IOActive—Comprehensive Computer Security Services

IOActive Labs IOBOT! Click to learn more.

2011

January 28–30	Shmoocon	Scott Dunlop to present Reverse Engineering Android
February 9–11 3:40–4:10 pm	IT-Defense	Barnaby Jack to present Jackpotting ATMs
February 15 2:00–2:45 pm	BSides San Francisco	Robert Zigweid to present Threat Modeling: Learn to Optimize Your Security Budget
February 15 4:00–4:45 pm	BSides San Francisco	Scott Dunlop to present Reverse Engineering Using the Android Emulator
March 1st, 2011	Smart Grid Security East	David Baker to participate on Smart Grid Security panel
March 1st	OWASP Cincinnati	Barnaby Jack to present ATM Threats, Vulnerabilities and Exploits
March 9–11th, 2011	CanSecWest	Ilja van Sprundel to present iPhone Application Hacking
March 14–15 3:40–4:10 pm	European Smart Grid Cyber Security Forum	Joshua Pennell to present Short and Long-term Strategies for Securing the Smart Grid
March 16th	European Smart Grid Cyber Security Forum	David Baker and Michael Milvich to teach Smart Meter Penetration Testing workshops
March 31st	FST IT Security Conference 2011	Josh Pennell and Vincent Berg to present Mobile Device Security
May 10–13	LOGIN Conference	Ilja van Sprundel to present Writing Secure iOS Applications
May 19	ISSA Seattle	Scott Dunlop to present Reverse Engineering Using the Android Emulator
June 7	ISSA Rainier Chapter	James Lester to present Securing Web Applications in 2011
June 11	BSidesCT	Ryan O'Horo to present PenTesting People: Social Engineering Integration
June 15	SOURCE Seattle	Robert Zigweid to present Threat Modeling: Best Practices
June 17–19	ToorCon Seattle	Scott Dunlop to present Reverse Engineering Using the Android Emulator Mike Ridpath and Matias Brutti to present Social Engineering and the Cold Call
July 8–10	Recon	Scott Dunlop to present AndBug: A Scriptable Debugger for Android's Dalvik Virtual Machine
August 2, 4:00pm	Black Hat USA	Robert Zigweid to participate in Digital Forensics: What is the Meaning of This
August 3, 10:00am–12:30 pm	Black Hat USA	Cesar Cerrudo to present Easy and Quick Vulnerability Hunting in Windows
August 4, 3:15 pm	Black Hat USA	Mike Ridpath to present GMaps-Trafficker Tool
September 1–2	44Con	• Vincent Berg to present Attacking Modern Web Applications • Joshua Pennell to present There's an App for That: Evolving Mobile Security into a Business Advantage • Ilja van Sprundel to present AndBug: A Scriptable Debugger for Android's Dalvik Virtual Machine
September 21–23	EkoParty	Cesar Cerrudo to present Squeezing the Web: Combining Drops of Information to Own Any Argentinian
October 7	BSides Portland	Mike Ridpath and Matias Brutti to present Covert Calling: Secrets of Social Engineering Revealed!
October 11–13	RSA Europe	Joshua Pennell to present There's an App for That: Evolving Mobile Security into a Business Advantage
October 18	Washington Society of Certified Public Accountants	Mike Ridpath and Matias Brutti to present Social Engineering and the Cold Call and TASH: Targeted Scoial Hacking
October 21–27	Hacker Halted	Ryan O'Horo to present PenTesting People: Social Engineering Integration
November 3	HouSecCon	Ryan O'Horo to present PenTesting People: Social Engineering Integration
November 4	Microsoft Blue Hat	Matias Brutti to present The Security Trifecta: Platforms, Apps, and Stores
November 5	BsidesDFW	Ryan O'Horo to present PenTesting People: Social Engineering Integration
November 17	SOURCE Barcelona	Joshua Pennell to present There's an App for That: Evolving Mobile Security into a Business Advantage
November 19–20	Ruxcon	Vincent Berg to present SSL Traffic Analysis Attacks
December 9	BayThreat	Mike Ridpath and Matias Brutti to present Social Engineering PenTest: Using the Dreaded Telephone

2010

February 1 6:30–9:00 pm	SDForum	Glenn Kaleta to present Strategic Considerations in Incident Response at the next SDForum.
March 3 9:30–10:00 am	Bsides San Francisco	Wes Brown to presents So You Want to Analyze Malware?
March 2 3:40–4:40 pm	RSA	Dan Kaminsky to participate in the panel discussion The End of the Internet as We Know It? Separating Reality from the Hype.
March 3 9:10–10:20 am	RSA	Ward Spangenberg to participate in a panel that will discuss A New Frontier of Unprotected Data: PCI Implications for Cloud Computing.
March 4 9:10–10:10 am	RSA	Dan Kaminsky to participate in the panel discussion Hacking Legends.
March 9 9:00 am	World Meter Design Congress	Josh Pennell to present Building Security into the Core of Your System.
March 30 1:30–2:30 pm	SANS Process Control and SCADA Security Summit	Michael Milvich to participate in the panel discussion Hard Problems and Innovative Solutions.
April 16–17	Notacon	Scott Dunlop to present NoSpex: Giving Process Interaction a Visual Context.
April 23 12:30 pm	SOURCE Boston	IOActive's Director of Penetration Testing to present The Fine Art of Hari Kari (.JS) and Other Approaches for the Strange Reality of Web Defense
April 21 10:00 am	SOURCE Boston	Jim Reavis to present Cloud Security: The Road Ahead
April 24 10:30 am	Bsides Boston	Erin Jacobs to present I Can't Make This Sh!t Up&3212;War Stories from a Former and Award-winning CSO*
April 24 12:00–1:00 pm	QuahogCon	Dan Kaminsky to give the keynote presentation.
April 28 6:30 pm	Seattle OWASP Meeting	Walter Pearce and Wade Winright to present When Tools Are Not Enough: Best Practices for Securing Web Applications
April 29 12:40 pm	InfoSecurity Europe	Josh Pennell to present Securing the Smart Grid: The Journey Ahead.
May 4 2:50–3:30 pm	IDC IT Security Conference	Josh Pennell to present Key Threats of Cloud Computing and Defensive Countermeasures
May 18 11:00 am to 12:00 pm	Regional Government Security Briefing	David Baker to present The State of Smart Grid Security - Then and Now
May 22 9:00–9:30 pm	SIGINT 2010	Dan Kaminsky to present The Fine Art of Hari Kari
May 25 5:00 pm	ISMS Forum Spain	Joshua Pennell to present Regulatory Compliance in the Cloud.
June 16–17	EuSecWest	Vincent Berg to present Auditing C# Code
June 16–17	EuSecWest	Ilja van Sprundel to present Having Fun with Apple's IOKit
June 18 10:00–11:00 am	BSides Denver	Erin Jacobs to present Compliance Crystal Ball - Future Trends in Risk-Based Security Framework
July 1 10:30–11:30 am	Hack in the Box Amsterdam	Wes Brown to lead Malware Analysis Workshop: Tools and Methodologies
July 1 4:00–5:00 pm	Hack in the Box Amsterdam	Ilja van Sprundel to present Having Fun with Apple's IOKit
July 28 1:45–3:00 pm	Black Hat USA	Barnaby Jack to present Jackpotting Automated Teller Machines Redux
July 28 12:00–12:30 pm	Black Hat USA	Joshua Pennell and Mike Davis to present Securing the Hypervisor
July 30–August 1	Defcon	Barnaby Jack to present Jackpotting Automated Teller Machines Redux
September 9 11:30 am–12:15 pm	OWASP AppSec USA	Robert Zigweid to present Threat Modeling Best Practices
September 17 6:00 pm	Ekoparty	Barnaby Jack to present Jackpotting Automated Teller Machines
September 21 5:20 pm–6:10 pm	SOURCE Barcelona	Barnaby Jack to present Jackpotting Automated Teller Machines
September 22 10:00 am–10:50 am	SOURCE Barcelona	Joshua Pennell to present Smart Grid Security
October 7	Microsoft / ISSA UK SECURITY DAY	Joshua Pennell to present Application Security – Security Development Lifecycle
October 11	GDF Suez IS Security Day	Joshua Pennell to present Cloud Architecture and Security
October 12 6:30 pm	SeaDroid	Scott Dunlop to present Android Security
October 12–14	RSA Europe	IOActive to present on SDL at the Microsoft Booth
October 14–15	BlueHat Conference	Barnaby Jack to present Jackpotting Automated Teller Machines
October 23 11:00 am–3:00 pm	HTINK	Ryan O'Horo to give an Introduction to Web Application Security seminar
October 27 3:00 pm–3:45 pm	SecureWorld Seattle	David Baker to present Securing the Smart Grid
November 10–11	Black Hat Abu Dhabi	Barnaby Jack to present Jackpotting Automated Teller Machines Redux
November 17	Evening With Barnaby Jack	Evening with Barnaby Jack. Barbican, London
November 30	Trusted Computing Seminar	EU Trusted Computing Seminar, London
November 30	Evening With Barnaby Jack	Barnaby Jack FS-ISAC. Karlshue, Germany
December 2, 2011	Evening With Barnaby Jack	Barnaby Jack. FS-ISAC. Amsterdam, Netherlands
December 3, 2011	Evening With Barnaby Jack	Barnaby Jack. Capital Club, London City, London
December 3, 2011	Agora, Seattle	Mike Davis presenting on hypervisor security
December 27–30	27th Chaos Communication Congress	Ilja van Sprundel to present on Hacking Smart Phones at the next SDForum.

2009

SANS SCADA Summit
February 2, 2009. Jason Larsen and Mike Davis to present What's Going on Out There in Cyber Attacks and What is Coming Next? Read the media alert.

Black Hat DC
February 19, 2009. Dan Kaminsky to present DNS 2008 and the New (old) Nature of Critical Infrastructure.

ISSA Puget Sound Meeting
February 19, 2009. Ted Ipsen to discuss the benefits of infusing security throughout software development. Read the media alert.

Presentation to Microsoft Security Team
February 20, 2009. Tiller Beauchamp to present Trends in Evil Code: Attacks, Obfuscation and Command and Control.

Presentation to Microsoft Security Team
March 6, 2009. Dave Dittrich to present Nugache: Case Study of a Pure-P2P Botnet.

SOURCE Boston
March 11, 2009. Dan Kaminsky to present DNS: Towards the Secure Infrastructure
March 13, 2009. Ward Spangenberg to present Employing PCI Compliance Programs as a Springboard for Enterprise Security and Business Enablement. Read the media alert.

Global Security Summit
March 19, 2009. Dan Kaminsky to participate in a panel discussion Meet the Experts on Cyber-Crimes and Computer Intrusions

Hack in the Box Dubai
April 22, 2009. Wes Brown to present So You Want to Analyze Malware?

RSA
April 22, 2009. Dan Kaminsky to participate in the panel discussion The danger that lurks in the Internet's core protocols.
April 23, 2009. Dan Kaminsky to present Collaborative Disclosure and Multi-Organizational Cooperation.

ISSA LA Meeting
May 20, 2009. Tiller Beauchamp to present Trends in Evil code: Attacks, Obfuscation, and Command Control. Read the media alert.

EUSecWest
May 28, 2009. Ilja van Sprundel to present Exploiting Applications in Delphi/Pascal. Read the media alert.

Shakacon
June 12, 2009. Tiller Beauchamp to present Dynamic Tracing for Exploitation and Fuzzing. Read the media alert.

ISSA Puget Sound Meeting
June 18, 2009. Ward Spangenberg to discuss best practices for securely transitioning into cloud computing. Read the media alert.

Black Hat USA
July 29, 2009. 3:15 PM. Dan Kaminsky to present Something about Network Security.
July 30, 2009. 4:45 PM. Mike Davis to present Recoverable Advanced Metering Infrastructure. Read the media alert.

Defcon
July 31, 2009. 6:30 PM. Dan Kaminsky to present Something about Network Security.
August 2, 2009. 10:00 AM. Dan Kaminsky and Tiffany Rad to present Hello, My Name is /hostname/.

CSA Federal Cloud Security Symposium
August 5, 2009. Ward Spangenberg to participate in a panel discussion about threat modeling in relation to cloud computing. Read the media alert.

Hacking at Random
August 14, 2009, 8:00–9:00 PM. Dan Kaminsky to present x509 is Considered Harmful. Read the media alert.

Agora's September Meeting
September 3, 2009. David Baker and Robert Zigweid to discuss IOActive's Smart Meter security research and their super computer capable of cracking WPA2 keys. Read the media alert.

OWASP Scotland
September 14, 2009. 7:00 pm. Joshua Pennell to present AppSec Challenges and Notes from the Field. Read the media alert.

IDC IT Security Conference, London
September 17, 2009. Josh Pennell to present Cloud Security Alliance: Key Threats of Cloud Computing and Defensive Countermeasures. Read the media alert.

Information Security Compliance and Risk Management Institute
September 17, 2009. Ward Spangenberg to present Security, Risk and Compliance in Cloud Computing. Read the media alert.

EnergySec 2009 Annual Summit
September 23, 2009. David Baker to present Smart Grid Security: The Road Ahead. Read the media alert.

Hack in the Box Malaysia
October 8, 2009. 1:30–3:30 PM. Wes Brown to present Building and Using an Automated Malware Analysis Pipeline. Read the media alert.

RSA Europe
October 20, 2009. 1:30 PM. Josh Pennell to present PCI Compliance in the Cloud: Analyzing Costs and Benefits.

Toorcon
October 23–25, 2009. Robert Zigweid to present Threat Modeling: Learn to Optimize Your Security Budget
October 24, 2009. 11:30 am. Dan Kaminsky to present Black Ops of PKI: Abandon All Hope Ye Who Enter X.509

Secure World Seattle
October 28, 2009. 8:30–9:15 AM. Ward Spangenberg to present PCI Compliance in the Cloud: Reality or White Fluff? Read the media alert.

SANS Process Control and SCADA Security Summit
October 28, 2009. 10:30 AM–12:00 PM. Josh Pennell to participate in a panel discussing best practices for overcoming security vulnerabilities discovered in the Smart Grid. Read the media alert.

Hack.lu
October 30, 2009. 9:00 AM. Ilja van Sprundel to present Exploiting Delphi/Object Pascal. Read the media alert.

ISSA San Diego Meeting
November 12, 2009. David Baker to present Paving the Way to a Secure Smart Grid.

Cyber Forensics: Digital CSI
December 1, 2009. 6:30 pm. Dan Kaminsky to participate in a panel discussing cyber crime.

OWASP Minneapolis Meeting
December 14, 2009. 6:30 pm. Robert Zigweid to present Threat Modeling: Learn to Optimize your Security Budget

Need more information?
Contact IOActive today.

IOActive Profile:
Established: 1998
Headquarters: Seattle, WA and London, UK
Privately held and self-funded

IOActive Services:
Application Security, SCADA and Smart Grid, PCI and Compliance, Security Development Lifecycle, Infrastructure Audit, Incident Response and Training.

Customers:
Global 500 companies including power and utility, game, hardware, retail, financial, media, travel, aerospace, healthcare, high-tech, social networking, and software development organizations.