Monday 29 October 2012

ClubHack - India's First Hacker Conference

Rohit Srivastwa is the Founder of ClubHack, the “Mother of all Indian Hacker Cons” and can truly be called the “Jeff Moss”of India :) He is one of those rare few hackers who has the right mix of Hacking, Team work and Business sense. 

Rohit has been a great friend and we date back to even before he started Clubhack and I started SecurityTube. I really appreciate him agreeing to speak with us, even though he is very busy with his business and preparing for Clubhack 2012.

CH - ClubHack
VR- Vivek Ramachandran

VR: When was Clubhack founded? And how many years has it run?

CH: So Vivek, if you remember, we started the activities of ClubHack & SecurityTube almost same time back in 2007.  Our first or so to say India’s first ever hackers conference happened in Dec 2007. We have successfully seen 5 years pass by and now heading towards the 6th edition

VR: ClubHack is regarded as the “Mother of All Hacker Cons” in India.  How did it all start? What was the inspiration behind ClubHack?

CH: ClubHack may have inspired other conferences in India. We have witnessed mushrooming of a lot many conferences in India after 2008.  When it started back in 2007 people in India were still not ready to use the word “hack” so openly. My motive was to make the use of this word easier and make people understand the inner meaning of the same. We in industry used to get a lot of support from community and ClubHack was an initiative to give back to the community.
Strange when you look at this from the eyes of world, but in India in the 2007 we saw a lot of resistance towards the event and the name also. Senior people in industry went upto extent of suggest me to rename the event as ClubAntiHack :)
People including law enforcement & govt. thought we are some underground kids doing something wrong. But lately we have seen a lot of acceptance and support from their side.

VR: What was the reaction of your colleagues, friends and people in general when you told them “I am gonna run the first ever Hacker Con in India?” 

CH: “Are you crazy, have you gone mad?” that too in typical Indian language, accent and tone. Except for few who supported me a lot.

VR: How did you find your first volunteers for ClubHack? Was it difficult to convince them to help start a new conference?

CH: That was easy. I used to teach in Symbiosis College and my students were my first volunteers. It wasn’t difficult to convince them, as they knew me well enough. Not because I could have given them less scores if they didn’t. In anycase “hacking” and “college students” have some interesting relationship.

VR: How many days in advance do you start planning for the conference? And how much work is involved? We are asking this as most people fail to appreciate the sheer hard work and sweat it takes to deliver a fantastic show!

CH: For us the event dates are fixed, first weekend of December. So all the work backtracks from that date. Initial activity internally in teams starts from June onwards. Believe it or not the biggest sweatshop (not sweetshop) is the sponsorship department :) The work involves everything from deciding the theme, ideation, working on CFP, booking the venue, spending money form pocket first & then wait for sponsors, travel, accommodation, audio visual setup, ticketing, getting work done from volunteers, managing press, getting stuff printed, merchandise made, etc. 

VR: What keeps the team busy for the rest of the year? 

CH: The team came up with this idea of bringing out a free monthly e-magazine on hacking in 2010. Since then every month they release a magazine, which is again done with support of community. The magazine gets published on and the people of the community send articles. As a part of magazine, we come out with a security awareness poster every month in the magazine itself.
BTW all the members or core team have either jobs to keep and a few have even college to attend. ClubHack is an extra curricular and weekend activity for all. 

VR: ClubHack motivated others to start their own Hacker Cons – Can you tell us how you created the ecosystem for hackers in India to do this?

CH: As I mentioned earlier, it was the first time when people saw something of this sort coming in India. Other organizers understood that the initial resistive barrier in people’s mind has been broken; it won’t be very difficult to replicate it. Also it was a community event where people supported most part of it so the community feeling saw the light. We initially had a general discussion mailing list also but had to turn it down due to lot of garbage content coming in and moderation becoming very difficult. You can understand the kind of questions n00bs and wannabe’s starts asking. But the idea was open in wild that yes this niche can be captured.

VR: The last time I checked there is now probably some small/large “Hacker Con” in India every fortnight. Almost everyone with a group, now has a Con. Do you think this will help the Hacker ecosystem in India? 

CH: To your surprise I’d agree to this statement that yes it helps. What people do is a more formal meetup and call it a conference because “hacker con” is the buzzword. In today’s times there are 4-5 bigger conferences and a bunch of “formal meetups”. The meetups are good at there level to help the community but the bigger conferences are where the serious people want to go. But atleast the waking up of the community is happening. Only the sad part of uncontrolled mushrooming is people now do not take this industry seriously. Everyone is a hero now and arrogance takes precedence over knowledge.  The uncontrolled environment also shows people a lot of magic shows which takes “hackers” mind away from the difference between legal & illegal.

VR: When is Clubhack this year? What all does the conference have this year – Talks, Trainings, … ?

CH: As I said, its easy to remember the dates, first weekend of December every year. So this time it’s on 1st, 2nd & 3rd December. This year along with regular talks & workshops, we are planning to add a hacknight where hackers will spend whole night creating something. It can be a plugin, module, addon, tool, script, anything that is related to security and can make life easy.

VR: You’ve changed your conference goal to “Innovation in Infosec”. Can you tell us a little bit more about it? 

CH: When you talk about security and professional’s wish to do something of their own, everyone jumps on to start a VA-PT company. It won’t be incorrect to say there are more than scores of such 1-man, 2-man company in each decent size city in India who do VAPT. Where is the innovation?
This year our idea is to motivate people to look towards creating something. If they want to get into entrepreneurs shoes, go into product side, create something, show the world your real “hackers” skill. We are also heading in the direction of giving the support to these real hackers what they may need such as incubation and funding support

VR: I know all talks will be fantastic but are there are key talks you would like to highlight which are a “MUST WATCH” this year?

CH: As of now CFP is open and the first cut list is not out. I’ll let the community know soon about the “MUST WATCH” talks this year.

VR: How many CFP submissions do you typically receive? For how many speaking spots?

CH: We generally restrict the number of talks to 10-12. We don’t want information overload on people. For these 10-12 slots we get around 50-60 submission per year.

VR: In all the years with Clubhack, which was the most memorable event / experience?

CH: The most memorable event in ClubHack was 2010. After my years of continuous follow up Bruce Schneier finally agreed to fly down to Pune and give the keynote talk. ClubHack2009 also deserves a special mention here because that was the time we saw govt. taking interest in the field and started attending the event in good number. The shift in mind of govt. officials was a very welcome change in India

VR: On the other extreme, was there ever a nightmarish situation at Clubhack? Could Clubhack ever have been cancelled?

CH: Again 2010. This year we lost our promised sponsors and Bruce Schneier agreed to come. That was a catch 22 situation. If I cancel the event, I’ll never get a chance to invite Bruce again but if I go ahead and do the event, I’ll be burning deep holes in my personal savings. The event happened and Bruce came, now you know what would have happened to the pocket.

VR: I’ve visited more conferences than I can remember but with ClubHack I’ve always felt a special bond. I’ve felt really welcome and your volunteers and the organizing committee is just plain fantastic! Almost all speakers at ClubHack resonate the same feelings. There is a lot other Cons can learn here. My question – How did you manage to create a “home away from home” atmosphere for us all? 

CH: Vivek, a very important part of any conference is to understand the underlying objective. If you are there to make money and take this as business, the attitude will reflect the same. For me & my team too, ClubHack is a place to give. It’s a place to contribute back to the community and make good friends. We haven’t ever thought of ClubHack as a source of income or a business. It’s just an initiative to bring people together and strengthen the community.

VR:  It’s a well known fact that you’ve run ClubHack from your own pocket most years. What motivates you to spend from your pocket every year? 

CH: Well not all the years. Sometime sun shines and we break even in expenses. It’s a community thing so I won’t be ashamed in sharing these facts, which are coming for the first time in public.

2007 – from pocket 3L INR. Can’t help it was the first event
2008 – break even, 20k INR from pocket.
2009 – sun shined, 1L in profit.
2010 – the year that was, 7.6L INR from pocket.
2011 – sun shined again out of clouds, 27k in profit.

The money we saved from year 2009 & 2011 has not gone in pocket. It went in running the show & starting of the magazine ClubHackMag.

What motivates? Even I don’t know.  By not doing ClubHack and putting that money in savings, I would have done a lot. May be attributed to my upbringing where my dad spent his entire life in army serving for those whom he never even knew. What a question man, I’m still trying to think what motivates me.

VR: Based on previous years, how many attendees are you expecting this year? Where is the conference venue this year?

CH: This year we are looking for around 300 people. 

VR: Party Time!So what’s up for the ClubHack party this year? 

CH: Party is still secret. Frankly ClubHack parties are not something people wait for, it’s a regular networking dinner. Last year a friend of mine came with his own band to play & entertain the gathering. We’ll have something more interesting & bigger this time.

VR: OK, you can thank your sponsors now! :)

CH: Here are a few sponsors from past (in no particular order)

1.    Quickheal
2.    City University London
3.    Syntel
4.    IIM Ahmedabad
5.    British High commission
6.    Secure Matrix
7.    Asian School of Cyber Laws
8.    iSight partners

Plus a lot of supporters and media partners.

VR: Thanks a lot guys! We wish you and ClubHack all the best!

Thursday 20 September 2012

The NULL Community and NullCon - Goa and Delhi

Founded by Aseem Jakhar and Murtuja Bharmal in 2008, the Null Community is one of the largest and most active hacker groups in India. Null Chapters all over the country meet every week and have fantastic knowledge sharing activities amongst its members. They are probably the closest India has to a "Hacker Space".

I've been great friends with Aseem and Murtu from a long time, and they are one of the most humble and down-to-earth guys I've ever meet. They've done a really fantastic job with their flagship con - Nullcon Goa and this year have embarked on organizing Nullcon Delhi! 

Nullcon Delhi is next week and I am very thankful that they agreed to this interview, even though they were exceptionally busy! So without further ado - we present Null and Nullcon!

NC - Aseem Jhakar and Murtuja Bharmal, Null Community and NullCon
VR - Vivek Ramachandran, Founder

VR: When did the Null movement start? And what was the inspiration?


 NC: It all started back in 2008, we and a bunch of colleagues were discussing about active information sharing platforms in information security domain. India being the global hub of software development, it was a little surprising that there were no active infosec communities. This coupled with the problems we faced during our learning phase because of no one to talk to, mentor and guide us. We thought of starting a community with no boundaries i.e. anything security and hacking was welcome. The aim was to create a security research platform, share knowledge and assist any organization with security related issues. We started the null mailing list in July-Aug 2008 and made our first public appearance at BarCamp Pune in Nov 2008, where we announced that we are starting physical null community meet ups in Pune. There were a few hackers and security professionals whose needs were answered by null and they joined in as volunteers. There has been no looking back since then. It has not been easy but has been a very interesting journey. Null is now a registered non-profit society with over 2400+ members on the mailing list and more than 150 security professionals and hackers meet every month in different cities at the null meets.

VR:  How many chapters do you have in Null right now? How do you coordinate with Chapters on the monthly agenda? 


NC: We have six active null chapters throughout India in major cities - Pune, Bangalore, Mumbai, Delhi, Hyderabad and Chennai. Every chapter is run by 2-3 Moderators. They are run as a community rather than an organization. The moderators decide the agenda of the monthly meets and make sure we have a suitable place for the meets. There are generally presentations by members and discussions on hot topics in security. The chapters run independently with all the information being collated on our community portal It is amazing to see the kind of deep technical knowledge talks and information exchange happening at the null meets. There is training on RE, introductory sessions for the newbies, news bytes about the recent happenings in security domain, research talks, tool releases and so much more. The meets are free for everyone i.e. no registration and as we at say at null – just come with an open mind.

 VR: Apart from information sharing what else does Null do?

NC: We have several projects running. All projects are run by null members who have volunteered and taken some time out of their busy schedule to manage those projects. 

  1. Software projects: There are various open source security software written and contributed by null members. The details can be found at – Some of the noted projects include Game|Over – The web security learning platform, Jugaad – Linux remote thread injection kit, Wireplay – server communication fuzzing tool, Malware analyser and many more. 
  2. Project Keeda: A database of vulnerabilities found in the wild. Researchers who find it difficult to report and get the vulnerability fixed, report it to us and we take on the responsibility of reporting it to vendor and getting it fixed. There is no restriction on the type of vulnerability one can report i.e. even vulnerabilities in custom websites can be reported to Keeda. For more details you can visit
  3. Null Jobs: A free portal for posting and applying for security jobs. We have been running the portal for more than a year now and have received hundreds of job postings and applications. Many people have found the right jobs through the portal. We have changed the way how security job openings were communicated in the past by way of having a centralized portal for most of the security jobs in India. We plan to take it international in sometime and assist the international community for the same. Details can be found at 
  4. null Humla: Humla literally means attack in hindi. An offensive hands-on informal workshop and gathering. This happens in most of the null chapters. It is a day long session on any offensive technology picked up by the volunteers. We have a Humla champion who runs the show. The session is totally free, however to maintain the quality we keep limited registrations.

VR: When was Nullcon founded? And how many years has it run?


NC: nullcon was founded in 2010. As of writing this we have had 3 successful Conferences in Goa (Feb-2010, Feb-2011, Feb-2012) and have decided to go bi-annual with the introduction of nullcon Delhi in Sept 2012 (26-29th Sept) which will be our fourth event overall and second in 2012.

VR: How did it all start? What was the inspiration behind Nullcon?

NC: We realized that we needed an integrated platform for exchanging information on the latest attack vectors, 0-day vulnerabilities and and unknown threats with the international community and the industry as well and nullcon was born. I still remember how we argued on the name, at one point we also thought of naming it h4ckf357 ;-). The objective of the conference is simple, unearth next-generation security and attacks and get all the niche researchers, CXOs and Govt under one roof the discuss about the future of information security. I'm not sure about other countries, but in India we were surprised to see the active participation from all the concerned Govt. agencies right from the first conference onwards, which was more of a shock (in a positive sense) to us given the stereotypical Govt. response :-). Now, we can proudly say that within three years nullcon has become one of the premier security conferences in Asia and we do not wish to stop here. We have plans of going international (out of India) in sometime. Currently, we are looking at international destinations and doing a feasibility study for the conference.
Last year we decided to go bi-annual in 2012 with nullcon Goa in Feb and nullcon Delhi in September. Although the talks and training are almost similar in both the conferences, with nullcon Delhi we will target the Govt. and the corporates more as Delhi being the national capital and the hub for the Govt. agencies. Nullcon Goa continues to host a mix of all types of attendees and has something for everyone.

VR: How did you find your first volunteers for Nullcon? Was it difficult to convince them to help start a new conference?


NC: The community realized the potential of doing something different and new. When we approached volunteers to help us with certain tasks, they agreed enthusiastically. It is all because of the volunteers' dedication to support the cause that we are able to put up a great show. We have an excellent review panel which helps us with neutral and technical review of the submitted papers. Our CTF team is just super-amazing, they keep surprising us with every CTF. 

VR: How many days in advance do you start planning for the conference? And how much work is involved? We are asking this as most people fail to appreciate the sheer hard work and sweat it takes to deliver a fantastic show!


NC: We start planning for a conference 8+ months in advance. Dont even get me started on the work part. It requires a hell lot of backend work before the conference and patience to make it happen. I can write a long book on DOs and DONTs and the work involved in organizing a security conference and still that would not be enough to talk about the effort involved. Most conference organizers would agree with me on the work part :-).
For us nullcon is also a bread winning job and hence it gets more tough. In 2011 we realized that if we want to take nullcon to mainstream we have to sacrifice our current jobs and dedicate our full time towards the conference. I do not regret that decision but we are yet to see the light of the day i.e. the bread :-). India as a market for security conference is not mature enough and it will take another year or two to understand the true value a security conference holds. We are ready to wait. On the contrary we have found enormous talent by way of the quality submissions we get from within the country.

VR: When is Nullcon this year? What all does the conference have this year – Talks, Trainings... ?

NC:  nullcon Delhi is scheduled in Sept 2012. 


         Venue: Leela Kempinsky, Gurgaon
         Dates: Training – 26-27 Sept , Conference 28-29th Sept 2012

Its an action packed conference in Delhi. We have added quite a few sub-events at the    conference.

  • nullcon Blackshield awards: An annual award ceremony to honour organizations, thought leaders and researchers who drive innovation in information security domain.
  • Reboot: Yes! We are having an exclusive preview of Reboot movie at nullcon Delhi. I think everyone in the hacker community is aware of the movie. For those who are not aware, you can check out the movie trailer on their official website A special thanks to Sidney sherman and Joe kawasaki for giving us the opportunity to show the preview at nullcon.
  • Prototype sub-event: Prototype is an excellent opportunity and platform for security organizations to present their new and innovative security technologies/products to the conference attendees to attract industry recognition and to boast about their technology's capabilities. These talks are reviewed by nullcon team and selected based on the innovative features of the technology. The talks are strictly technical as apposed to vendor marketing talks.
  • Security Conclave on Critical infrastructure protection: A focused panel discussion of 90 mins. Expert panelists from Govt.  and large private organizations will create the road map for the protection standard and processes. The idea is to come up with suggestions and drafts for creating standards for the same.
  • Exhibition: We have added an exclusive exhibition area for vendors to engage with the attendees and showcase their products.
  • Executive Briefing: Exclusive two hours sub-event for senior management and the CIO’s to present summarized content of conference talks/events to them and an opportunity for the researchers to get access to the decision makers.
  • Nullcon Job fair: An exclusive booth at the exhibition for hiring the best talent and submitting resumes. This is the right place to get to the right place :-)
  • Training: This is the second time we are doing training at the event. We have kept seven  advanced security training at nullcon Delhi on various niche security topics. You can find more details about each training at
  1. Reverse Engineering and malware analysis - Abhisek Datta
  2. Xtreme Xploitation – Omair
  3.  Mobile application hacking: Attacks & Defense – Hemil Shah
  4.  Attack incident investigation by log analysis – Murtuja Bharmal
  5.  Xtreme Android Hacking – Aseem Jakhar & Anant Shrivastava
  6.  Xtreme Web Hacking – Akash Mahajan & Riyaz Walikar
  7.  Secure SDLC and code review – Akash Mahajan & Prashant K.V.
  • HackIM CTF: We just closed the HackIM Delhi 2012 CTF and announced the winners. For more details about the CTF one can visit

VR: Who is giving the Keynote this year? What’s it about? 

NC: There are two keynotes scheduled at Delhi:

  1. Day 1 keynote is by Mr. Raghu Raman. He is the CEO of one of the Govt. most ambitious projects – “National Intelligence Grid”. He is a thought leader and one of the most sought after luminary in Infosec. His talk has been kept as a surprise.  
  2. Day 2 keynote is by Mr. Richard Thieme. He is a well known international author and speaker. He is going to talk on the dark side of intelligence and security.

VR: I know all talks will be fantastic but are there any key talks you would like to highlight which are a “MUST WATCH” this year? 


NC: Oh yes! There are many. The talks are really good this time at Delhi. However, a few of the highlights:

  1. Talk on DTMF fuzzing by Rahul Sasi promises to be an eye opener for alternate fuzzing methods for telecom applications.
  2. Our signature Desi Jugaad talk – This year in Desi jugaad track Antriksh shah is disclosing a serious bug in Apple store that allows one to bypass the payment process and download the apps for free.
  3. Talk on hacking hardware equipment (Set-top boxes) by Zoltan Hornak, he will showcase his innovative methods of  breaking the box.
  4. Prasanna is releasing his tool for penetration testing SAP setup, the tool is built on IronWASP framework by Lavakumar and named IronSAP.
  5. Ajit hatti is going to present his analysis and comparison of internet banking security of various banks and is coming out with a checklist to measure the effectiveness of security.
  6. Aditya and Subho are releasing AFE (Android Framework for Exploitation) at Delhi.
  7. Michael sutton and Pradeep are releasing a new utility for behavioural analysis of mobile apps.
  8. Ravishankar is going to talk about vulnerabilities in USSD code implementations in telecom applications.

 VR: How many CFP submissions do you typically receive? For how many speaking spots?


NC: We typically get more than 60 submissions per conference and it is increasing by every con. The slots range from 20-25. It is extremely difficult to select one talk over the other as most of the talks we receive are really really good and innovative. What we do instead is to keep all different kinds of talks and try to refrain from keeping similar talks. One common problem which other organizers must also be facing is the late submissions, the problem is that we review papers as they come and quality submissions coming in late have less probability of getting selected if the slots fill up or if we are left wth very few slots, this is when it gets very very difficult to chose one talk over the other, given that most talks are really good quality. So, researchers if you are reading this PLEASE SUBMIT EARLY  :-)

VR: In all the years with Nullcon, which was the most memorable event / experience?


NC: It is hard to pin point a few moments as each and every nullcon is a remembrance in itself. we make history every time :-). Every participant has his/her own experience and moment at nullcon that creates a long lasting impression on them. I have had my share too :-). I still remember the audience enthusiasm when we had our first desi jugaad talk on hacking auto-rickshaw meters, where the speaker demonstrated the hacks live with an actual meter. Then there was the long discussion on security scene in India at the beach till 4 in the morning with the volunteers. I also remember the villages room was half taken over by the Android village with very little space left for other booths. And then there are those “Oh! You know this new technique...” moments and secret discussions on new attacks and vulnerabilities. I really like the hunger that the attendees have for learning something new and to go the details of things. One of the most tiring moments is to go to the interiors of Mumbai, Delhi and Pune to search for that perfect nullcon Goodie.



 VR: On the other extreme, was there ever a nightmarish situation at Nullcon? Could Nullcon ever have been cancelled? 

NC: Yes, we have had those situations. We made up for it by putting in our own reserved savings. As I mentioned before also, we are yet to break-even for the conference, but our passion for running nullcon is so strong that we do not see ourselves giving up anytime soon. One of the major problems in India is the cost vs charges game. While the cost of organizing is same or more than compared to other countries (especially the hotel cost compared to other countries, yes we have looked up the cost for even Las Vegas and a few other places), attendees are not willing to spend for passes compared to the costs. The problem we see is that the whole culture of going to conferences, learning new things and meeting fellow hackers is yet to pick up here and we are confident that it will change in an year or two based on the response we are getting at nullcon.



VR: Based on previous years, how many attendees are you expecting this year? Where is the conference venue this year?

NC: We had around 300 participants in Goa 2012. we are expecting the same no.s if not more in Delhi as it is our first time in Delhi. The venue for delhi is the exotic Leela Kempinski in Gurgaon.

VR: Your CTFs are really popular? What is the secret recipe?

NC: All thanks to our “League of Extra-ordinary Gentlemen”. We have an amazing CTF team, who work hard to make the challenges. We have three different types of CTFs running at nullcon. All the three are desgined to be different.

  1. HackIM: It is our web based CTF with different levels and challenges and open to all. We usually launch this prior to nullcon and the winner gets free stay + conf pass for nullcon.
  2. Battle Underground: BU is more of a theme based CTF and challenges include breaking into systems. Since 2011, we started running this challenge over the cloud for everyone to play. BU opens during the conference.
JailBreak: This is a new entry in 2012. It is also a theme based challenge but the focus is on real applications, systems and software. The participants are put under house-arrest for 36 hrs and given limited food and water supply.  

JailBreak Teaser

They are also not allowed to use toilets for free. If the participants need food, water or want to use the toilet, they have to solve codes given to them periodically. Their main challenge is chosen before they enter the jailbreak and can be one of finding real world zero days to writing exploits or security tools.

JailBreak Part 1

The first one to finish the challenge can break free from the jail. The winner gets a cash prize (Last JailBreak winners won INR 12000). We even shoot the Jailbreak videos. We could say that It is one of the first reality show on hacking. You can watch the two part Jailbreak show on our youtube channel:

JailBreak Part 2

VR: Party Time! So what’s up for the Nullcon party this year? 

NC: nullcon networking party has become an important event in itself. Everyone looks forward to the party after the conference. We try to keep each party exclusive and something to remember us by. If you have never been to a nullcon party its about time you should come and have fun with the fellow hackers. The Delhi party is more of a business cocktail party with lots of opportunities to network with CXOs and Govt. folks. 

We are organizing the following events during the cocktail:

  1. nullcon Blackshield award ceremony
  2. Private open air preview of reboot movie with cocktail and snacks.
The plans for Nullcon Goa 2013 networking party are on and we are working on getting some really talented folks for the same. Stay tuned for the news on our website.

VR: When are you planning to open the CFP for the next  conference. 

NC: Infact the CFP for nullcon Goa 2013 is already open. One thing we always advise submitters is that we review papers on a first-come-first-serve basis so if you wait for the last moment for the submission chances of rejection increase regardless of the quality of the paper as we have already selected a good no. of papers. So, we again request the community to submit early as all we need is the detailed abstract and not the whole paper. The link to nullcon Goa CFP is:


VR: OK, you can thank your sponsors now

NC: We would like to thank all our sustaining and past sponsors, without their support we would not have been able to put up the great show.

  1. Microsoft: Sustaining Sponsor – Thank you Katie Moussouris for believing in us.
  2. Qualys: Past sponsor. We really thank Wolfgang Kandek for holding our hands during our infancy stage and look forward to working with Qualys again.
  3. SANS: Sustaining sponsor – Thank you Suresh Mustapha for supporting us during our infancy stage.
  4. Palantir: Past sponsor – Thanks to your support in the last conference.
  5. Praxeva: Sustaining Sponsor – Thank you Tejan Timblo for believing in us.
  6. IIS – Sustaining Sponsor – Thank you K. K. Mookhey for believing in us.
  7. IsightPartners: Past Sponsors – Thanks you for your support John Watters.
  8. Innobuzz and Secfence: Sustaining sponsor – Thanks for supporting us Atul and Ankit.
  9. Secure Matrix: Past sponsor
  10. Hacker5: Sustaining sponsor
  11. Widget factory: Past sponsor
  12. Seclore: Past sponsor
  13. Watch Guard: New Sponsor
  14. ACPL: Sustaining sponsor

  VR: Thanks Aseem and Murtuja! I wish you guys, the Null Community and the Null Con(s) All the Best! I am sure it will rock just like every other year! Thank you!