ROOTCON Blog

No need for an explanation here! We salute the guy behind the Metasploit Framework. Despite leaving Rapid 7, his legacy can never be forgotten. We really want you man!

Before the founding of Bluebox Security, Caleb Sima was EIR at Andreessen Horowitz. Prior to this Caleb was CEO of Armorize Technologies, an internationally acclaimed, SaaS-based malware monitoring and code security analysis firm headquartered in San Francisco. Before his tenure at Armorize, Caleb served as Chief Technology Officer for HP’s Application Security Center and was responsible for directing the lifecycle of the company’s web application security solutions. He joined HP following the acquisition in 2007 of SPI Dynamics, the company he co-founded and led as CTO, where he oversaw the development of WebInspect – a solution that set the bar in Web application security testing tools. Prior to co-founding SPI Dynamics in early 2000, Caleb worked for Internet Security Systems’ elite X-Force R&D team and as a Security Engineer for S1 Corporation.

Jason Haddix

Jason is an influential bug bounty hunter, the Director of Technical Operations at Bugcrowd Inc and a former Director of Penetration Testing at HP Fortify. He trains and works with internal application security engineers to triage and validate hardcore vulnerabilities in mobile, web, and IoT applications/devices. Together with Daniel Miessler, they head the OWASP IoT, OWASP SecLists and OWASP Mobile Top Ten projects. He is a great web and mobile hacker. He was our keynote last year and we hope that he will be back again for this year.

Vivek Ramachandran

"Hello all! This is Vivek..." - these are the famous lines and introduction in most of Vivek's videos in SecurityTube.net and Pentester Academy where he is the CEO of the two platforms. He is a known BlackHat Trainer for Wireless Penetration Testing. He also discovered the Caffe Latte attack, broke WEP Cloaking, and conceptualized enterprise Wi-Fi Backdoors. He is definitely a badass wireless security person and we want his expertise for ROOTCON X!

John Menerick

We want this Security Dragon at Netsuite back for this year! He has presented two topics at ROOTCON IX and he delivered it well. His slides are funny and exceptional. You doubt this guy? Watch the DEFCON videos!

Mariano Nunez

He is my inspiration to SAP Security Testing because for authoring Bizploit Framework which is an open source ERP Penetration Testing framework. He is the CEO and co-founder of Onapsis which is an authority in SAP cyber security field.  According to sources, he was the first to publicly present on cyber security risks affecting SAP platforms and how to mitigate them.

James Fitts

James works at HP Fortify where he breaks mobile applications (primarily Android). He is also an exploit developer and has contributed modules to the Metasploit Framework. He has delivered an awesome topic about Android Application Assessments during the Mobile Hacking Summit (MHS) at Blackhat USA 2014.

Blake Self

Blake is one of the crew members of SOLDIERX who has been an active speaker at DEFCON. He co-authored the first commercial encrypted instant messenger with Dr. Cyrus Peikari while at VirusMD. He has worked previously at SIPRNET Administrator, Department of Defense Red Team Analyst, and R&D at various corporations. I love his talk last DEFCON 22 entitled "Don't DDoS Me Bro: Practical DDoS Defense".

Rahul Sasi

He is the founder and CTO of Cloudsek. He is one of the most sought after Indian Information Security Researcher and one of the core members of Garage4hackers. He has also spoken at various hacker conferences every year.

Aseem Jakhar

He is the Founder at hardwear.io, Research Director at Payatu Labs and Founder/Organizer at NULLCON (India's Premier Hacking Conference). He is the author of open source Linux thread injection kit -Jugaad and Indroid which demonstrate a stealthy in-memory malware infection technique.

Micah Hoffman
He is also known as @WebBreacher in Twitter. He is an active member in the NoVAHackers community, writes Recon-ng modules, SANS Certified Instructor and enjoys tackling issues with the Python scripting language.

Alexander Polyakov
Alexander is another authority in SAP Cyber Security. He is the founder of ERPScan and President of the EAS-SEC.org project. Recognized as an R&D professional and Entrepreneur of the year, his expertise covers the security of enterprise business-critical software like ERP, CRM, SRM and industry specific solutions for Oil and Gas, Manufacturing, Retail and Banking; as well as other verticals developed by enterprise software companies such as SAP and Oracle.

Raymond Nunez
Mon has been a consultant to international organizations such as WHO and NEC, is the Co-Head Security Architect of DOST-ICTO for the Integrated Government Project (iGov), the Network Infrastructure and Security Consultant of the UP Computer Center, etc.

A member of Team Manila, Mon, with Paul Prantilla, has competed in the DEFCON 22 in Las Vegas this 2014. The team participated in multiple contests achieving 4th out of 264 teams for the Network Forensics Puzzle Contest (NFPC), and also 4th at the Capture the Packet Contest (CTP) championship round. They also competed in the 2014 Capture The Flag contest at Hack In The Box, Kuala Lumpur -- making them the first and only team from the Philippines to ever compete in an international CTF event.

Bruce Schneier
Bruce is one of the most influential security guru in the field of cryptography. He has been involved in the creation of many cryptographic algorithms: Skein, Solitaire, Phelix, Helix, Fortuna, Yarrow algorithm, Twofish, Blowfish, Threefish, and MacGuffin Pictures.

Christopher Elisan
Sir Tophs has spoken at ROOTCON for two conferences already and yes we want him back! He is the Principal Malware Scientist at RSA. He has a long history of digital threat and malware expertise, reversing, research and product development started at Trend Micro as one of the pioneers of TrendLabs where he honed his skills in malware reversing. He then built F-Secure’s Asia R&D where he spearheaded projects in vulnerability discovery, web security and mobile security. After F-Secure, he joined Damballa as their resident malware subject matter expert and reverse engineer. He speaks at conferences around the world and frequently provides expert opinion about malware, botnets and advance persistent threats for leading industry and mainstream publications. Elisan’s published works include "Advanced Malware Analysis."

Shawn Webb
Shawn a.k.a lattera is a Security Engineer and Co-founder of the HardenedBSD project. It would be nice if he can introduce his project during ROOTCON 10. He is also a long-time crew member of SOLDIERX.

NJ Ouchn
He is the organizer of the major event Blackhat Arsenal Tools (US and Europe) since 2011 and the founder and the main maintainer of toolswatch.org. He also maintains the projects; DPE (Default Password Enumeration), vFeed® the open source correlated & cross-linked vulnerability database, FireCAT the Firefox Catalog of Auditing exTensions, and KromCAT – Google Chrome Catalog of Auditing exTensions. Maybe he can organize an event like Arsenal Tools? Let's see!

Daniel Cid
He is the founder of the open source OSSEC HIDS and the Founder/CTO of Sucuri. He is also the co-writer of the Host-Based Intrusion Detection book and is an active writer at blog.sucuri.net.

Tavis Ormandy
Tavis has been seen nowadays in the mailing lists and exploit databases breaking antivirus software. This guy is legit since he is currently employed by Google as part of their Project Zero team. Tavis you are an inspiration!

Dan Duplito
Dan is one of the few elite hackers in the Philippines who is a chick magnet according to Tikbalang. He is the Vice-President of the Information Security Division in PSBank, one of goons of ROOTCON, and an Outstanding ASEAN CISO Awardee for 2013.

Craig Smith
Craig runs runs Theia Labs, a research firm that focuses on security auditing and building hardware and software prototypes. He has worked for several auto manufacturers and provided them with his public research. He is also a founder of the Hive13 hackerspace and OpenGarages.org. Craig is a frequent speaker on car hacking and has run workshops at RSA, DEF CON, and other major security conferences. He is the author of the book "Car Hacker's Handbook: A Guide for the Penetration Tester".

Douglas Berdeaux
He is the founder of WeakNet Laboratories, and the lead developer of known open-source security projects and tools like WEAKERTHAN Linux, WiFiCake-NG, WardriveSQL, GPS-Parser-ng, WPA Phishing Attack for EAP Phishing, SSWR (Scripted Security for Wireless Routers), Catchme-NG, Perlwd (Perl UNiX MD5 HASH Cracking application), and many more.

Oh wait, you are not on the list? Don't worry! If you think you can do better than these guys which I think you can then please submit your talk at cfp [at] rootcon [dot] org and follow the instructions here: https://www.rootcon.org/xml/rc10/cfp.

This years' ROOTCON 9 has been dubbed as the ROOTCON All Star, we have different speakers and con-goers from around the globe. It wouldn't be possible without the RC Goons, Sponsors, Speakers and of course our awesome con-goers. 

Hats down to our ROOTCON Elite Sponsors:

Kaspersky Lab

HP Fortify on Demand

Netsuite Security

F5 Networks

Tenable Security

First DataCorp

Accenture

And to the rest of the sponsors big hugs to you guys.

MISNet Education

PaloAlto Networks

Rapid 7

Pandora Security Labs

Citi

Security Matters

Inquirer

and to Smiffnoff Mule for providing us drinks at our epic post-con party.

A quick note: What you get at ROOTCON is what you made ROOTCON for you.

Cheers everyone and see you all next year.

All The Best,

Dark (semprix) Meister

Pre-final tracks can be found here

Get to know our ub3r4w3s()me speakers here

We will be posting ROOTCON 6 schedule soon.

What are you waiting for? Register now (Early Registration closing on June 30, 2012) and witness the fun and educational event this coming September 7-8, 2012.

Hope to see you all at the CON.

Our 2 months run for the early registration will be closing this coming June 30, 2012. If you haven't registered yet, register now to get big discounts!!! 

Visit the registration page now!!!

Who Wants To Speak?

ROOTCON is looking for InfoSec Celebrities both local and internationl. If you think you have the skills and talents to be one of the InfoSec celebrities we will be delighted if you will join us =)

As a backgrounder ROOTCON is a grassroots event, organized by users for users.  We welcome attendees from all over the world, after all security is borderless and global in nature.   We support sharing best practices and appreciate cooperation from our international supporters.  If you would like to speak at our event and reside outside the Philippines, we will be happy to sponsor your hotel but are currently not able to sponsor any international airfares due to our volunteer-driven organization.  

 Support the Hacker Community Globally!!!

Hackers Unite