applied security conferences and training: CanSecWest | PacSec | EUSecWest | BA-Con

CanSecWest 2009 Agenda

The CanSecWest 2009 agenda is preliminary and still subject to change.

Monday March 16th

Security Masters Dojo, 10:00 A.M. - 6:00 P.M.

Tuesday March 17th

Security Masters Dojo, 10:00 A.M. - 6:00 P.M.

Wednesday March 18th

10:00 - 12:00 Registration
12:00 - 12:30 Writing User Friendly Exploits - Skylar Rampersaud, Immunity
12:30 - 13:30 The Smart-Phones Nightmare - Sergio 'shadown' Alvarez
13:30 - 14:30 A Look at a Modern Mobile Security Model: Google's Android - Jon Oberheide, University of Michigan
14:30 - 15:00 Break
15:00 - 16:00 Multiplatform Iphone/Android Shellcode, and other smart phone insecurities - Alfredo Ortega and Nico Economou, Core
16:00 - 17:00 Decompiling Dalvik and other JavaFX - Marc Schoenefeld
17:00 - 17:20 Break
17:20 - 18:20 An overview of the state of videogame console security. - Victor Muñoz

Thursday March 19th

07:30 - 08:00 Registration & Breakfast
08:00 - 09:00 Persistent BIOS Infection - Anibal Sacco & Alfredo Ortega, Core
09:00 - 10:00 Getting into the SMRAM: SMM Reloaded - Loíc Duflot
10:00 - 10:30 Second Breakfast
10:30 - 11:30 Sniff keystrokes with lasers/voltmeters: Side Channel Attacks Using Optical Sampling of Mechanical Energy Emissions and Power Line Leakage - Andrea Barisani & Daniele Bianco, Inverse Path
11:30 - 12:30 Hacking Macs for Fun and Profit - Dino Dai Zovi & Charlie Miller
12:30 - 13:30 Lunch
13:30 - 14:30 .NET Rootkits - Erez Metula
14:30 - 15:30 Bug classes we have found in *BSD, OS X and Solaris kernels - Christer Oberg and Neil Kettle, Convergent Network Solutions
15:30 - 16:00 Break
16:00 - 17:00 Exploiting Unicode-enabled software - Chris Weber, Casaba Security
17:00 - 18:00 Chinese Infosec & Malware Overview - Wei "icbm" Zhao, 365menshen
18:00 - 19:00 Lightning Talks - Various
19:00 - 1:00 Party - Buses Leave (every 30 min.) for Grouse Mountain

Friday March 20th

08:00 - 08:30 Breakfast
08:30 - 09:30 Platform-independent static binary code analysis using a meta-assembly language - Sebastian Porst & Thomas "halvar" Dullien, zynamics
09:30 - 10:30 Binary Clone Wars: Software Whitelisting for Malware Prevention and Coordinated Incident Response. - Shane Macaulay, Sean Comeau, and Derek Callaway, Security Objectives
10:30 - 10:50 Second Breakfast
10:50 - 11:50 Network design for effective HTTP traffic filtering - Jeff "rfp" Forristal, Zscaler
11:50 - 12:50 The Evolution of Microsoft's Exploit Mitigations - Matt Miller and Tim Burrell, Microsoft
12:50 - 13:30 Lunch
13:30 - 14:30 Automated Real-time and Post Mortem Security Crash Analysis and Categorization - Jason Shirk & Dave Weinstein, Microsoft
14:30 - 15:30 On Approaches and Tools for Automated Vulnerability Analysis - Tanmay Ganacharya & Nikola Livic & Abhishek Singh & Swapnil Bhalode & Scott Lambert, Microsoft
15:30 - 15:50 Break
15:50 - 16:50 Ninja Scanning - Fyodor, Insecure.org
16:50 - 17:50 Kicking It Old School: No DNS Packets Were Harmed In The Making Of This Presentation - Dan Kaminski, IOActive
17:50 - 18:50 SSL, The Sequel: MD5 collisions and EV certificates - Alexander Sotirov & Mike Zusman
18:50 - 21:00 C8H10N4O2 and C2H6O (and teardown)