Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: hashdays

Hashdays 2011

I wasn’t lucky enough to make it to last years Hashdays conference, so I was both humbled and ecstatic to be selected to speak at the second edition taking place this past weekend. As this was my first time presenting at a “big time” security conference, it was both exciting and scary at the same time. Luckily enough I had a good group of friends supporting me and giving me encouragement. In the end I think it went well… I’d done my homework, i’d spent more time than I should have on the slides, and I even had a suit so the SAP types would listen up 😉

I’m not sure at the moment when the videos from the conference will be made available, but until then i’ve uploaded my slides to Slideshare (with a few minor import issues). If you were at the presentation, please let me know what you thought of it. There’s always room for improvement, and I want to know where I can change for the better. I’ve already had some great feedback on some minor changes to clear up some confusions… so the SecZone version of the talk will be even better I’m sure!

SAP (in)security: Scrubbing SAP clean with SOAP

Upcoming presentation: Hashdays

Time flies when you’re knee-deep in SAP internals it seems… after almost a year of really ripping into SAP Management Console Web Services I’m finally giving a presentation on the topic at the upcoming Hashdays conference in Lucerne, Switzerland.

The talk, entitled “SAP (in)security: Scrubbing SAP clean with SOAP” will cover some of my research on SAP Management Console to date, as well as releasing some new Metasploit modules and information on where my research is headed next year.

Believe it or not this will be my first time talking at a major security conference, so I hope the level of preparation I’ve put in will result in a passible talk… Somebody much smarter than me said “Crazy is a relative term in my family!”… which makes no sense in this context other than to prove that you never know what you’ll end up with when I’m involved!

The talk is currently planned for 11:20 13:10 on 29th October… just before after lunch. I look forward to seeing you there! come armed with questions, a thirst for knowledge, things to throw when you get restless and an acceptance that it could have been much worse, at least it’s not Gregory Evans talking about Cyber Bullying 😛 (Sorry couldn’t help myself)

hashdays security & risk conference

October 26th – 29th 2011