Speakers – IT-DEFENSE 2010

Andrea Barisani 
  Andrea Barisani is a security researcher and consultant. His professional career began 10 years ago but all really started when a Commodore-64 first arrived in his home when he was 10. Now, 19 years later, Andrea is having fun with large-scale IDS/Firewalls deployment and administration, forensic analysis, vulnerability assessment, penetration testing, security training and his Open Source projects. He eventually found that system and security administration are the only effective way to express his need for paranoia. 
Being an active member of the international Open Source and security community he's maintainer/author of the tenshi, ftester projects as well as the founder and project coordinator of the oCERT effort, the Open Source Computer Emergency Reponse Team. 
He has been involved in the Gentoo project, being a member of the Gentoo Security and Infrastructure Teams, and the Open Source Security Testing Methodology Manual, becoming an ISECOM Core Team member. Outside the community he has been a security consultant for Italian firms and he's now the co-founder and Chief Security Engineer of Inverse Path Ltd. 
He has been a speaker and trainer at PacSec, CanSecWest, BlackHat and DefCon conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, LDAP and other pretty things.
Daniele Bianco  
Daniele Bianco is a system administrator and IT consultant. He began his professional career as a system administrator during his early years at university. His interest for centralized management and software integration in Open Source environments has focused his work on design and development of suitable R&D infrastructures. One of his hobbies has always been playing with hardware and electronic devices. At the time being he is the resident Hardware Hacker for international consultancy Inverse Path Ltd. He has presented at many IT security events and his works have been quoted by numerous popular media. Daniele holds a Bachelor's degree in physics from University of Trieste.


Pete Finigan
  Pete is a world renowned expert in the area of Oracle security providing consultancy, design, security audits and trainings all in the area of Oracle Security. Pete is a member of the Oak table network, he has spoken regularly all over the world at various conferences such as UKOUG, PSOUG, BlackHat and Risk. Pete is a published author on Oracle security and researches and writes about the subject regularly. Pete also runs his website dedicated to Oracle security". 
Prof. Dr. Thomas Hoeren
Born in Dinslaken on August 22, 1961. 1980 - 1987 theology and law studies in Münster, Tübingen and London. 1986 Church licentiate degree in theology. 1987 First State Examination in Law, 1991 Second State Examination in Law. 1989 Doctorate at the University of Münster (title of dissertation: „Software Licensing as a Product Purchase"). 1994 Habilitation at the University of Münster (title of habilitation: „Self-regulation in Bank and Insurance Law). 1995 - 1997 Professor at the Law Faculty of the Heinrich-Heine University Düsseldorf (Professorship for Civil Law and International Business Law). Since April 1996 "Judge at the Court of Appeal (Oberlandesgericht) Düsseldorf. Since April 1997 Professor at the Law Faculty of the Westfälische Wilhelms-University Münster (Professor of IT Law and Legal Informatics) and Managing Director of the Institute for Information, Telecommunication and Media Law (ITM). Focus of research: IT law, legal informatics, bank and insurance law, competition and anti-trust law, international business law. Co-editor of the journals „Law, Computers and Artificial Intelligence", „EDI-Law Review" and „MultiMedia and Law". Legal Adviser to the European Commission/DG XIII on the „Legal Advisory Board on Information Technology". Member of the Task Force Group on Intellectual Property of the European Commission. Since June 2000: WIPO 2000, Domain Name Panelist. Member of the Communication Committee of the German UNESCO Commission. 2004: Research Fellow at the Oxford Internet Institute/Balliol College. Lecturer at the Academy of Art Münster, focusing on copyright law and art trade law. Lecturer on Information and IT law at the Universities of Zurich and Vienna. Member of the Kulturrat Münsterland. 2005: honored with the ALCATEL-SEL Research Award „Technical Communication". Member of the Technical Committee for Copyright and Publishing Law of the German Association for Intellectual Property and Copyright Protection. Since 2006: Liaison lecturer at the Studienstiftung des Deutschen Volkes. Married, two children.
Volker Kozok  
Lieutenant-Colonel Volker Kozok works in the German Federal Ministry of Defence as an official for the Commissioner for Data Protection in the German Armed Forces. For many years he held various positions as an IT Security Officer and oversaw the 11-month training of the Computer Emergency Response Team of the German Armed Forces as a training manager in 2001.
As an IT Forensic Investigator and Security Analyst he focuses on reviewing and evaluating complex IT systems, on network analysis and on auditing.
Based on his work for national and international teams on cyber security and his close ties to U.S. authorities, he dealt extensively with the issues of cyber security and cyber crime, focusing on risk management and analysis of network-based attacks.
In addition to his work, he is a frequent speaker at specialist conferences and conducts awareness training courses in the German Armed Forces and external organizations.
Moxie Marlinspike
Moxie Marlinspike is from the Institute For Disruptive Studies, a radical think-tank for hackers and co-conspirators who wish to operate outside of both the professional sphere as well as academia.  He is also a licensed 50-ton master mariner, and delivers yachts world-wide.
Frank Roselieb  
Frank Roselieb (40) is managing director of Crisis Navigator - Institute of Crises Research, a „spin-off" of the University of Kiel (Germany). In addition to this he's managing member of the board of the German Crises Management Society (DGfKM), which is the professional organization of crises manager, consultants and researchers in Germany.
Saumil Shah
  Saumil Shah is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker, having regularly presented at conferences like Blackhat, RSA, CanSecWest, PacSec, EUSecWest,, Hack-in-the-box and others. He has authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book". Before Net-Square, he worked with Foundstone Inc and Ernst & Young in the US, and is currently a guest faculty at the Indian Institute of Management, Ahmedabad for their Management Development Programmes. Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time traveling around the world and taking pictures. 
Johnny Long  
HACKER - Johnny’s spent his career breaking into the world’s most secure facilities as a professional hacker. His insight into the threats your clients face is first hand, and his recommendations come from real-world experience attacking and securing hundreds of Fortune 100 and Government networks and facilities.
AUTHOR - Johnny’s writing, editing and collaboration efforts span a dozen book projects. He is described as “a great author who knows how to tell a story in a captivating way.” His Google Hacking for Penetration Testers and No-Tech Hacking books have become publisher and industry bestsellers and are described as “must-have, essential, scary reads” and “true eye-openers”.
PERSONALITY - Johnny is very comfortable in mixed-media environments and has been referenced and featured in many media outlets including network and cable television (CNN, CNBC, CBS), newspapers (The Wall Street Journal, The Washington Post, The Baltimore Sun), print magazines (PC World, Wired,
Network World, New Scientist) online news outlets (ZDNet, The Register, Slashdot) and other alternate media outlets.
CHARITY FOUNDER - Johnny is the founder of Hackers For Char i t y (, an organization that seeks to connect the skills of the hacker community with charities like AOET ( that need those skills. HFC seeks to empower the world’s most vulnerable citizens while providing positive outlets for hackers and providing them referrals to help secure work they are passionate about.
PUBLIC SPEAKER - Johnny is passionate about what he does, and it shows through his presentations. He’s best known for “owning his audience” and “cracking up even the toughest crowds” (Robin Mejia, Wired magazine). His talks have been lauded as “great icebreakers [...] not the boring stuff I’m used to” (Congressman Dutch Ruppersberger) and “hilarious”. A “most entertaining speaker” (Sean Kearner, Internet News)
Johnny is known for his engaging stage presence and “fascinating talks” (CNET News) that “fill rooms like a rock star” (Jeff Moss, Founder of Blackhat and DEFCON security conferences). But there’s more to a great talk than showmanship. Johnny’s talks chronicle the oft-complex threat of computer criminals, a topic normally reserved for the most technical audiences. This is where Johnny’s presentation skills shine. Using audience participation and dynamic pacing, Johnny is an expert at reading his audience. This allows him to cater to both technical and non-technical audience members,
providing them each with insight and equipping them with simple defensive measures to protect themselves and the organizations they serve.
Martin Roesch 
  Martin Roesch has a long history of identifying real-world challenges and developing solutions that address those exact needs, delivering innovative technologies that consistently change the way users protect their networks and assets. In 1998 he developed Snort, which quickly became the world's most widely deployed Intrusion Detection and Prevention technology with more than 225,000 active users and over 3.7 million downloads to date. Snort is the de facto standard for intrusion detection and prevention, used extensively by Fortune 100 and Global 500 enterprises. Snort's success served as a springboard for Roesch to start Sourcefire in 2001 where he continues to serve as its Chief Technology Officer, responsible for the technical direction and product development efforts.

Over the past 10 years, Martin has developed various network security tools and technologies, including intrusion prevention and detection systems, honeypots, network scanners, and policy enforcement systems for organizations such as GTE Internetworking, Stanford Telecommunications, Inc., and the Department of Defense. He has applied his knowledge of network security to penetration testing and network forensics for numerous government and large corporate customers. Martin has been interviewed as an industry expert in multiple technology publications, as well as print and online news services such as MSNBC, Wall Street Journal, CNET, ZDNet, and numerous books. Snort has been featured in Scientific American, on A&E's Secret Places: Inside the FBI, and in several books, such as Network Intrusion Detection: An Analysts Handbook, Intrusion Signatures and Analysis, Maximum Security, Hacking Exposed, and others.

Roesch's leadership has expanded beyond Sourcefire to permeate the security and open source communities. Most recently, Roesch was named one of eWeek's Top 100 Most Influential People in IT and was a finalist for Ernst & Young's 2008 Entrepreneur of the Year Awards. To view Sourcefire's awards, go to
Karsten Nohl
Karsten is a security researcher and cryptographer. His academic research deals with privacy protection, while his white hat hacking projects focus on cryptographic hardware. Karsten analysed and found to be insecure most major RFID smart-cards including Mifare, Hitag, Legic, HID, and Atmel CryptRF as well as the popular DECT cordless phones. Towards more security in everyday devices like phones and credit cards, Karsten raises public awareness about the wide-spread use of weak cryptography and advises companies ready to improve from there.
Barry Wels 
  Barry Wels earned his nickname “The Key” when he started picking locks around 1985. As cofounder of the infamous hacker magazine Hack-Tic, he had a logical place to publish articles on lockpicking in the early 1990s. His first presentations and workshops took place at the HEU (Hacking at the End of the Universe) conference and in Bielefeld at the “public domain” sessions (both in 1993). Many presentations followed, including the HOPE conferences (H2K, H2K2, and The Fifth HOPE). Some of these presentations can be downloaded for free at: Barry is one of the founders and president of Toool, a lockpick sportgroup in the Netherlands. Toool stands for The Open Organization Of Lockpickers. Just like their German friends in they pick locks as an official sport, complete with championships. Besides picking locks Toool members also study locks, sometimes finding huge and previously unpublished flaws. Needless to say, the lock industry is not always too happy. Lately, some smarter lock companies have started asking Toool what they think of a lock before commencing mass production. Even though some offers were made to get him to work for the lock/security industry, Barry still works at CryptoPhone. As one of the cofounders of CryptoPhone, he thinks it is important to fight the battle for publicly accessible secure mobile communications. CryptoPhone is the first and only secure cellular, landline, and satellite phone company that publishes the complete source code to its products. This allows the cryptographic/academic community (and the public at large) to look for flaws or backdoors in the product. Just as with mechanical locks, Barry believes in security through transparency, not through obscurity.
Loïc Duflot
Loïc Duflot is a research engineer for the French National Information System Security Agency (ANSSI) where he holds the position of head of the Architecture and Network Lab. He holds a PhD in Computer Science and two engineering degrees. He is mostly interested in Trusted Computing and PC hardware-related security issues and he is looking at the security of interactions between software and hardware. His work has been published in various security conferences such as Pacsec, Cansecwest, ESORICS, SSTIC, Trust, etc.
Jan Krissler aka Starbug
Jan Krissler studied microsystems technology and computer engineering in Berlin and works since his diploma at the Fraunhofer Institut for reliability and mikro integration. Since 5 years he is engaged with the overcoming of biometric systems and reverse engineering of RFID-Chips.
Bruce Dang
During the day, Bruce works in the Microsoft Security Response Center Engineering group and dedicates his time to protecting customers from various types of malicious software on the Internet. This involves helping customers write generic signatures to detect exploits at various layers in the stack; sometimes he presents technical information about targeted attacks. At night, he reads non-technical books and sleeps. Once in a while, he analyzes random file format exploits. In his free time, he enjoys reading and learning about computer security, linguistics, philosophy, and history. He is currently writing a book on the subject of reverse engineering.