Final Speaker Lineup for CanSecWest 2009 (March 18-20):
===============================================
The Smart-Phones Nightmare - Sergio 'shadown' Alvarez
Getting into the SMRAM: SMM Reloaded - Loíc Duflot
Network design for effective HTTP traffic filtering - Jeff "rfp"
Forristal, Zscaler
Ninja Scanning - Fyodor, Insecure.org
On Approaches and Tools for Automated Vulnerability Analysis - Tanmay
Ganacharya & Nikola Livic & Abhishek Singh & Swapnil Bhalode & Scott
Lambert, Microsoft
Kicking It Old School: No DNS Packets Were Harmed In The Making Of
This Presentation - Dan Kaminski, IOActive
Binary Clone Wars: Software Whitelisting for Malware Prevention and
Coordinated Incident Response. - Shane Macaulay, Sean Comeau, and
Derek Callaway, Security Objectives
.NET Rootkits - Erez Metula
The Evolution of Microsoft's Exploit Mitigations - Matt Miller and Tim
Burrell, Microsoft
An overview of the state of videogame console security. - Victor Muñoz
A Look at a Modern Mobile Security Model: Google's Android - Jon
Oberheide
Bug classes we have found in *BSD, OS X and Solaris kernels - Christer
Oberg and Neil Kettle, Convergent Network Solutions
Multiplatform Iphone/Android Shellcode, and other smart phone
insecurities - Alfredo Ortega and Nico Economou, Core
Platform-independent static binary code analysis using a meta-assembly
language - Sebastian Porst & Thomas "halvar" Dullien, zynamics
Persistent BIOS Infection - Anibal Sacco & Alfredo Ortega, Core
Decompiling Dalvik and other JavaFX - Marc Schoenefeld
Automated Real-time and Post Mortem Security Crash Analysis and
Categorization - Jason Shirk & Dave Weinstein, Microsoft
SSL, The Sequel: MD5 collisions and EV certificates - Alexander
Sotirov & Mike Zusman
Exploiting Unicode-enabled software - Chris Weber
Chinese Infosec & Malware Overview - Wei "icbm" Zhao, 365menshen
Hacking Macs for Fun and Profit - Dino Dai Zovi & Charlie Miller
...and a variety of lightning talks...
Security Masters Dojo courses (March 14-17):
====================================
Metasploit: Asymmetric Warfare - H D Moore, BreakingPoint Systems
Advanced Honeypots - Thorsten Holz
IPv6 Network Security - Nico Fishbach & Guillaume Valadon, COLT & CNRS
Ultimate Web Hacking (One Day Edition) - Mike Andrews, Foundstone
TCP/IP Network Security In Depth - Andrea Barisani, inverse path
Effective Fuzzing using the Peach Fuzzing Platform - Michael
Eddington, Leviathan Security
Secure Java Programming and Auditing - Marc Schoenefeld
Practical 802.11 WiFi (In)Security - Cédric Blancher, EADS
Q/SSE Qualified/ Software Security Expert Certification Bootcamp -
Security University
Q/SA Qualified Security Analyst Penetration Tester - Security University
Advanced Linux Hardening - Andrea Barisani & Jay Beale, inverse path &
Intelguardians
Physical Security and Lock Technology - Deviant Ollam
The Exploit Laboratory - Advanced Edition - Saumil Shah, Net-Square
Mastering the Network with Scapy - Phillipe Biondi, EADS
Pwn2Own Contests:
================
There will be TWO Pwn2Own contests this year.
Generous cash prize(s) for exploits will be sponsored by Tipping Point,
and a Sony VAIO P fresh from Japan and a new loaded Apple Macbook
will be amongst the prizes.
The targets this year will be mobile smart-phones, and browsers.
Mobile targets:
iPhone
Android
Symbian
RIM/BlackBerry
Windows Mobile
Browser Targets:
IE8
FF3
Safari
Opera
The contest will like in previous years feature a progressively
expanding attack surface over the three day duration of the
conference. Final prizes and rules will be announced shortly.
Post-Conference Whistler Expedition:
=============================
We have secured some rooms at good rates at the Westin in Whistler
and reserved a cluster of four, 3-5 bedroom, cabins for the weekend
after the conference. Contact dr@kyx.net if you wish to be included
in the planning, final accommodation rates will be announced shortly.
Conference Hotel Block:
===================
The room rates at the Sheraton Wall Center hotel where the conference
is being held have been reduced from $183 to $169, and still includes
a waived $15/day free internet access in the rate.
Tenth Anniversary Gala Event:
========================
Since this is our tenth anniversary for the conference, we will
be having a party on Thursday night. Venue TBD. We're pretty
sure there will be a cake. No word yet on whether there will
be dancers inside it. ;-)
Day-Care Facilities will be available:
=============================
As a nod to the shifting demographic of early gen. security
researchers we will be trying a new experiment this year
and we will be providing day-care facilities for those
traveling with kids. We will try to arrange some group
discounts with our provider once we know how many
kids and what ages and times will have to be
accommodated. If you are interested in this service
please send a note to yuriko@secwest.com and let
her know ages and times.
We will try to get them started on exploit writing
courses for pre-schoolers :-). Does this mean
we are all grown up now?
It promises to be another fun conference again this
year. See you all there.
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 16-20 2009 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
===============================================
The Smart-Phones Nightmare - Sergio 'shadown' Alvarez
Getting into the SMRAM: SMM Reloaded - Loíc Duflot
Network design for effective HTTP traffic filtering - Jeff "rfp"
Forristal, Zscaler
Ninja Scanning - Fyodor, Insecure.org
On Approaches and Tools for Automated Vulnerability Analysis - Tanmay
Ganacharya & Nikola Livic & Abhishek Singh & Swapnil Bhalode & Scott
Lambert, Microsoft
Kicking It Old School: No DNS Packets Were Harmed In The Making Of
This Presentation - Dan Kaminski, IOActive
Binary Clone Wars: Software Whitelisting for Malware Prevention and
Coordinated Incident Response. - Shane Macaulay, Sean Comeau, and
Derek Callaway, Security Objectives
.NET Rootkits - Erez Metula
The Evolution of Microsoft's Exploit Mitigations - Matt Miller and Tim
Burrell, Microsoft
An overview of the state of videogame console security. - Victor Muñoz
A Look at a Modern Mobile Security Model: Google's Android - Jon
Oberheide
Bug classes we have found in *BSD, OS X and Solaris kernels - Christer
Oberg and Neil Kettle, Convergent Network Solutions
Multiplatform Iphone/Android Shellcode, and other smart phone
insecurities - Alfredo Ortega and Nico Economou, Core
Platform-independent static binary code analysis using a meta-assembly
language - Sebastian Porst & Thomas "halvar" Dullien, zynamics
Persistent BIOS Infection - Anibal Sacco & Alfredo Ortega, Core
Decompiling Dalvik and other JavaFX - Marc Schoenefeld
Automated Real-time and Post Mortem Security Crash Analysis and
Categorization - Jason Shirk & Dave Weinstein, Microsoft
SSL, The Sequel: MD5 collisions and EV certificates - Alexander
Sotirov & Mike Zusman
Exploiting Unicode-enabled software - Chris Weber
Chinese Infosec & Malware Overview - Wei "icbm" Zhao, 365menshen
Hacking Macs for Fun and Profit - Dino Dai Zovi & Charlie Miller
...and a variety of lightning talks...
Security Masters Dojo courses (March 14-17):
====================================
Metasploit: Asymmetric Warfare - H D Moore, BreakingPoint Systems
Advanced Honeypots - Thorsten Holz
IPv6 Network Security - Nico Fishbach & Guillaume Valadon, COLT & CNRS
Ultimate Web Hacking (One Day Edition) - Mike Andrews, Foundstone
TCP/IP Network Security In Depth - Andrea Barisani, inverse path
Effective Fuzzing using the Peach Fuzzing Platform - Michael
Eddington, Leviathan Security
Secure Java Programming and Auditing - Marc Schoenefeld
Practical 802.11 WiFi (In)Security - Cédric Blancher, EADS
Q/SSE Qualified/ Software Security Expert Certification Bootcamp -
Security University
Q/SA Qualified Security Analyst Penetration Tester - Security University
Advanced Linux Hardening - Andrea Barisani & Jay Beale, inverse path &
Intelguardians
Physical Security and Lock Technology - Deviant Ollam
The Exploit Laboratory - Advanced Edition - Saumil Shah, Net-Square
Mastering the Network with Scapy - Phillipe Biondi, EADS
Pwn2Own Contests:
================
There will be TWO Pwn2Own contests this year.
Generous cash prize(s) for exploits will be sponsored by Tipping Point,
and a Sony VAIO P fresh from Japan and a new loaded Apple Macbook
will be amongst the prizes.
The targets this year will be mobile smart-phones, and browsers.
Mobile targets:
iPhone
Android
Symbian
RIM/BlackBerry
Windows Mobile
Browser Targets:
IE8
FF3
Safari
Opera
The contest will like in previous years feature a progressively
expanding attack surface over the three day duration of the
conference. Final prizes and rules will be announced shortly.
Post-Conference Whistler Expedition:
=============================
We have secured some rooms at good rates at the Westin in Whistler
and reserved a cluster of four, 3-5 bedroom, cabins for the weekend
after the conference. Contact dr@kyx.net if you wish to be included
in the planning, final accommodation rates will be announced shortly.
Conference Hotel Block:
===================
The room rates at the Sheraton Wall Center hotel where the conference
is being held have been reduced from $183 to $169, and still includes
a waived $15/day free internet access in the rate.
Tenth Anniversary Gala Event:
========================
Since this is our tenth anniversary for the conference, we will
be having a party on Thursday night. Venue TBD. We're pretty
sure there will be a cake. No word yet on whether there will
be dancers inside it. ;-)
Day-Care Facilities will be available:
=============================
As a nod to the shifting demographic of early gen. security
researchers we will be trying a new experiment this year
and we will be providing day-care facilities for those
traveling with kids. We will try to arrange some group
discounts with our provider once we know how many
kids and what ages and times will have to be
accommodated. If you are interested in this service
please send a note to yuriko@secwest.com and let
her know ages and times.
We will try to get them started on exploit writing
courses for pre-schoolers :-). Does this mean
we are all grown up now?
It promises to be another fun conference again this
year. See you all there.
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 16-20 2009 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers