Speakers

Social Media

Sponsors













Advertisement

Speakers

Those who fill the silence...

We would like to humbly thank all of our speakers, who are listed below. Without their time and effort this conference would not have been possible.

If you are interested in speaking at InfoSec Southwest, please see our Call for Papers.

Keynote Speaker

Peiter Zatko

Peiter "Mudge" Zatko

Defense Advanced Research Projects Agency (DARPA)

Mudge joined DARPA's Information Innovation Office (I2O) with the mission of changing how the government approaches cyber programs, and to act as an ambassador to hacker-spaces, maker-labs, and other non-standard pools of talent. Peiter "Mudge" Zatko is perhaps best known as the hacker who told the U.S. Senate that he could take down the Internet in 30 minutes (BGP). He has testified to the United States Senate Committee on Government Affairs as a subject-matter expert in regard to the security of government systems, and to the House and Senate Joint Judiciary Oversight Committee as a subject-matter expert on cyber-crime.

Mudge has been published in various journals (such as ACM, CORE/CQRE, USENIX Security journal, etc.). He has taught offensive cyber warfare techniques and tactics courses at various Department of Defense entities and was recently a visiting Scientist at Carnegie Melon University.

As the leader of the hacker think tank known as "The L0pht," Mudge is the inventor of L0phtCrack, an industry-standard Microsoft password auditing tool, and several other well received software security solutions.

In his current role, Mudge is working to build areas of aligned interest between the cyber security research community and the government so both parties become resources to each other where appropriate and more articulately convey divergent approaches and goals.

This talk will show the new strategy in cyber that he has helped to create for DARPA, how it was influenced by our community, and some of the challenges and rationale behind the Cyber Fast Track research vehicle that is being made available to the public.

His goal remains constant: "Make a dent in the universe."

Speakers

Orlando Barrera

Orlando Barrera II

Mr. Orlando Barrera II has worked in communications within the United States Army Signal Corps, 35th Signal Brigade, stationed at Fort Bragg,N.C. While completing his Bachelor of Science Degree he worked within the Computer Science Department at Texas State University. His previous positions also include working as a code monkey, software developer, and security researcher. He has presented at B-Sides LV, RSS, LASCON, HouSecCon, AHA and is an active member in the local OWASP chapter. His vulnerabilities and exploits published include: CVE-2009-3371, CVE-2010-0160, and CVE-2010-4109.

Daniel Crowley

Daniel "unicornFurnace" Crowley

Trustwave Spiderlabs

Daniel Crowley is an Application Security Consultant for Trustwave's SpiderLabs team. He has been working in the information security industry for over 7 years and has been focused on penetration testing, specifically on Web applications. Daniel is particularly interested in vulnerabilities caused by a failure to account for little known or even undocumented properties of the platforms on which applications run. He especially enjoys playing around with Web based technologies and physical security technologies/techniques. Daniel is also a rock climber and makes a mean chili.

SpiderLabs is the advanced security team at Trustwave focused on application security, incident response, penetration testing, physical security and security research. The team has performed over a thousand incident investigations, thousands of penetration tests and hundreds of application security tests globally. In addition, the SpiderLabs Research team provides intelligence through bleeding-edge research and proof of concept tool development to enhance Trustwave's products and services.

Nick DePetrillo

Nick DePetrillo

Harris Crucial Security

Nick DePetrillo is a senior security researcher at Crucial Security Inc., a wholly owned subsidiary of Harris Corporation with a focus on hardware reverse engineering, cryptography, mobile security and other areas of interest. Most recently, Nick was a senior security consultant with Industrial Defender performing physical and electronic security assessments for various clients in the energy industry. Nick also researched Smart Grid/AMI hardware and software security issues while at Industrial Defender. Nick was a research and development engineer for Aruba Networks, concentrating on wireless security threats and prototyping new products. Nick has presented new security threats and mitigation techniques at both national and international conferences.

Brandon Dixon

Brandon Dixon

9b+

Brandon is a security researcher and engineer for GWU where he spends his time identifying malicious attacks and thinking of better ways to detect/stop them. His research in various security topics has gotten him attention from companies such as Adobe, Verizon, Sprint, and Cisco. He has discovered several exploits and flaws based on vulnerabilities found in commercial products, web applications and messaging technologies.

Joshua Drake

Joshua "jduck" Drake

Accuvant LABS

Joshua J. Drake is a Senior Research Consultant with Accuvant LABS. Joshua focuses on original research in areas such as vulnerability discovery and analysis, exploitation technologies and reverse engineering. He has over 10 years of experience in the information security field. Prior to joining Accuvant, he served as the lead exploit developer for the Metasploit team at Rapid7, where he analyzed and successfully exploited numerous publicly disclosed vulnerabilities in widely deployed software such as Exim, Samba, Microsoft Windows, Office, and Internet Explorer. Prior to that, he spent four years at VeriSign's iDefense Labs conducting research, analysis and coordinated disclosure of hundreds of unpublished vulnerabilities.

Accuvant LABS is the world's best and most respected attack and penetration team. Since 2002, Accuvant LABS has provided penetration testing, application and enterprise security assessments, vulnerability research and training to more than 2,000 clients across industry verticals. Experts from the team have won numerous awards and been featured in articles published by the Associated Press, CSO Magazine, Financial Times, SC Magazine,The New York Times and The Register, among others, and regularly speak at national information security conferences.

Amir Etemadieh

Amir "Zenofex" Etemadieh

GTVHacker

Amir Etemadieh, also known as "Zenofex", founded the GTVHacker group. Amir is a regular speaker at the monthly local hacker meetup "AHA" and has been working on the GTVHacker project from its initial start in November 2010. Amir has done independent security research in consumer electronics including the Logitech Revue, Ooma Telo and services such as the 4G Clear Network. Amir enjoys hunting down flaws using both hardware-based and software-based approach with the belief that often times hardware flaws are more commonly overlooked.

GTVHacker is a group of 7 hackers with individual skillsets who have spent the entirety of the GoogleTV platform's lifespan attacking hardware and software aspects of the devices. The group consists of the following members: zenofex, cj_000, [mbm], saurik, tdweng, agenthh, gynophage. Our primary goal is to bypass hardware and software restrictions to allow for custom roms and unsigned firmwares to be loaded and used. As of today we have been the only group to produce working exploits on both of the Sony GoogleTV units and the Logitech Revue. Even winning a bounty for the first root within the first 3 months of the platform's launch. We also host a wiki for technical info, a forum for support and a blog for group releases.

Lurene Grenier

Lurene "pusscat" Grenier

Harris Crucial Security

Whenever Lurene "pusscat" Grenier can't find a sunbeam to steep in, she stalks bugs in the jungle. Pouncing on them and consuming them like a delicious juicy turtle. It's a well known fact the Pusscat sleeps 18 hours a day and is at least twice as large as a tiger.

Richard Johnson

Richard Johnson

Sourcefire, Inc.

Richard Johnson is a computer security specialist who spends his time playing in the realm of software vulnerability analysis. Richard currently fills the role of Principal Research Engineer on Sourcefire.s Vulnerability Research Team, offering 10 years of expertise in the software security industry. Current responsibilities include research on exploitation technologies and automation of the vulnerability triage and discovery process. Past areas of research include memory management hardening, compiler mitigations, disassembler and debugger design, and software visualization. Richard has released public code for binary integrity monitoring, program debugging, and reverse engineering and has presented at over 20 conferences worldwide since 2004. Richard is also a co-founder of the Uninformed Journal and a long time resident of the Hick.org ranch.

Gursev Kalra

Gursev Singh Kalra

McAfee Foundstone

Gursev Singh Kalra serves as a Managing Consultant at Foundstone, McAfee. Gursev was a speaker at security conferences like ToorCon, NullCon and ClubHack. Gursev has authored an open source SSL cipher enumeration tool SSLSmart and a whitepaper on Mobile Application Security Testing. Gursev has also developed several internal tools, web applications and loves to code in Ruby, Ruby on Rails and C#.

Byoungyoung Lee

Byoungyoung Lee

College of Computing, Georgia Institute of Technology

Byoungyoung Lee is a PhD student at Georgia Institute of Technology. He has interests in both practical and academic software security research. He is leading the project DarunGrim, which is a popular binary diffing tool. Upon DarunGrim project, he runs exploitshop blog, which covers MS patch analysis. He actively participated wargames and advanced to the DEFCON CTF finals three times. He also published fuzzers and exploits targeting Microsoft products. His academic research interests are in binary obfuscation and location privacy, which were published in ACM SIGKDD and ACM ASIACCS.

Marco Peereboom

Marco Peereboom

Conformal Systems

Marco Peereboom got involved with Open Source UNIXi in `96. After years of patching and hacking he decided to look for alternatives that suited his needs better and became interested in the OpenBSD project in 2001. After working on fixing up the SCSI mid-layer and working on mpt(4) he ended up as a committer on all things SCSI. He worked all over the tree scratching whatever itched. Currently he develops/maintains a bunch of Open Source projects such as xxxterm and ASSL.

He currently is the CTO of Conformal Systems. In his spare time he enjoys hacking on his pet projects around a busy social schedule.

Conformal Systems is an open source software engineering firm focusing on privacy and security oriented solutions. We strive to create open source technologies which fulfill real-world privacy and security needs while creating the greatest value for the end user.

Many of our initiatives are community oriented, with no plans for revenue generation. To make this model work, we must generate sufficient funds to sustain the enterprise. Consequently, some of our projects are necessarily for-profit. We do this in order to fund our continuing contributions to the open source community. One of our first market-driven launches is Cyphertite, our state-of-the-science, deduplicating, encrypted backup system that is available on open source platforms. Our goal is to create and maintain a sustainable enterprise for the benefit of all.

Karthik Raman

Karthik Raman

Adobe

Karthik Raman, CISSP, is a security researcher on the Adobe Product Security Incident Response Team (PSIRT), where he focuses on vulnerability analysis and technical collaboration with industry partners. Before joining Adobe, Karthik was a research scientist at McAfee Labs, where he worked on threat analysis, building automation systems, malware analysis, and developing advanced antimalware technology. Karthik holds a Master of Science degree in Computer Science from UC Irvine and Bachelor of Science degrees in Computer Science and Computer Security from Norwich University. Both universities are National Security Agency Centers of Excellence in Information Assurance. Company or Organization: Name of the company or organization you will be speaking on behalf of, if any.

Adobe is changing the world through digital experiences. We harness our creative DNA to not only enable the creation of beautiful and powerful images, videos, and apps, but also to reinvent how companies interact with their customers across every digital channel and screen.

Rick Redman

Rick Redman

KoreLogic

KoreLogic was formed by seasoned security experts intent on providing high quality, specialized security services. Our goal is to help our clients proactively protect their core assets by providing pragmatic, lasting risk management solutions.

Winn Schwartau

Winn Schwartau

Mobile Active Defense

Winn Schwartau is one of the world's top experts on security, privacy, infowar, cyber-terrorism and related topics. Provocative, informed, challenging, he's on the leading edge of thinking, writing and speaking. Highly technical security subjects are made understandable, entertaining, engaging and thought-provoking. Audiences find themselves challenged with original ideas which are related through historical analogy and metaphor and made relevant to the present and future world.

Mobile Active Defense is made by Mobile Application Development Partners, a software development company headquartered in Atlanta, GA with offices in Mainz, Germany and London, England.

M.A.D. Partners, LLC has over 100 years combined experience in security hardware and software product design and development, marketing, sales and support. M.A.D. Partners. mission is to create innovative, high quality and easy to use security solutions for smartphones, pads and tablets.

Josh Sokol

Josh Sokol

Josh Sokol, CISSP graduated from the University of Texas at Austin with a BS in Computer Science in 2002. Since that time, he has worked for several large companies including AMD and BearingPoint, spent some time as a military contractor, and is currently employed as the Information Security Program Owner at National Instruments. In his current role, Josh manages all compliance, security architecture, risk management, and vulnerability management activies for NI. Josh is the current Chair of the OWASP Global Chapters Committee, the former President of the Austin OWASP Chapter, and is very active in the local security community. He has spoken on dozens of security topics including the much hyped "HTTPS Can Byte Me" talk at BlackHat 2010.