Cenzic 232 Patent
Paid Advertising
web application security lab

DefCon Speeches

Update: One more speech added for Blackhat - turns out I am speaking there after all!

DefCon is fast approaching and I have a bunch of speeches to prep for (and this doesn’t include the other non-DefCon speeches on my roster). Thankfully I’m mostly done with my prep work, but there’s never enough time is there? If you happen to be at DefCon and want to hear me speak, here are the speeches and times:

1) Wednesday at 4:45 - Unmasking You! - I’ll be co-presenting with Josh Abraham about a bunch of anti-privacy 0day as well as a major privacy leak built into a huge percentage of browsers.

2) Friday at 2PM - DefCon Security Jam (AKA Fail speech) - I’ll be speaking about a really dumb/funny browser Fail.

3) Saturday at 3PM - Hijacking Web 2.0 Sites with SSLstrip - I’ll be co-presenting with Sam Bowne regarding Slowloris.

4) Sunday at 12PM - Unmasking You - repeat of the Blackhat talk.

So yeah, I’ll be very busy while I’m there. Feel free to drop by and say hi at some point if you happen to be at the conference. I’ll be checking Twitter periodically while I’m there too if you want to message me directly. If you know about any good industry parties please message me too. You can never have too many invites!

5 Responses to “DefCon Speeches”

  1. Jordan Says:

    I’ll be busy with Q&A during the friday talk unfortunately (and that likewise means you’ll be missing my talk too waiting in the green room!), but will definitely try to make the others.

    I look forward to hanging out, it’s been a while.

  2. nicola Says:

    Saturday will be the day of Slowloris ascent, I’m sure.
    Best wishes :)

  3. securityninja Says:

    I look forward to it, I’m speaking at 12pm on the Saturday but I already have number 2 and 3 from your list on my list of presentations to see!

    See you there!

  4. xs Says:

    I will be looking forward to all of these talks. Hope I get to see you and introduce myself.

  5. fak3r Says:

    Really enjoyed both the unmasking and Slowaris talks you gave, Defcon gave me plenty more to think about when building out systems, I can’t believe some of the old tricks that are still working, it’s a mess out there. Speaking of Slowaris, did you see on HAProxy’s front page they have a config specifically designed to snub out Slowaris attacks, I really think *sanitizing* packets at that level is a great way to defend webservers.

    Thanks again, look forward to seeing you next year.