to BlueHat IL 2020!
We live in interesting times.
Polarizing, radical ideas spread like wildfire, traversing through the very same medium that carry the muted whispers of dissidents past those many eyes that watch.
When the distinction between right and wrong gets blurry, it is the stacks of technology that hold the last line of defense – and it’s our purpose to test their limits.
Offense’s the best defense, isn’t it? Want to tell us about it?
We’re known for fighting for our freedom as much as we love just straight up groundbreaking security research.
Want to speak up? Rise up? February 5-6, 2020 is your chance. Tel Aviv is waiting.
of InterestAny innovative research in vulnerabilities, exploits, mitigations and defense
How bad are we owned, attacks and war stories
Virtualization, OS, boot, and low level security
Hardware security, CPU bugs, side channels, backdoors, front doors
Advanced web security, identity vulns, authentication
Cloud, networking, or protocol security
Mobile, IoT, or critical infrastructure security
Modern cryptography and attacks
Anything that breaks the internet or the world as we know it
Requirements
Submissions may only be entered by researchers / speakers (NO submissions from PR / marketing representatives).
BlueHat IL does not accept product or vendor-related pitches.
Session length – 30 or 45 min format.
No more than 3 speakers permitted to present on stage.
Each submission must be completed in its entirety. Incomplete submissions will be disqualified.
Your submission should clearly detail the concepts, ideas, findings and solutions you or your speaking team plan to present.
Individuals may submit more than one proposal but each proposal must be submitted via a separate submission form.
Each submission must include detailed biographies of the proposed speaking team.
Each submission should acknowledge prior work in the space, distinguishing or highlighting how your presentation is different.
Individuals submitting a proposal will receive an email within 48-72 hours of submission confirming their proposal has been received for review.
More info on how to submit and speaker travel info can be found in the CFP guidelines PDF.
If you have any questions regarding your submission, please write us at bluehati@microsoft.com
Board
Security Researcher, Google Project Zero
James is a Security Researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities, he’s been listed as the #1 researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.
Security Researcher, Guardicore
Ophir Harpaz is a security researcher for Guardicore. She enjoys reversing malware, fighting with Cybercriminals and playing CTFs. As an active member in Baot - a community for women developers, researchers and data scientists - she co-manages the tech-blogging program. Ophir has spoken in various security conferences on financial malware, Cryptomining campaigns and trends in server attacks. She has taught a reverse-engineering workshop and published an online version of it at https://begin.re to share her enthusiasm for reversing. Ophir has recently won the Rising Star category of SC Magazine's Reboot awards for her achievements and contribution to the Cyber security industry.
Malware Intelligence Analyst, Malwarebytes & Owner, Hashereware
Hasherezade is passionate about IT since early teenage years. From that time she collected a wide range of experience – working as a scientific researcher, programmer, pentester and analyst. Currently, she spends most of her time analyzing malware for Malwarebytes, and sharing knowledge about it in technical blog posts, as well as on a private YouTube channel. She builds software with the same enthusiasm as she takes it apart. She is an author and active maintainer of several free and open-source tools, mostly related to malware analysis. In 2018, she was included on a Forbes Europe list of 30 under 30 in technology.
Independent Security Researcher
Bruno is an independent security researcher who focuses on browser security. He previously wrote and presented about exploitation of various major browsers by targeting the JavaScript engine. He demonstrated browser exploits publicly at hacking competitions such as Hack2Win eXtreme 2018 and Pwn2Own 2019. He used to play CTF intensively with the German team Eat, Sleep, Pwn, Repeat but is now retired.
CTO for Cloud Security Group, Microsoft
Noam Liran is the CTO for Cloud Security Group in Microsoft, responsible for innovation and technological leadership in cloud security. Before that, Noam was the Director of R&D for Cloud App Security in Microsoft, leading the development of Microsoft's market leading CASB solution. Previously the Chief Software Architect of Adallom (acquired by Microsoft in 2015), Noam holds an MBA from INSEAD and is the author of several patents in the area of cloud security.
Offensive Security Engineer, Red Team, Facebook
Amanda absolutely loves malware. She works as an Offensive Security Engineer on the Red Team at Facebook. Previously Malware Researcher at Endgame, FireEye, and the U.S. Department of Defense Cyber Crime Center. Received a MS in Information Systems Engineering from Johns Hopkins University, Maryland. Research interests include malware evasion techniques, rootkits, dynamic behavior classification, and developing runtime kernel detections.
Head of MSRC-IL, Microsoft
Tomer is a Principal Security Research Manager at Microsoft, where he leads the Israeli team at the Microsoft Security Response Center. His current areas of research include low-level vulnerability research, exploitation and mitigation. Previously, Tomer co-founded Armis, an IoT security startup, where he served as VP of Research. Prior to Armis, Tomer led security research at cloud security startup Adallom, which was acquired by Microsoft.
Founder @ Comae
Matt Suiche is the founder of the Cloud memory analysis start-up Comae Technologies. Prior to founding Comae, he was the Co-Founder and Chief Scientist of the application virtualization start-up CloudVolumes which was acquired by VMware in 2014.
Matt is also allegedly a fun guy according to TheShadowBrokers. Another trivia fact about Matt: He loves hummus asli.
Principal Security PM lead, Windows Cyber Defense, Microsoft
Tomer Teller is a Principal Security PM lead at the Microsoft Windows Cyber Defense group. Prior to his work at Microsoft, Teller was the Security Innovations Research Manager and Corporate Technical Spokesperson at Check Point. He has been an active speaker at industry conferences and presented his work at Black Hat, Blue Hat, RSA and OWASP. Teller holds a B.Sc. in computer science and is a proud owner of multiple patents in the field of exploit mitigations and threat detection.
Partner Director of OS Security, Microsoft
David Weston is the Partner Director of OS security at Microsoft where he is responsible for the security engineering of Windows, Windows Server, and the Azure OS as well as the Offensive Security Research Team (AKA the Windows REDTEAM).
Before leading security engineering in Windows, Davis lead the security research team for Microsoft Defender ATP the team responsible for detecting and responding to global adversaries. David has been with Microsoft since Windows 7, holding many different security roles in mitigation design, penetration testing, malware analysis, and threat intelligence. In addition to his engineering work, David is also an accomplished security researcher presenting his work at numerous security conferences including Blackhat and Defcon.
ProcessSubmissions that highlight original and innovative research, tools, vulnerabilities, etc. will be given priority.
We recommend submitting as early as possible as slots are super limited.
Authors will be contacted directly if review board members have any questions about a submission.
Once the review process is complete, all authors will receive a confirmation of acceptance or rejection (by Dec 12, 2019).
Don’t be bummed if your talk is rejected! We have year-round BlueHat events and may contact you with other options.
Regardless of the outcome – we truly appreciate your contribution to BlueHat IL and the security community.
