VIRTUAL PRESS OFFICESTM   (011) 807 3294   itnews@itweb.co.za | Advertise on ITWeb   Thu, 18 Dec, 01:23:43 AM
You are here Home

Practical Security: Solutions for challenging times
Don't miss out, book your seat today!

 

Dates: 11 - 13 May 2010

Venue: Sandton Convention Centre

 
The 2010 Security Summit will once again host leading international and local security experts and industry innovators, who will share advice and best practices on how to address key security concerns in the current economic landscape.

With a dedicated focus on the business of security on day one, together with technical how-to sessions on day two and practical security workshops on day three, the 2010 Security Summit promises to be even bigger and better than ever.

Speaker synopsis and biographies:

DAY 1, 11 MAY:
The business of security

DAY 2, 12 MAY:
Technical/operational security

This year’s agenda will see a focus on speakers from the corporate end-user community, who will provide expert analysis, real-life case studies, strategic advice and predictions. Security professionals will be immersed in the state of the art for cutting edge security strategies and solutions, designed to help them to prioritise their security initiatives and demonstrate how to realise measurable business results in challenging times.

International security experts who will be at the 2010 Security Summit include:
 
Author and security expert, Nitesh Dhanjani, provides insight into social media platforms and how individuals may be remotely influenced by messaging tactics. Joe Grand will give an historical perspective on the L0pht: a hacker think tank, which famously testified before the Congress of the US that they could shut down the Internet in 30 minutes
Jeremiah Grossman, who is with us again this year, will explore the prevalent security issues emerging in 2010 and how Web security has been impacted in the past year. Felix FX Lindner Security expert FX Lindner takes a look into security alchemy and why, in theory, the entire Internet can be a secure and safe global network.
Independent security researcher, Moxie Marlinspike will explore modern threats to privacy and discuss some interesting solutions in the works. Dr Charlie Miller will demonstrate current attacks on smartphones and what the future might hold for smartphone security
Author and security expert, Saumil Shah, will explore how well-known vulnerabilities and bugs play a key part in creating the attack patterns of tomorrow. Dino Dai Zovi will discuss how return-oriented programming techniques can be used to bypass Microsoft's DEP on Windows XP through Windows 7.

Nitesh Dhanjani, Senior Manager, Ernst & Young
Nitesh Dhanjani is a well-known security researcher, author, and speaker. Dhanjani is currently senior manager at Ernst & Young, where he advises some of the largest corporations around the world on how to establish enterprise-wide information security programs and solutions. Dhanjani is also responsible for evangelising brand new technology service lines around emerging technologies and trends such as cloud computing and virtualisation.

Prior to his current job, Dhanjani was senior director of application security and assessments at a major credit bureau, where he spearheaded brand new security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews and threat modelling, and managed the Attack & Penetration team.

Dhanjani is the author of Network Security Tools: Writing, Hacking, and Modifying Security Tools (O'Reilly) and HackNotes: Linux and Unix Security (Osborne McGraw-Hill). He is also a contributing author to Hacking Exposed 4 (Osborne McGraw-Hill) and HackNotes: Network Security. Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON.

Check out these sites for more information on Nitesh:
http://dhanjani.com/
http://securitystreams.tv/

Joe Grand, President, Grand Idea Studio
Joe Grand is an American electrical engineer, inventor, and hardware hacker, known in the hacker community as Kingpin. He achieved mainstream popularity with the release of Prototype This, a Discovery Channel television show. He is also president of Grand Idea Studio, a San Francisco-based research and development firm. Joe was involved in electronics since the age of seven. He was a member of the Boston, Massachusetts-based hacker group L0pht Heavy Industries. Grand has authored several books, and is on the technical advisory board of MAKE Magazine. He also holds a B.S.E.E. from Boston University.
Check out these sites for more information on Joe:
http://www.grandideastudio.com/
http://dsc.discovery.com/tv/prototype-this/prototype-this.html
http://www.kingpinempire.com/

Jeremiah Grossman, CTO and Founder, WhiteHat Security
Jeremiah Grossman is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events, including the Black Hat Briefings, RSA, CSI, HiTB, OWASP, ISSA, and a number of large universities. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in major media publications such as SC Magazine, CSO Magazine, InfoWorld, USA Today, Dark Reading, SecurityFocus, and more. Prior to WhiteHat, Grossman was an information security officer at Yahoo.
Check out these sites for more information on Jeremiah:
http://www.whitehatsec.com
http://jeremiahgrossman.blogspot.com/

Felix “FX” Lindner, Owner, Recurity Labs and Computer & Network Security Consultant
Felix “FX” Lindner is the technical and research lead of Recurity Labs, with 18 years’ computer technology experience, almost all of them in consulting for large enterprise and telecommunication customers. He possesses a vast knowledge of computer sciences, telecommunications and software development. His background includes managing and participating in a variety of projects with a special emphasis on security planning, implementation, operation and testing using advanced methods in diverse technical environments. Lindner is well known in the computer security community and has presented his and Phenoelit's security research on Black Hat Briefings, CanSecWest, PacSec, DEFCON, Chaos Communication Congress, MEITSEC and numerous other events. His research topics include Cisco IOS, HP printers, SAP and RIM BlackBerry. He is co-author of the book: The Shellcoder’s Handbook, which describes how to find security holes in any operating system or application, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista. It also features the first-ever published information on exploiting Cisco's IOS.
Check out these sites for more information on FX:
http://www.recurity-labs.com/
http://www.phenoelit.net/lablog/

Moxie Marlinspike, Independent Computer Security Researcher

Moxie Marlinspike carries out independent research into computer security. His published research tends to deal with secure protocols, particularly SSL/TLS. He does security consulting and penetration testing and offers training on designing secure protocols. He is the author of the sslstrip tool presented at Black Hat DC 2009, which demonstrates how HTTPS Web sites are vulnerable to a man-in-the-middle attack if the connection starts out as a HTTP connection before being redirected to HTTPS, as is nearly always the case. He is also the author of sslsniff, a general purpose SSL/TLS man-in-the-middle attack tool that was originally written to exploit the BasicConstraints vulnerability that he published in 2002.

Check out these sites for more information on Moxie:
http://www.thoughtcrime.org/
http://twitter.com/moxie

Dr Charlie Miller, Principal Analyst, Software Security, Independent Security Evaluators
Charlie Miller is a computer security researcher with the consulting firm Independent Security Evaluators. Prior to his current employment, he spent five years working for the National Security Agency. Miller has demonstrated his hacks publicly on products manufactured by Apple. He presented the full details of discovering a vulnerability in the iPhone and creating the exploit at Black Hat in 2007. In 2008, he won a $10 000 cash prize at a hacker conference in Canada for being the first to find a critical bug in the MacBook Air – deploying an exploit in two minutes. In 2009, he also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. This year he has co-authored the book: The Mac Hacker’s Handbook.
Check out this site for more information on Charlie:
http://securityevaluators.com/

Saumil Shah, CEO & Founder, Net-Square Solutions, India
Saumil Shah's focus is on researching vulnerabilities with various e-commerce and Web-based application systems, system architecture for Net-Square's tools and products, developing short-term training programmes, providing information security consulting services to Net-Square's clients, ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Shah has had more than 10 years’ experience with system administration, network architecture, integrating heterogeneous platforms, and information security and has performed numerous ethical hacking exercises for many significant companies in the IT area. Shah is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc. Shah is a co-author of Web Hacking: Attacks and Defence (Addison Wesley, 2002) and is the author of The Anti-Virus Book (Tata McGraw-Hill, 1996).

Check out these sites for more information on Saumil:
http://www.net-square.com
http://saumil.net/


Dino Dai Zovi, Independent Security Researcher
Dino Dai Zovi got an early start in computers, using bulletin boards in second grade and accessing the Internet through a computer running VAX at 13. He taught himself to program and got a computer science degree from the University of New Mexico. While still in college, Dai Zovi worked for the Information Design Assurance Red Team at Sandia National Laboratories, which performs security assessments for the government, military, and commercial industry. Since then he's worked for consultancies @Stake and Matasano Security, Bloomberg, and been director of security at a hedge fund in New York.
Check out these sites for more information on Dino:
http://trailofbits.com 
http://www.theta44.org/
 

EVENT SPONSOR

PLATINUM SPONSOR

GOLD SPONSORS

SILVER SPONSORS

BRONZE SPONSORS

DISPLAY SPONSORS

   

BEERFEST SPONSOR

SPONSORS

TECHNICAL ADVISORY COMMITTEE


 

EVENT SPONSOR
SecureData offers extended value-add to customers, resellers and vendors alike. Our multi-centric, best-practice security solutions span the perimeter, network, endpoint, storage application and data protection - all supported by SecureData’s highly skilled technical, product, marketing and sales teams, enabling our partners to deliver high-quality security solutions and services.


BENEFITS OF ATTENDING
For CISOs and other c-level delegates
> Engage and participate in an unrivalled information-packed security education programme
> Understand the latest emerging threats and the best practices implemented to thwart them
> Prepare for new regulations that will increase your compliance burden
> Learn how to align security with business requirements
> Sharpen your security strategy and tighten your tactics
> Discover the tools and technologies that will help you make the most out of your security budget
> Better manage all kinds of risk and measure your security performance
For security professionals and practitioners
> Get practical, technical advice to solve your information security business challenges
> Find out what works, and what doesn't for securing your web applications
> Examine attack patterns and the increased precision of modern attacks
> Find out the most efficient, effective ways to protect your data and applications
> Make sure your security policies and procedures meet future business and legal requirements
> Witness live demonstrations of hacker tools and techniques
> Exchange ideas with industry experts in the field of information security
Muggie van Staden

CLOUD COMPUTING

Cloud nine