Speakers – IT-DEFENSE 2011

Further information to the speakers will follow after release. 

Joerg Heidrich  
Joerg Heidrich, an IT lawyer, has worked as a legal adviser for the Heise Zeitschriften Verlag (publisher of c't, iX, Technology Review, heise online) and as a lawyer in the new media sector in Hanover since 2001. After studying law in Cologne and Concord, NH, USA, he has worked on problems of the Internet and media law for 10 years. Heidrich is the author of many articles on legal aspects of IT Security and works regularly as a lecturer in this area. He has been registered as an IT lawyer since 2007. In addition, he is one of the publishers of the loose-leaf collection Heise Online Law.
Jeremiah Grossman  
Jeremiah Grossman, founder and CTO, WhiteHat Security, is a world- renowned Web security expert. A co-founder of the Web Application Security Consortium (WASC), he was named to InfoWorld's Top 25 CTOs in 2007 and is often quoted in major publications such as SC Magazine, Forbes and USA Today. He has authored dozens of articles and whitepapers, is credited with the discovery of many cutting-edge attack and defensive techniques, and is a co-author of "XSS Attacks: Cross Site Scripting Exploits and Defense." Grossman is also an influential blogger who offers insight and encourages open dialogue regarding research and vulnerability trends. Prior to WhiteHat, Grossman was an information security officer at Yahoo!, responsible for performing security reviews on the Company's hundreds of websites
Arrigo Triulzi
Arrigo is a security and networking consultant who has been playing with computers for over 20 years. His background is in Pure Mathematics and computers have always been a source of amusement mainly directed towards answering the many "what if?" questions which arise when playing with them
Cesar Cerrudo  
Cesar Verrudo is the founder and CEO of Argeniss (, a security consultancy and software firm based in Argentina. He is a security researcher and consultant specializing in application security.
Regarded as a leading application security researcher, Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. Cesar has authored several white papers on database, application security, attacks and exploitation techniques and he has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, etc.
Cesar collaborates with and is regulary quoted in print and online publications including eWeek, ComputerWorld, and other leading journals.
Charlie Miller  
Charlie Miller is Principal Analyst at Independent Security Evaluators, a Baltimore based consulting company.  Dr. Miller was the first with a public remote exploit for both the iPhone and the G1 Android phone.  He won the CanSecWest Pwn2Own competition for the last three years. Popular Mechanics listed him as a Top 10 Hacker of 2008 and he is on the list of 2010 Security Superstars by Channel Web.  He has authored two information security books and holds a PhD from the University of Notre Dame, as well as being a CISSP and GCFA. 
Joe Grand  
Joe Grand, Inventor, Engineer, Hacker, Co-Host of "Prototype This"
Joe Grand is the President of Grand Idea Studio, Inc., where he specializes in the invention, design, and licensing of consumer products and modules for electronics hobbyists. In 2009 Joe co-hosted Discovery Channel's engineering entertainment show, Prototype This, which has aired around the world.
Joe is a former member of the legendary hacker collective L0pht Heavy Industries and has testified before the United States Senate Governmental Affairs Committee regarding government and homeland computer security under his handle, Kingpin. A successful entrepreneur, Joe has been involved in electronics since the age of seven, holds four granted patents, is the author of multiple books, and is on the Technical Advisory Board for MAKE Magazine. His work has been featured in worldwide media outlets, such as CNN, Wired, The New York Times, and Forbes.
Joe received a Bachelor of Science degree in Computer Engineering from Boston University and now lives in San Francisco with his wife and young son. On occasion, he escapes his laboratory and appears in the outside world as a competitive runner and triathlete. 
Volker Kozok  
Lieutenent-Colonel Volker Kozok works in the German Federal Ministry of Defence as an official for the Commissioner for Data Protection in the German Armed Forces. For many years he held various positions as an IT Security Officer and oversaw the 11-month training of the Computer Emergency Response Team of the German Armed Forces as a training manager in 2001.
As an IT Forensic Investigator and Security Analyst he focuses on reviewing and evaluating complex IT systems, on network analysis and on auditing.
Based on his work for national and international teams on cyber security and his close ties to U.S. authorities, he dealt extensively with the issues of cyber security and cyber crime, focusing on risk management and analysis of network-based attacks.
In addition to his work, he is a frequent speaker at specialist conferences and conducts awareness training courses in the German Armed Forces and external organizations.
Christoph Wegener  
  Christoph Wegener, CISA and CISM, has a doctorate in physics and has freelanced with in IT security and OpenSource since 1999. He is the author of many articles, a member of several program committees, reviewer for various publishers and a lecturer in IP Security training. Since 2005 he has also worked for the European Competence Center for Information Technology Security (eurobits). Moreover, he is a founding member and board member of the work group Identity Protection on the Internet (a-i3) and a board member of the German Unix User Group (GUUG).
Barnaby Jack   
Barnaby Jack is the Director of Research at IOActive Labs, where he focuses on exploring new and emerging threats, and recommending areas in which to concentrate IOActive's research efforts.
Jack has over 10 years experience in the security research space and previously held research positions at Juniper Networks, eEye digital Security, and FoundStone. Over the course of his career, Jack has targeted everything from low-level Windows drivers to the exploitation of Automated Teller Machines. He has subsequently been credited with the discovery of numerous vulnerabilities, and has published multiple papers on new exploitation methods and techniques.
Kevvie Fowler  
  Kevvie Fowler (GCFA Gold, CISSP, MCTS, MCSD, MCDBA, MCSE) is the Senior Manager of Managed Security Services at TELUS Health and Finance solutions. He is also the founder and principal consultant of Ringzero, a research and consulting company specializing in the security and forensic analysis of Microsoft technology.   
Kevvie is the author of "SQL Server Forensic Analysis" and contributing author to several information security and forensics books. 
Jana Diesner  
Jana Diesner is a PhD Candidate at Carnegie Mellon University, School of Computer Science, Center for Computational Analysis of Social and Organizational Systems. In her work she combines methods and theories from computer science, especially natural language processing and machine learning, with network science and the social sciences. The goal with her interdisciplinary research and related software development is to contribute to the efficient and accurate analysis and a better understanding of the co-evolution and interplay of language and other types of behavior in real-world socio-technical networks. Jana teaches courses, workshops and tutorials in her areas of expertise. Her work has been published in peer-reviewed international journals and conference proceedings. For more information see
 David Zollinger  
Lic.iur. David Zollinger, 1965
1965 Born in Zurich; high school graduation
1983 Medical, Chinese, Japanese studies
1992 Master's Degree in Jurisprudence from the University of Zurich. Work in a law firm and in court.
1996 Elected District Attorney in Zurich
1998 Joining the Anti-Money Laundering Department / international assistance in criminal matters; specialization in economic crimes
2000 Appointed Head of the Department (Senior District Attorney) in the Canton of Zurich
2007 Joining Wegelin & Co. Privatbankiers as a Member of the Management Committee, Head of the "New Markets" Department
Co-author of the legal commentary on the Swiss Money Laundering Act; former representative of the Swiss judiciary in the working group of the Swiss Federal Banking Commission for Money Laundering Prevention; expert for international legal assistance in criminal matters; lecturer in post-graduate studies "combat economic crime" (MAS ECI) in Lucerne / Switzerland; regular author for Swiss media in justice, politics and society. 
Fabian Mihailowitsch  
Fabian Mihailowitsch studied information technology with course specialization in software engineering and worked as a Java software developer for three years. However in 2008 he decided to make his hobby to his profession. He joined cirosec and works as IT security consultant since then. In his job he performs code review's and does penetration tests of different kinds of applications and networks. In his free time (spent on IT-security) he likes to develop and play around with linux rootkits. Recently his private research led him to hardware based keyloggers...
Dino Dai Zovi  
Dino Dai Zovi, currently an independent security consultant and researcher, has been working in information security for over 9 years with experience in red teaming, penetration testing, software security, and information security management. Mr. Dai Zovi is also a regular speaker at information security conferences having presented his independent research on memory corruption exploitation techniques, 802.11 wireless client attacks, and Intel VT-x virtualization rootkits over the last 10 years at conferences around the world including DEFCON, BlackHat, and CanSecWest. He is a co-author of the books "The Mac Hacker's Handbook" (Wiley, 2009) and “The Art of Software Security Testing” (Addison-Wesley, 2006). In 2008, eWEEK named him one of the 15 Most Influential People in Security. He is perhaps best known in the information security and Mac communities for winning the first PWN2OWN contest at CanSecWest 2007.
Chris Böhme  
Chris Böhme, an electronic engineer by training, is currently the lead software architect at Pinkmatter Solutions. Since 1994 he has been involved in designing and building network security and crypto appliances. In 2002 he co-founded the software development house Pinkmatter Solutions, a company specializing in interesting software, ranging from natural language processing to satellite imagery.
He is currently involved with Paterva, architecting the information collection and visualization tool Maltego. Chris's pet projects include unifying spatial information and mined data for meaningful information gathering and building the ultimate robotic girlfriend...  
Karsten Nohl  
Dr. Karsten Nohl operates a security research laboratory in Berlin. As a cryptographer he analyzes technical systems there and identifies design errors in very common devices. As a consultant, Karsten advises DAX companies on the quantification of IT risks and on best practice design of critical systems.  

Andrew MacPherson

Andrew MacPherson is the lead developer at Paterva. He completed a degree in Information Science (BiS) at the University of Pretoria in 2006 and set out into the world building web applications. This experience gave him an excellent understanding of how they work and opened his eyes as to how they can be leveraged for information. It was during this time that Roelof Temmingh flagged him as someone that would be a valuable asset to Paterva and picked him up in 2007/8. Since then he has been coding transforms, throwing ideas together and making tea. He is very passionate about the product and accepts all challenges. Andrew was recently nominated as one of the top 200 young South Africans to watch by the South African newspaper the Mail and Guardian.

Nicolas Bareil

Nicolas Bareil is a research security engineer at EADS Innovation Works. He works on Linux hardening, sandboxing and everything UNIX related. He likes contributing patches in security tools and in the Linux kernel.