Welcome to 31c0n, New Zealand’s premier cyber security conference for CIOs, CISOs and security practitioners.
Over the course of two days, you’ll hear from 13 global experts in cyber security, mix with like-minded people, and evolve your overall understanding of this dynamic industry.
Don’t miss out on being a part of this inaugural event - tickets cost $750 plus GST (includes all sessions and catering). See below for speaker info or visit Eventbrite to view full presentation abstracts.
23-24 February, Viaduct Events Centre, Auckland
It's a play on the ubiquitous assembly instruction "xor eax, eax" which compiles to opcode "31c0"
|8.30am||Doors open – attendee registration and pass pick up|
|8.45am – 9.00am||Conference starts – welcome from Peter Bailey, Aura Information Security|
|9.00am – 9.55am||Keynote: Peter Gutmann|
|9.55am – 10.50am||
Speaker #1: Bryan K. Fite
Planes, Trains and Automobiles: The Internet of Deadly Things
|10.50am – 11.15am||MORNING TEA|
|11.15am – 12.10pm||Speaker #2: Sam Pickles|
|12.10pm – 1.05pm||
Speaker #3: Rodrigo Branco
Blinded Random Block Corruption Attacks
|1.05pm – 2.05pm||LUNCH|
|2.05pm – 3.00pm||
Speaker #4: Dr Oliver Matula & Chistoph Klaassen
Doing the Same Thing Over and Over Again: A Critical View on Security Products
|3.00pm – 3.55pm||
Speaker #5: Matthew Daley
Service Account Shenanigans
|3.55pm – 4.20pm||AFTERNOON TEA|
|4.20pm – 5.15pm||
Speaker #6: Edmond Rogers
Armadillo 2.0 client for CyPSA (Cyber Physical Situational Awareness)
|5.15pm – 5.30pm||Closing remarks: Day one – Peter Bailey, Aura Information Security|
|5.30pm – 7.30pm||DRINKS FUNCTION, Marvel Grill|
|9.15am – 9.30am||Welcome, Peter Bailey, Aura Information Security|
|9.30am – 10.25am||Keynote: Michael Ossmann|
|10.25am – 11.20am||
Speaker #1: Craig Smith
You Don't Own It If You Can't Hack It (the role of security in the auto industry)
|11.20am – 11.50am||MORNING TEA|
|11.50am – 12.45pm||
Speaker #2: Philippe Langlois
|12.45pm – 1.30pm||LUNCH|
|1.30pm – 2.25pm||
Speaker #3: Jacob Torrey
Bootstrapping an Architectural Research Platform
|2.25pm – 3.20pm||
Speaker #4: Ravishankar Bogoankar
Privacy Issues in 4G
|3.20pm – 3.50pm||AFTERNOON TEA|
|3.50pm – 4.50pm||
Speaker Panel Discussion
|4.50pm – 5.00pm||Thanks and close, guests mingle|
|5.30pm||31c0n 2017 wraps|
Sam Pickles has provided IT and security services for banking, government and service clients for over seventeen years across Europe, Asia Pacific and the United States.
During this period, he built some of the world’s largest web application firewall gateways, and conducted penetration testing for a range of networks and hardware devices.
His talk explores some current techniques which target the SSL stack, and presents some practical methods for mitigating such attacks in production systems.
Oliver and Christoph are IT security researchers and practitioners at ERNW, a Germany-based security company. They both have extensive experience on the offensive side of IT security (e.g. by means of penetration tests and research) and the defensive side (e.g. by means of consulting in large corporate environments) and are regularly called upon to speak at industry events. Their presentation looks at particular shortcomings of security appliances, the very large gap between marketing promises and operational reality, and the very large attack surface security appliances actually introduce into your environment.
Edmond Rogers (CISSP) is a Security Engineer for the University of Illinois Information Trust Institute. Rogers has decades of defense experience and previously worked at a Fortune 500 Investor Owned Utility in the United States, where he was responsible for the cyber security of SCADA systems that operated the bulk electric system. He also founded an Internet Service Provider (bluegrass.net) in the early 90's. His presentation will look at Armadillo 2.0, a UI for Windows that provides data flow visualisation similar to power flow software. The visualisation helps users find unwanted connections and provides a click and block capability.
Philippe Langlois is a highly regarded entrepreneur, security researcher and expert in the domain of telecom and network security. He has founded several internationally-recognised security companies and has led technical, development and research teams at Solsoft and TSTF.
He is experienced in bringing technology firsts to market, including proposing Penetration Testing in France.
Matt is a senior consultant at Aura Information Security, where he conducts security assessments across a range of critical infrastructure environments. During his free time, he spends time finding bugs in open source projects. His track record includes finding vulnerabilities in Xen, Linux Kernel, Apache and Nginx web servers. Matthew’s presentation will focus on service accounts, how they can be the weakest point in your entire domain, and what can be done to protect your business from attack.
Ravishankar Borgaonkar is a research fellow from the University of Oxford. His research themes are related to mobile telecommunication and involved security threats, ranging from GSM/UMTS/LTE network security to end-user device security. His talk will look at privacy issues in 4G cellular networks and their impact on end-users including myths about usage of IMSI catchers; and how privacy of mobile subscribers can be breached at different layers of 4G networking technologies.
Michael Ossmann is a wireless security researcher who makes hardware for hackers. Best known for the open source HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people. Ossmann focuses on SDR using the open-source GNURadio Companion GUI tool, which makes implementing a lot of cool SDR techniques as easy as dragging and dropping items into a flow diagram.
Jacob Torrey is an Advising Research Engineer at Assured Information Security, Inc. where he leads the Computer Architectures group. Jacob has worked extensively with low-level x86 and MCU architectures, having written a BIOS, OS, hypervisor and SMM handler. His major interest is how to (mis)use an existing architecture to implement a capability currently beyond the limitations of the architecture.
Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design & analysis of cryptographic security architectures & security usability. He has helped author the popular PGP encryption package, a number of papers & RFC's on security & encryption the open source cryptlib security toolkit, "Cryptographic Security Architecture: Design and Verification" (Springer, 2003).
Rodrigo Branco works as Principal Security Researcher at Intel Corporation’s Security Center of Excellence leading the Core Client, BIOS & IoT SoC Teams. He also held positions as Director of Vulnerability & Malware Research at Qualys & Chief Security Research at Check Point. His presentation examines privacy protection in virtualised cloud environments.
Bryan K. Fite is a security practitioner, entrepreneur and Chief Information Security Officer at BT who has spent over 25 years in mission-critical environments. Bryan is uniquely qualified to advise organisations on what works and what doesn't. His presentation will look at 'Planes, Trains and Automobiles: The Internet of Deadly Things'.
Craig Smith is Research Director of Transportation Security at Rapid7 and developed tools to find flaws in vehicle and diagnostic systems. Smith is the author of ‘The Car Hacker’s Handbook’.
His presentation, ‘You Don't Own It If You Can't Hack It’ looks at the role security plays in the automotive industry and how hacking has pushed the industry into being more open to feedback.
Keep up to date with news and event speakers.