Kaspersky®

Security Analyst Summit

Tenerife, Spain,
Coming Soon

Sponsors

kaspersky
ThreatPost
BlackBerry
Cymmetria
Talos
Microsoft
Adobe
Fidelis Cybersecurity
Salesforce
CCN-CERT
DigiTrust group
Security Week

Tenerife, Spain

,

The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.   The goal is to learn, debate, share and showcase cutting-edge research, new technologies and discuss ways to improve collaboration in the fight against cyber-crime.

#TheSAS2016

#TheSAS2016 is searching for answers

SAS 2016: New Destination, New Discoveries

The best cyber investigators at SAS 2016

Do you have Cyberdetective stories to share?

Come to #TheSAS2016!

Do you have Cyberdetective stories to share? Part II

Chasing foxes by the numbers: Patterns of life and activity in hacker forums

CATCHING CRYPTO-CRIMINALS: THAT WAS EASY!

REACH OUT AND TOUCH FIRST

Agenda

Conference Day 1 Monday, February 8

Memento

Session host: Sergey Novikov
10:00 - 10:05

Welcome and Introductions

Eugene Kaspersky
10:05 - 10:25

I'm always aware. Are you?

Reuben Paul, ; Prudent Games, Inc
10:25 - 10:55

Changing the physics of defense

John Lambert, ; Microsoft
10:55 - 11:20

Back to the future - Moonlight Maze

Thomas Rid ; King’s College London
11:20 - 11:40

This ain’t your daddy’s shotgun

Steve Adegbite, ; E*TRADE

Se7en

Session host: David Jacoby
12:00 - 12:20

Tango with Dyreza

Peter Kruse, ; CSIS Security Group
12:20 - 12:50

The Metel: Merging APTs with online bank robberies

Sergey Golovanov, Vladislav Roskov, ; Kaspersky
12:50 - 13:15

Catching crypto-criminals: That was easy!

Jornt van der Wiel, Santiago Pontiroli, Kaspersky Lab; ; Peter Zinn, Marinus Boekelo, NHTCU
13:15 - 13:40

The cybercrime kill chain: Disrupting the Shylock criminal enterprise

Adrian Nish, Sergey Shevchenko, ; BAE Systems

The Pink Panther

Session host: Costin Raiu
14:40 - 15:05

Adwind: when aliens spy

Vitaly Kamluk, Aleks Gostev, ; Kaspersky
15:05 - 15:30

Inside the exciting and terrifying exploitation of wireless systems

Chris Rouland, ; Bastille
15:30 - 15:50

Reach out and touch first

Inbar Raz, ; PerimeterX
15:50 - 16:10

Chasing foxes by the numbers: Patterns of life and activity in hacker forums

Christopher Ahlberg, ; Recorded Future

Silence of the Lambs

Session host: Ryan Naraine
16:30 - 16:50

Building a fortress with advanced security engineering

Adam Boulton, BlackBerry ; BlackBerry
16:50 - 17:20

Fireside chat with ‘Save the World’ MVP

17:20 - 18:00

‘Sherlock vs Moriarty’

Live debates
Conference Day 2 Tuesday, February 9

Training Day

Session host: Brian Bartholomew
9:30 - 10:00

Poseidon’s APT boutique

Dmitry Bestuzhev, Santiago Pontiroli, Juan Guerrero, ; Kaspersky
10:00 - 10:20

Targeted attacks – Middle-Eastern style

Ron Davidson, ; Check Point
10:20 - 10:40

JavaScript in espionage intrusions

Kris McConkey, Tom Lancaster, ; PwC
10:40 - 11:00

Emerging predators in Southeast Asia

Vikram Thakur, Stefan Sellmer, ; Microsoft
11:00 - 11:20

After the APT disclosure, what next?

Kurt Baumgartner, ; Kaspersky
11:20 - 11:40

Mining for Mimikatz

Bruce Dang, Jonathan Ness, ; Veramine

Heat

Session host: Vitaly Kamluk
9:30 - 10:00

Advanced threat actors OPSEC evolution

Gadi Evron, Cymmetria; ; Inbar Raz, PerimeterX
10:00 - 10:20

Let’s lie, distort and monitor

Vicente Diaz, Dani Creus, ; Kaspersky
10:20 - 10:40

HackingTeam’s erstwhile Lebanese client

Drew Robinson, John Hultquist, ; iSIGHT Partners
10:40 - 11:00

Lurking in Angler’s shadow

Nick Biasini, ; Cisco Talos
11:00 - 11:20

The spirit of cyber-Juche sabotage operations as modern ‘self-reliance’

Jaime Blasco, AlienVault Labs; ; Juan Guerrero, Kaspersky
11:20 - 11:40

Real world information exchange: Challenges and insights

Freddy Dezeure, ; CERT-EU

The Imitation Game

Session host: Chris Eng
12:00 - 12:30

Advanced DNS tools for cyber investigations

Paul Vixie, ; Farsight Security
12:30 - 12:50

Using Maltego to monitor news events

Roelof Temmingh, ; Paterva
12:50 - 13:10

VirusTotal Intelligence: Bow and arrow

Emiliano Martinez, ; VirusTotal
13:10 - 13:30

Creating your own threat intel through hunting, and visualization

Raffael Marty, ; PixlCloud

The Usual Suspects

Session host: Kurt Baumgartner
12:00 - 12:30

Retrohunt: Finding the needle in the haystack

Victor Alvarez, ; VirusTotal
12:30 - 12:50

Defeating malware with signal analysis techniques

Dhia Mahjoub, Thomas Mathew, ; OpenDNS
12:50 - 13:10

Correlating threats using Internet snapshots

Brandon Dixon, ; RiskIQ’s PassiveTotal
13:10 - 13:30

Who stepped on my bed? Targeted attack attribution roundup

Boldizsar Bencsath, ; CrySyS Lab

Who Framed Roger Rabbit

Session host: Peter Zinn
14:30 - 15:00

Protecting Android users against harmful apps: Billions of choices

Elena Kovakina, ; Google
15:00 - 15:20

Malware and non-malware ways for ATM jackpotting

Olga Kochetova, ; Kaspersky
15:20 - 15:40

Gotta launder my karma – OPSEC for hunters

John Bambenek, Brian Wohlwinder, ; Fidelis Cybersecurity
15:40 - 16:00

Mariachis and jackpotting: ATM malware from Latin America

Fabio Assolini, Roberto Martinez, ; Kaspersky
16:00 - 16:20

DD4BC and beyond: A profile of DDoS extortion campaign activity

Curt Wilson, ; Arbor Networks
16:20 - 16:40

Socket hijacking to defeat 2FA

Alberto Garcia Illera, ; Salesforce

Mystic River

Session host: Mike Lennon
14:30 - 15:00

Trust me, vulnerability disclosure policy is not the problem

Kymberlee Price, ; Bugcrowd
15:00 - 15:20

Prohibition, export controls, and modern security: A bottoms up approach

Katie Moussouris, ; HackerOne
15:20 - 15:40

The next level of Flash Player attacks and defenses

Peleus Uhley, ; Adobe
15:40 - 16:00

Windows 10 VBS. Device Guard: Good, bad and predictions

Vyacheslav Rusakov, ; Kaspersky
16:00 - 16:20

Sedating the watchdog: Abusing security products to bypass Windows protections

Tomer Bitton, ; enSilo
16:20 - 16:40

Real-world lessons about spies every security researcher should know

David Jacoby, Stefan Tanase, ; Kaspersky

Gone in Sixty Seconds (20 x 20 presentations)

Session host: Sergey Novikov
17:00 - 17:15

Pecha Kucha 1

Ido Naor ; Kaspersky
17:15 - 17:30

PECHA KUCHA 2

Marco Preuss, ; Kaspersky
17:30 - 17:45

PECHA KUCHA 3

Doug Madory
17:45 - 18:00

PECHA KUCHA 4

Yury Namestnikov, Denis Makrushin ; Kaspersky

Inside Man (Open Microphone)

Session host: Stefan Tanase
Conference Day 2 - Industrial Track Tuesday, February 9

Lucky Number Slevin

Session host: Andrey Nikishin
9:30 - 10:00

Aftermarket Easter eggs in your ICS

Joe FitzPatrick ; SecuringHardware.com
10:00 - 10:20

Hacking the power grid: Analyzing what hackers do when they have access to the "Power Grid Honeypot"

Dewan Chowdhury, ; MalCrawler
10:20 - 10:40

How to build your own Big Brother

Timur Yunusov, ; Positive Technologies
10:40 - 11:00

Security of digital maintenance and test equipment

Michael Toecker, ; Context Industrial Security
11:00 - 11:20

Hacking the industrial world, from theory to practice

Gabriel Gonzalez, ; IOActive
11:20 - 11:40

How I hacked my hospital

Sergey Lozhkin, ; Kaspersky

LA Confidential

Session host: Dewan Chowdhury
12:00 - 12:30

Never trust your inputs: Data processing as attack vector on ICS

Marina Krotofil, Independent researcher; ; Alexander Bolshev, IOActive
12:30 - 12:50

Protecting ICS – Are signature-based approaches useful at all?

Dr. Damiano Bolzoni, ; SecurityMatters
12:50 - 13:10

ICS cyber security requirements: Is there a ‘Standard’ approach?

Harsha Banavara, ; Schneider Electric
13:10 - 13:30

Industry 4.1 J architecture concept for more security and flexibility to the factory

Masahi Murakami, ; ICS Laboratory Corporation

Basic Instinct

Session host: Michael Toecker
14:30 - 15:00

Medical devices: Pwnage and honeypots

Scott Erven, ; Protiviti
15:00 - 15:20

A new toy for hackers: Building automation systems

Dmitriy Evdokimov, ; Digital Security
15:20 - 15:40

Networked home appliances (IoT) and vulnerabilities

Hikohiro Lin, ; Panasonic
15:40 - 16:00

Inducing blackouts with a compromised Femtocell

Vasilios Hioureas, Kaspersky Lab; ; Thomas Kinsey, Exigent systems
16:00 - 16:20

Is your security trustworthy to protect my safety critical system?

Sergey Tverdyshev, ; SYSGO AG
16:20 - 16:40

Inside Kaspersky OS

Andrey Nikishin, ; Kaspersky

The Departed (Quiz Show)

Session host: Kirill Kruglov

Speakers

Sergey Golovanov

Kaspersky

Sergey started his career at Kaspersky Lab in 2005, joining the company as a Virus Analyst before going on to become Head of the Non-Intel Research Group. He was appointed malware expert for Kaspersky Lab’s Russian Research Center in 2009 and has since risen to the position of Principal Security researcher, conducting research into banking threats and cyber-espionage. 

Sergey started his career at Kaspersky Lab in 2005, joining the company as a Virus Analyst before going on to become Head of the Non-Intel Research Group. He was appointed malware expert for Kaspersky Lab’s Russian Research Center in 2009 and has since risen to the position of Principal Security researcher, conducting research into banking threats and cyber-espionage. Sergey’s areas of expertise also include embedded system security, cybercriminal ‘partner networks’, non-Windows threats (Mac OS, Unix OS), botnets and other aspects of cybersecurity.

Paul Vixie

Farsight Security

Dr. Paul VIXIE was inducted as an Innovator into the Internet Hall of Fame in 2014 after earning his Ph.D. in Computer Science from KEIO University in 2010. He is a prolific author of open source Internet software including BIND, and of many Internet standards documents concerning DNS and DNSSEC.

Dr. Paul VIXIE was inducted as an Innovator into the Internet Hall of Fame in 2014 after earning his Ph.D. in Computer Science from KEIO University in 2010. He is a prolific author of open source Internet software including BIND, and of many Internet standards documents concerning DNS and DNSSEC. He was the founder of the first anti-spam company (MAPS, 1996), the first non-profit Internet infrastructure software company (ISC, 1994), the first neutral and commercial Internet exchange (PAIX, 1991), and of Farsight Security (2012), where he now serves as Chairman and Chief Executive Officer.

Thomas Rid

Department of War Studies, King’s College London

Rid’s new book, Rise of the Machines, will be out in 2016, as Maschinendämmerung in German. It tells the sweeping story of how cybernetics, a late-1940s theory of machines, came to incite anarchy and war half a century later. His recent research article, “Attributing Cyber Attacks,” was designed to explain, guide, and improve the identification of network breaches.

Rid’s new book, Rise of the Machines, will be out in 2016, as Maschinendämmerung in German. It tells the sweeping story of how cybernetics, a late-1940s theory of machines, came to incite anarchy and war half a century later. His recent research article, “Attributing Cyber Attacks,” was designed to explain, guide, and improve the identification of network breaches. Rid’s book Cyber War Will Not Take Place analysed political computer network intrusions; a Chinese translation is forthcoming with the People’s Publishing House. His text “Deterrence Beyond the State” opened a fresh conceptual angle on the deterrence debate by exploring Israel’s experience with non-state militants. His articles appeared in major English, French, and German peer-reviewed journals as well as magazines and news outlets.

Kymberlee Price

Bugcrowd

With over 11 years’ experience in the information security industry, Kymberlee pioneered the first security researcher outreach program in the software industry, was a principal investigator in the Zotob criminal investigation, and analyzed APT’s at Microsoft. She then spent 4 years investigating product vulnerabilities at BlackBerry.

With over 11 years’ experience in the information security industry, Kymberlee pioneered the first security researcher outreach program in the software industry, was a principal investigator in the Zotob criminal investigation, and analyzed APT’s at Microsoft. She then spent 4 years investigating product vulnerabilities at BlackBerry.
Most recently the Director of the Synack Red Team, Kymberlee is responsible for optimizing Bugcrowd’s performance for both its customers and researchers and helping its more than 13,200 Crowd members with ongoing skill development, education and overall participation in Bugcrowd’s programs.

Chris Rouland

Bastille

Chris Rouland is a 25-year veteran of the information security industry and has founded several cyber security companies including Endgame and Bastille.

Chris Rouland is a 25-year veteran of the information security industry and has founded several cyber security companies including Endgame and Bastille. He is currently Chairman, Founder and CTO of Bastille. Prior to becoming an entrepreneur Rouland served as the original Director of the ISS X-Force, and subsequently CTO of ISS, leading the discovery of 100s of vulnerabilities.

Dr. Christopher Ahlberg

Recorded Future, Inc

Dr. Christopher Ahlberg is the CEO of Recorded Future, Inc. and Chairman of Hult International Business School. He also advises a series of startup companies. Earlier Ahlberg was the president of the Spotfire Division of TIBCO, which he founded in 1996 and in 2007 sold to TIBCO (Nasdaq: TIBX) for $195M. Spotfire was founded based on his ground-breaking research on information visualization.

Dr. Christopher Ahlberg is the CEO of Recorded Future, Inc. and Chairman of Hult International Business School. He also advises a series of startup companies. Earlier Ahlberg was the president of the Spotfire Division of TIBCO, which he founded in 1996 and in 2007 sold to TIBCO (Nasdaq: TIBX) for $195M. Spotfire was founded based on his ground-breaking research on information visualization.
Dr. Ahlberg earned his doctorate from Chalmers University of Technology, worked as a visiting researcher at the University of Maryland, and has lectured and consulted extensively for industry, academia, military, and intelligence communities. In addition, he has published & lectured in computer science, cyber security, psychology, linguistics, biology, and chemistry.

John Lambert

Microsoft

John Lambert has been at Microsoft for 15 years. He is the General Manager of the Microsoft Threat Intelligence Center. The Center is responsible for detecting and disrupting adversary based threats aimed at Microsoft and its customers. Its mission is to drive detective innovations into products and services to raise the ability for every defender to deal with adversary based threats through security research, threat intelligence, forensics, and data science.

John Lambert has been at Microsoft for 15 years. He is the General Manager of the Microsoft Threat Intelligence Center. The Center is responsible for detecting and disrupting adversary based threats aimed at Microsoft and its customers. Its mission is to drive detective innovations into products and services to raise the ability for every defender to deal with adversary based threats through security research, threat intelligence, forensics, and data science. Previously at Microsoft, Lambert worked in the Trustworthy Computing group for ten years and the Windows Security group on features related to cryptography and security management.
He joined Microsoft after three years at IBM as a developer in their software group. Lambert holds a bachelor’s degree in computer science from Tulane University and is named on more than nine software patents and seven pending applications.

Adam Boulton

BlackBerry

Adam Boulton is the Vice President, Head of Product Security for BlackBerry. Adam is responsible for the development, implementation and management of the organization’s corporate security vision, strategy and programs. He has extensive experience in designing and implementing robust systems as well as detecting, containing and remediating attacks. He has spent his career at BlackBerry developing an industry leading security strategy focused on security standards, education and assessments.

Adam Boulton is the Vice President, Head of Product Security for BlackBerry. Adam is responsible for the development, implementation and management of the organization’s corporate security vision, strategy and programs. He has extensive experience in designing and implementing robust systems as well as detecting, containing and remediating attacks. He has spent his career at BlackBerry developing an industry leading security strategy focused on security standards, education and assessments.
Adam has over 10 years of experience in security engineering and continues to provide assurances for critical systems. He holds a first class BSc in Software Engineering and is certified for conducting security assessments on Government systems.

We use cookies to make your experience of our websites better. By using and further navigating this website you accept that some of your browsing activity can be recorded in cookies. Detailed information about the use of cookies on this website is available by clicking on more information.