expanding his knowledge and skills in the field.

Sessions

Workshop - 13th & 14th November 2024

Hack the IoT: A practical guide to IoT Security

Giuseppe Trotta

Security Engineer and Trainer
Persistent Security Industries

Giuseppe Trotta

Giuseppe Trotta

Security Engineer and Trainer
Persistent Security Industries
Italy

Giuseppe Trotta (aka ohpe), is a seasoned security researcher and trainer with deep expertise in phishing, social engineering, and post-exploitation automation. As a core member of the MuraenaTeam, Giuseppe has been at the forefront of developing innovative tools that have significantly advanced the field of phishing exploitation. His groundbreaking work on Muraena and NecroBrowser has revolutionized how security professionals approach session hijacking and post-exploitation tasks.

With a strong commitment to education, Giuseppe has delivered numerous training sessions at private events and organizations, where he is known for his in-depth, hands-on approach. His training methodologies are unique, focusing on practical, real-world scenarios that prepare participants to face modern phishing threats head-on. Giuseppe's sessions are designed to be interactive, providing attendees with the knowledge and skills needed to enhance their red teaming capabilities and fortify their defenses against increasingly sophisticated phishing attacks.

Sessions

Workshop - 13th & 14th November 2024

Hook, Line, and Sinker: Exploring the Phishing Abyss

Kartik Lalan

Sr. Security Engineer
PIC (Independent)

Kartik Lalan

Kartik Lalan

Sr. Security Engineer
PIC (Independent)
India

Product Security Engineer @ Security Centre of Excellence – Philips Innovation Campus. He is M.Tech. in CS with Specialization in Information & Network Security. He conducts frequent talks and workshops on Info Sec topics @ several places including C0C0N, DEFCON BHV, Bsides Delhi & Bangalore Chapter, OWASP, Null A'bad & Bangalore Chapter, DroidCon-IN. Kartik loves to write technical Blogs in his leisure time.

Sessions

Workshop - 13th & 14th November 2024

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

15-Nov-2024    11.00 - 11.30

Behind the Plate: Uncovering Vulnerabilities in High security registration plate (HSRP)

Aravind C Ajayan

Sr. Security Engineer
PIC (Independent)

Aravind C Ajayan

Aravind C Ajayan

Sr. Security Engineer
PIC (Independent)
India

Sr. Security Engineer with Philips and is part of the Security Centre of Excellence team. Aravind's primary areas of expertise are web/thick client application penetration testing, hardened system security, network security, and windows active directory security. He has helped to fix severe issues in IMS(Internet Management Software) solutions through responsible disclosures. Aravind pursued his master's in Cyber Security Systems and Networks from Amrita Vishwa Vidyapeetham, Coimbatore. He is an Offensive Security Certified Professional (OSCP) and has published several research papers on security in IEEE and Springer.

Sessions

Workshop - 13th & 14th November 2024

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

Nikhil Joshi

Data scientist
Brillio

Nikhil Joshi

Nikhil Joshi

Data scientist
Brillio
India

Nikhil Joshi is an AI Security Researcher. He is currently working on implementations of ML in offensive and defensive security products. He has orchestrated methodologies to pen-test Machine Learning applications against ML-specific vulnerabilities and loves to explore new ways to hack ML-powered applications. Parallelly Nikhils research is focused on security implications in Deep Learning applications such as Adversarial Learning, Model stealing attacks, Data poisoning, etc. Nikhil is an active member of local Data Science and Security groups and has delivered multiple talks and workshops. He has spoken at HITB Amsterdam, PhDays Russia, and IEEE conferences. And trainer at the nullcon and Troopers. Being an Applied Mathematics enthusiast, recent advances in Machine Learning and its applications in security, behavioral science, and telecom are of major interest to Nikhil.

Sessions

Workshop - 13th & 14th November 2024

ML for Security and Security for ML