Welcome to 31c0n, New Zealand’s premier cyber security conference for CIOs, CISOs and security practitioners.

Over the course of two days, you’ll hear from 13 global experts in cyber security, mix with like-minded people, and evolve your overall understanding of this dynamic industry.

Don’t miss out on being a part of this inaugural event - tickets cost $750 plus GST (includes all sessions and catering). See below for speaker info or visit Eventbrite to view full presentation abstracts.

23-24 February, Viaduct Events Centre, Auckland


It's a play on the ubiquitous assembly instruction "xor eax, eax" which compiles to opcode "31c0"

8.30am Doors open – attendee registration and pass pick up
8.45am – 9.00am Conference starts – welcome from Peter Bailey, Aura Information Security
9.00am – 9.55am Keynote: Peter Gutmann
9.55am – 10.50am Speaker #1: Bryan K. Fite
Planes, Trains and Automobiles: The Internet of Deadly Things
10.50am – 11.15am MORNING TEA
11.15am – 12.10pm Speaker #2: Sam Pickles
12.10pm – 1.05pm Speaker #3: Rodrigo Branco
Blinded Random Block Corruption Attacks
1.05pm – 2.05pm LUNCH
2.05pm – 3.00pm Speaker #4: Dr Oliver Matula & Chistoph Klaassen
Doing the Same Thing Over and Over Again: A Critical View on Security Products
3.00pm – 3.55pm Speaker #5: Matthew Daley
Service Account Shenanigans
3.55pm – 4.20pm AFTERNOON TEA
4.20pm – 5.15pm Speaker #6: Edmond Rogers
Armadillo 2.0 client for CyPSA (Cyber Physical Situational Awareness)
5.15pm – 5.30pm Closing remarks: Day one – Peter Bailey, Aura Information Security
5.30pm – 7.30pm DRINKS FUNCTION, Marvel Grill
9.00am Doors open
9.15am – 9.30am Welcome, Peter Bailey, Aura Information Security
9.30am – 10.25am Keynote: Michael Ossmann
10.25am – 11.20am Speaker #1: Craig Smith
You Don't Own It If You Can't Hack It (the role of security in the auto industry)
11.20am – 11.50am MORNING TEA
11.50am – 12.45pm Speaker #2: Philippe Langlois
12.45pm – 1.30pm LUNCH
1.30pm – 2.25pm Speaker #3: Jacob Torrey
Bootstrapping an Architectural Research Platform
2.25pm – 3.20pm Speaker #4: Ravishankar Bogoankar
Privacy Issues in 4G
3.20pm – 3.50pm AFTERNOON TEA
3.50pm – 4.50pm Speaker Panel Discussion
4.50pm – 5.00pm Thanks and close, guests mingle
5.30pm 31c0n 2017 wraps




Sam Pickles has provided IT and security services for banking, government and service clients for over seventeen years across Europe, Asia Pacific and the United States. During this period, he built some of the world’s largest web application firewall gateways, and conducted penetration testing for a range of networks and hardware devices. His talk explores some current techniques which target the SSL stack, and presents some practical methods for mitigating such attacks in production systems.

Dr Oliver Matula & Christoph K Klaassen (Germany)

"Doing the Same Thing Over and Over Again: A Critical View on Security Products"

Oliver and Christoph are IT security researchers and practitioners at ERNW, a Germany-based security company. They both have extensive experience on the offensive side of IT security (e.g. by means of penetration tests and research) and the defensive side (e.g. by means of consulting in large corporate environments) and are regularly called upon to speak at industry events. Their presentation looks at particular shortcomings of security appliances, the very large gap between marketing promises and operational reality, and the very large attack surface security appliances actually introduce into your environment.

Edmond Rogers (USA)

"Armadillo 2.0 Client for CyPSA (Cyber Physical Situational Awareness)"

Edmond Rogers (CISSP) is a Security Engineer for the University of Illinois Information Trust Institute. Rogers has decades of defense experience and previously worked at a Fortune 500 Investor Owned Utility in the United States, where he was responsible for the cyber security of SCADA systems that operated the bulk electric system. He also founded an Internet Service Provider (bluegrass.net) in the early 90's. His presentation will look at Armadillo 2.0, a UI for Windows that provides data flow visualisation similar to power flow software. The visualisation helps users find unwanted connections and provides a click and block capability.

Philippe Langlois (France)

Philippe Langlois is a highly regarded entrepreneur, security researcher and expert in the domain of telecom and network security. He has founded several internationally-recognised security companies and has led technical, development and research teams at Solsoft and TSTF.

He is experienced in bringing technology firsts to market, including proposing Penetration Testing in France.

Matthew Daley (NZ)

"Service Account Shenanigans"

Matt is a senior consultant at Aura Information Security, where he conducts security assessments across a range of critical infrastructure environments. During his free time, he spends time finding bugs in open source projects. His track record includes finding vulnerabilities in Xen, Linux Kernel, Apache and Nginx web servers. Matthew’s presentation will focus on service accounts, how they can be the weakest point in your entire domain, and what can be done to protect your business from attack.

Ravishankar Borgaonkar (UK)

"Privacy issues in 4G"

Ravishankar Borgaonkar is a research fellow from the University of Oxford. His research themes are related to mobile telecommunication and involved security threats, ranging from GSM/UMTS/LTE network security to end-user device security. His talk will look at privacy issues in 4G cellular networks and their impact on end-users including myths about usage of IMSI catchers; and how privacy of mobile subscribers can be breached at different layers of 4G networking technologies.

Michael Ossmann (USA)

"Keynote – Day 2"

Michael Ossmann is a wireless security researcher who makes hardware for hackers. Best known for the open source HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people. Ossmann focuses on SDR using the open-source GNURadio Companion GUI tool, which makes implementing a lot of cool SDR techniques as easy as dragging and dropping items into a flow diagram.

Jacob Torrey (USA)

"Bootstrapping an Architectural
Research Platform"

Jacob Torrey is an Advising Research Engineer at Assured Information Security, Inc. where he leads the Computer Architectures group. Jacob has worked extensively with low-level x86 and MCU architectures, having written a BIOS, OS, hypervisor and SMM handler. His major interest is how to (mis)use an existing architecture to implement a capability currently beyond the limitations of the architecture.


"Keynote – Day 1"

Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design & analysis of cryptographic security architectures & security usability. He has helped author the popular PGP encryption package, a number of papers & RFC's on security & encryption the open source cryptlib security toolkit, "Cryptographic Security Architecture: Design and Verification" (Springer, 2003).



Rodrigo Branco works as Principal Security Researcher at Intel Corporation’s Security Center of Excellence leading the Core Client, BIOS & IoT SoC Teams. He also held positions as Director of Vulnerability & Malware Research at Qualys & Chief Security Research at Check Point. His presentation examines privacy protection in virtualised cloud environments.



Bryan K. Fite is a security practitioner, entrepreneur and Chief Information Security Officer at BT who has spent over 25 years in mission-critical environments. Bryan is uniquely qualified to advise organisations on what works and what doesn't. His presentation will look at 'Planes, Trains and Automobiles: The Internet of Deadly Things'.



Craig Smith is Research Director of Transportation Security at Rapid7 and developed tools to find flaws in vehicle and diagnostic systems. Smith is the author of ‘The Car Hacker’s Handbook’. His presentation, ‘You Don't Own It If You Can't Hack It’ looks at the role security plays in the automotive industry and how hacking has pushed the industry into being more open to feedback.

Keep up to date with news and event speakers.