Program Committee

Send your abstract directly to sasCFP@kaspersky.com. The deadline for submissions is December 7, 2019.

Individual proposals should be no more than 350 words in length (final presentations will be no more than 20 minutes). Proposals should include the title of the paper and should clearly spell out the focus and goal of the presentation.

Chris Eng

Veracode

Chris Eng is Chief Research Officer at Veracode. A founding member of the Veracode team, he currently leads all security research initiatives including applied research, product security, and Veracode Labs. Chris has led projects breaking, building, and defending software in a career spanning nearly two decades. In addition to research, he consults frequently with stakeholders to advance application security initiatives.

Chris Eng is Chief Research Officer at Veracode. A founding member of the Veracode team, he currently leads all security research initiatives including applied research, product security, and Veracode Labs. Chris has led projects breaking, building, and defending software in a career spanning nearly two decades. In addition to research, he consults frequently with stakeholders to advance application security initiatives.

Chris is a frequent speaker and occasional review board member at premier industry conferences. Bloomberg, Fox Business, CBS, and other prominent media outlets have featured Chris in their coverage.

Prior to Veracode, Chris was technical director at Symantec (formerly @stake) and an engineer at the National Security Agency.
 

Kymberlee Price

Microsoft

With over 13 years' experience in the information security industry specializing in application security incident response and investigations, Kymberlee Price got her start by pioneering the first security researcher outreach program in the software industry at Microsoft. Ms. Price was later a principal investigator in the Zotob criminal investigation, and analyzed APT's at Microsoft. She then spent 4 years investigating product vulnerabilities in BlackBerry's Security Response Team.

With over 13 years' experience in the information security industry specializing in application security incident response and investigations, Kymberlee Price got her start by pioneering the first security researcher outreach program in the software industry at Microsoft. Ms. Price was later a principal investigator in the Zotob criminal investigation, and analyzed APT's at Microsoft. She then spent 4 years investigating product vulnerabilities in BlackBerry's Security Response Team. After three years directing the efforts of Bugcrowd's more than 50,000 Crowd members in web application, mobile application, IoT and host infrastructure penetration testing, Ms. Price has returned to Microsoft and her passion for securing applications and services that utilize open source and third party libraries. Ms. Price previously co-chaired the Department of Commerce NTIA Working Group on Multi-Party Vulnerability Disclosure and speaks regularly on vulnerability management and product incident response best practices at events including Black Hat USA, RSA, Kaspersky Security Analyst Summit, Nullcon, and Metricon.

Costin Raiu

Kaspersky

Costin specializes in analyzing advanced persistent threats and high-level malware attacks. He is leading the Global Research & Analysis Team (GReAT) at Kaspersky that researched the inner workings of Stuxnet, Duqu, Carbanak and more recently, Lazarus, BlueNoroff, Moonlight Maze and the Equation group. Costin’s work includes analyzing malicious websites, exploits and online banking malware.

Costin specializes in analyzing advanced persistent threats and high-level malware attacks. He is leading the Global Research & Analysis Team (GReAT) at Kaspersky that researched the inner workings of Stuxnet, Duqu, Carbanak and more recently, Lazarus, BlueNoroff, Moonlight Maze and the Equation group. Costin’s work includes analyzing malicious websites, exploits and online banking malware.

Costin has over 24 years of experience in anti-virus technologies and security research. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO) and a reporter for the Wildlist Organization International.
 

Maddie Stone

Google

Maddie Stone is a Security Engineer on the Android Security team at Google. She has spent many years deep in the circuitry and firmware of embedded devices including 8051, ARM, C166, MIPS, PowerPC, BlackFin, the many flavors of Renesas, and more. Maddie has previously spoken at conferences including REcon Montreal, DerbyCon, and the Women in Cybersecurity Conference.
 

Maddie Stone is a Security Engineer on the Android Security team at Google. She has spent many years deep in the circuitry and firmware of embedded devices including 8051, ARM, C166, MIPS, PowerPC, BlackFin, the many flavors of Renesas, and more. Maddie has previously spoken at conferences including REcon Montreal, DerbyCon, and the Women in Cybersecurity Conference.
 

Ryan Naraine

Intel

Ryan Naraine heads up Intel's engagement efforts with the security research community, CISOs and security decision-makers. Prior to joining Intel, he managed Kaspersky Lab's security research team in the U.S. and served as Chief Marketing Officer at Bishop Fox, a firm offering cybersecurity advisory services.
Ryan is a veteran journalist who created Threatpost and the global SAS Conference series. His bylines have appeared on eWEEK, CBS Interactive, ZDNet and Security Week.

Ryan Naraine heads up Intel's engagement efforts with the security research community, CISOs and security decision-makers. Prior to joining Intel, he managed Kaspersky Lab's security research team in the U.S. and served as Chief Marketing Officer at Bishop Fox, a firm offering cybersecurity advisory services.
Ryan is a veteran journalist who created Threatpost and the global SAS Conference series. His bylines have appeared on eWEEK, CBS Interactive, ZDNet and Security Week.
 

Fahmida Y. Rashid

Duo Security at Cisco

As an information security journalist, Fahmida Y. Rashid has spent over a decade analyzing news events and demystifying security technology for IT professionals, business managers, and consumers. As the senior managing editor at Decipher, she distils critical insights from current events. She believes that security requires an interdisciplinary approach and draws on ideas from various fields, including psychology, economics, and political science, to explain important concepts. She focuses on network operations and application development because they require in-depth understanding of the relevant technologies and workflows.

As an information security journalist, Fahmida Y. Rashid has spent over a decade analyzing news events and demystifying security technology for IT professionals, business managers, and consumers. As the senior managing editor at Decipher, she distils critical insights from current events. She believes that security requires an interdisciplinary approach and draws on ideas from various fields, including psychology, economics, and political science, to explain important concepts. She focuses on network operations and application development because they require in-depth understanding of the relevant technologies and workflows. Prior to launching Decipher, she wrote for various business and tech trade publications, including CSO Online, InfoWorld, eWEEK, Dark Reading, and the Christian Science Monitor. She honed her technical knowledge at CRN and PC Magazine by developing test plans and reviewing networking and security products. As a development editor for a publisher focused on software developers, she learned how to break complex topics into straightforward answers. Over the course of her career, she has drawn on her past experiences as a former developer, management consultant, network administrator, and product manager to clearly explain why everyone should care about security.

Chris Sistrunk

Mandiant

Chris Sistrunk is a Senior Consultant at Mandiant, focusing on cyber security for industrial control systems (ICS) and critical infrastructure. Prior to joining Mandiant, Chris was a Senior Engineer at Entergy (over 11 years) where he was the Subject Matter Expert (SME) for Transmission & Distribution SCADA systems. Chris helped organize the first ICS Village, which debuted at DEF CON 22 and was featured at RSAC and SANS ICS Summit. He is a Senior Member of IEEE, member of the DNP Users Group, President of Mississippi Infragard, and also is a registered PE in Louisiana. He holds a BS in Electrical Engineering and MS in Engineering and Technology Management from Louisiana Tech University. Chris also founded and organizes BSidesJackson, Mississippi's only cyber security conference.

Chris Sistrunk is a Senior Consultant at Mandiant, focusing on cyber security for industrial control systems (ICS) and critical infrastructure. Prior to joining Mandiant, Chris was a Senior Engineer at Entergy (over 11 years) where he was the Subject Matter Expert (SME) for Transmission & Distribution SCADA systems. Chris helped organize the first ICS Village, which debuted at DEF CON 22 and was featured at RSAC and SANS ICS Summit. He is a Senior Member of IEEE, member of the DNP Users Group, President of Mississippi Infragard, and also is a registered PE in Louisiana. He holds a BS in Electrical Engineering and MS in Engineering and Technology Management from Louisiana Tech University. Chris also founded and organizes BSidesJackson, Mississippi's only cyber security conference.

Ivan Shadrin

Kaspersky

Ivan Shadrin is Deputy Head of Public Relations at Kaspersky Lab. Before joining the company he worked as a cybersecurity journalist at a number of Russian media houses. At Kaspersky Lab,  he is involved with the strategic planning and executing of promotion of Kaspersky Lab threat research content to media.

Ivan Shadrin is Deputy Head of Public Relations at Kaspersky Lab. Before joining the company he worked as a cybersecurity journalist at a number of Russian media houses. At Kaspersky Lab,  he is involved with the strategic planning and executing of promotion of Kaspersky Lab threat research content to media.

Brian Candlish

Telstra

Brian Candlish is a security researcher at Telstra, Australia’s largest telecommunications company, where he spends his days and nights making the internet a safer place. His interests in information security include attack and detection techniques, intelligence, and active defense. He enjoys hunting adversaries on large corporate networks.
 

Brian Candlish is a security researcher at Telstra, Australia’s largest telecommunications company, where he spends his days and nights making the internet a safer place. His interests in information security include attack and detection techniques, intelligence, and active defense. He enjoys hunting adversaries on large corporate networks.
 

Vladimir Dashchenko

Kaspersky

Vladimir is a part of Critical Infrastructure Defense Team (CID-Team) and Kaspersky Lab ICS CERT in Kaspersky Lab. His research interests are ICS, IoT like smart toys, TVs, smart city infrastructure and threat intelligence. He is also a co-founder of Kaspersky Industrial CTF.

Vladimir graduated from Ural State Technical University with a degree in information security of telecommunication systems. He started his career as a security engineer at Russian Federal Space Agency.

He has participated in various security conferences as a speaker, like SAS, ZeroNights, S4, CSS, GeekPwn, Europol etc.

Vladimir is a part of Critical Infrastructure Defense Team (CID-Team) and Kaspersky Lab ICS CERT in Kaspersky Lab. His research interests are ICS, IoT like smart toys, TVs, smart city infrastructure and threat intelligence. He is also a co-founder of Kaspersky Industrial CTF.

Vladimir graduated from Ural State Technical University with a degree in information security of telecommunication systems. He started his career as a security engineer at Russian Federal Space Agency.

He has participated in various security conferences as a speaker, like SAS, ZeroNights, S4, CSS, GeekPwn, Europol etc.

Want to be a Speaker?

We are especially looking for presentations and research showcasing the following areas:

  • Advanced malware threats
  • Mobile device exploitation
  • Threats against banks, financial institutions:
    • PoS systems
    • ATMs
    • Crypto-currencies
    • E-commerce data breaches
  • Critical infrastructure protection (SCADA/ICS)
  • Internet of Things:
    • Autonomous transportation (self-driving cars, drones)
    • Smart homes and smart devices
    • Smart cities
  • Attacks on medical devices
  • Threats to Gaming industry:
    • Game cheats and defense mechanisms
    • Server and client-side vulnerabilities
    • Industrial espionage targeting gaming industry
    • Mass infections via gaming vendor breach
  • Cross-border law-enforcement coordination and information sharing
  • Vulnerability discovery and responsible disclosure
  • Techniques for development of secure software and systems
  • Side Channel and Physical Attacks
  • Blockchain and smart contracts

.docx, .pdf, .pptx
Less than 10 Mbyte

We use cookies to make your experience of our websites better. By using and further navigating this website you accept that some of your browsing activity can be recorded in cookies. Detailed information about the use of cookies on this website is available by clicking on more information.