Hackers vs. Developers

Date: December 3rd, 2012


  1. Hackers, What they do and why – fun & profit – Hacktivist, bounty, underground economy,  0’day
  2. Secure Web Architecture
  3. Secure SDL Process , Threat modeling and Security Architecture
  4. How to do Secure coding
  5. Application Security Testing and Release & Maintenance

Note: We will nowhere promote any commercial tools.
Pre-requisite:– Anyone with software development/ Quality/ IT knowledge
Who should attend?
IT professionals, developers, testing, quality professionals, anyone wants to know what application security is all about.


Speaker 1: Tamaghna Basu

Tamaghna Basu, OSCP, GCIH, RHCE, CEH, ECSA is a security researcher at heart and has been his main areas of research include Web app security and network pen-testing, exploit development, incident handling and cyber forensic. Being a software developer earlier, he worked in java, .net, ruby etc. and various domains like finance, insurance, gaming etc. He was the winner of NULLCON 2010′s hacking challenge.

He is a SANS certified trainer/mentor for the course – “Sec 504: Hacker Techniques, Exploits and Incident Handling”. He also presented in other security conferences like OWASP, NULLCON, C0C0N, ISACA etc. Being a core member of NULL security community, he facilitates Chennai/Bangalore NULL Chapter, a frequent speaker of NULL and OWASP meets, conducted multiple hacking workshops in NULL HUMLA, Bangalore. He is an active member of security communities like in-honeynet, NAISG, DSCI, Clubhack etc. He also contributed to security magazines like Clubhack and ISACA journal. He has achieved various other certifications like Cyber Crime Investigation, Diploma in Cyber Law etc.


Speaker 2: Akasha Mahajan

Akash is a Certified Ethical Hacker with more than 8 years of experience in Application and Network Security. Before becoming an expert security consultant he was a technical lead for one of the leading American commercial security software companies specializing in end point security. He started in security working on web infrastructure for the government of India.

Along with his day job Akash is heavily involved in the wider global security community, ranging from contributing signatures for malware detection to Emerging Threats, a US DoD funded group of volunteers, to being one of the founders of null The Open Security Group, India’s foremost non-profit computer security organizations. null is very involved in providing expert security advice to companies, organizations and even the government of India.

When not working or advising you’ll find Akash speaking at industry conferences on all things computer security related. Recently ISRO invited Akash to give a talk at Computing Technology for Space 2011 conference. Forbes India featured him in their ‘Ask The Insider’ column on hackers in August 2010. He won the pre nullcon Hack Challenge in 2010.