EH-Net Global Calendar of Events

EH-Net Global Calendar of Events Audience IconSet Your Calendar for Career Advancement

A calendar of industry events is a natural item for a publisher to include as an additional value for their readers. Here at The Ethical Hacker Network Online Magazine, we strive to be the best single source for advancing your career in the various fields of ethical hacking. In addition to book reviews, course reviews, certification information, tutorials, interviews, community forums… another vital component of your career is attending and participating in security and hacking events. Get involved!

Stay up-to-date with all listed events by using the +Subscribe & Add to Google Buttons at the bottom. Happy Ethical Hacking!

Editor’s Note: Is your event NOT in the EH-Net Calendar? Please send in the details using the links below.

Add Your Calendar Feed

If you know of an event feed you think belongs in this calendar, paste its iCalendar (.ics) feed’s URL below. If approved, its events will be added to this calendar.

Loading reCAPTCHA...

Get Your Own Calendar

If you already have your own WordPress website, it’s easy to install your own All-in-One Event Calendar from Timely:

  1. Browse to time.ly/get-your-own-calendar.
  2. Download the free Standard Calendar plugin.
  3. Log into your WordPress dashboard.
  4. Browse to Plugins > Add New > Upload.
  5. Choose the .zip file you just downloaded, and click Install Now.

That’s it! You’ll have your own All-in-One Calendar up and running within minutes.

For help or for more information, please visit our Help Desk.

August – September 2013

Aug
1
Thu
DEF CON 21 @ Rio Hotel in Las Vegas
Aug 1 – Aug 4 all-day

DEF CON 21 Logo

When and where is DEF CON 21?

DEF CON is generally in the last week of July or first week of August in Las Vegas. DEF CON 21 will be held August 1-4, 2013 at the Rio Hotel & Casino in Las Vegas. Many people arrive a day early, and many stay a day later. Again this year we will have some things running on Thursday.

How much is admission?

$180.00 USD, Cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script kiddies. The only discount is for Goons and speakers, who get to work without paying for the privilege. We only accept cash – no checks, no money orders, no travelers checks. We don’t want to be a target of any State or Federal fishing expeditions.

How many people will be there?

Last year we had an estimated 13,000 people come out our 20th anniversary hacker extravaganza! We may even continue to grow this year!

How did DEF CON start?

Originally started in 1993, it was a meant to be a party for member of “Platinum Net”, a Fido protocol based hacking network out of Canada. As the main U.S. hub I was helping the Platinum Net organizer (I forget his name) plan a closing party for all the member BBS systems and their users. He was going to shut down the network when his dad took a new job and had to move away. We talking about where we might hold it, when all of a sudden he left early and disappeared. I was just planning a party for a network that was shut down, except for my U.S. nodes. I decided what the hell, I’ll invite the members of all the other networks my BBS (A Dark Tangent System) system was a part of including Cyber Crime International (CCI), Hit Net, Tired of Protection (ToP), and like 8 others I can’t remember. Why not invite everyone on #hack? Good idea!

 

Aug
3
Sat
SANS San Francisco 2013 @ Hyatt at Fisherman's Wharf
Aug 3 all-day

SANS San Francisco 2013 - Hyatt at Fishermans WharfSANS San Francisco 2013

You are invited to attend another great SANS training event in “The City by the Bay.” SANS San Francisco 2013 will return to the Hyatt at Fisherman’s Wharf. Enhance your skills by taking advantage of SANS security training loaded with practical tools and cutting-edge information.

$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_05
Register Now!!

You can sign up for GIAC certification at a reduced rate in conjunction with some of the courses at this event. When you purchase a certification option, you will have four months after the event concludes to successfully pass the associated online exam.

SANS San Francisco 2013 offers the following courses:

IT Security:

  • *SEC401: Security Essentials Bootcamp Style (GIAC-GSEC) presented by Chris Christianson
  • SEC501: Advanced Security Essentials – Enterprise Defender (GIAC-GCED) presented by Dr. Eric Cole
  • *SEC504: Hacker Techniques, Exploits & Incident Handling (GIAC-GCIH) presented by Kevin Fiscus
  • SEC575: Mobile Device Security and Ethical Hacking presented by Christopher Crowley

Computer Forensics:

  • FOR508: Advanced Computer Forensic Analysis and Incident Response (GIAC-GCFA) presented by Alissa Torres

Security Management:

  • *MGT414: SANS +S Training Program for the CISSP Certification Exam (GIAC-GISP) presented by Paul A. Henry
  • MGT514: IT Security Strategic Planning, Policy and Leadership presented by Mark Williams

* Three of these courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications. Four courses also have GIAC Certification attempts (in parentheses above) available. See the GIAC homepage for more information.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into four categories:

  • Lunch & Learn: Short presentations given during the lunch break.
  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Vendor: Events hosted by external vendor exhibitors.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.

San Francisco is a wonderful and diverse city offering excellent restaurants, great weather, and plenty of evening activities to give your brain a rest! Here is your opportunity to soak up the incomparable ambiance of Fisherman’s Wharf and its great waterfront view while you enjoy some Ghirardelli chocolate and sample some clam chowder in a bread bowl. Make your travel plans now to attend SANS San Francisco 2013.

Aug
5
Mon
ICCS 2013 @ McNally Amphitheatre Fordham University at Lincoln Center
Aug 5 – Aug 8 all-day

ICCS 2013 - FBI LogoICCS 2013 – A White Hat Summit

The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 – 8, 2013 in New York City. ICCS, the White Hat Summit, is an unparalleled opportunity for global leaders in cyber threat analysis, operations and law enforcement to coordinate their efforts to create a more secure world.

The Cyber Security Conference for Law Enforcement, Industry and Academic Experts

With the number of cyber threats escalating worldwide, the need for comprehensive security analysis, assessment, and actions has never been greater. Join those working on the front-lines of secure cyber networks at ICCS for the opportunity to learn useful knowledge and share critical intelligence on issues shaping the future of cyber security.

Overview

ICCS 2013 is the premier global cyber security event spanning three days with more than 85 unique lectures from distinguished speakers from government, the private sector and academia. Each brings unique insights from their expertise in the disciplines of emerging technologies, operations and enforcement, academic and pragmatic experience.

A range of keynote presentations, panel discussions, sponsors’ presentations, exhibitions and exceptional networking opportunities provide a rare chance to learn and speak with leading cyber security subject matter experts and solution providers from throughout the world.

ICCS will continue to offer the Law Enforcement Workshop (LEW) and the Cyber Security Tutorial (CST). These events feature subject matter experts offering both technical and non-technical sessions, and are open to all cyber security professionals. ICCS 2013 participants are highly encouraged to take advantage of these unique opportunities to learn from subject matter experts.

Keynote and Distinguished Speakers at ICCS 2013

  • Preet Bharara
    United States Attorney
    Southern District of New York, United States Department of Justice, New York, NY USA
  • Michael Chertoff
    Former Secretary
    United States Department of Homeland Security, Washington, DC USA
  • Joseph M. Demarest
    Assistant Director
    Cyber Division, Federal Bureau of Investigation, Washington, DC USA
  • Robert E. Joyce
    Deputy Director
    Information Assurance, National Security Agency, Fort Meade, MD USA
  • Ruby B. Lee, Ph.D.
    Forrest G. Hamrick Professor of Electrical Engineering and Computer Science
    Princeton University, Princeton, NJ USA
  • Ian Levy
    Technical Director
    United Kingdom’s Government Communications Headquarters, Cheltenham, Gloucestershire UK
  • Kevin Mandia
    Chief Executive Officer
    Mandiant, Washington, DC USA
  • Lisa Monaco
    Assistant to the President for Homeland Security and Counterterrorism, Deputy National Security Advisor
    The White House, Washington, DC USA
  • George O. Strawn
    Director, Networking and Information Technology Research and Development Program
    National Coordination Office, Washington, DC USA

International Cyber Security Academy

The International Cyber Security Academy (ICSA) is a unique and enhanced combination of specialized hands-on training seminars and lectures to teach cyber warriors the most cutting edge tools, techniques, and protocols (TTPs) of information security beyond mere concepts and terminology. Cyber warriors attending ICSA join the ranks of the privileged few, the Society of Few, Protectors of Many, who receive training from leading U.S. government professionals and private industry leaders, learning the skills and techniques needed to combat emerging cyber threats and exploitations. The hands-on approach to learning in the Academy, in conjunction with the complimentary admittance to the International Conference on Cyber Security (ICCS 2013) and all of its lectures, will prepare the future leaders of secure and sustainable cyberspace. For more information, please visit our website, www.iccs.fordham.edu/icsa/

SANS Boston 2013 @ Hilton Boston Back Bay
Aug 5 – Aug 10 all-day

SANS Boston 2013 - SkylineSANS Boston 2013

SANS will be returning to Boston with an exceptional training lineup this August. Why not get your security management, IT security, and computer forensics training at SANS Boston 2013 on August 5-10? We are bringing our top courses and best instructors to make this the perfect training event for you!

$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_05
Register Now!!

  • SEC505: Securing Windows and Resisting Malware – GCWN – James Tarala
  • SEC401: Security Essentials Bootcamp Style – GSEC – Dr. Eric Cole
  • SEC504: Hacker Techniques, Exploits & Incident Handling – GCIH – Dave Shackleford
  • SEC560: Network Penetration Testing and Ethical Hacking – GPEN – Tim Medin
  • SEC575: Mobile Device Security and Ethical Hacking – GMOB – Christopher Crowley
  • SEC579: Virtualization and Private Cloud Security – Paul A. Henry
  • FOR508: Advanced Computer Forensic Analysis and Incident Response – GCFA – Rob Lee
  • MGT414: SANS +S Training Program for the CISSP Certification Exam – GISP – Seth Misenar
  • MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression – GSLC – Stephen Northcutt

Attend Remotely Via Simulcast

Do you want to attend SANS Boston 2013 but can’t travel? You don’t have to miss out with Event Simulcast!

Event Simulcast allows you to attend a SANS training event without leaving home. Simply log in to a virtual classroom to see, hear, and participate in the class as it is being presented LIVE at the event. The Event Simulcast option is available for many classes offered at our largest training events.

Bonus Sessions at SANS Boston 2013

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into four categories:

  • Lunch & Learn: Short presentations given during the lunch break.
  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Vendor: Events hosted by external vendor exhibitors.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
WorldCIS 2013 @ Tokyo University of Information Sciences Chiba Satellite Campus
Aug 5 – Aug 7 all-day

WorldCIS 2013 - IEEE LogoWorld Congress on Internet Security (WorldCIS 2013)

The World Congress on Internet Security (WorldCIS 2013) is Technical Co-Sponsored by IEEE Tokyo Section and IEEE Hiroshima Chapter. The WorldCIS 2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the Internet, computer networks, protecting the Internet against emerging threats and vulnerabilities, and sustaining privacy and trust has been a key focus of research. The WorldCIS aims to provide a highly professional and comparative academic research forum that promotes collaborative excellence between academia and industry.

The objectives of the WorldCIS are to bridge the knowledge gap between academia and industry, promote research esteem and to fostering discussions on information technologies, information systems and global security applications. The WorldCIS 2013 invites speakers and researchers to submit papers that encompass conceptual analysis, design implementation and performance evaluation. All submitted papers are peer-reviewed (blind reviewed).

The WorldCIS is an international forum for both researchers and industry practitioners to exchange the latest fundamental advances in the state of the art and practice, Internet SecurityTechnologies, Application of Agents, Cybernetics, Cyber warfare, Cyber Security, Digital Forensic, Cloud Security, Data Mining, E-Society, Security of Web Sevices, Mobile, Ad Hoc and Sensor Network Security, and identify emerging research topics.

Workshops / Tutorial at WorldCIS 2013

The WorldCIS encourages you to submit workshop or tutorial proposals. The workshop or tutorial duration can be one day or one and half day. All the accepted papers will be included in the conference proceedings. You can consider organising a workshop that is related to WorldCIS 2013 topics.

The purpose of these workshops is to provide a platform for presenting novel ideas in a less formal and possibly more focused way than the conferences themselves. It offers a good opportunity for young researchers to present their work and to obtain feedback from an interested community. The format of each workshop or tutorial is to be determined by the organisers, but it is expected that they contain ample time for general discussion. The preference is for one day workshops, but other schedules will also be considered.

Aug
19
Mon
Toronto Information Security Forum 2013 @ The King Edward Hotel
Aug 19 – Aug 20 all-day

Toronto Information Security Forum 2013 - Skyline PicToronto Information Security Forum 2013

The Toronto Information Security Forum 2013 brings together experienced IT and information security practitioners for confidential information sharing on the industry’s most important issues, technologies, and trends. The two-day Forum includes keynote addresses, technical and strategic roundtable discussions led by IANS’ Faculty, networking events, and the opportunity to learn about new technologies. Click here to download a copy of the agenda.

Why Attend Toronto Information Security Forum 2013

  • Gain tangible, real world insights on best practices and lessons learned directly from your peers
  • Stay current with emerging technologies and early-stage deployments
  • Connect with the industry’s leading minds
  • Network and connect with other influential senior IT managers and business leaders
  • Earn 16 Continuing Education Credits

Who We Are – IANS

IANS is the leading provider of in-depth security insights and decision support delivered through research, community, and consulting. Fueled by interactions among IANS Faculty and information security practitioners, IANS’ experience-driven advice helps IT security, risk management, and compliance executives make better, faster technical and managerial decisions.

IANS was founded in 2001 as the Institute for Applied Network Security. Inspired by the Harvard Business School experience of interactive discussions driving collective insights, IANS adapted that format to fit the needs of the information security community.

What We Do

  • Decision Support – IANS offers an annual service for both large enterprises and smaller teams of information security professionals which enables users to connect to and learn from industry thought leaders and peers through events, personal inquiries, written research, and more.
  • Events – IANS’ Information Security Forums bring together experienced IT and information security practitioners for confidential information sharing on the industry’s most important issues, technologies, and trends.
  • Consulting and Advisory Services – IANS delivers actionable advice through custom workshops, reports, studies, and surveys that target the specific issues faced by information security professionals and solution providers.
UNITED 2013 – Rapid7 Security Summit @ Boston Seaport Hotel
Aug 19 – Aug 21 all-day

UNITED 2013 - Rapid7 Security Summit LogoUNITED 2013 – Rapid7 Security Summit

About UNITED 2013 – Defenders are constantly under pressure to respond to the next challenge and protect against new threats and attackers. Having strategies and tools you can rely on is essential, but how should you deploy them to ensure you’re staying ahead? And with so much to consider, how do you know whether you’re focusing on the right issues and taking the right actions?

Take your security to the next level: Join Rapid7 at UNITED 2013 for three days of actionable, pragmatic advice from security practitioners and researchers who can help you maximize your investment.

Keynote Speakers

Hugh Thompson, Co-Author of “The Plateau Effect”

Nate Silver, Author of “The Signal & The Noise”

Why Attend UNITED 2013

  • Learn directly from experts and network with other experienced security pros
  • Maximize the value of your investment in Rapid7 products & services
  • Get access to dedicated support, research, and development staff

Who Should Attend

The best and brightest in the security industry – that’s you.
And the peers you’ll meet at UNITED 2013.

When you come to UNITED, you’ll get actionable information on what’s going on in your world and what you can do about it now. Learn directly from experts who use the best techniques and tools every day, and share best practices with peers to understand how to keep your organization secure. After attending UNITED, you’ll be able to take what you’ve learned, apply it in your world, and do what you already do – only better.

At UNITED, you’ll get the most out of your investment in our products, with access to our dedicated support, research and product development staff, detailed demos of new products, an inside view of our integration lab and an opportunity to engage with key partners. UNITED will keep you on top of your game and in front of coming trends.

Aug
20
Tue
AppSec EU Research 2013 @ Emporio
Aug 20 – Aug 23 all-day

AppSec EU Research 2013 - OWASP LogoAppSec EU Research 2013

The German OWASP chapter invites you to join top security architects, developers, technology thought leaders, and executives from Fortune 500 firms to the OWASP AppSec EU Research 2013 global conference in the beautiful city of Hamburg, Germany from August 20–23. This conference is an opportunity to hear about the latest research on a myriad of topics related to web security, as well as establish connections between developers, security experts, and business leaders who are all stakeholders in ensuring applications are as secure as possible.

  • Trainings: August 20-21
  • Conference: August 22-23

OWASP is the foremost web app security organization in the world, with thousands of members globally, including some of the biggest names in the industry. The goals of OWASP are to make web applications safe and to educate users, developers, governments, and business leaders on how to protect vulnerable information and avoid dangerous hacks that can cost millions of Euros to fix. Our members freely dedicate their time and knowledge to this effort and our conferences have become must-attend events for those interested in protecting private information.

With a large and active membership base, OWASP Germany is proud to host this year’s conference in one of Germany’s most beautiful cities, Hamburg. Known for media and innovation, it’s the ideal location to discuss game-changing research and make new connections. While attending the conference, you will have a panoramic view of the city, while overlooking the Elbe River at the centrally located Emporio Hamburg, which is considered one of Hamburg’s landmark buildings.

Overview of AppSec EU Research 2013

  • Cutting-edge topics presented by renowned security professionals from industry and academia.
  • Trainings and speeches on a variety of security topics including: web security, mobile security, cloud security, vulnerability analysis, defense and much more
  • Premier gathering place for executives from Fortune Global 500 companies and technology thought leaders
  • Group sessions, panel discussions, workshops and learning opportunities for developers, business owners and security experts
  • Learn and network for four days, while taking in a panoramic view of one of Germany’s most beautiful cities at a top Hamburg landmark

Why “Research”?

We’re using the term Research to emphasize the research character of parts of this conference. We’ll have one separate track for security researchers presenting their latest findings and meet and discuss with the audience.

What happened to “AppSecEU”?

Nothing, it’s still alive and kicking. Actually you are looking at the very web site. We’re using AppSec Research in 2013 as a synonym to AppSecEU, as it has been 2010 already. In 2011 we didn’t have a research track, so AppSec Research was not used.

Aug
22
Thu
BSides Los Angeles 2013 @ Dockweiler Youth Center
Aug 22 – Aug 23 all-day

BSides Los Angeles 2013 PicBSides Los Angeles 2013 Details

Security on the beach, where else but in Los Angeles! The goal of BSides Los Angeles 2013 is to mash up the local Southern California security community with the best open thinkers from around the world in the famous SecurityBSides open, interactive and community oriented format. This is a collaborative event – for all of us, by all of us. The only thing we ask of you is to participate. Come and talk, speak up, ask questions and participate throughout the event. It is a time for all of us to learn, share and explore without judgment, and to inspire those around us.

The event will include:

  • Thursday and Friday during the day there will be a selection of semi-scheduled talks at Dockweiler Youth Center.
  • Registration opens at 8:30 AM Thursday and Friday
  • Talks start at 9:30 AM on both Thursday and Friday
  • Lunch will be provided and will be at 12:00
  • Friday Night After Party on the Beach!

Volunteers! Sponsors! We need sponsors, wranglers, handlers, speakers, nuts, looneys, the sane, and those of you that are somewhere in-between to all throw in a hand. Because in Los Angeles, we do everything BIG.

Invite your friends by posting this on Twitter: “#BSidesLA August 22&23,2013: Discover the next big thing!”

Follow us on Twitter: @BSidesLA

Use the hastag #BSidesLA on Twitter

BSides Los Angeles 2013 Planners

Big thank you to all the organizers who make this year even better! Many will be returning this year, and we encourage anyone else who would like to come out and help us make 2013 even better!

  • Daniel Blander – That Gnarly Dude who sleeps on the beach
  • Yenny Yi – The Surfer who is always hanging ten!
  • Josh Chin – Keeps his moterboard waxed and ready
  • Dave Wettenstein – Draws his own stars on the Hollywood Walk of Fame
  • Joe Luna – Wears the Sunglasses at Night at the Sunset Grill
  • Joe Rozner – Collects sand and c-shells to share
  • Sean McAllister – War Drives a convertible with spinners
Aug
30
Fri
OWASP InfoSec India Conference 2013 @ Crowne Plaza Hotel Gurgaon
Aug 30 – Aug 31 all-day

OWASP InfoSec India Conference 2013OWASP InfoSec India Conference 2013

OWASP events in India are the largest information security events in the region and was coined as “India’s Cyber Security Kumbh” in 2009 by few participants. OWASP InfoSec India Conference 2013 is scheduled for August 30, 2013 at Hotel Crowne Plaza Today, Gurgaon. OWASP conference format is planned to have parallel sessions in two different convention halls, addressing strategists and experts on emerging threats and countermeasure technologies. Participants can however on-the-spot choose the session of their interest from either of the convention halls. OWASP conference sessions are delivered by world renowned and most regarded speakers from around the world. Conference offers special slots to network with cyber security celebrities, decision makers, government top brass, and peers.

Conference – August 30, 2013 – Download Agenda

Multi-track trainings are conducted at OWASP India events which are organized as parallel sessions to provide participants with a flexibility to pick the most relevant session to their work or interest. Below are the trainings happening at “OWASP InfoSec India Conference 2013″ on August 31, 2013, participants can choose one topic each for pre-lunch and post-lunch sessions.

Trainings – August 31, 2013 – Download Agenda

Speakers

  • Shreeraj Shah, Founder, BlueInfy
  • Sherif Hazzaa, Managing Director, ISNSC (R&D)
  • Ahmed Qurram Baig, Chief Information Security Officer, Abu Dhabi Government

Who Should Attend OWASP InfoSec India Conference 2013?

  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • CERTs, Policy Makers, Regulators, Investigators, Security and Defence establishments
  • Government departments engaged into protection of nation’s critical infrastructure
  • Risk Managers, Auditors, and Professionals managing IT Security Governance, BCP and Compliance Programs
  • Application Developers, Architects and Database Experts
  • Vulnerability Researchers, Exploiters and Pwners
  • Application Security and Quality Assurance professionals
  • Penetration Testers
  • System/Network Administrators
  • Scholars, Academia and Trainers
  • Networkers, Information Security Marketing folks
  • All those information security wannabees out there…
Sep
7
Sat
BSides Memphis 2013 @ Southwest TN Community College
Sep 7 all-day

BSides Memphis 2013 - Security BSides LogoBSides Memphis 2013

BSidesMemphis 2013 is a local presence, in the Mid-South, of Security BSides. BSides is a community-driven framework for building events revolving around the topic of information security. In an open manner, all people are encouraged to assist in the creation and support of each BSides event. You can get involved by presenting a talk, planning, sponsorship, getting the word out or by attending the conference. View the schedule for The 2013 BsidesMemphis Conference here. The schedule also includes what each session will cover.

SPEAKER BIOS

Joe McCray (@j0emccray) is an Air Force Veteran and has been in security for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and has some major hacking accomplishments that he can share with his classes. His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DefCon, BruCon, Hacker Halted and more. Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. Joe is the founder and CEO of http://strategicsec.com an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis.

Kevin Poniatowski spent the first ten years of his career learning and implementing insecure coding techniques while developing software for two Department of Defense contractors. His thirst for knowledge and understanding of application security convinced him to escape his cubicle prison six years ago. He has since spent his time atoning for every buffer and heap overflow vulnerability he has written by traveling the world spreading the good word of secure coding as an application security instructor and Director of Instructor led Services for Safelight Security. In his spare time, he visits local open mike stand up comedy nights to inflict his sense of humor upon unfortunate audiences.

Chris Haggard manages an Application Security team in Memphis, TN. He and his team are responsible for driving the secure development and implementation of applications and systems across the global enterprise. He is an advocate of educating developers, enabling secure systems development and evaluating the effectiveness of security assurance activities. His prior experience includes software development and security consulting positions as well as computer operations, development and security in the U.S. Air Force. He holds CISSP, GSSP, and ITIL certifications.

Paul Coggin (@PaulCoggin) is an Internetwork Consulting Solutions Architect with Dynetics in Huntsville, Alabama. Paul is responsible for designing and building broadband multi-service networks supporting Smart Grid, MPLS, VoIP, and IPTV for service providers, leading cyber security research efforts, in addition to performing network security architecture assessments and penetration tests for enterprises, utilities and service providers. Paul is a Cisco Systems Certified Instructor # 32230 and a Certified EC-Council Instructor. He has a BS in Mathematics, MS in Computer Information Systems. In addition he holds a wide array of certifications, including CEH, ECSA, CPTS, CISSP, CCNA SPOPS, CCNP, CCDP, CCIP, CCSP, and CCNP-Voice.

Josh Scott (@scottjosh) is an InfoSec enthusiast from the Dallas, TX area. I am a Husband, Father, InfoSec Enthusiast, Privacy Advocate, and Programmer. When I’m not spending time with my wife and daughters I am organizing CryptoParties in Dallas to teach people how to protect themselves from unwanted surveillance and invasions of privacy.

Matt Smith is Principal Security Analyst at Sword&Shield Enterprise Security

Phil Grimes (@grap3_ap3) is an Information Security Professional with experience in providing application security assessments and penetration testing services to organizations ranging from small businesses, financial institutions, e-commerce, telecommunications, manufacturing, education and government agencies, as well as international corporations. Phil started learning networking and Internet security as a hobby with AOL in 1996, developing his technical skill set independently until joining the MicroSolved Team in 2009. After leaving MicroSolved in 2012, vulnerability research and exploit development became a main focus of attention. Phil’s experience in application security, penetration testing, mobile/SmartPhone security, and social engineering have proven successful in assessments for high profile customers both domestically and around the globe. An accomplished speaker and presenter, Phil has engaged on various topics for MSI’s “State of the Threat” webinars, CUISPA conferences, and at the Central Ohio ISSA InfoSec Summit in addition to various other speaking appearances to a wide range of audiences.

Hal Humphreys is a nerd, an entrepreneur, an investigator, a former research analyst and a valuation specialist. He’s a writer, a pub radio producer, and an educator. He’s a founding partner at Storyboard EMP, LLC, education media publishers.

Hal founded [FIND] Investigations as a professional investigator. He’s a former real estate appraiser. He’s a fly fisherman, hiker, and food lover.

His professional expertise: tech/education/creative startups, product development, old-school marketing, business intelligence, deep research, background investigations.

What is BSides?

Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Sep
12
Thu
GrrCON 2013 @ DeVos Place
Sep 12 – Sep 13 all-day

GrrCON 2013 LogoGrrCON 2013

GrrCON 2013 is an information security and hacking conference being held in the Midwest. This conference was put together to provide the Midwest regional information security community with a venue to come together and share ideas, information, solutions, forge relationships, and most importantly engage with like minded people in a fun atmosphere. Whether you are a Fortune 500 executive, security researcher, security industry professional, student, or a hacker of “flexible” morals you will find something for you at GrrCON.

GrrCON is Different

GrrCON is an information security and hacking conference put together to provide the community with a venue to come together and share ideas, information, solutions, forge relationships, and most importantly engage with like minded people in a fun atmosphere without all the elitist “Diva” nonsense. We bring together the CISO, the hacker, the security practitioner, and the researcher in a one-of-a-kind experience you CANNOT get elsewhere.

We provide three+ presentation tracks, in-con workshops, pre-con training, and a solutions arena to ensure you get the most out of the event. Come join the conversation.

And yes, free food & beer.

No egos, No Divas, just a good time and good content.

Where?

DeVos Place® is a premier convention center located in downtown Grand Rapids. Downtown Grand Rapids is located 15 minutes from Gerald Ford International Airport and easily accessible from all major interstates.

Workshops

Workshops will run throughout GrrCON and do require an additional ticket and have limited space. The small cost is to ensure attendees who sign up intend to participate. Workshops include:

  • Introduction to Exploit Development
  • Effective IDS/IPS auditing and testing
  • Open Source Intelligence Workshop / CTF

Fun

There are numerous fun events like Hacker Feud, a Crypto Challenge, Lock Pick Village, Wireless Hacking Village, Parties and much more. For details, click here.

Sep
13
Fri
BSidesAugusta
Sep 13 – Sep 14 all-day
Sep
14
Sat
SANS Network Security 2013 @ Caesars Palace
Sep 14 – Sep 23 all-day

SANS Network Security 2013 - Caesars Palace ForumSANS Network Security 2013

I’m pleased to invite you and your colleagues to attend SANS Network Security 2013 when we return to the magnificent Caesars Palace, Las Vegas, on September 14-23. Network Security is your annual networking opportunity! SANS will bring you the best in network security training, certification, and up-to-the-minute research on the most important topics in the industry today.

$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_05
Register Now!!

If you have attended this event in the past, then you know how valuable it can be to your career and to the safety and preservation of your company’s online and computerized resources. Be assured that at SANS Network Security 2013, you’ll get hands-on, immersion training from SANS world-class instructors and learn what it takes to stop cyber crime for your organization. Those who attend SANS Network Security 2013 will see that SANS offers a high-energy program, hands-on labs, a huge Vendor Solutions Expo, evening talks on the most timely security challenges, plus a myriad of networking opportunities.

49 Courses – 45 Instructors – 6 Disciplines

Choose from an extensive lineup of hands-on immersion courses with in-depth training. Be sure to visit our Schedule page where you can select a long course and/or short, skill-based courses. To maximize your training investment, one of our one- or two-day courses might fit nicely with your longer course!

The SANS Technology Institute (STI) offers a Master’s Degree in Information Security Management and a Master’s Degree in Information Security Engineering. Many of the courses offered at SANS Network Security will count towards one of these Master’s Degree programs once you apply for admission. Don’t miss the opportunity to take courses that will advance your education toward a Master’s Degree in your field.

We already said that networking opportunities abound at SANS Network Security 2013. Along with your course, you can attend the SANS@Night presentations, evening talks with keynote speakers, and our Vendor events. Look for information to be added regarding our SANS Network Security 2013 Vendor Showcase which provides a look at vendor products and solutions that can help address your organization’s key security issues. In addition, our vendors will be featuring Lunch & Learn sessions throughout this event.

Don’t miss the opportunity to participate in NetWars Tournament. NetWars Tournament is a live and timed event that runs over an intense two-day period. It is a competitive environment that creates a sense of urgency and pressure among the participants, with a real-time scoreboard available for viewing. Many enterprises, government agencies, and military organizations rely on NetWars Tournament training to help identify skilled personnel and as part of extensive hands-on skill development.

This industry changes daily, and the challenges you face are undoubtedly complex. If you have pen testers, forensics experts, and application and software developers on your staff, get them to come to Las Vegas. They will bring back knowledge, skills, and tools that they will put to work the day they return!

Sep
23
Mon
BruCON 2013 @ Aula Academica of the Ghent University
Sep 23 – Sep 27 all-day

BruCON 2013 LogoBruCON 2013

BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON 2013 offers a high quality line up of speakers, security challenges and interesting workshops. BruCON 2013 is a conference by and for the security and hacker community.

The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers(*), security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies, etc.

Current list of speakers at BruCON 2013

Keynotes

  • Justine Aitel – Head of Digital Infrastructure and Security at Dow Jones
  • Dan Guido – CEO of Trail of Bits

Talks

  • Aloria – .NET: The Framework, the Myth, the Legend
  • Tiago Balgan Henriques – Realtime analysis and visualization of internet status : from malware to compromised machines.
  • Robert Graham – Data-plane networking
  • Jake Valletta – CobraDroid
  • David Perez/Jose Pico – Geolocation of GSM mobile devices, even if they do not want to be found.
  • Russ Gideon – Paint by Numbers vs. Monet
  • Arron Finnon – NIDS/NIPS : What is the OSNIF project?
  • Erin Jacobs – Taking the BDSM out of PCI-DSS through open-source solutions
  • Gene Kim, Alex Hutton, David Mortman, Kris Buytaert, Patrick Debois – A panel on DevOPS and Security
  • Stephane Chenette – Firedrill : offensive defense to better protect your network.
  • Vaagu Toukharian – HTTP Time Bandit

Workshops

  • Ioannis Koniaris – Analyzing Internet Attacks with Honeypots
  • Christopher Lytle – Crypto by example – A hands-on cryptography workshop
  • Carlos G. Prado – Automating RE with Python
  • Sandor Pereiro de Melo – Kudo : Post Mortem Forensic Analysis with FLOSS tools 2.0
  • Willi Ballenthin/Michael Sikorski – Winter Cluster: Builiding a malware ‘agglomerator’
  • Didier Stevens – Advanced Excel Hacking

Training

Immerse yourself into the world of pen testing and application security by attending the BruCON 2013 Trainings. Offering world-class, deep-dive technical trainings given by the most recognized experts with huge industry experience in their domain! Download the BruCON 2013 Training Flyer

The Final Line-Up:

  • Offensive Techniques by Russ Gideon (3 days 23-25 Sep)
  • Pentesting Smart Grid and SCADA with SamuraiSTFU by Justin Searle (3 days 23-25 Sep)
  • Hacking PDF by Didier Stevens (2 days 24-25 Sep)
  • Lessons in Mobile Penetration Testing by Zach Lanier (2 days 24-25 Sep)
  • The Art of Exploiting Injection Flaws by Sumit Siddharth (2 days 24-25 Sep)
  • Practical Malware Analysis: Rapid Introduction by Michael Sikorski (2 days 24-25 Sep)

How did BruCON start?

BruCON is organized as a non-profit event by volunteers. A group of security enthusiasts decided that it was time in Belgium to have its own security and hacker conference. A lot of countries around the world have these kind of conferences to discuss and present research on computer security and related subject matters. We want to unite people who share the same passion and support the Belgian (research) communities, with BruCON as a yearly highlight. We are not professional organizers and started this as a non-profit organization. We all have full time jobs and dedicate a lot of our free time to this project. Everyone is welcome to join us and help!!

Sep
24
Tue
ASIS 2013 @ McCormick Place
Sep 24 – Sep 27 all-day

ASIS 2013 LogoASIS 2013

24/7 SECURITY. From forward-thinking education to an expansive show floor to limitless networking opportunities with peers from around the globe, ASIS 2013 gives you the knowledge, cutting-edge innovations, and resources you need to mitigate risk and succeed in today’s complex threat environment. Register today!

Use the SHOW PLANNER to search all sessions, products/services, and exhibitors.

ASIS welcomes back the (ISC)2 Security Congress, colocated with ASIS 2013.


 

Keynote Sessions

ASIS 2013 - Keynote Steve Wozniak

Steve Wozniak

Co-Founder of Apple Computer and Philanthropist
Wednesday, September 25
A Silicon Valley icon, Steve Wozniak single-handedly designed the first personal computer and later redirected his lifelong passion for mathematics and electronics toward lighting the fires of excitement for education in grade school students and their teachers. In 1976, Wozniak and Steve Jobs founded Apple Computer, Inc. with Wozniak’s Apple I personal computer. A year later he introduced the Apple II, which was integral in launching the personal computer industry. After leaving Apple in 1985, Wozniak was involved in various business and philanthropic ventures. He currently serves as chief scientist for Fusion-IO and is a published author.

ASIS 2013 - Keynote John Winston Howard

The Honorable John Winston Howard

25th Prime Minister of Australia 1996 – 2007
Thursday, September 26
Get a view of the world from “Down Under” from Australia’s second longest serving prime minister. During his 16-year tenure, Howard turned around the federal government budget from heavy deficit to free of net debt when he left office. He also initiated major reforms in taxation, labor laws, and social policy. Under Howard’s government, Australia was both a strong and close ally of the United States as well as expanding links with Asian nations. With Howard’s leadership, Australian forces joined the coalition of the willing in Iraq in March 2003. Australia strongly supported the war against terrorism with her forces continuing to serve alongside American and other coalition forces in Afghanistan. See full bio.

ASIS 2013 - Keynote Mike Ditka

Mike Ditka

Legendary NFL Coach and Analyst

Closing Luncheon, Friday, September 27

Mike Ditka’s legendary career with the Chicago Bears, as player, assistant coach, and head coach, has earned him three Super Bowl wins and entry into the Pro Football Hall of Fame. Ditka shares his lessons learned in a life of commitment and attention to the fundamentals in his ‘ACE’ presentation—Attitude, Character, and Enthusiasm. You won’t want to miss this powerful closing session! See full bio.

ISC2 Security Congress 2013 @ McCormick Place
Sep 24 – Sep 27 all-day

ISC2 Security Congress 2013 LogoISC2 Security Congress 2013

The ISC2 Security Congress 2013 event offers invaluable education to all levels of information security professionals. This event will provide information security professionals with the tools to strengthen their security without restricting their business. Colocated with the ASIS 2013 59th Annual Seminar and Exhibits, (ISC)² and ASIS International have teamed up to bring you the most comprehensive education and networking event in the security industry.

Conference Tracks Now Posted

View the ISC2 Security Congress 2013 conference tracks! Tracks include: Application Security, Cloud Security, Government Security, GRC, Malware, Mobile Security/Social Networking, Software Assurance, Swiss Army Knife, and Threats.

View all the tracks and sessions!

Full Registration

The four-day package (Sept 24th Tuesday – Sept. 27th Friday) is your best value and includes:

  • Access to all Sessions and ASIS Keynotes/General Sessions
  • Admission to the Exhibits (Tuesday- Thursday)
  • (ISC)² Town Hall Meeting – (ISC)² Members Only
  • ASIS Welcome Reception
  • (ISC)² Member Reception
  • ASIS President’s Reception
  • (ISC)² Safe & Secure Online Program Volunteer Orientation – (ISC)² Members Only
  • ASIS Networking Luncheons
  • ASIS Closing Luncheon
  • Daily Refreshment Breaks

Safe and Secure Online – Learn to Keep Kids Cyber Safe

Date: Wednesday, September 25th

Time: 9:15 am – 10:30 am

Location: McCormick Convention Center

Being an (ISC)2 member is rewarding, but giving back to your community while using your professional expertise as a Safe and Secure Online volunteer is even more fulfilling! The Safe and Secure Online Program educates children about cyber safety, security and ethics. Plus, it gives members a chance to earn CPEs! Safe and Secure Online began in 2006 to address the gap in security advice that exists in children’s safety outreach.

The SSO program has reached more than 80,000 students worldwide. We’re pleased to offer you cutting-edge, professional, interactive presentation, co- created with Childnet International, aimed at children 7-14. In addition, we offer a parent and teacher presentation to help keep families safe. This program is currently offered to (ISC)2 members in Canada, Hong Kong, the UK, US, Switzerland, India and Ireland.

Sep
25
Wed
Boston Information Security Forum 2013 @ Boston Convention & Exhibition Center
Sep 25 – Sep 26 all-day

Boston Information Security Forum 2013 - Skyline PicBoston Information Security Forum 2013

The Boston Information Security Forum 2013 brings together experienced IT and information security practitioners for confidential information sharing on the industry’s most important issues, technologies, and trends. The two-day Forum includes keynote addresses, technical and strategic roundtable discussions led by IANS’ Faculty, networking events, and the opportunity to learn about new technologies. Click here to download a copy of the agenda.

Why Attend Boston Information Security Forum 2013

  • Gain tangible, real world insights on best practices and lessons learned directly from your peers
  • Stay current with emerging technologies and early-stage deployments
  • Connect with the industry’s leading minds
  • Network and connect with other influential senior IT managers and business leaders
  • Earn 16 Continuing Education Credits

Who We Are – IANS

IANS is the leading provider of in-depth security insights and decision support delivered through research, community, and consulting. Fueled by interactions among IANS Faculty and information security practitioners, IANS’ experience-driven advice helps IT security, risk management, and compliance executives make better, faster technical and managerial decisions.

IANS was founded in 2001 as the Institute for Applied Network Security. Inspired by the Harvard Business School experience of interactive discussions driving collective insights, IANS adapted that format to fit the needs of the information security community.

What We Do

  • Decision Support – IANS offers an annual service for both large enterprises and smaller teams of information security professionals which enables users to connect to and learn from industry thought leaders and peers through events, personal inquiries, written research, and more.
  • Events – IANS’ Information Security Forums bring together experienced IT and information security practitioners for confidential information sharing on the industry’s most important issues, technologies, and trends.
  • Consulting and Advisory Services – IANS delivers actionable advice through custom workshops, reports, studies, and surveys that target the specific issues faced by information security professionals and solution providers.
DerbyCon 3.0 @ Hyatt Regency
Sep 25 – Sep 29 all-day

Welcome to DerbyCon 3.0 – “All in The Family”

This is the place where security professionals from all over the world come to hang out. DerbyCon 3.0 will be held September 25-29th, 2013. DerbyCon 2012 pulled in over 1,100 people with an amazing speaker lineup and a family-like feel. We’ve listened to your feedback and plan on making this conference even better. Our goal is to keep it around the same size and maintain a close-knit conference where we all come together to learn and share ideas.

Training – September 25 – 26, 2013Conference – September 27 – 29, 2013

Events

DerbyCon has a wide variety of events going on before, during, and after the conference. This year we stepped it up by adding additional villages for more entertainment during the conference time. Our party is going to be absolutely amazing this year thanks to our sponsors Endgame Systems and Rapid7.

Training Courses

Welcome to the DerbyCon 2013 Training page. From here you will see a breakdown of all of the training events that you can register for. Training costs $1,000 per course and also includes the ticket admission.

Training will be two days running from the morning on the September 25th and wrapping up at night on the 26th. Training is for a full two days prior to the conference. Training costs $1,000 and includes admission to the conference. Please note that there is a non refund policy. If you purchase a ticket and need a refund, you will need to sell your spot.

–> CAUTION: Under no circumstances will training be refunded. Once you bought a ticket, you have a ticket.

  • Intro to Powershell for Professionals
  • Corelan Live – Win32 Exploit Development Bootcamp
  • Foundstone’s Ultimate Hacking: Human
  • Attacking and Securing Mobile Devices
  • Learn to be a Penetration Tester
  • Tap That – An Introduction to Hacking Hardware
  • Red Team Testing
  • Web Application Hacking: OWASP and Beyond
  • Hardware Hacking with Joe Grand
  • Exploit Mobile with OWASP
  • Introduction to Malware Analysis
  • WiFi Hacking (with Mister_X)
Sep
26
Thu
BSidesPDX (Portland, OR)
Sep 26 – Sep 28 all-day