Asif SaleemDirector Cyber Risk Practice @ Deloitte Australia

Asif is a Director at Deloitte Australia's cyber risk advisory practice. He is an experienced cyber security professional with more than 14 years of experience in leading and delivering enterprise class security solutions across a wide range of industries including financial services, energy and healthcare. Asif's core competencies are in Security Strategy Development, Security Architecture, Cloud Security, Application Security and Identity and Access Management. Asif is a SABSA certified security architect, CISSP, CRISC and AWS and Azure certified architect.

Asif SaleemDirector Cyber Risk Practice @ Deloitte Australia

Asif is a Director at Deloitte Australia's cyber risk advisory practice. He is an experienced cyber security professional with more than 14 years of experience in leading and delivering enterprise class security solutions across a wide range of industries including financial services, energy and healthcare. Asif's core competencies are in Security Strategy Development, Security Architecture, Cloud Security, Application Security and Identity and Access Management. Asif is a SABSA certified security architect, CISSP, CRISC and AWS and Azure certified architect.

closepopup
Dr. Fahim AbbasiSenior Research Scientist @ Cisco Systems NewZealand

Dr. Fahim Abbasi is a Cybersecurity Researcher, Defender, and Innovator with over 10+ years of industrial research experience working for leading Cybersecurity product companies in the Network and Email security domain. Dr. Abbasi is currently working as a Sr. Research Scientist at Cisco Systems. He works on forward-looking research initiatives to develop leading-edge prototypes and intelligent algorithms to solve emerging challenges with Email scams like Advance-fee scams, Extortion, BEC, ATO, and Phishing for Cisco email detection technologies like CMD, CSE, and ESA. Prior to this, he worked as a Sr. Security Researcher in the Email Security team at Trustwave Spiderlabs on the MailMarshal product. He also worked as a Security Researcher in Fireye labs and Ebryx LLC. Dr. Abbasi also served as a lecturer at Massey University New Zealand and as a Visiting Faculty for Information security course at Information Technology University (ITU Punjab) Lahore. He has published his research in several industrial research blogs and in academic conferences and journals and has also been granted US patents.

Dr. Fahim AbbasiSenior Research Scientist @ Cisco Systems NewZealand

Dr. Fahim Abbasi is a Cybersecurity Researcher, Defender, and Innovator with over 10+ years of industrial research experience working for leading Cybersecurity product companies in the Network and Email security domain. Dr. Abbasi is currently working as a Sr. Research Scientist at Cisco Systems. He works on forward-looking research initiatives to develop leading-edge prototypes and intelligent algorithms to solve emerging challenges with Email scams like Advance-fee scams, Extortion, BEC, ATO, and Phishing for Cisco email detection technologies like CMD, CSE, and ESA. Prior to this, he worked as a Sr. Security Researcher in the Email Security team at Trustwave Spiderlabs on the MailMarshal product. He also worked as a Security Researcher in Fireye labs and Ebryx LLC. Dr. Abbasi also served as a lecturer at Massey University New Zealand and as a Visiting Faculty for Information security course at Information Technology University (ITU Punjab) Lahore. He has published his research in several industrial research blogs and in academic conferences and journals and has also been granted US patents.

closepopup
Brian ContosVP & CISO @ Mandiant Advantage

With two IPOs & seven acquisitions Brian has helped build some of the most successful security companies in the world for 25+ years. He is a seasoned executive, board advisor, security company entrepreneur, author, and award-winning podcaster. After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including: Riptech, ArcSight, Imperva, McAfee, Solera Networks, Cylance, JASK, and Verodin. Brian has worked in over 50 countries across six continents. He authored the book Enemy at the Water Cooler and he co-authored Physical & Logical Security Convergence with former NSA Deputy Director William Crowell. He was featured in the cyberwar documentary 5 Eyes alongside General Michael Hayden, former NSA and CIA Director.

Brian has written for and been interviewed by industry and business press such as Bloomberg, NY Times, Wall Street Journal, & C-SPAN, while also being a Forbes Magazine contributor. Brian is a dynamic speaker that is regularly invited to present at leading security industry events worldwide such as: Black Hat, RSA, Interop, OWASP, & BSides.

Brian ContosVP & CISO @ Mandiant Advantage

With two IPOs & seven acquisitions Brian has helped build some of the most successful security companies in the world for 25+ years. He is a seasoned executive, board advisor, security company entrepreneur, author, and award-winning podcaster. After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including: Riptech, ArcSight, Imperva, McAfee, Solera Networks, Cylance, JASK, and Verodin. Brian has worked in over 50 countries across six continents. He authored the book Enemy at the Water Cooler and he co-authored Physical & Logical Security Convergence with former NSA Deputy Director William Crowell. He was featured in the cyberwar documentary 5 Eyes alongside General Michael Hayden, former NSA and CIA Director.

Brian has written for and been interviewed by industry and business press such as Bloomberg, NY Times, Wall Street Journal, & C-SPAN, while also being a Forbes Magazine contributor. Brian is a dynamic speaker that is regularly invited to present at leading security industry events worldwide such as: Black Hat, RSA, Interop, OWASP, & BSides.

closepopup
Mirza Burhan BaigThreat Analyst

Mirza Burhan Baig is an Information Security Threat Analyst in Kingdom of Saudia Arabia. Mr. Baig is OSCP Certified professional with over 8 years of experience in Penetration Testing, Threat Hunting & Vulnerability assessments which include Core banking solutions, Banking applications, Network assessment, Mobile penetration testing. Mostly served financial industry.

Mr. Baig is also a certified professional and holds an OSCP, eWPTX, eCPPTv2, eNDP, etc. He is involved in bug bounty programs as well, where he helped many companies to fix vulnerabilities at a different level. Companies include Google, Microsoft, Facebook, Amazon, PayPal, Apple, IBM, CISCO, etc. Mr. Baig is also involved in many physical security projects to bypass networks and systems.

Mirza Burhan BaigThreat Analyst

Mirza Burhan Baig is an Information Security Threat Analyst in Kingdom of Saudia Arabia. Mr. Baig is OSCP Certified professional with over 8 years of experience in Penetration Testing, Threat Hunting & Vulnerability assessments which include Core banking solutions, Banking applications, Network assessment, Mobile penetration testing. Mostly served financial industry.

Mr. Baig is also a certified professional and holds an OSCP, eWPTX, eCPPTv2, eNDP, etc. He is involved in bug bounty programs as well, where he helped many companies to fix vulnerabilities at a different level. Companies include Google, Microsoft, Facebook, Amazon, PayPal, Apple, IBM, CISCO, etc. Mr. Baig is also involved in many physical security projects to bypass networks and systems.

closepopup
Sadia BashirSenior Malware Researcher @ Ebryx

Ms. Sadia Bashir is working as Sr. Malware Researcher, holding MS (Computer & Communication Security) from SEECS, NUST Islamabad, she has worked across multiple Computer Science disciplines including Software Defined Networks and Cyber Security. Before joining Ebryx, she subsequently held positions as Software Engineer (Python, C/C++) and Research Assistant in these domains. With Malware analysis as her core skill, she enjoys hunting and reverse engineering malware with analysis automation.

Sadia BashirSenior Malware Researcher @ Ebryx

Ms. Sadia Bashir is working as Sr. Malware Researcher, holding MS (Computer & Communication Security) from SEECS, NUST Islamabad, she has worked across multiple Computer Science disciplines including Software Defined Networks and Cyber Security. Before joining Ebryx, she subsequently held positions as Software Engineer (Python, C/C++) and Research Assistant in these domains. With Malware analysis as her core skill, she enjoys hunting and reverse engineering malware with analysis automation.

closepopup
Abdul Basit AjmalCyber Security Analyst

Abdul Basit Ajmal received bachelor's degree in computer science from COMSATS Islamabad in 2018. He received a masters degree in information security in 2021. Currently he is working as Cyber security specialist at dongamers.com and wemcss.com. He is also working as a cyber security researcher on HEC project at R&D Cyber Security lab COMSATS Islamabad campus. He is a technical program committee member at IEEE HONET. His current research interests include securing industrial grade systems, threat hunting, threat replication, adversary simulation, and risk assessment.

Abdul Basit AjmalCyber Security Analyst

Abdul Basit Ajmal received bachelor's degree in computer science from COMSATS Islamabad in 2018. He received a masters degree in information security in 2021. Currently he is working as Cyber security specialist at dongamers.com and wemcss.com. He is also working as a cyber security researcher on HEC project at R&D Cyber Security lab COMSATS Islamabad campus. He is a technical program committee member at IEEE HONET. His current research interests include securing industrial grade systems, threat hunting, threat replication, adversary simulation, and risk assessment.

closepopup
Ahmad Muneeb KhanLead DFIR & CTI @ Ebryx

Ahmad has led the forensic investigation of multiple nation-sponsored APT attacks on Pakistan's financial institutes and telecommunication sector in recent years. In his current role as leading an awesome DFIR and CTI team at Ebryx, he has engaged in 20+ compromise assessments, 10+ major Digital Forensics and Incident Response engagements and more than 10+ cyber threat intelligence cases. His primary research focus is on advanced persistent threats, nation-sponsored attacks and insider threats.

Ahmad Muneeb KhanLead DFIR & CTI @ Ebryx

Ahmad has led the forensic investigation of multiple nation-sponsored APT attacks on Pakistan's financial institutes and telecommunication sector in recent years. In his current role as leading an awesome DFIR and CTI team at Ebryx, he has engaged in 20+ compromise assessments, 10+ major Digital Forensics and Incident Response engagements and more than 10+ cyber threat intelligence cases. His primary research focus is on advanced persistent threats, nation-sponsored attacks and insider threats.

closepopup
Syed HasanSenior DFIR Analyst @ Ebryx

Syed Hasan is a security analyst and researcher with focus on threat groups targeting Pakistan. Currently, he is working as a DFIR consultant at Ebryx where he responds to incidents and analyzes malware on the daily.

Syed HasanSenior DFIR Analyst @ Ebryx

Syed Hasan is a security analyst and researcher with focus on threat groups targeting Pakistan. Currently, he is working as a DFIR consultant at Ebryx where he responds to incidents and analyzes malware on the daily.

closepopup
Soniya Shah NoorCyber Security Analyst

Soniya is a cyber security analyst by day and a student by night. She loves breaking things to know how they work, and that’s exactly why my current focus in security is on APTs, malware, and cyber-terrorism.

Soniya Shah NoorCyber Security Analyst

Soniya is a cyber security analyst by day and a student by night. She loves breaking things to know how they work, and that’s exactly why my current focus in security is on APTs, malware, and cyber-terrorism.

closepopup

Conference Schedule

  • Day 1
  • Day 2
  • Conference - Saturday 4 Dec 2021
09:35 AM - 10:05 AMImplementing Zero Trust Architecture – A Practical Approach, Why Zero trust is abused? By Asif SaleemDirector Cyber Risk Practice Deloitte
10:10 AM - 10:40 AMRecent Trends in BEC: Lessons learned from a Secure Email Gateway By Dr. Faheem AbbasiSenior Research Scientist @ Cisco Systems
10:45 AM - 11:15 AMCybersecurity & The Board: Choosing success over the Sarlacc Pit By Brian ContosVP & CISO Mandiant Advantage
12:00 PM - 12:35 PMWhat are we missing in Web Applications? By Mirza Burhan BaigThreat Analyst
01:15 PM - 01:45 PMIntrusion Analysis: A two-edged sword against persistent threats By Ahmed Muneeb Khan & Syed Hasan
01:50 PM - 02:20 PMDeciphering Infostealers: From Static Analysis to Automated IOC Extraction By Sadia BashirSenior Malware Researcher
02:30 PM - 03:00 PMLast Line of Defense: Reliability Through Inducing Cyber Threat Hunting By Abdul Basit AjmalCyber Security Analyst
05:00 PM - 05:40 PMRyuk: The Shinigami of the Cyber World By Soniya Shah NoorCyber Security Analyst
  • Workshops - Sunday 5 Dec 2021
09:00 AM - 12:30 PMDemystifying Cyber Threat Intelligence (Hands-on) By Ahmed Muneeb & Mustafa Qasim

Demystifying Cyber Threat Intelligence (Hands-on)

01:00 PM - 02:00 PMOSINting the Unknown By Khaula KarimApplication Security Analyst

OSINTing the Unknown

02:30 PM - 04:30 PMWriting Detection Rules Effectively By Syed HasanSenior DFIR Analyst

Writing Detection Rules Effectively

FAQ’s

Commonly asked questions about the BSides Islamabad event.

    Expand/Close
  • What is Security BSides?

    Security BSides is a non-profit global security event started by a group of hackers, security researchers, and passionate cybersecurity experts who are keen to share their knowledge and ideas. BSides is now taking place everywhere from Athens to Sao Paulo, intending to create opportunities in the global atmosphere to encourage collaboration by providing a platform for open discussion, interaction, and demos to the participants.

    To know more about BSides, please visit: http://www.securitybsides.com

  • How to participate?

    If you think you have an interesting topic or idea, then come forward and be a part of BSides Islamabad.

    - Give a talk CFP
    - Show a cool demo CFP
    - Engage with speakers, ask interesting questions (Register & show up! that's easy!)
    - Meet new friends and share the knowledge (this is the best part of BSides)

  • How to reach us?

    In case of any queries or suggestions email us at [email protected] or track us on twitter @bsidesislamabad

  • What is the medium of communication?

    The official language of the event is English. All the sessions will be held in English.

  • How to become a sponsor?

    To conduct an exhibit or sponsor our event, please reach us at [email protected]

  • What to expect at BSides Islamabad 2021 Virtual edition?

    A BSides Islamabad 2021 event is a mix of both cyber security talks, workshops and trainings. Our selected speakers will present live and we will be live-streaming the entire day to all of our participants. We will also have hands-on workshops, Capture The Flag (CTF) for both offensive and blu teams. We will also have live Q&A with our speakers, as well as an opportunity to socialize with all participants.

    Join us for a full day of the best security research content, community talks, live demos and all of the fun and excitement you have come to expect from BSides Islamabad 2021!

    Join in for the live talks, and learning.