21 & 22 February | Bangalore | Conference & Training
* PAST SACON WAS sold out. register for 2 for 1 code for next sacon
Conference & Trainings
Security Architecture Conference started as a simple idea to grow the Information Security builder community. The 5th edition of SACON is organized by CISO Platform, the largest social collaboration platform exclusively for CISOs and senior information security executives with 60,000+ subscribersJoin the largest security architecture conference in the region. | 18 – 19 May | Pune | India. Learn Security Architecture, Application Security Architecture, OSINT, Darkweb & More.
“If I hadn’t come, it would take another 2 to 3 years to learn and understand these tools”
Call For Speakers
Call For Papers Date: Open Now
SACON is the only conference on Security Architecture & the largest security conference in India of Senior Security Executives, Chief Information Security Officers, Security Architects, Developers, Engineers & more The 2 day conference & training will host over 1000+ attendees with the most celebrated global Security professionals along with the top Chief Security officers in India with over 50+ sessions and 30+ International Speakers from different countries sharing their insights and experiences with the CISOs working to secure businesses of all sizes in various innovative ways.
Intrusion Analysis Expert
Adventures in SDN Security
Introduction: Based on a recent talk of mine on SDN and 5G, this will be a deep dive into the Software Defined Network (SDN) side of things. We will hit SDN and hit it hard. After a rundown of recent work in SD-WAN, I will return to where it all started with the Software Defined Data Center (SDDC). Briefly reviewing my previous work with open source controllers and white box switches, we will take a look at my recent work with Cisco’s APIC and Big Switch Network’s Big Switch Fabric. This will be a deeply technical talk where we will cover the risks, the threats, and the attacks useful against SDN. Most importantly, we will talk about how to secure it. Because if your network isn’t safe, neither are you
•Software Defined Networks – Influencers, Market Segments, and Realized Benefits
• SD-WAN (Risks) – Operational and Security
• SD-WAN (Threats) – Vulnerabilities and Attacks
• SD-WAN (Securing) – General Approaches and Case Study
• SDDC (Risks) – Operational and Security
• SDDC (Threats) – Vulnerabilities and Attacks
• SDDC (Securing) – General Approaches and Case Study
Attendee Requirements: Attendees should have a basic understanding of the network, of network protocols especially SSL/TLS, of network architecture, and of common attack vectors such as Cross-Site Scripting (XSS), Command Injection, etc. No special equipment will be required. Most of the workshop will be covered using demonstrations and discussions around the scenarios.
About Speaker: Gregory Pickett CISSP, GCIA, GPEN has a background in intrusion analysis for Fortune 100 companies but now heads up Hellfire Security’s Managed Security Services efforts and participates in their assessment practice as a network security subject matter expert. As a security professional, his primary area of focus and occasional research is networks with an interest in using network traffic to better understand, to better defend, and sometimes to better exploit the hosts that live on them.
Frequent Speaker at DEFCON, BSides
Windows Malware 101: Reverse Engineering and Signature Generation
Introduction: The workshop will cover some key topics of Windows malware reverse engineering, starting from the basics of the Windows executable file format up to the modern techniques and FOSS services to analyze malware samples at scale. Finally, it will cover the basics of malware signatures, and it will present a tool, YaYaGenPE, to automatically generate them. During the workshop, Python notebooks and other FOSS tools will be used to show an interactive analysis of some recent Windows malware samples.
- Basics of Windows malware reverse engineering
The Portable Executable (PE) file format
Dissecting Windows malware PE files with Python.
- Malware analysis at scale:
The role of automation
Function recognition with FIRST
Binary decompilation with Ghidraaas and GhIDA
- Signature generation:
The basics of a malware signature
Automatic signature generation with YaYaGen.
Attendee Requirement : Participants will need a laptop with a recent 64-bit version of Linux, Python 3.7, Jupyter, the freeware version of IDA 7.0, and Docker installed. Internet access may be required to download additional Python packages.
About Speaker : Andrea Marcelli is a Malware Research Engineer at Cisco Talos Intelligence Group and a PhD candidate in Computer and Control Engineering at Politecnico di Torino in Italy. In his PhD, he studied the large-scale processing of Android malware, proposing a semi-automated system to provide fast coverage and detect new malware variants. He presented part of his research at BSidesLV and DEFCON26. Currently his research interests include automated malware analysis, semi-supervised modeling, and graph isomorphism.
Past RSA USA Speaker
On the Wings of Time: Past, Present, and Future of Radio Communication
Introduction: Overview, Ideas, and Prospectus of the attack and defense in the field of wireless security
- Joys of the Past: History of Attack: From hijacking communication in 1903 to cracking the Enigma during WWII, Wireless Attacks have evolved significantly over the years. While these attacks have attempted to cripple cities, they also provide an opportunity for our attendees to learn from such incidents and appropriately build security controls to safeguard against them. We would be discussing what might have possibly gone wrong with a few case studies.
- Current State of Industry & Sutra for Mitigation: Detailed usage guide of wireless security tools. Security issues in various kind of wireless system: RFID/NFC, short distance 433/315MHz communication, ADS-B, BLE, ZigBee, satellite communication, etc. Various Analytical matrices to compare the designed wireless security algorithm
- Glimpse of the Future: Hackers have a new way to profit off our security cameras, smart lighting, and even our fancy new coffee pot: crypto-jacking, we will discuss how can one detect and prevent such crypto-jacking attacks.
Privacy Expert, Founder @Arrka
Privacy Basics Workshop
Introduction: This session first covers the privacy basics followed by handling specific challenges in implementing privacy program
Part A: (Duration- 2-2.5 Hours) A Workshop on Privacy Basics
(Objective is to ensure everyone has clarity on what Data Privacy entails and how it is different from Data Security)
In this, we will also cover basic privacy program implementation frameworks.
Part B: Deep Dive Sessions into specific aspects & challenges of implementing a Privacy Program
Some tentative topics:
Data Mapping & Data Flow Analysis – how it sets the foundation for a Privacy Program, challenges in doing this, etc
Data Privacy by Design & Default
Privacy Breaches: Beyond Data Leakage
GDPR – an Overview
India PDPA – an Overview
Privacy Trackers & Markers in the digital world – and their impact on an organization
About Speaker: She has over 20 years of experience in the domains of information risk & privacy, e-commerce & networks. She has handled multiple roles over the years at Sify and Wipro – which include heading the global application security & identity management practice at Wipro, setting up India’s first licensed certifying authority for digital signatures in collaboration with Verisign at Sify, launched and managed the first enterprise IP network services in India at Sify, etc. She set up Arrka Consulting – her own venture – a few years ago. Arrka provides consulting, advisory and training services in the information risk & privacy domain, Nadkarni has recently authored the first book on Data Privacy in India for DSCI, as part of their new privacy certification program – DCPP.
Advisor @Clubhack, Cyber Security StartUps
Introduction: Dark Web has become a big buzz word in the last few years. A lot is being written and spoken about it. Dark web is also being used as a ‘FUD’ factor to run businesses.
Learn and understand the difference between Clearnet and Darknet
– Darknet, Deepweb , Darkweb – What do they mean
– Operational security before entering the darker side of internet
– Understand Darknet entry points
– Setting and configuring the Darknet Entry Points (Tor, I2P, Zeronet etc)
– Tor Hidden Services – Using Tor Web Proxies
– Darknet /Deepweb Search Engines
– Exploring the Darknet – Darknet Economies
– Cyber Crime Markets
– Drug and Arms Markets
– Counterfeit and Fake Currency Markets
– Terrorist and Jihadist Presence
– Utilizing Darknet as definitive source for Threat Intelligence
Attendee Requirement : Laptop having ability to access 802.11 b/g/n Wi-Fi network in an unrestricted / unfiltered nature. – Enough memory (>=8GB) to run a VM. – VirtualBox or VMWare hypervisor as per availability – A fresh VM of windows/linux (best if both are available)
About Speaker :Rohit Srivastwa is a well known security evangelist and entrepreneur in this domain. He has an expertise in cyber security and IT infrastructure management. Rohit is actively involved advising several military agencies, law enforcement, corporate and Government bodies in these fields. Since Jan 2012 Rohit is awarded by prestigious Microsoft Most Valuable Professional award for eight consecutive years in the domain of “Enterprise Security”. In June 2016, one of his company got acquired by Quick Heal Technologies. In the international cyber domain, Rohit is of a liaison member at FIRST.org which is a consortium of Computer Emergency Response Teams (CERTs) from across the globe.
Speaker @Blackhat USA 2019
Trainer @FIRST conference Malaysia 18
Internet of things workshop
Introduction: The Internet of Things (IoT) market today is defined by product manufacturers pushing a broad spectrum of computing devices out to the hands of consumers at an ever-increasing pace, and connecting them to the Internet. They are in a rush to hit the market shelves before their competitors and they often marginalize security. In this workshop, we offer hands-on training for pentesting and hardening IoT ecosystems, with special focus on popular communication protocols such as Zigbee, Bluetooth & BLE, as well as Device – Mobile – Cloud security topics. Students will learn about weaknesses in consumer IoT devices (wearables) paired with mobile ecosystems (Android & iOS) — how information theft is scarily easy, and what steps can be taken to harden these designs.We conclude with defensive security best practices and next generation SDLC for the products of tomorrow.
- 1. Introduction to IoT – Discussion on basics of Internet of Things (IoT) – industrial and consumer IoT as the commonly seen categories of IoT platforms.We explain the traditional architectures for IoT and use cases
- 2. Security for IoT — why you should care? – We discuss actual attacks on IoT platforms, and what steps companies can take to mitigate these kinds of risks
- 3. Attacks on & Weak links for IoT products – This section dives into technical details of the attacks on IoT platforms. IoT ecosystems are comprised of the building blocks (See bullet 2) as well as numerous wireless channels, intra-cloud communication paths, IPC within mobile operating systems, etc. We spend time on those hard-to-reach areas in the IoT ecosystems and examine where the weak links lie, and how they may be exploited.
- 4. Hacking an IoT Wireless Sensor Network – Deep dive into IEEE 802.15.4, Zigbee and differences, Open Source tools and market hardware, Packet capture, analysis and manipulation using scapy, Packet injection into a WSN and Simple cryptographic techniques to protect against practiced attacks
- 5. Eavesdropping on an Activity Tracker – Deep dive into Bluetooth and BLE Security topics, Open Source tools and market hardware, Packet capture and analysis of shared pcap files, Sniffing BLE packets and cracking BLE security and best practices
- 6. Breaking Bluetooth adaptations on Android and iOS – Bluetooth service model on Android and iOS, walkthrough of a malware application on Android that eavesdrops on active wearable communication channels.
- 7. Amazon Web Services (AWS) IoT Core & MQTT Security – Introduction to AWS IoT Core and AWS IoT Security Model and verification of AWS MQTT over TLS and best practices.
- 8. Security and Privacy Development Life Cycle (SDLC) for IoT – In this section, we cover the shortcomings of traditional SDLC models when applied to IoT platforms. We review a new/revamped framework that supports Agile development models, and Continuous Integration/Continuous Deployment.
- 9. Summary – Review theoretical and practical topics, Q&A, revisiting specific practical assignments based on student demand.
About Speaker :
Trainer – Nitin Lakshmanan is a Senior Security Analyst at Deep Armor. He is skilled in SDLC methodologies and security assessment of IoT platforms, web applications, mobile solutions and thick client applications. He has developed advanced tools for infrastructure security assessment of modern cloud platforms, with special focus on AWS. Nitin regularly speaks at security conferences and a trainer at BLACK HAT USA 19
Trainer – Sunil Kumar is a Senior Security Analyst at Deep Armor. He has extensive experience in security research, product security assessment and SDLC methodologies. Sunil’s areas of expertise include threat modeling, penetration testing of mobile & web applications and IoT products. He has advanced knowledge of AWS, and has developed cloud security tools and applications using node.js and python. Sunil regularly speaks at local and international security conferences. And also Sunil is a trainer at FIRST conference Malaysia 18
2019 SACON Speakers
Dr. Phil Polstra
AUTHOR OF ‘LINUX FORENSIC’, FREquent speaker at defcon, blackhat
Workshop : LINUX & windows forensic
(1 Day): This workshop will introduce attendees to Windows & Linux forensics using 100% free and open source software. Python and shell scripting will be used to easily analyze both Windows & Linux systems at deep level.
FREQUENT SPEAKER AT RSA APJ, ISC2 & MORE
My session will show how to design a security architecture that guides an organisation on what safeguards must be implemented in order to address real world risks and threats. Organisations have a limited budget, the question is, how does the security architect determine what to spend their limited time and budget on in order to obtain the best outcome and return on investment.
Frequent Trainer at blackhat usa
In this workshop, we will learn how to defend our cloud infrastructure using Serverless and Elastic Stack. Elastic Stack will collect, analyse logs and triggers alerts based on configured rule-set. Serverless stack drives the defence to perform automated blocking. It will be configured based on the use case and type of attacks. The currently solution works on AWS, Azure and GCP. It can be extended for other providers and custom solutions like in house firewalls, IPS, etc.
Join 600+ SACONites here in Bangalore @ Taj Yeshwantpur