Who’s Speaking at BSides Islamabad 2020

BSides Islamabad is honored to have some awesome speakers

Roshan MaskeySenior Consultant, Mandiant FireEye

Roshan is a senior incident response consultant at Mandiant, a FireEye Company, a frontline worker helping organizations fight against cyber threats.
He is a core contributor of NightHawkResponse project that processes FireEye Redline/HX collections. He has a keen interest in operating system internals, offensive toolkits, and writing code in Golang.

Roshan MaskeySenior Consultant, Mandiant FireEye

Roshan is a senior incident response consultant at Mandiant, a FireEye Company, a frontline worker helping organizations fight against cyber threats.
He is a core contributor of NightHawkResponse project that processes FireEye Redline/HX collections. He has a keen interest in operating system internals, offensive toolkits, and writing code in Golang.

closepopup
Ashar JavedSecurity Engineer, Hyundai AutoEver Europe

Ashar Javed is a security engineer at Hyundai AutoEver Europe GmbH with over 5 years of experience. Before that he has spent three years as a security researcher for Ruhr-Universität Bochum, Germany. Ashar holds a PhD degree from Ruhr-Universität Bochum and MSc from Technische Universität Hamburg-Harburg, Germany. His research interests include web application vulnerabilities and in particular Cross-Site Scripting.

Ashar delivered talks at main security events like Black Hat Europe 2014, HITB KL 2013, OWASP Spain (2014, 2015 & 2016), SAP Product Security Conference 2015, International PHP Conference 2015, ISACA Ireland 2014, RSA Europe (OWASP Seminar) 2013, DeepSec, Austria (2013, 2014, 2015 and 2018), and GISEC, Dubai 2016. In his free time, he likes to participate in bug bounty programs. Microsoft has recognised Ashar as No. 1 security researcher in Microsoft's Security Response Center (#MSRC) Top 100 security researchers list of 2018 and at No. 4 spot in the 2019 and 2020 Most Valuable Security Researcher list. He blogs at "Respect XSS" and tweets at @soaj1664ashar.

Ashar JavedSecurity Engineer, Hyundai AutoEver Europe

Ashar Javed is a security engineer at Hyundai AutoEver Europe GmbH with over 5 years of experience. Before that he has spent three years as a security researcher for Ruhr-Universität Bochum, Germany. Ashar holds a PhD degree from Ruhr-Universität Bochum and MSc from Technische Universität Hamburg-Harburg, Germany. His research interests include web application vulnerabilities and in particular Cross-Site Scripting.

Ashar delivered talks at main security events like Black Hat Europe 2014, HITB KL 2013, OWASP Spain (2014, 2015 & 2016), SAP Product Security Conference 2015, International PHP Conference 2015, ISACA Ireland 2014, RSA Europe (OWASP Seminar) 2013, DeepSec, Austria (2013, 2014, 2015 and 2018), and GISEC, Dubai 2016. In his free time, he likes to participate in bug bounty programs. Microsoft has recognised Ashar as No. 1 security researcher in Microsoft's Security Response Center (#MSRC) Top 100 security researchers list of 2018 and at No. 4 spot in the 2019 and 2020 Most Valuable Security Researcher list. He blogs at "Respect XSS" and tweets at @soaj1664ashar.

closepopup
Nick RoyStaff Security Specialist, Splunk

Nick Roy is currently a Senior Security Specialist at Splunk focusing on security automation and improving blue team response.

Before Splunk, Nick was at Phantom Cyber working with partners across the globe build out their security automation practices and delivering them to their customers.

Nick RoyStaff Security Specialist, Splunk

Nick Roy is currently a Senior Security Specialist at Splunk focusing on security automation and improving blue team response.

Before Splunk, Nick was at Phantom Cyber working with partners across the globe build out their security automation practices and delivering them to their customers.

closepopup
Hasib LatifSenior Threat Analysis Engineer, Symantec

A Ravian and holds the bachelors degree in Information and Communication Systems Engineering from NUST. Previously worked for Ebryx Pvt Ltd as Senior Malware Researcher and now working as Senior Threat Analysis Engineer for Symantec Singapore.
Hasib loves to read, run and find order in the chaos.

Hasib LatifSenior Threat Analysis Engineer, Symantec

A Ravian and holds the bachelors degree in Information and Communication Systems Engineering from NUST. Previously worked for Ebryx Pvt Ltd as Senior Malware Researcher and now working as Senior Threat Analysis Engineer for Symantec Singapore.
Hasib loves to read, run and find order in the chaos.

closepopup
Arslan MahmoodPenetration Tester

A Penetration Tester and Bug Bounty Hunter who specializes in Web, API & Network pentesting.

Working with an organization and some other Software Companies remotely to secure the apps they are developing.

Off and on a CTFer.

Arslan MahmoodPenetration Tester

A Penetration Tester and Bug Bounty Hunter who specializes in Web, API & Network pentesting.

Working with an organization and some other Software Companies remotely to secure the apps they are developing.

Off and on a CTFer.

closepopup
Owais MehtabSecurity Consultant

Owais is a security consultant having over 7+ years of experience in Cybersecurity domain. He has provided services to multiple entities ranging from Government organization to financial institutes to Oil and Gas industry.
His core area of interest is penetration testing, application security and incident response.

Owais MehtabSecurity Consultant

Owais is a security consultant having over 7+ years of experience in Cybersecurity domain. He has provided services to multiple entities ranging from Government organization to financial institutes to Oil and Gas industry.
His core area of interest is penetration testing, application security and incident response.

closepopup
Nicholas BoeckhA Swiss Infosec Amateur

Nicolas Boeckh, a Swiss developer, infosec amateur, coffee lover and student.

Academically, started in the French system, where he acquired a Scientific Baccalaureate (specialization in Computer and Digital Sciences) upon high school graduation.

Currently enrolled in a BSc in Information and Services Science at the University of Geneva (Geneva, Switzerland) where he is completing his last year of his Bachelors degree.

On the side, he started working in development, writing programs for fun and got familiar with a slew of different languages (Python, Java, Scala, Ruby, Dart, C, C#, ...) and environments (Linux, Windows, Android).

He always been interested in Infosec but only got more involved within the community when COVID started, as he had time and stumbled upon a budding CTF Discord server, where he slowly integrated the community, leading to where he is today.

Nicholas BoeckhA Swiss Infosec Amateur

Nicolas Boeckh, a Swiss developer, infosec amateur, coffee lover and student.

Academically, started in the French system, where he acquired a Scientific Baccalaureate (specialization in Computer and Digital Sciences) upon high school graduation.

Currently enrolled in a BSc in Information and Services Science at the University of Geneva (Geneva, Switzerland) where he is completing his last year of his Bachelors degree.

On the side, he started working in development, writing programs for fun and got familiar with a slew of different languages (Python, Java, Scala, Ruby, Dart, C, C#, ...) and environments (Linux, Windows, Android).

He always been interested in Infosec but only got more involved within the community when COVID started, as he had time and stumbled upon a budding CTF Discord server, where he slowly integrated the community, leading to where he is today.

closepopup
Ahmad Muneeb KhanDFIR Lead, Ebryx Pvt Ltd

Ahmad is DFIR Lead at Ebryx Pvt Ltd with expertise in digital forensics
and studying adversary tradecraft. He has a background of hunting down
cyber-criminals, digging into suspected intrusions and conducting cyber
threat intelligence operations.

For the past couple of years, he has been a part of several cyber-ops with
Pakistan’s financial and private sector organizations.

Ahmad Muneeb KhanDFIR Lead, Ebryx Pvt Ltd

Ahmad is DFIR Lead at Ebryx Pvt Ltd with expertise in digital forensics
and studying adversary tradecraft. He has a background of hunting down
cyber-criminals, digging into suspected intrusions and conducting cyber
threat intelligence operations.

For the past couple of years, he has been a part of several cyber-ops with
Pakistan’s financial and private sector organizations.

closepopup
Syed Ishaq BukhariSecurity Architect

Syed has been in Cybersec scene for over 8 years, with experience spanning the Defense, Banking and Tech sectors.

Having worked in a variety of red/blue roles, he found his new passion in DevSecOps. Currently working to improve detection and response capabilities in the micro-services based environments hosted on AWS/GCP clouds.

Previously he's helped unicorn tech companies architect their security infrastructures and led DFIR efforts against some of the large-scaled breaches in the GCC region.

When not working, he likes to travel, see new places and meet new people.

Syed Ishaq BukhariSecurity Architect

Syed has been in Cybersec scene for over 8 years, with experience spanning the Defense, Banking and Tech sectors.

Having worked in a variety of red/blue roles, he found his new passion in DevSecOps. Currently working to improve detection and response capabilities in the micro-services based environments hosted on AWS/GCP clouds.

Previously he's helped unicorn tech companies architect their security infrastructures and led DFIR efforts against some of the large-scaled breaches in the GCC region.

When not working, he likes to travel, see new places and meet new people.

closepopup
Mauro EldritchHacker, Speaker & Founder of BCA & DC5411

He was a Speaker at DEF CON (six times!), ROADSEC (LATAM's biggest security conference), DEVFEST Siberia, DragonJAR Colombia (biggest spanish-speaking conference in LATAM), P0SCON Iran, Texas Cyber Summit, GrayHat and EC-Council Hacker Halted among other conferences.

Mauro EldritchHacker, Speaker & Founder of BCA & DC5411

He was a Speaker at DEF CON (six times!), ROADSEC (LATAM's biggest security conference), DEVFEST Siberia, DragonJAR Colombia (biggest spanish-speaking conference in LATAM), P0SCON Iran, Texas Cyber Summit, GrayHat and EC-Council Hacker Halted among other conferences.

closepopup
Luis Angel Ramirez MendozaA Colombian Hardware Hacker

Luis Angel Ramírez Mendoza is a Colombian Hardware Hacker, member of BCA and DC5411.

He was a Speaker at DEF CON (Red Team and Hardware Hacking Village), GrayHat, BSides NewCastle and DragonJAR Colombia.

Luis Angel Ramirez MendozaA Colombian Hardware Hacker

Luis Angel Ramírez Mendoza is a Colombian Hardware Hacker, member of BCA and DC5411.

He was a Speaker at DEF CON (Red Team and Hardware Hacking Village), GrayHat, BSides NewCastle and DragonJAR Colombia.

closepopup

BSides Islamabad 2020 Trainers

Thanks to our trainers for conducting workshops

Muhammad IrshadSenior Malware Researcher, FireEye

Irshad has more than five years of hands-on experience in Threat Research/Intelligence, Malware Analysis, Reverse Engineering, and Detection.

After completing his bachelors in Electrical Engineering from UET Lahore in 2015., he joined Ebryx Pvt Ltd, where he provided detection capability for ordinary and APT malwares for FireEye NX/EX products. In 2017, he moved to FireEye Labs Singapore, where he mainly focus on detailed analysis and detection of APT malwares.

Muhammad IrshadSenior Malware Researcher, FireEye

Irshad has more than five years of hands-on experience in Threat Research/Intelligence, Malware Analysis, Reverse Engineering, and Detection.

After completing his bachelors in Electrical Engineering from UET Lahore in 2015., he joined Ebryx Pvt Ltd, where he provided detection capability for ordinary and APT malwares for FireEye NX/EX products. In 2017, he moved to FireEye Labs Singapore, where he mainly focus on detailed analysis and detection of APT malwares.

closepopup
Muhammad UmairSenior Security Researcher, Kaspersky

Umair has been in the cyber industry for over 7 years working in the areas of OS internals, reverse engineering and malware analysis. He started his career focusing on Windows Internals R&D for FireEye's detection technologies. Later joined FireEye Labs, and switched focus to APT analysis, detection engineering and hunting. Now he is part of Kaspersky's Global Research and Analysis Team (GReAT), A team of globally spread out researchers, that has discovered and reverse engineered some of the most notorious and sophisticated APTs to date.

Muhammad UmairSenior Security Researcher, Kaspersky

Umair has been in the cyber industry for over 7 years working in the areas of OS internals, reverse engineering and malware analysis. He started his career focusing on Windows Internals R&D for FireEye's detection technologies. Later joined FireEye Labs, and switched focus to APT analysis, detection engineering and hunting. Now he is part of Kaspersky's Global Research and Analysis Team (GReAT), A team of globally spread out researchers, that has discovered and reverse engineered some of the most notorious and sophisticated APTs to date.

closepopup
Jilles GronendijkSecurity Consultant, Deloitte

Jilles Groenendijk is a Hardware Hacker that works for Deloitte in The Netherlands. He learned his way around by tearing apart devices ever since he was a little boy. "I like to figure out
how stuff works" is what drives him. He has been teaching science and
technology to children in elementary school. His lectures and workshop
are aimed for both adults and children; "Inspire the people and get
them kickstarted" Recently he started an interactive livestream where
a telephone was created, communication via laser beams, and he turned domestic sensors into a high sensitive alarm system.

Jilles GronendijkSecurity Consultant, Deloitte

Jilles Groenendijk is a Hardware Hacker that works for Deloitte in The Netherlands. He learned his way around by tearing apart devices ever since he was a little boy. "I like to figure out
how stuff works" is what drives him. He has been teaching science and
technology to children in elementary school. His lectures and workshop
are aimed for both adults and children; "Inspire the people and get
them kickstarted" Recently he started an interactive livestream where
a telephone was created, communication via laser beams, and he turned domestic sensors into a high sensitive alarm system.

closepopup

Hours

0

Speakers

0

Seats

0

Workshop

0

Sponsors

0

Schedule

BSides Islamabad 2020 Talks, Workshops & CTF Schedule

  • Day 1 06 Nov 2020
  • Day 2 7 Nov 2020
  • Day 3 8 Nov 2020
  • Workshops
05:00 PM - 08:30 PMMalware Reverse Engineering By Muhammad Irshad & Muhammad Umair
  • Talks
  • Workshops
09:00 AM - 09:15 AMBSides Islamabad Opening By Organisers

BSides Islamabad opening note

09:15 AM - 09:55 AMKeynote Speech By Rehan JalilCEO SECURITI.AI

Rehan is the CEO of SECURITI.AI, which was named the Most Innovative start-up of 2020 by RSA Conference. He previously ran the cloud security business of Symantec, was CEO of Elastica (acquired: $280M), and CEO of WiChorus (acquired $180M). Rehan was named Ernst & Young Entrepreneur of the Year finalist in 2010 and Top 25 Disruptor in 2015. Rehan is also an alumni of NED University, Purdue & Harvard.

He will be speaking about Cybersecurity & Trust – the guardians of digital economy and prosperity

 

10:00 AM - 10:45 AMTales from the trenches: A cyber brawl with an Advanced Threat Actor By Ahmed Muneeb KhanDFIR Lead, Ebryx Pvt Ltd

Ahmed & Ishaq will talk about forensic assessments of 20 South Asian financial institutions carried out in last 2 years by the presenters. These assessments (and incident response in some cases) were carried out as a mandatory requirement by the federal governing body for FI following the infamous $6m Bank’s heist.

10:00 AM - 10:45 AMTales from the trenches: A cyber brawl with an Advanced Threat Actor By Ishaq ZafarSecurity Consultant

Ahmed & Ishaq will talk about forensic assessments of 20 South Asian financial institutions carried out in last 2 years by the presenters. These assessments (and incident response in some cases) were carried out as a mandatory requirement by the federal governing body for Financial Institutions following the infamous $6m Bank’s heist.

11:00 AM - 11:45 AMOSINT and the Hermit Kingdom. Leveraging online sources to learn more about the world’s most secret nation By Nick RoyStaff Security Specialist, Splunk

Updated with new information since the last time presented this talk takes a look at how different OSINT sources can be used to learn more about a target or your own organization, with a look specifically at threat actor’s public infrastructure. Starting out it will cover basic reconnaissance and how to discover servers, domains, open ports, and the services running on them. From there we start to dig deeper and take this information to further pivot and find more information. This includes user and contact information, leaked information, and even image analysis to examine whether or not what is posted online is really real. We then take a further look at some potential threat actor’s malware, actual threat actor malware, their state sponsored operating system, and some other interesting software. Everything wraps up with a look at how users can leverage social media to find things they shouldn’t and a look at a few misconfigurations that have been found on threat actor’s servers that provided some interesting information.

12:00 PM - 12:45 PMLunch Break
12:45 PM - 01:30 PMCobalt Strike – A Defender’s Perspective By Roshan MaskeySenior Consultant, Mandiant, A FireEye Company

Cobalt Strike is a popular adversary emulation tool that uses advanced techniques to evade detection. Cobalt Strike is the primary tool of choice on red team engagements. Some threat actors and ransomware groups also use Cobalt Strike in a compromised environment. This talk shares a defender’s perspective of an offensive utility – Cobalt Strike Beacon. This talk will give some insight into the working of Cobalt Strike and commonly used modules. It can help a defender to understand the Cobalt Strike and explore its capability. It also provides insight into ways to search for Cobalt Strike activities on an endpoint. This talk will explore different ways Cobalt Strike executes commands and detection opportunities using Symon and Windows event logs.

01:30 PM - 02:15 PMPanel Discussion – Cyber beyond Risk, Cyber Workforce Development & How to bridge Academia & Industry for Cyber Maturity? By Umar Ilyas, Jawad Khalid Mirza, Tauseef Aslam, Dr. Shahzad Sarfraz, Dr. Rafi us Shan

Umar Ilyas – Group EVP Data Centre & Technology Operations

Jawad Khalid Mirza – Chief Information Security Officer (CISO) – Askari Bank Limited

Tauseef Aslam – Business Security Officer – Telenor

Dr. Shahzad Sarfraz – Director – National University of Computer and Emerging Sciences FAST – Chiniot Faisalabad Campus

Dr. Rafi us Shan – Chief KP CERC – KPITB

02:25 PM - 03:10 PMSecurely scoring and transmissing infrmation on mobile/IoT devices: A story in development By Nicholas BoeckhSoftware Developer

Developers are the backbone of the industrial mobile & IoT development industry. Without them, it would take more time and/or effort to use services from afar or interact with an IoT environment. However, they may put the end-users of applications they’ve developed at risk by not taking into consideration the security of the information being sent over the wire. Going off on the assumption that not all developers are InfoSec specialists, or even InfoSec adjacent or InfoSec aware, this talk aims to give some background on uses for mobile information storage and transmission and then move on to discussing the foremost off-the-shelf vulnerabilities. Although it is important to know of the existence of problem(s), we must discuss how to minimize points of failure by using existing features, including (but not limited to) restricted environments, encryption, memory unicity, etc. Coming from a person working in InfoSec, such recommendations can come off as an attempt at fearmongering by managers and/or the developers. They have a plethora of phrases they can – in their mind – use to justify not solving a “non-issue”. The final bout of this talk would be to discuss these common pitfalls as snippets of a conversation that are frequently heard as justification.

03:15 PM - 03:45 PMThe road towards O365 bugs in Microsoft Office365 By Ashar JavedSecurity Engineer, Hyundai AutoEver Europe Germany

Microsoft 365 is used by over a million of companies and billions of users worldwide. According to Microsoft, Office 365 i.e., the world’s productivity cloud is a security-hardened service and follows the Microsoft Security Development Life-cycle. In this presentation, I will share the stories of my journey towards 365 valid bugs in Microsoft Office 365 umbrella applications. The talk will highlight the lessons learned during Office 365 bug hunting. The bounty award winning bugs that will be discussed during the presentation are …. – Cross-tenant privacy leak in Office 365 – All your Power Apps Portals are belong to us – SQLi, CSRF(s) and SSRF in Dynamics 365 – Privilege Escalation issues in SharePoint Online – Dozens of XSS(es) in Outlook – Some rate limiting issues Further, the talk reveals XSS issues in Microsoft 365 Admin Centre, OneDrive, Word, Excel, PowerPoint, OneNote, Yammer, Microsoft Forms, Kaizala, Dynamics 365, SharePoint Online, Stream, Video 365, Azure, Security & Compliance services of Office 365. Last but not the least, we will share tips and tricks as far as how one can stay at the top to test the new and upcoming features of Office 365.

03:45 PM - 04:00 PMClosing Notes
05:00 PM - 08:30 PMMalware Reverse Engineering By Muhammad Irshad & Muhammad Umair
  • Talks
  • Workshops
  • Capture-the-flag
09:00 AM - 09:15 AMWelcome Note
09:15 AM - 10:00 AMExploting Classic Stack Overflow By Owais MehtabSecurity Consultant

Getting shell from Metasploit is great but ever wondered what goes on behind the scene and how the exploit actually works. This talk is all about vanilla exploit development process from finding a crash to getting remote code execution to the challenges faced during the development of a fully working exploit. This talk focused on classic exploitation techniques exploit mitigations such as ASLR,DEP,SAFE-SHE etc.. are not covered due to time constraint.

10:00 AM - 10:45 AMPanel Discussion: How to get into cyber security?

Jibran Ilyas is the Director Incident Response at Mandiant, A FireEye Company, Mishaal Khan is the co-founder/Chief Ethical Hacker of ipconfigz, Omair Manzoor is the CEO of ioSENTRIX.

They will be providing guidance on “How to get into cyber security”

11:00 AM - 11:15 AMBreak
11:15 AM - 11:45 AMHunting for Business Login Bugs: Molding the Web Application in your way By Arslan MahmoodPenetration Tester

Businesses are developing and deploying Web Applications, from simple to complex, on the internet. Each business is solving a specific problem or problems and each implementation of solutions comes with its own structure, functionalities, features and complexities. Because it takes time to understand the applications flow and insights, most of the bug hunters and Pentesters only look for vulnerabilities where they can input some payload and get something, and they missed high and critical bugs which are really impacting businesses especially financially. In this talk, i will present my approach and mindset towards a target and how to try to misuse its functionalities and exploiting its complexities for these overlooked and severe bugs and which tools i use. And also will present some case studies, scenarios and reports.

12:00 PM - 01:00 PMLunch Break
01:00 PM - 01:45 PMBumpKey: A Hardware Swiss Knife for Red Teamers By Mauro EldritchHacker, Speaker, Founder of BCA

Bluetooth attacks, WiFi hacking, Metasploit and an integrated C2 Server using SMS, all in one portable device? Yes, and with batteries included. In this talk we will present a hardware prototype for offensive security and redteaming: BumpKey. This device is capable of making its way into different environments without much difficulty, using all the tools and protocols at its disposal, as if it were a master key. A master key, inside a Swiss army knife. All aspects of the device will be explained, from its construction piece by piece, to its use tool by tool. Ideal for those interested in hardware hacking, beginners, and experienced hackers. NOTE: I have a Co-Speaker: Luis Angel Ramírez Mendoza (larm182luis), but I can’t add it in this form due to lack of fields. Thank you.

01:00 PM - 01:45 PMBumpKey: A Hardware Swiss Knife for Red Teamers By Luis Angel Ramírez MendozaColombian Hardware Hacker, member of BCA and DC5411

Bluetooth attacks, WiFi hacking, Metasploit and an integrated C2 Server using SMS, all in one portable device? Yes, and with batteries included. In this talk we will present a hardware prototype for offensive security and redteaming: BumpKey. This device is capable of making its way into different environments without much difficulty, using all the tools and protocols at its disposal, as if it were a master key. A master key, inside a Swiss army knife. All aspects of the device will be explained, from its construction piece by piece, to its use tool by tool. Ideal for those interested in hardware hacking, beginners, and experienced hackers. NOTE: I have a Co-Speaker: Luis Angel Ramírez Mendoza (larm182luis), but I can’t add it in this form due to lack of fields. Thank you.

01:45 PM - 02:00 PMBreak
02:00 PM - 02:45 PMHow To Hack A Ransomware? By Hasib LatifSenior Threat Analysis Engineer, Symantec Singapore

Talk will be focused on how to reverse a ransomware with the intention of creating a decryptor for it. I have created a decryptor in recent past for PwndLocker ransomware and i think its quite valuable to share how to crack an attacker’s piece of code and to use it against their interests. I released it on my Github (https://github.com/hasiblatif/PwndLocker-ransomware-decryptor)

03:00 PM - 03:30 PMCTF Winners Annoucements
03:30 PM - 04:00 PMClosing Keynote
10:00 AM - 02:00 PMHardware Hacking By Jilles
03:00 PM - 03:30 PMCTF Winners Annoucements

FAQ’s

Commonly asked questions about the BSides Islamabad event.

    Expand/Close
  • What is Security BSides?

    Security BSides is a non-profit global security event started by a group of hackers, security researchers, and passionate cybersecurity experts who are keen to share their knowledge and ideas. BSides is now taking place everywhere from Athens to Sao Paulo, intending to create opportunities in the global atmosphere to encourage collaboration by providing a platform for open discussion, interaction, and demos to the participants.

    To know more about BSides, please visit: http://www.securitybsides.com

  • How to participate?

    If you think you have an interesting topic or idea, then come forward and be a part of BSides Islamabad.

    - Give a talk CFP
    - Show a cool demo CFP
    - Engage with speakers, ask interesting questions (Register & show up! that's easy!)
    - Meet new friends and share the knowledge (this is the best part of BSides)

  • How to reach us?

    In case of any queries or suggestions email us at [email protected] or track us on twitter @bsidesislamabad

  • What is the medium of communication?

    The official language of the event is English. All the sessions will be held in English.

  • How to become a sponsor?

    To conduct an exhibit or sponsor our event, please reach us at [email protected]

  • What to expect at BSides Islamabad 2020 Virtual edition?

    A BSides Islamabad 2020 event is a mix of both cyber security talks, workshops and trainings. Our selected speakers will present live and we will be live-streaming the entire day to all of our participants. We will also have hands-on workshops, Capture The Flag (CTF) for both offensive and blu teams. We will also have live Q&A with our speakers, as well as an opportunity to socialize with all participants.

    Join us for a full day of the best security research content, community talks, live demos and all of the fun and excitement you have come to expect from BSides Islamabad 2020!

    Join in for the live talks, and learning.