Krishna Bahirwani speaks to Aseem Jakhar, Founder, null – The open security community to explore how Nullcon became one of India’s biggest and most popular security confrences.
What has the journey been like so far with Nullcon ?
It has been a roller coaster ride. I still remember the days when we conceptualised the idea of nullcon. It took some time to convince the corporate sector one the need for such highly technical security conference. Today, nullcon is a go-to place for security experts/corporates/enthusiasts and the Government. The first nullcon had around 117 people attending the conference and at our fifth Anniversary in 2014 the footfall was more than 500. But we are happier to see contribution from the local security experts in terms of innovative papers and excellent security research. The idea behind the conference is to provide a platform to discuss the next-generation of cyber-attacks and defences and we have the honour of hosting renowned security researchers. As we have grown over the years we have also seen a growth in the awareness as well as research in the cyber security domain within the country and we are really proud of being a small enabler in this space.
Where did the inspiration to start Nullcon come from?
We also run a non-profit organisation called null – The open security community (http://null.co.in). null was the original spark that inspired us to leave our current jobs and do what we love to do. We then founded nullcon Security conference in 2010. The idea behind organising nullcon was to create a platform for researchers and organisations to brain storm and demonstrate why the current security technology is not sufficient and what should be the focus of the security industry in the coming years. Everyone thought that this is not a sustainable work, however our passion towards Cyber security kept us going and we are today happy to see the results.
Tell me about the training for professionals at the conference?
Our trainings are different from the general security trainings provided at most places. We try to keep focused and niche security trainings. For example we have training on SCADA systems security, software exploitation, web Browser fuzzing, advanced web hacking, Reverse engineering, offensive HTML and so on and so forth. All these trainings are delivered by renowned experts in their field. Before nullcon it was difficult for people to get trained on niche subjects as everyone used to focus only on conventional ethical hacking courses. We have changed that mind set and security professionals now demand highly technical trainings which is a must for upgrading your skills.
How does Nullcon aim to make a difference when it comes to the condition of the information security industry in India?
Our motto “The next security thing” drives the objective of the conference i.e. to discuss and showcase the future of information security and the next generation of offensive and defensive security technology. We are constantly in search of new research locally that can be practically applied to secure our assets. We provide speaking opportunities to Indian researchers based on the innovative research they do instead of looking at their medals and past achievements and we strongly believe that this motivates more professionals in India to focus on knowledge rather than credentials. We have a very vibrant security community in India and we are proud to be a part of it.
What are the key highlights of this years conference?
Nullcon is a four day event. The first two days are dedicated to advanced security training provided by renowned security experts, followed by a two day conference which comprises of talks, CXO panel discussion, workshops, exhibition, hacking competitions and recreational activities.
Hacking Competitions – There are going to be three different hacking competitions this year.
a. HackIM (Powered by EMC) – It’s a 2 days on-line cyber security challenge that will start on 9th Jan 2015. The top 30 winners will get exciting prizes such as Samsung Gear, Arduino Hardware Kit, Free conference pass and 2 nights of stay at the venue. Anyone can register and play the competition at http://ctf.nullcon.net
b. EMC Defenders League – The Top 30 winners of HackIM will be invited to nullcon to play EMC Defenders league and the first winner will take away INR 500000/- as prize.
c. Winja – This is a cyber security challenge organised by women volunteers from the null security community. It will be held at nullcon for the women attendees. The name is a combination of Woman + Ninja as we needed some fancy name. The aim of this challenge is to get more women involved in cyber security field to fulfil the need of the Government as they require around 500000 cyber security professionals in a few years as mentioned in the “National Cyber Security Policy”.
We have some amazing workshops lined up for nullcon Goa 2013 ranging from Malware analysis, Windows Network driver exploitation and analysis, Hardware reverse engineering to physical security. The workshops will be free for nullcon attendees and run parallel to the talks.
CXO panel discussion
This year we have a dedicated CXO panel discussion during the conference as an opportunity for a good networking and exchange of ideas between the senior decision makers and for more active interaction with the participants
As they say “All work and no play makes Jack a dull boy” we have different recreational activities for the participants such as networking parties. We also have a group of cyber security professionals who love music and have formed their own band, they will be performing live at the event. Not to mention that the event is in Goa where you have plenty of things to do.