Nullcon was formed in 2010 with the goal of offering a centralized forum for exchanging knowledge on the most recent attack vectors, zero-day vulnerabilities, and unknown dangers.
The conference’s goal is to explore and display the future of information security and the next generation of offensive and defensive security technologies, as reflected in their tagline, The neXt security thing!
Nullcon is a large venue for sharing expertise on zero-day vulnerabilities, the most recent attack vectors, and other cyber dangers. Security researchers and specialists from a variety of industries debate information security while also demonstrating a variety of offensive and defensive security methods.
Desi Jugaad is a segment of the nullcon conference dedicated to hackers or researchers who come up with creative solutions to real-world problems and are committed to new cybersecurity projects.
Their Cloud Security Posture Management and Threat Protection event will be hosted by Sakaldeep Yadav (Azure MVP) and Suman Tiwari (App Sec SME). Both of them will present a combined session on Cloud Security Posture Management and Threat Protection. In this presentation, they will discuss how to obtain security visibility of cloud resources and what best practices are being used in industries to safeguard cloud resources. The program will also go through how to harden your resources, monitor your security posture, defend against cyberattacks, and streamline security administration.
Hardwear.io USA 2022
Hardwear.io USA 2022 will be held in Santa Clara, California from June 6 to 10, 2022.
The event has up-skilled in virtual event management and successfully negotiated the swathes of new platforms over the last two years – and while it was an incredible experience, everyone’s hearts still beat for in-person events!
The objective over the last several months has been to knuckle down and put up a physical event so that when the epidemic is over, everyone can come together and hang out in a safe atmosphere. Finally, physical events have returned!
From June 6 to 10, buckle up for extensive in-person trainings, top-tier hardware-security presentations, professional networking, thrilling CTFs, and a difficult HardPwn.
Securing IaC – The Attack and Defense
With the introduction of continuous integration and continuous deployment (CI/CD) pipelines, as well as the ever-increasing demands on IT infrastructures, the need for consistent and scalable automation has grown. In this case, infrastructure as code (IaC) is beneficial.
When the IaC technique is incorporated into the CI/CD pipeline and versioning is enabled, it allows the company to improve its security posture and maintain security and compliance over time while adapting to changing business needs. As a result, security concerns, non-compliance, policy violations, and misconfigurations may be avoided both before and during runtime. It also aids in the reduction of security posture drifts.
This webinar will look at how to handle security risks in cloud settings using Terraform/Cloudformation IaC from an attack/defense viewpoint.
Nullcon International Security Conference and Training – Sep 2022
Payatu Technologies is in charge of Nullcon’s management and marketing, and the conference was first held in 2010.
Security has become increasingly important with the development of cutting-edge technologies since technology carries with it a wide variety of risks. In addition, we want to reassure you that we are here for you whenever you need us. You will get the opportunity to network with a wide variety of individuals and receive valuable insights from them in order to maintain your competitive edge in cyberspace.
The Open Security Community, which is India’s most active and largest security community, was the inspiration for the creation of Nullcon. This society is a recognized non-profit organization. The annual nullcon conference provides a one-of-a-kind venue for security firms and evangelists to present their latest research and technological advancements. During the conference, there will be a Prototype, Exhibition, Training, and Free Workshops, as well as a blank Job Fair. It is a platform that is integrated and organized, and it provides a comprehensive solution to the demands of the information technology security sector as a whole.
Here are some scheduled highlights for this talk:
Research-driven technical talks
CXO Track
Hands-on training sessions
Keynotes from renowned security researchers
Exhibition
Activities, such as CTFs and resume clinic
Nullcon networking party
Proud to recommend one of our partners: The Australian Cyber Conference in Melbourne!
Interview
We caught up with one of the nullcon organizers, Aseem Jakhar, to ask a bunch of questions about the nullcon conferences.
nullcon is a premier IT Security event that takes place each year in Goa, India.
The guys at nullcon are a super-friendly bunch and they always submit their events to our directory so yes, I’m always appreciative and delighted to help out the guys and gals as much as I can. There’s no doubt, nullcon is a fantastic event; mostly because they pack so much into the event which includes training, a CTF competition and of course the actual speaking events.
I’d wholeheartedly recommend everyone with an interest in Cybersecurity in India to attend nullcon.
I caught up with one of the founders, Aseem Jakhar, to ask him a bunch of questions regarding nullcon which you can read about below.
Aseem is a well-known security researcher with extensive experience stemming from programming to consulting. In India, he is a well-known personality in the hacking and security community as well as being the co-founder of null.
The Interview
We run a series at InfoSec-Conferences called “Spotlight” in which we shine a torch on a conference. This week we chose nullcon. We typically contact the founder, or co-founder and ask them a bunch of questions. Here’s what Aseem had to say.
What is the origin of nullcon and what is the meaning behind the name?
In 2008 we started a non-profit security community in India called null – The open security community. The idea was simple i.e. to learn and share by having monthly meets, focused workshops. Today It is run by volunteers all around the world and had 9 chapters Pan-India and 3 chapters outside – Singapore, Dubai, Amsterdam. So, somewhere in 2009 after seeing the interest in security folks here, we decided to organize a conference.
Interestingly we had created a list of names including hacker-camp, hackfest etc. Finally we decided on nullcon as a tribute to the community. Some people to date think that nullcon is organized by null. However, it is organized by our company Payatu Technologies as mentioned on our website as well.
null on the other hand, is our principal community partner for the conference. After all, our journey started from null and it has been a great source of inspiration and an excellent teacher 🙂
I understand that you also have a bunch of other events in India and the rest of the world, can you explain a little more about them?
Oh yes, we mainly organize two different conferences nullcon and hardwear.io. In 2014, we started seeing a lot of hardware-based attacks and got interested in it. We also had a lot of interest in hardware security. When we looked in the security market there were hardly any conferences focussing specifically on hardware security from both offensive and defensive perspectives. It did not take us time to finalize that we are going to organize a hardware security conference. However, choosing a place took most of the time. We looked at most European countries and finally zeroed in on The Hague, The Netherlands.
The conference name was another challenge, we came up with a list and finally chose – hardwear. It signifies hardware protection.
What makes nullcon different to the other Cybersecurity Conferences in India?
Every event has its charm. All I will say about nullcon is that it is the place where almost all security researchers, hackers and companies meet once a year and have loads of fun, networking, learning, and hacking at the beach. We are proud to create a balanced conference that has the hacker touch and also appeals to the corporate, given the amount of HiTech knowledge that is shared at the conference. Also, I cannot find words to describe the atmosphere and vibe at nullcon, you have to come and see for yourself. So, if you are in Asia and have not been to nullcon, you are missing one of the largest security community gathering in Asia.
How do you select speakers and their research? The reason we ask is to help people that might be interested in applying to speak at nullcon in 2018.
The speakers submit their talks to our Call for Papers. We have an external review panel that reviews and scores the submissions. We then take the cumulative scoring and go through the papers ourselves to finally select the finest papers. For speakers few things to take care when submitting:
Provide as much in-depth technical details as possible.
Typically research already presented elsewhere mostly gets a little less scoring as we want the present the latest research to our attendees. Usually, submitters think that if their paper is accepted at a big conference, it is most likely going to be accepted at regional conferences. However, that’s exactly the opposite at nullcon as we prefer to have more new research than old.
Submissions that mention “we can’t disclose it in CFP due to Bla Bla” also get filtered out in the last stage.
How would you like to see nullcon evolve in the future?
The future plans for nullcon include moving to southeast Asia in addition to Goa, we are still looking at cities where we can organize nullcon. In addition to conferences, we plan to organize training-only events in Asia. For hardwear.io we are moving to the US, in addition to The Hague, in a year and then maybe Asia in another 3-4 years. If the community has any suggestions, please do let us know.
Do you see a growth in Cybersecurity in general in India?
Definitely.
Looking back, when we started nullcon, it was too difficult to convince corporates why they need to invest in security and convince security professionals the importance of participating in a security conference. Since then, our efforts at null, nullcon, general cyber attacks and cyber crimes around the country have changed the mindset of corporates as individuals. Many companies are now investing in opening their security centers in India.
A lot of companies come to nullcon to recruit. There is a growing demand for security products in India. Finally, there is an awesome security talent in India. We were surprised to see really good submissions from India starting from the second nullcon in 2011 onwards.
In Summary
We wish the nullcon team the best of luck, especially after the turbulent 2020-2021.
Follow us on Twitter for alerts, or join our LinkedIn with over 6K members!
