First of all this is not a usual *hacking* workshop. It will not be a demonstration of how to use scripts to crack systems. Rather, it will be about the far more interesting subject of designing secure systems.
This workshop will feature talks from some renowned security experts and demonstrations from security professionals.
One of the main reasons computer security is a major problem is that "hacking" was considered as "cool". We believe that engineering secure systems is more "cool".
The workshop will focus on two aspects: First we need to handle the mess we are currently in. We need to know how to protect ourselves from the highly insecure web. So this part will focus on knowing the tricks of the trade. All the currently popular attacks will be explained along with the ways to counter them. Again this will not mere "scriptkiddie" stuff!
The second part will the more interesting part of designing the future systems. It will deal with the mistakes committed that lead the current bad security scenario and how to go about designing systems that will be secure by nature. Of course this itself is a vast subject and we are planning to have an overview of what the current status is making the "ideal secure system".
The list of speakers and schedule of talks will be updated soon.
Sanjay Burman was posted to Electronics and Radar Development Establishment (LRDE), the premier DRDO laboratory of Bangalore in 1986. Since then he has been working in the area of Defence Communication and is presently heading a group of scientists working on cryptography and allied subjects at Centre for Artificial Intelligence and Robotics (CAIR), Bangalore.
He has contributed to the design of a number of cryptographic devices which have been deployed in the field. He was awarded the Sir C V Raman Young Scientist Award for the year 1999. In 2004 he was given the Agni Award for Excellence in Self Reliance for his contributions to the development of S-Band Mobile Satellite Service Terminal. The Lab Scientist of the Year Award by DRDO in 2006 and the "DRDO Award for Performance Excellence" for his contributions to secure communications and for the successful development of an ECCM radio. Currently, he heads the Communication Security Group of CAIR where his group is designing a number of high grade encryptors for terrestrial and satellite links.
Sanjay Burman is a founder member of the Cryptology Research Society of India. He has a number of publications to his credit in the areas of cryptography, security and re-configurable computing
Apurv is a software professional and research scientist with over 9 years of experience in the software industry, in areas of application and network security and software quality assurance. He has proven his ability to implement secure development lifecycle and mentor various team engineers for the same.
An able representative of McAfee Inc., he understands McAfee security product lines in depth with 6 years of work experience here. He has been pivotal in pioneering software security awareness in the McAfee by starting a various initiatives like software security club with the mission of providing expertise and consultancy to other teams. He has been also involved in engineering response team (ERT) for McAfee Bangalore office, dedicated for handling virus outbreaks on engineering network. Apurv has written engineering tools such as fuzz testing tools, OS imaging tools, MS patch management tools that help in software testing. Apurv has been awarded with prestigious awards in McAfee like ClubGeek and Employee of the Quarter.
Apurv is currently working as the Product Security Lead at McAfee (www.mcafee.com) Bangalore office.
With an experience of 7 years in the industry, Rahul has explored the areas of security testing, large scale performance engineering and database migration projects. Currently, he is a part of the Anti-Virus Engine team, a sub-set of Avert Labs at McAfee India. He is a core member of the McAfee Global Performance Testing Team and a Python automation frameworks trainer in the McAfee Automation Club. He is currently working on the development of an open source project - PyRAFT, a rapid automation framework for testing in Python, registered with SourceForge.
He has presented at several conferences and organizations including STeP-IN, ISQT, Yahoo! India, Applabs and STIG. His recent presentations were on the subjects of Fuzzing, Performance engineering COE, User behavior and performance perception and analysis. He is member of the Technical Committee and Review Panel for the upcoming TEST2008 conference. He is very passionate about the field of software testing and runs the Testing Perspective website (www.testingperspective.com).