The IT Security and Ethical Hacking Conference - 2016 will be a unique event in Bangalore, where the best of minds in the hacking world and the IT Security experts, leaders in the information security industry and the cyber community along with the professionals on cyber security meet face-to -face to join their efforts to co-operate in addressing the most topical issues of the Internet Security space..
This will be the Second edition of the Conference. The Conference will be held in Bangalore, on 29th April, 2016 and will get together industry leaders, Academia and ethical hackers, IT Security experts to share knowledge and leading-edge ideas about information security and everything related to it.
The daylong event, will be directed towards managing and securing digital information and will have participants from different fields who will address key issues of information technology. Technical Speakers will present on 0-Day Vulnerabilities, Exploits Hacks, Internet Censorship and National Security Issues etc.
Pre-Conference Workshop(28th April) : Auditing the security of the IT Infrastructure & Critical Systems is and important and regular initiative.
This One Day Workshop on 28th April aims to provide you better understanding of Crypto Implementations and meet the objective compliance and the desired level of security and performance. Cryptography is an important piece used for security of such systems. Encryption & PKI is an indispensable part of All the Leading Data Privacy & Security standards like PCI-DSS, FIPS, HIPAA, SOX, PIPEDA, DPA (UK).But as we know Compliance is Not Security.
IT Security Startups Showcase : Purpose of this showcase is to identify India's most innovative and Successful Start Up Company/ Product in the field of IT Security. It focuses on the ways in which emerging technologies and the upcoming threats can be handled to vastly improve business processes, minimize risk, spur innovation, and drive revenue. We invite you to showcase your work in the area of IT security and hacking.
- Stimulate and promote entrepreneurial initiative in INDIA in the area of IT Security
- Bring out new Security Product Technology startups.
- Support the transition from the idea to the launching stage
- Promote and reward start-up projects and Companies
Auditing the security of the IT Infrastructure & Critical Systems is and important and regular initiative. Cryptography is an important piece used for security of such systems. Encryption & PKI is an indispensable part of All the Leading Data Privacy & Security standards like PCI-DSS, FIPS, HIPAA, SOX, PIPEDA, DPA (UK).But as we know Compliance is Not Security. This course aims to provide you better understanding of Crypto Implementations and meet the objective compliance and the desired level of security and performance.For More Details Please
Security is one of the biggest challenge in adoption of public cloud offerings. Every cloud solution providers must make sure that cloud service and its infrastructure should be secure and not vulnerable to any of the security threats. In order to make cloud infrastructure secure, security penetration testing and Ethical hacking testing are two key task for security assurance. Security testing should be done at each stage of cloud development life cycle to ensure that security is build inside the service from ground level and intact part of the service design. As part of this session we will be discussing the key security challenges in public cloud, some of the methodologies for security assurance and significance of Ethical hacking in the security assurance process.Speaker Profile
I am Neeraj Mathuria and working as "Director of Engineering" in Oracle with Server Technology group and been with oracle for more than 10+ years. I have overall 15+ years of experience in Application Security and Identity management domain. I have completed my Master of Engineering from BITS, Pilani with computer science. I have been managing the security of couple of key Oracle products over many years now and those product are pretty much compliant to security requirements. In last few years, we have been part of cloud revolution and defined innovative process to manage the security in public cloud which is one of the key challenge in public cloud adoption
Malware authors have been using cryptography to code ransomeware or to conceal their exfiltratoin activities.
The new trends we are seeing is use of PKI by the Malwar Authors and CnC to avoid detection and conceal the delivery of malicious payload along.
In this presentation we will see how easy it is to abuse the free "LetsEncrypt" public service.
Also we will see what an SSL/TLS certificate tells us about the adversary. How we can mine some interesting information from it.
Ajit Hatti is a founder of Security Monx. Through Security Monx, He is currently focusing on better consumption of Cryptography and Threat Intelligence.
Ajit provides training on "Exploiting Crypto Implementations" & loves to volunteer and contributes through the community efforts of Null, BSides, C0C0N. He has spoken at BlackHat, Defcon-C&PV, Nullcon and also Organizes "World Run By Hackers" during those conferences.
This talk will cover the mechanism used in the current era for ensuring communication security. This will also attempt to highlight the biggest loophole in the current state of communication security and how majority of websites and mobile end points are vulnerable to PII data theft with real time demos.
1. How does SSL/TLS ensures Confidentiality, Integrity and Authenticity
2. What is mutual authentication and when should we use it
3. MITM attacks and Implementation vulnerabilities in popular libraries
4. POODLE, SKIP-TLS, FREAK, LOGJAM etc
An accomplished software professional with extensive experience spanning across different technical roles from Application Security Consultant, Technical Lead, Acquisition Security Lead, Software Architect & Software Developer. I like to understand the internals of assets and rip it apart and finally put it back up, this time only with enhanced security measures.
- Expertise is various aspects of Penetration testing, Vulnerability assessment; Reverse engineering, Security Training, Threat Modeling.
- Strong technical expertise in OWASP top 10, SANS top 25 and Secure Coding.
- Experienced in working with multi-cultural teams in a global environment with strong customer focus.
- Responsible for security assessment of IBM Cloud (Bluemix) and Products (MapReduce, BigInsights, LogAnalysis, SSO etc)
- Some of the recent security assessment engagements that I performed include SoftLayer, Daeja Image Systems, Cloudant, Inc, Xtify, The Now Factory, Fiberlink Communications pvt. Ltd, Silverpop Systems, Inc etc.
- Possess excellent technical leadership skills in creating and building high performing products and services.
- Having worked in IBM Mergers & Acquisition group, attained experience across diversified verticals such as Mobile Security, Cloud Security, IT Infrastructure provisioning automation, Mash up's etc.
In this talk we would cover technical aspects and demos covering how to hack and secure computer controlled systems like , IVRS, USB modems, Digital Cable TV Networks, Drones etc. We would explain how few programming mistakes could create serious security issues.Speaker Profile
Rahul has over 7 years of experience in security, research and product development. He has authored multiple security tools, advisories and articles. He has been invited to speak at various security conferences like HITB (AMS 2012,2013,2014), HITB [KL 2014], BlackHat (EU,US 2012,2013), EKoparty (Ar 2013,2015), CanSecwest(Ca 2013), HITCON(2013), Cocon (2011-2014), Nullcon (2011-2015). He is the founder and CTO of CloudSek a Machine learning based threat detection technology . Prior to founding Cloudsek he was a Sr Engineer at Citrix where he held the responsibility of making Citrix products hack proof.
Whenever someone asks me what do I do? I respond "I am an ethical hacker” and then the immediate next question is - "What certification have you taken?" And I am like, “I learned hacking on my own and can do better hacking without a certification". At times, I learn from others but I have always believed in the power of self-learning as it motivates me so much to learn beyond what others have seen. Well, this talk is not going to be ONLY about self-learning; but also learning from various sources. However, the core is about self-learning where an individual can dig deeper and be motivated to crack the puzzle. Once an individual gets the kick of self-learning, nothing can stop that individual from learning from different sources and quickly acquiring various skills required to rock.
In this talk, the speaker is going to walk-through his experience from being unethical hacker to ethical hacker. And this all happened from self-learning. His experiences will help you to explore the world of hacking and become a better hacker.
I can test software and find important problems quickly. I have been hired in situations where there have been a need to find important problems in software at various phases of the project.
I am excited to have an experience of testing web applications, portals, project lifecycle management, mobile applications, desktop software. I specialize in using exploratory approach with quality focus on functional, usability, security & accessibility testing.
Agile software development has become the defacto model for software development. However the tools and techniques developed for building secure software have not caught up, they are largely from the waterfall era. In this talk you will learn how you can use existing security tools or create custom tools to add security to your Agile software development process.Speaker Profile
I am the founder and primary author of the IronWASP project which is Asia's largest open source security project and one of the world's best web security scanners.
IronWASP is used by security testers, developers and administrators throughout the world to discover security issues in their websites.
There is also a growing community of researchers who are building their own security tools as IronWASP Modules by using the API exposed by IronWASP.
Before working on the IronWASP project I worked as a Penetration Tester. During my time as a Penetration Tester I have also performed Security Research in web technologies. I speak security conferences from time to time to present my research to the community, some of my work was covered by Forbes and IDG.
As mobile manufacturers and app developers have upped their game, so too have malware authors. This paper discusses Malware techniques like embedding VM’s, dynamic code instrumentation, dex class loading, exploiting user application vulnerabilities for information extraction, sandbox escaping and privilege escalations in android eco-system.
We have developed POC ‘s/ Code Examples that uses the above techniques to hide itself from Google / Anti-virus scanners. Using anti-malware and self-integrity checks, it tries to prevent static and dynamic analysis.
Payload Delivery takes a new turn by exploiting memory corruption bugs in Android, i.e. Native Daemons like DHCP Client / Stagefright Library / Media Server are prime examples.
We conclude discussing the current security solutions in the market and their effectiveness.
Anto Joseph is a Security Engineer for Citrix. He is a strong supporter of Free & Open Information Security Education. His area of interest includes mobile /web app & stand-alone app security. He has talked / delivered trainings in various security conferences like c0c0n , Xorconf , groundZero , NullCon, HITB etc and has good expertise in Practical Security
Benefits of sponsorship
This is a great opportunity to strategically brand your organization. As a sponsor, you will receive a tremendous amount of visibility and numerous other benefits at the conference.
Platinum Sponsor (Limited to 2)
Gold Sponsor (Limited to 3)
Knowledge Partner (Limited to 1)
Silver Sponsor (Limited to 4)
Bronze Sponsor (Limited to 4)
Conference Bag Sponsor (Limited to 1)
Track Sponsor (Limited to 2)
Instant Sponsorship $500 View details
Instant Sponsorship includes:
Logo/link on UNICOM website
Logo on presentation screens throughout conference
2-day Conference Pass
"Was an excellent event!"
"We are truly committed to UNICOM events and have seen a great return from the events we have been involved with this year. The real value for us here is having the opportunity to present and talk to the delegates during the breaks."
"Well done – an excellent event! We were very happy with the number and quality of delegates"
"Good format! Good focus and quality of delegates"
IT Security and Ethical Hacking Conference in Bangalore is open to anyone who has an interest in The Network Security, Cyber Security, Ethical Hacking and works in the technology/telecoms industry or any related field.
Yes, all conference attendees must register in advance to attend the event.
As this is predominantly an event for the IT Security Industry, if you are interested in attending. Please note that there will be a charge to attend as a student (can avail special discount as a student).
Yes you can, please contact firstname.lastname@example.org with what you would like to be changed and we can assist.
Please fill the below details of your colleague and send us an email block the seats.
"Confirm your CANCELLATION in writing up to 15 working days before the event and receive a refund less a 10% service charge. Regrettably, no refunds can be made for cancellations received less than 15 working days prior to the event.
However, SUBSTITUTIONS are welcome at any time and is done at no extra cost. The organisers reserve the right to amend the programme if necessary.
INDEMNITY: Should for any reason outside the control of UNICOM Training & Seminars (P) ltd (hereafter called UNICOM), the venue or the speakers change, or the event be cancelled due to industrial action, adverse weather conditions, or an act of terrorism, UNICOM will endeavour to reschedule, but the client hereby indemnifies and holds UNICOM harmless from and against any and all costs, damages and expenses, including attorneys fees, which are incurred by the client. The construction validity and performance of this Agreement shall be governed by all aspects by the laws of India to the exclusive jurisdiction of whose court the Parties hereby agree to submit."