Black Hat Europe 2011

Black Hat Europe 2011 //Speakers

Hotel Rey Juan Carlos Barcelona • March 17-18
training: mar 15-16 | briefings: mar 17-18

Register for Black Hat Europe 2011

Bruce Schneier

Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," Schneier is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier. His first bestseller, Applied Cryptography, explained how the arcane science of secret codes actually works, and was described by Wired as "the book the National Security Agency wanted never to be published." His book on computer and network security, Secrets and Lies, was called by Fortune "[a] jewel box of little surprises you can actually use."

His current book, Beyond Fear, tackles the problems of security from the small to the large: personal safety, crime, corporate security, national security. Schneier also publishes a free monthly newsletter, Crypto-Gram, with over 100,000 readers. In its seven years of regular publication, Crypto-Gram has become one of the most widely read forums for free-wheeling discussions, pointed critiques, and serious debate about security. As head curmudgeon at the table, Schneier explains, debunks, and draws lessons from security stories that make the news. Regularly quoted in the media, Schneier has written op ed pieces for several major newspapers, and has testified on security before the United States Congress on many occasions. Bruce Schneier is the founder and CTO of Counterpane Internet Security, Inc., the world's leading protector of networked information -- the inventor of outsourced security monitoring and the foremost authority on effective mitigation of emerging IT threats.

Patroklos Argyroudis

Census Inc

Patroklos Argyroudis is an IT security researcher at Census, Inc (, a company that builds on strong research foundations to offer specialized IT security services to customers worldwide. Patroklos holds a PhD in Computer Security from the University of Dublin, Trinity College, where he has also worked as a postdoctoral researcher on applied cryptography and electronic payment topics from 2006 to 2009. His current focus is on vulnerability research, exploit development, reverse engineering, source code auditing and malware analysis.

Marco Balduzzi


Marco Balduzzi holds an MSc. in Computer Engineering and has been involved in IT-Security for more then 8 years with international experiences in both industrial and academic fields. He worked as security consultant and engineer for different companies in Milan, Munich and Sophia-Antipolis, in south France, before joining the International Secure Systems Lab as Ph.D. researcher.

In his hometown (Bergamo), in year 2K, he co-founded the Linux User Group and the university's Laboratory of Applied Computing. Marco is a Free Software sympathizer, maintains several open-source projects and in former times joined different Italian underground hacking groups. His homepage is currently

Don Bailey

iSEC Partners Inc

Don A. Bailey is a Security Consultant with iSEC Partners, Inc. With over six years in the field, Don has discovered many unknown security vulnerabilities in well used software, analyzed new and proprietary protocols for design and implementation flaws, and helped design and integrate security solutions for up and coming internet software.

While Don's primary expertise is in developing exploit technology, he is also well versed at reverse engineering, fuzzing, enterprise programming, binary analysis, root-kit detection and design, and network penetration testing. In addition, Don has helped develop and enhance risk management programs for several Fortune 500 companies in recent years and has been invited to speak about risk management from a CISO perspective at government organized conferences.

For the past five years, Don has presented research at several international security conferences discussing topics such as stealth root-kit design, zero-day exploit technology, and DECT security. Most recently, Don spoke at Blackhat Las Vegas 2010 and SOURCE Boston 2010 regarding vulnerabilities in the global telephone network and the GSM protocol.

Alex Behar


Alex Behar has been in InfoSec for the last 15 years, participating in research, exploit development and reverse engineering of network protocols and application stacks. Most recently, Alex was a Senior Researcher in Radware's DefensePro security team and is currently Director of Security Products for Radware North America. Additionally, he is a co-founder of security research think-tank ECL-Labs and core developer of the Raptor Traffic Suite.

Mihai Chiriac


Mihai Chiriac manages the BitDefender Research team, designing and overseeing the development of new technologies, ranging from dynamic binary translation to intrusion prevention, compromise detection and forensic analysis. He has written a number of papers that were published in national and international publications. He has spoken at various IT Security conferences, like Virus Bulletin, FrHack, Hack.Lu, etc.

Claudio Criscione

Secure Network

Claudio Criscione managed to score his first hack at the age of 10, to download more content from the local BBS by bypassing ratio restrictions. After that he hacked his way to graduation at Milano TU and started his PhD. He has been the CTO of Secure Network since 2011. Criscione has been involved in web application security and anomaly detection, but has since moved into virtualization security. Criscione has presented at many of the conferences in the security circus and is also currently managing

Nitesh Dhanjani

Ernst & Young

Nitesh Dhanjaniis a well known information security researcher and speaker. Dhanjani is the author of "Hacking:The Next Generation" (O'Reilly), "Network Security Tools:Writing, Hacking, and Modifying Security Tools" (O'Reilly), and "HackNotes:Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes:Network Security" (Osborne McGraw-Hill).

At Ernst & Young, Dhanjani is Senior Manager in the Advisory practice, responsible for helping some of the largest corporations establish enterprise wide information security programs and solutions. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as social media, cloud computing, and virtualization.

Prior to E&Y, Dhanjani was Senior Director of Application Security and Assessments at Equifax where he spearheaded security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & threat modeling, and managed the attack & penetration team. Before Equifax, Dhanjani was Senior Advisor at Foundstone's Professional Services group where, in addition to performing security assessments, he contributed to and taught Foundstone's Ultimate Hacking security courses.

Dhanjani holds both a Bachelor's and Master's degree in Computer Science from Purdue University.

Jason Geffner

NGS Secure

Jason Geffner joined NGS Secure in June of 2007 as a Principal Security Consultant. Jason focuses on performing security reviews of source code and designs, reverse engineering software protection methods and DRM protection methods, penetration testing web applications and network infrastructures, and developing automated security analysis tools.

Prior to joining NGS, Jason spent three years as a Reverse Engineer on Microsoft Corporation's Anti-Malware Team, where his work involved analyzing malware samples, deobfuscating binaries, and writing tools for analysis and automation. Jason was the Security Research & Response owner of the Windows Malicious Software Removal Tool (MSRT). He chose which new malware families for the MSRT to detect and clean each month based on his analysis of the telemetry and trends of the underground malware community. Jason authored tens of thousands of malware signatures and dozens of malware analyses based on static and dynamic analyses of obfuscated binaries. His work on the MSRT helped hundreds of millions of Windows users each month keep their computers safe and secure.

While at Microsoft, Jason was recognized for his reverse engineering skills and for his efforts to drive awareness of reverse engineering practices throughout the company by being given the formal job title "Reverse Engineer"; Jason was the only Microsoft employee with this title. Jason holds several patents in the fields of reverse engineering and network security. He is a Program Committee member of the Reverse Engineering Conference (REcon) and of the International Conference on Malicious and Unwanted Software, is a regular trainer at Black Hat and other industry conferences, is often credited in industry talks and publications, and has been actively reverse engineering and analyzing software protection methods since 1995.

Dimitrios Glynos

Census Inc

Dimitrios Glynos is an IT security researcher at Census Inc. His research interests include software protection mechanisms, malware detection techniques, network protocol vulnerabilities and digital forensics tools. In the past he has worked as an IT security consultant, contracted software developer and digital forensics expert for both national and international organisations. His passion for IT security led in 2008 to the formation of Census, a company that builds on strong research foundations to offer specialised services to customers worldwide.

Yuri Gushin


Yuri has been involved with security research & development for over a decade, including extensive work in the fields of IPS and DoS detection and evasion technologies, network and application vulnerability discovery and exploitation, protocol fuzzing and plenty more. Yuri also co-founded the ECL Labs research group.

Currently, Yuri is the Senior Security Specialist for Europe, Middle East and Africa (EMEA) at Radware, heading the major security activities around the region, and playing an active role in the design of Radware's next generation security offerings.

George Hedfors

Cybercom Sweden East AB

George Hedfors has 12 years of professional experience in the field of IT-and information security services. He has worked with some of the well known security consultancy firms, such as good old Defcom and more recently, n.runs in Germany.

Vincenzo Iozzo


Vincenzo Iozzo is a student and a reverse engineer. At zynamics he does research on topics like vulnerability development, reverse engineering techniques and tools. Vincenzo is also a regular speaker at various international security conferences including Black Hat, EuSecWest and DeepSec on various topics reverse engineering related. He is probably best known for having won the PWN2OWN contest together with Ralf-Philipp Weinmann with an exploit for iPhoneOS.

Tom Keetch

Verizon Business Threat & Vulnerability Management

Tom Keetch is a Senior Application Security Specialist at Verizon Business within the EMEA Threat & Vulnerability Management practice. There he conducts application security reviews and acts as the SME for security code review in the region. Some of his key areas of interest are in exploit mitigations and defense in depth technologies. He has previously presented research on Protected Mode Internet Explorer at Hack.LU in Luxembourg. In a previous role, he was a security specialist for Citrix Systems where he worked extensively on application security in Terminal Server environments.

Felix 'FX' Lindner

Recurity Labs

Felix 'FX' Lindner runs Recurity Labs. FX has over 10 years experience in the computer industry, eight of them in consulting for large enterprise and telecommunication customers. He possesses a vast knowledge of computer sciences, telecommunications and software development. His background includes managing and participating in a variety of projects with a special emphasis on security planning, implementation, operation and testing using advanced methods in diverse technical environments. FX is well known in the computer security community and has presented his and Phenoelit's security research on Black Hat Briefings, CanSecWest, PacSec, DEFCON, Chaos Communication Congress, MEITSEC and numerous other events. His research topics included Cisco IOS, HP printers, SAP and RIM BlackBerry. Felix holds a title as State-Certified Technical Assistant for Informatics and Information Technology as well as Certified Information Systems Security Professional.

Rafal Los

Hewlett Packard Application Security Center

Rafal Los, Web Application Security SME with Hewlett-Packard's Application Security Center (ASC), is a 10+ industry veteran who has worked in a variety of security positions from consultant to Information Security Officer in the Fortune 100 within some of the most demanding business environments. Rafal's unique blend of technical expertise and business knowledge enable him to teach audiences about security techniques, programs and processes that they can both understand strategically, and realistically apply. He has extensive experience in security testing, risk analysis and management, penetration testing and architecture and policy. Rafal is an accomplished writer maintaining 2 popular blogs with numerous appearances in the mainstream media and niche sites such as Slashdot. Previous successes include building and implementing a successful web application security program for one of the largest and most diverse companies in the world.

Andrew Macpherson


Andrew Macpherson is the lead developer at Paterva. He completed a degree in Information Science (BiS) at the University of Pretoria in 2006 and set out into the world building web applications. This experience gave him an excellent understanding of how they work and opened his eyes as to how they can be leveraged for information. It was during this time that Roelof Temmingh flagged him as someone that would be a valuable asset to Paterva and picked him up in 2007/8. Since then he has been coding transforms, improving the open source intelligence and making tea. Andrew was recently nominated as one of the top 200 young South Africans to watch by the South African newspaper the Mail and Guardian.

Spencer McIntyre


Spencer McIntyre is a security consultant at SecureState where he focuses on penetration testing and tool development. He spends most of his free time focusing on his primary interests of vulnerability research and exploit development.

Xavier Mertens


Xavier Mertens is a Security Consultant working for C-CURE, a Belgian consultancy company. His job focuses mainly on "security monitoring" solutions such as log management, SIEM, incident management but also on audits and pentests. Instead of following vendors, he prefers to find the best solutions to solve security issues. One of his preferred tool at the moment is OSSEC. He wrote several blog articles about this software to increase its performance or visibility. In parallel to his daily job, Xavier maintains his security blog and offers some spare time and resources to initiatives like BruCON, EuroTrashSecurity.

Sebastian Muniz

Groundworks Technologies

Sebastian Munizhas worked for several years as a Senior Developer in the telecommunications industry and for the last 6 years as exploit developer and security researcher.

Currently he's working on his start-up as a security consultant providing both on software and hardware reverse engineering services.

In his free time he enjoy disassembling firmwares from (and sometimes even de-soldering) embedded systems like DVD players, cable modems, routers, GPS systems, etc.

Matt Neely


Matt Neely (CISSP, CTGA, GCIH and GCWN) is the Profiling Team Manager at SecureState where he leads a team who perform traditional penetration tests, physical penetration tests, web application security reviews and wireless security assessments. His research interests include the convergence of physical and logical security, lock and lock picking, cryptography and all things wireless. Matt is a host on the Security Justice podcast, and spends his free time wearing kilts and hacking all things wireless.

Alfredo Ortega

Groundworks Technologies

I'm a programmer and exploit developer with more than 10 years of experience, working mostly in embedded and unix systems. Currently finishing a PhD at ITBA (Instituto Tecnologico de Buenos Aires) and working on a start-up specialized in firmware and embedded security. In the past I was selected as speaker on several security and computer science conferences, including CansecWest, Syscan and Ekoparty.

My hobbies are FPGA synthesis, security research and debugging where no man has debugged before.

Tom Parker


Tom Parker is is the Director of Security Consulting Services at Securicon. Tom is a recognized throughout the security industry for his research in multiple areas including adversary profiling and software vulnerability research & analysis. Tom has published over four books on the topic of information security including Cyber Adversary Characterization -Auditing the Hacker Mind and a contributor to the popular Stealing the Network Series. Tom is a frequent speaker at conferences including a past speaker at Blackhat. Tom often lends his time to guest lecturing at Universities, involvement in community research initiatives, and is often called to provide his expert opinion to mass media organizations, including BBC News, CNN, and online/print outlets such as The Register, Reuters News, Wired and Business Week.

Damir Rajnovic

Cisco Systems

Damir Rajnovic finished his education in Croatia where, in 1993, he started his career in computer security. He started at the Croatian News Agency Hina, then moved on to the Ministry of Foreign Affairs, and finally to the Ministry of Science and Technology. During that time, Damir became involved with the Forum of Incident Response Teams (FIRST) and established the Croatian Academic and Research Network Computer Incident Response Team (CARNet CERT), which, until recently, was not only handling computer incidents for CARNet but was also acting as the Croatian national CERT. Damir then moved to the United Kingdom to work in EuroCERT which was a project that aimed to coordinate CERTs within the European region. After EuroCERT, Damir moved to the Cisco Product Security Incident Response Team (Cisco PSIRT), where he is still working. Cisco PSIRT is the focal point for managing security vulnerabilities in all Cisco products.

Wim Remes

Ernst & Young

$sudo ./third-person-narrative

Wim Remes is an information security consultant currently working for Ernst and Young in Belgium. With 13 years of experience in IT, most of those in various security roles, he has spent ample time in noisy server rooms and cosy, but still noisy, board rooms. The only big difference is the quality of the drink. In the past decade Wim has been focusing on incident response, security monitoring and trying to prove the value of security to management. Wim has spoken at events like Excaliburcon 2009(Wuxi, China), FOSDEM 2010(Brussels, Belgium) and Source Barcelona 2010(Spain). I am a co-host of the Eurotrash information security podcast and a sporadic blogger. My name can be found in various information security related documents that I contributed to in one way or the other but won't use for shameless self-promotion.

Andrés Riancho

Rapid7 LLC

Andrés Riancho is an information security researcher, Director of Web security at Rapid7 and founder of Bonsai, where he is mainly involved in Penetration Testing and Vulnerability Research. In the research field, he discovered critical vulnerabilities in IPS appliances from 3com and ISS; and contributed with SAP research performed at his former employer.

His main focus has always been the Web pplication Security field, in which he developed w3af a Web Application Attack and Audit Framework used extensively by penetration testers and security consultants. Andrés has spoken and hold trainings at many security conferences around the globe, like OWASP World C0n (USA), CanSecWest (Canada), T2 (Finland) and ekoparty (Buenos Aires).

Thomas Roth

Lanworks AG

Thomas Roth is a consultant for security and software engineering from Germany whose main interests are exploiting techniques, low-level programming languages and cryptographic algorithms. Recently he started implementing and optimizing hash algorithms like MD5 and SHA1 on GPUs, using the CUDA and the OpenCL framework. Some of his private work can be found on his Blog ( or on Twitter (@stacksmashing).

Justin Searle


Justin Searle is a Senior Security Analyst with InGuardians, specializing in the penetration testing of web applications, networks, and embedded devices, especially those pertaining to the Smart Grid. Justin is an active member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid) and led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628. Previously, Justin served as JetBlue Airway's IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations. Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).

Raul Siles


Raul Siles is a founder and senior security analyst with Taddong, a security research & consulting company. His more than 10 years expertise performing advanced security services and solutions in various worldwide industries is driven by his unlimited interest in security challenges plus in researching, pen-testing, and hacking different technologies, such as, web applications, wireless, honeynets, virtualization, mobile devices, VoIP... He is an experienced training author and instructor, regular speaker at security conferences, member of several international security organizations, and contributes to research and open-source security projects. Part of his work is available on his company blog ( and (outdated) web page (

Ryan Smith


Ryan Smith is the Chief Research Scientist at Accuvant, and maintains, primarily focuses on discovering software vulnerabilities, developing exploitation strategies, conducting general reverse engineering and designing algorithms to aid in program analysis. He's been credited by numerous vendors with the discovery of vulnerabilities in server software, P2P applications, Web browser technology, anti-virus software and compression programs. He has previously enjoyed working at iDefense, ISS X-Force and Neohapsis. Most recently, he has been engaged in analyzing fundamental code constructs and auditing the overall architecture of rich content delivery applications.

Roelof Temmingh


Roelof Temmingh has been working in the security industry for the last 15 years. He started SensePost with some friends in 2000, left SensePost in 2007 and has been running Paterva ever since. He developed many successful security assessment tools, contributed to several books and spoke at numerous international security conferences (Black and Bluehat, Cansecwest, Defcon, FIRST, Ekoparty, RSA, HiTB, Ruxcon amongst others). Recently Roelof is mainly thinking about intelligence and information gathering,virtual identities and social botnets. He likes to create new and innovative technology is and the driving force behind Maltego.

Chris Valasek

Accuvant LABS

Chris Valasek is the Senior Research Scientist for Accuvant LABS. His focus on original research in areas such as vulnerability discovery, exploitation techniques and reverse engineering has allowed him to contribute massive results to the community in these niche areas. While Chris is best known for his publications regarding the Microsoft Windows Heap, his research has broken new ground in areas such as vulnerability discovery, exploitation techniques, reverse engineering, source code and binary auditing, and protocol analysis. Chris is also the current organizer/playboy of SummerCon (, the USA's oldest hacker conference.

Andreas Wiegenstein

Virtual Forge

Andreas Wiegenstein has been working as a professional SAP security consultant for 8 years. He performed countless SAP code audits and has been researching security defects specific to SAP / ABAP applications. He leads the CodeProfiler Research Labs at Virtual Forge, a team focusing on SAP/ABAP specific vulnerabilities and countermeasures. At the CodeProfiler Labs, he works on ABAP security guidelines, ABAP security trainings, an ABAP security scanner as well as white papers and publications. Andreas has trained large companies and defense organizations on ABAP security and has spoken at SAP TechEd on several occasions. He is co-author of the first book on ABAP security (SAP Press 2009). He is also a founding member of, the Business Security community.