📢 Brijesh Singh, an Additional Director General of Police, takes the stage to share insights on Countering Disinformation and Cyber Threats to Democracy

📢 Jayson E. Street, a World Class Hacker, takes the stage to share insights on DEF CON 19 & Beyond!

Day 01

Friday - 16^th Jan

Day 02

Saturday - 17^th Jan

DAY 1: 16/01/2026
07:30 AM onwards	Registration, Badge Collection & Welcome Kit
08:30 AM - 09:15 AM	Networking & Refreshments
Please be seated at least 10 minutes before the session begins. Doors will close promptly at the scheduled start time to avoid disruptions.
09:30 AM - 09:40 AM	Opening Remark Anirban Mukherji Founder & CEO, miniOrange
09:50 AM - 10:25 AM	Identity as an Attack Surface: Strengthen Operational Resilience with ITDR As organizations scale, the explosion of digital identities—users, devices, apps, even service accounts—creates one of the biggest security risks enterprises face today. Identity is the new attack surface. Is your IAM strategy keeping up? Mandar Inamdar Centre of Excellence, Gurucul Nandan Patil Country Director, India and SAARC, Gurucul	Identity Security for Non-Humans (Machines, AI Agents and Devices) A framework for Identity Security for Non-Humans, using immutable machine identities and behavioral analytics to securely authenticate and manage AI agents, machines, and IoT devices in a growing non-human digital ecosystem. Dinesh Mishra Senior Product Manager, Sailpoint Tech	Securing the Cloud-First Enterprise: From Innovation to Incident Response Moderator: Swati Gupta Head of Product, miniOrange Gunjan Chillar Security Specialist, Crowdstrike Ankita Dheeraj Sancheti Co-Founder, Career Mantra, Nano Techware Limited, Nanostuffs Technologies Pvt. Ltd. Sowmya Information Security Manager, WellsFargo Sushma Singh Cyber Security Expert Udit Chugh Associate Director-Cybersecurity & Risk, Wipro	Engineering With AI: Writing Better Code, Faster — Without Losing Control A practical approach to using AI as a coding partner, improving architecture, components, and quality checks. All while ensuring developers stay in control through effective prompting and reliability safeguards. Gaurav Singh Technical Lead, miniOrange
10:35 AM - 11:10 AM	Digital Minions: AI Agents for Everyday Security Wins Creating AI agents for security purposes using the Agno framework Shadab Siddique CISO Jiostar	Automotive Fuzzing for the Masses A hands-on methodology for discovering automotive vulnerabilities—using custom fuzzers and real-world cases across CAN, USB, and BLE attack surfaces, including impactful DoS and crash scenarios. Jay Turla Principal Security Researcher at VicOne	Making SaaS and AI Agents Work Safely Together ID-JAG routes app-to-app and AI-agent access through the enterprise IdP, closing OAuth blind spots to restore visibility, governance, and zero-trust security across SaaS integrations. Sohail Pathan Senior Developer Advocate - Okta	AI Agent (and MCP) Vulnerabilities and Security The major security risks of AI Agents and MCP - prompt injection, jailbreaking, tool poisoning, command injection, and privilege escalation—and shows how to properly secure and scale them. Nikhilesh Tayal Founder and CEO AI ML Etc
11:20 AM - 11:50 AM	CyberSecurity backbone of the world - Join the CyberSena movement 2 Million CyberSecurity professionals are needed in India for us to become CyberSecurity backbone of the world. What are the latest and greatest things to learn to be a CyberSainik. Anirban Mukherji Founder & CEO, miniOrange Founded and leads miniOrange as CEO, turning a bootstrapped startup into a global IAM force.
11:55 AM - 12:25 PM	Urgency to tackle cyber fraud and protecting financial security in India’s ever evolving digital landscape Addresses the critical urgency of combating cyber fraud & safeguarding financial security. Drawing on the exponential rise in digital transactions, proliferation of payment platforms, and sophisticated tactics by cybercriminals, discuss why existing defenses must evolve faster than the threats. Hon’ble Shri. Konda Vishweshwar Reddy Member of Parliament, Telangana An entrepreneur-turned-Member of Parliament known for championing secure, technology-driven growth in India’s digital economy
12:30 PM - 01:00 PM	Best Practices of Cyber Security and Data Privacy across Industries In this, Burgess Cooper draws on decades of hands-on experience in critical infrastructure, telecom, finance, and enterprise security to explore the best practices that truly work across industries. Burgess Cooper CISO, Adani Enterprises Limited A veteran cybersecurity leader and CEO of Adani Cybersecurity
01:15 PM - 01:50 PM	AI and Cryptography for Evasive Malware An exploration of how attackers use AI and advanced cryptography to build stealthy, evasive malware and the defensive strategies needed to detect and counter it. Zhassulan Zhussupov Malware Researcher, ANY.RUN	Defending Digital India: Building Cyber Resilience for a New Geopolitical Era Moderator: Ram Ganesh Founder & CEO - CyberEye, UK Chevening Cybersecurity Fellow Dr. Jatin Patel Project Director(I/C) and Asst. Professor (IT), Rashtriya Raksha University Ankita Dheeraj Sancheti Co-Founder, Career Mantra, Nano Techware Limited, Nanostuffs Technologies Pvt. Ltd. Arvind Rao DRDO Commander Vivek Yadav Director(Cybersecurity and Quantum), C-DAC, Ministry of Electronics and IT Lt. Col Harkamal Sidhu (Rtd) VP, Head - Digital ISR & Cyber Assurance, C2C Advanced Systems Ltd Lt. Col Santosh Khadsare (Rtd) CTO, SysTools	The One Request Hack - How a Tiny Bug Can Bring Down an Entire Microservice System This talk reveals how a single flawed or malicious request can trigger cascading failures across an entire microservice ecosystem. Gaurav Todwal SDE II, miniOrange	Workshop Bug Bounty – Advanced Recon & Reporting Experienced bug bounty hunters, red teamers, and security engineers who already know the basics (OWASP Top 10, Burp, scopes, triage). Dr. Shifa Cydewalla CEO and Director, Hacktify Cyber Security Dr. Rohit Gautam Director and Lead Tactical & Adversarial Principal Instructor, Hacktify Cyber Security
02:00 PM - 02:35 PM	Securing the Insurance Digital Supply Chain This session explores the emerging challenges and strategic imperatives for securing digital assets in the insurance sector, including mitigating data breaches, securing AI models, ensuring regulatory-aligned data governance, and defending against fraud and identity threats. We discuss the role of zero-trust architectures, privacy-enhancing technologies, continuous monitoring, and cyber-resilience frameworks in safeguarding high-value insurance datasets. Krishan Dev Nidumolu Head of Information Security, CISO at Insurance Information Bureau of India	When AI Agents Go Rogue LLM agents and MCP-based tools are becoming the glue code of modern systems and code development. This session will cover critical risks that can turn these agents from “helpful assistants” to “silent insider.” We’ll walk through real-world attack stories and go over a practical checklist to harden your agents and secure MCP servers before they become your weakest link. Pratish Ray VP of Engineering, miniOrange	The $100,000 Comma: Tokenomics Strategies to Slash LLM Costs by 50% Intelligent caching and context compression can cut LLM token costs by about 50% while improving FinOps governance and preventing runaway AI spending. Nitesh Pammani Sr. Software Engineer, miniOrange
02:45 PM - 03:20 PM	Guardians of Digital Trust: Securing Billions of Users, Transactions, and Deliveries Moderator: Mubin Shaikh Partner, Cybersecurity at Ernst & Young LLP Raakesh Thoyil Group Head of Security & Privacy and India Leader, PropertyGuru Group Amit Ghodekar Global Chief Information Security Officer, Aramex Praveen Kumar Chief Information Security Officer, Nykad Shadab Siddique Chief Information Security Officer, JioStar Mrinmoy Dey Chief Information Security Officer, LendingKart	From Idea to Exit: Lessons from Founders Who Built Cyber Companies That Scaled Moderator: Ankur Bhargava Head of Security Phonepe Sanjay Katkar CEO QuickHeal Vikram Mehta Founder & CEO, Cy5.io Dhruva Goyal Founder/CEO, BugBase Illyas Kooliyankal Founder, Chief Security Advisor & Group CEO, CyberShelter, The CISO Factory Aseem Jhakar Co-Founder EXPLIoT, Payatu, Nullcon, Hardwear.io	Blueprints for Breach: When AI Weaponizes Your SBOM How attackers use AI to weaponize SBOM transparency while providing a defensive roadmap that turns SBOMs into resilient, zero-trust security assets instead of exploit blueprints. Lokesh Rajawat Software Development Engineer II , miniOrange
03:30 PM - 04:05 PM	Modern Phishing Attack Vectors: Tactics and Defense Strategies Demystifying MCP with real-life examples, showing how seamless cross-app context sharing enables smarter AI but also introduces manipulation and data-leak risks, and how to secure AI memory against them. Ankit Singh Full time Bug Bounty hunter	AI Governance and Cybersecurity: Safeguarding AI A structured AI governance approach—rooted in security, transparency, ethics, and user empowerment—is essential to building the trust needed to safely unlock AI’s full potential. Amit Dabhane Senior Technical Project Manager	Bridging the Gap: What Hackers and CISOs Can Learn from Each Other Moderator: Nikhil Shrivastava Founder, Bsides Ahmedabad Chirag Shah Global Information Security Officer & DPO, Model N and Investor Ebrahim Hegazy Founder and Chief Technology Officer, Dark Entry Charlie W Technical Security Analyst, Synack, Inc. Mustafa Information Security Specialist	Bluetooth Hacking Workshop Practical, hands-on introduction to attacking Bluetooth (BLE & Classic) devices: discovery, service analysis, common weaknesses, fuzzing, and basic exploitation techniques. Mr. IoT Founder, IoTSRG Community Saqeeb Co-Founder of IoTSRG and Payment Security Specialist at SISA
04:15 PM - 04:50 PM	Deep dive into building the next generation local AI powered Security Code Reviewers A deep dive into designing and building the next generation of local AI-powered security code reviewers. Rajanish Pathak Sr Manager, Katim	When Compliance Isn’t Enough: Lessons from Real Incidents Moderator: Dhawal Shrivastava Senior Security Assurance Engineering Lead, Microsoft Dharmesh Rathod Chief Information Security Officer, TATA Electronics Krishnendu Dutta Head of Security, Decathlon Sports Arvind Sharma Head GRC - Cybersecurity and Chief Information Security Officer, Adani Group, Adani Ports Alok Shankar Pandey Group General Manager & CISO, Dedicated Freight Corridor Corporation of India Limited	Breaking LLMs in the Wild Revealing real-world LLM security vulnerabilities—including prompt leakage, jailbreaks, indirect prompt injection, and unsafe output handling, supported by case studies that show why strong validation, sanitization, and backend controls are essential for securing AI systems. Manjesh S Parveen Yadav
05:00 PM - 05:35 PM	When Context Becomes the Exploit: Security Risks in MCP Systems How MCP underpins modern LLM tooling, exposes new security risks, and provides practical strategies to detect and harden against real-world MCP vulnerabilities. Vishal Chand Researcher & Arshagya Shrivastava, AI Researcher and Developer	Building Resilient Detection Pipelines: Telemetry, Correlation, and Context Moderator: Smith Gonsalves Director & CISO, CyberSmithSECURE Ravi Vinjanampat Senior Director Threat Detection, Salesforce Amey Subhash Lakhare Associate Partner - Digital Trust Cyber Defense and Incident Response, KPMG Krishna Pandey Senior Director & Global Head of Security, Xerox Gautam Kapoor Cyber Security Leader - India, Accenture	From Community to Enterprise: Scaling Open-Source CMS for Mission-Critical Workloads Moderator: Puja More Senior Technical Content Write Aditya Kane Open Source enthusiast and WordPress community builder Sheeba Abraham WordPress Developer Rakesh Falke Engineering Manager, miniOrange
05:45 PM - 06:20 PM	The Hacker Mindset: Curiosity, Critical Questioning & Persistent Exploration India’s top ethical hackers and a leading Synack Red Team researcher known for uncovering high-impact vulnerabilities across global enterprises, founder of BSides Ahmedabad Nikhil Shrivastava Founder Bsides Ahmedabad India’s top ethical hackers and a leading Synack Red Team researcher known for uncovering high-impact vulnerabilities across global enterprises, founder of BSides Ahmedabad

DAY 2: 17/01/2026
08:00 AM onwards	Registration, Badge Collection & Welcome Kit
08:30 AM - 09:15 AM	Networking & Refreshments
Please be seated at least 10 minutes before the session begins. Doors will close promptly at the scheduled start time to avoid disruptions.
09:30 AM - 10:05 AM	The Emerging duality of modern security operations: Balancing human judgment and AI intelligence How human-AI collaboration is reshaping SOC workflows, defining new hybrid models, escalation boundaries, and oversight for semi-autonomous security operations. Aparna TA Head of IT Solutions, ManageEngine	Combating Cloud threats in AI driven Era Cloud security threat landscape evolution. How AI threats are reshaping it & role AI can play in combating cloud adversaries Gunjan Chhillar Cloud Security Specialist, Crowdstrike	Clean up on aisle vibe! A cautionary tale highlighting the risks of “vibe-coded” software pushed to production without security controls, sharing real incidents and practical guardrails to build safer DevOps practices. Gaurav Sood Principal Software Engineer \| Head of Architecture, miniOrange	Workshop Getting started with Source Code Reviews Secure coding starts with deeply understanding code and vulnerabilities, and secure code reviews are crucial in finding issues early. In this hands-on secure code review workshop, we will teach the participants how to perform effective code reviews with both manual and automated techniques. Prateek Thakare Senior Security Engineer, GoDaddy Gaurav Bhosale Senior Application Security Engineer, Ex-10xbanking, Mastercard, Payatu 09:30 AM – 11:30 AM
10:15 AM - 10:50 AM	The Hidden Cost of Third-Party Risk: The Problem No One Sees The real cost of third-party risk comes from vendors you don’t see. Fast-growing SaaS companies may assess primary vendors, but shadow third parties, subcontractors and fourth parties quietly inherit access to sensitive data. When these unseen links are breached, the impact is immediate: regulatory action, boardroom panic, financial loss, and broken trust. A small percentage of shadow vendors cause most of the risk. This makes continuous, autonomous discovery critical to uncover blind spots, manage risk in real time, and scale securely. Rahul Tyagi Co-founder, Safe Security	All about M&S cyber attack The recent M&S cyber attack highlights how a familiar, unsophisticated attack path can still cause catastrophic impact. By exploiting the IT help desk of a third-party provider through social engineering, attackers gained internal access and deployed ransomware, leading to system outages, supply-chain disruption, customer data breaches, and millions in losses. The incident reinforces hard-learned lessons around third-party risk, human-centric failures, and incident readiness Sunaina Aytan Senior Cyber Security Consultant, Airbus Protect	Current Cyber Crime Trends Assistant Police Inspector Pravin Swamy from the Pimpri Chinchwad Cyber Police shares real-world insights into current cyber crime trends, drawn from investigations involving over 200 cyber fraud cases. Pravin Swami Head of Cybercell, PCMC
11:00 AM - 11:35 AM	Silent Whispers: Patch Tuesday’s Worst Nightmare Aseem Jakhar Co-Founder at EXPLOIT, Payatu, Nullcon	Only Secure is Not Enough: Building Intelligent Cyber Resilience In today’s rapidly evolving threat landscape, traditional cybersecurity is no longer sufficient. This session challenges the outdated notion of “just being secure” and introduces a forward-looking approach centered on resilience, proactivity, and intelligent recovery. Drawing from global incidents, evolving threat patterns, and real-world examples, the session explores how organizations can shift from reactive defense to holistic cyber resilience. Subhash Singh Punjabi CISO & Head Enterprise Architecture, Deepak Fertilisers & Petrochemicals Corporation Ltd	She Secures the Future: Women Leading the Next Wave of Cyber Resilience Moderator: Anupriya Kumar COO, miniOrange Dr Abhilasha Rakesh Vyas Director Learning and Innovation, PureID Vandana Verma Security Leader, Compliance Lead, Snyk, OWASP Foundation Alka Vaghela Information Security and GRC Professional Satyavathi Divadari Deputy Chief Information Security Officer & Global Advisory Board Member - CTIA, EC-Council Chairperson - CSA Bangalore
11:45 AM - 12:20 PM	Countering Disinformation and Cyber Threats to Democracy Exploring how technology, policy, and public awareness must work together to protect democratic systems in the digital age. Brijesh Singh ADGP Maharashtra Police, Director General of Police at Government of Maharashtra
12:30 PM - 01:05 PM	DEF CON 19 & Beyond! 15 years ago at DEF CON 19, one of the most talked-about social engineering talks challenged organizations to confront the uncomfortable truth: people, not systems remain the most vulnerable point in any strategy. As we revisit that moment, this retrospective explores what & more importantly how little has changed when it comes to protecting employees from targeted social engineering attacks. Jayson E. Street Chief Adversarial Officer, "World Class Hacker" by National Geographic & Global Ambassador, Secure Yeti, DEFCON
01:15 PM - 01:50 PM	Key Note Venkatesh Murthy. K Vice President at DSCI
02:05 PM - 02:40 PM	From TARA to Takeover: Live Electric Scooter Exploitation Against ISO 21434 Requirements Arun Mane [Founder & CEO, Amynasec Labs] Omkar Mali [Security Researcher]	Incident Response When the Lights Go Out: Real Lessons from OT Cyber Crises Moderator: Puneet Tambi Baker Hughes, Principal OT Security Enterprise Architect Founder, OT SECURITY PROFESSIONALS Sharmin Sheikh APAC Lead - OT Cybersecurity Rohit Jain OT Security Architect, Rockwell Automation Ravindra Gotavade Senior Domain Architect OT Security, Tetra Pak Prateek Singh APAC Lead - OT Cybersecurity, Eaton Corp.	Fireside Chat: Is AI Making Organizations Safer or Just More Confident? Saksham Choudhary, Founder, Findcoder.io x Alex x Nikhil Shrivastava	Workshop Modern ThreatOps – Unmasking Adversaries Across OSINT, Dark Web & Telemetry This hands-on workshop introduces modern Threat Operations (ThreatOps), combining OSINT, dark web reconnaissance, and telemetry fusion to identify, track, and analyze advanced adversaries. Participants will learn actionable techniques for structured dark web monitoring and derive threat insights that strengthen defensive and offensive cyber operations. Archan Choudhury Cybersecurity Leader \| Founder & CEO, BlackPerl 02:00 PM – 04:00 PM
02:50 PM - 03:25 PM	Built for India, Mandatory for All: Understanding DPDP Act How the DPDP act elevates governance and accountability, and why IAM and PAM are now essential for secure, efficient, and compliant operations. Gaurav Bansod Director of Strategic Partnerships and Alliances, miniOrange	AI on Wheels: Balancing Intelligence and Security in Smart Vehicles Moderator: Smith Gonsalves Director & CISO, CyberSmithSECURE Arun Mane Founder & CEO, AmynaSec Research Labs Jay turla Principal Security Researcher, VicOne Nagarajan M Vice Chairman & MD, Gujarat State Road Transport Corp (GSRTC) Prateek bhatari Head Cybersecurity and Blockchain, Spiro	Prompt Injection: When Calendar Invites, Emails & PRs Hack Your AI Assistant How indirect prompt-injection hidden in everyday content can hijack AI assistants and outlines what developers must do to secure systems that automatically ingest untrusted text. Kalpesh Hiran Vice President Technology for Endpoint, Data and Plugins, miniOrange
03:35 PM - 04:10 PM	Shadow AI: The New Supply Chain Disruptor Artificial Intelligence is no longer a background helper—it has become a participant in our software supply chains. Tools like Cursor, Windsurf, and other AI-powered IDEs can now generate code, recommend dependencies, suggest infrastructure, and even automate deployments. On the surface this looks like productivity magic. Under the hood, it is a supply chain disruptor. Anant Shrivastava Founder of Cyfinod Research	The Untold Stories of Building Cybersecurity Conferences Moderator: Dikshita Tiwari Jayson E-Street Chief Adversarial Officer, “World Class Hacker” by National Geographic & Global Ambassador - Secure Yeti, DEFCON Nikhil Shrivastava Founder, BoA and Red Team Legend - Bsides Ahmedabad, RiskProfiler, Synack Dhillon Kannan Founder & CEO, VP - Global Strategy & Growth, Hack In The Box, Verichains	MITM Without Malware: Legitimate Traffic Interception in Modern Security Systems This talk demystifies how modern security architectures implement controlled, transparent traffic interception without behaving like malware, using packet diversion technologies as a practical foundation. Ajay Bisht SDE II, miniOrange
04:20 PM - 04:55 PM	AI vs. AI: The Next Battleground in Financial Cybersecurity Moderator: Alex Tugattijan Head of Security, Architecture & Engineering, Emirates NBD Yazad Khandhadia Head of Security, Architecture & Engineering, Emirates NBD Himanshu Kumar Das Chief Information Security Officer, CRED Harvinder Gill Dhiraj Sashidharan Vice President Threat and Compliance Management, Emirates NBD Dr. Nareshkumar Hargale Senior Vice President & Department Head (ISD-IS&SP), State Bank of India	PQC migration - A necessity or hype ? Evaluating whether migrating to post-quantum cryptography is urgent or premature, offering a balanced roadmap by examining quantum threats, PQC maturity, and the real-world costs and challenges of large-scale transition. Commander Vivek Yadav Sr Manager, Director (Cybersecurity and Quantum) at Ministry of Electronics and Information Technology	From Intelligence to Action: Proactive Threat Hunting for Cybersecurity How to turn threat intelligence into actionable, MITRE ATT&CK-aligned hunts using telemetry and adversary TTPs, illustrated through real cases that demonstrate proactive breach prevention. Rohit Deepak Sadgune Sr Manager, CYBER DEFENSE at Saviynt
05:00 PM - 06:00 PM	Innovation Sandbox Pitch
06:15 PM - 06:30 PM	Awards Ceremony
06:30 PM - 07:00 PM	Closing Note – Anirban Mukherji

Hello there!

Need Help? We are right here!