The bright lights of Vegas shine on the infosec community August 5 – 8 for Black Hat, BSidesLV, and DEF CON—turning Sin City into a Smart City.

IOActive will once again descend into the desert en masse, and will want to see all of our friends and family. This year we are supercharging the experience for everyone.

Join us for an evening of dancing

DJ Alan AlvarezOur very own DJ Alan Alvarez is back – coming all the way from Mallorca to turn the House of Blues RED with us:

Wednesday, August 5
At the House of Blues

Because no one prefunks like IOActive


Escape to the IOAsis – DEF CON style!

With even more fun and great networking, we invite you to escape the chaos in our luxury suite at Bally’s. Join the IOActive research team for an exclusive sneak peek into the world of IOActive Labs. 

Friday, August 7, 12PM–6PM
Bally’s Celebrity Suite #7109 (Jubilee Tower)

    • Unwind with a massage 
    • Enjoy spectacular food and drinks 
    • Participate in discussions on the hottest topics in security 
    • Challenge us to a game of pool! 

Lightning Talks with our Researchers:
Straight from our hardware labs, our brilliant researchers will talk about their latest findings, in a group of sessions we like to call IOActive Labs Presents:

    • Mike Davis & Michael Milvich: Lunch & Lab - an overview of the IOActive Hardware Lab in Seattle
      Robert Erbes: Little Jenny is Export Controlled: When Knowing How to Type Turns 8th-graders into Weapons 
    • Vincent Berg: The PolarBearScan
    • Kenneth Shaw: The Grid: A Multiplayer Game of Destruction 
    • Andrew Zonenberg: The Anti Taco Device: Because Who Doesn’t Go to All This trouble? 
    • Sofiane Talmat: The Dark Side of Satellite TV Receivers 
    • Fernando Arnaboldi: Mathematical Incompetence in Programming Languages 
    • Joseph Tartaro: PS4: General State of Hacking the Console
    • Ilja Van Sprundel: An Inside Look at the NIC Minifilter


Get your freak on at FREAKFEST 2015!

FreakFest 2015Finish out the week with a bang! After a two-year hiatus, IOActive is taking DEF CON’s new venue as a welcome to throw the biggest, baddest, freakiest event yet - IOActive presents FREAKFEST 2015!

Are you ready to get your freak on???

Saturday, August 8, 2015
10PM ’til exhaustion sets in



Gonna be in Vegas?

RSVP here to stay up to date on the latest event happenings.


See our research team in action:

Chris ValasekChris Valasek: Director of Vehicle Security Research at IOActive, overseeing IOActive’s Vehicle Security Practice while continuing to push the boundaries of vehicle security research. Valasek was one of the first researchers to publicly discuss automotive security issues in detail. He released code, data, and tools that allowed vehicles to be physically controlled through the vehicle’s CAN bus. Valasek specializes in offensive research methodologies with a focus on reverse engineering and exploitation. He is also the Chairman of SummerCon, the United States’ longest standing hacker conference. Valasek will speak at both Black Hat and DEF CON, with the presentation: 

Remote Exploitation of an Unaltered Passenger Vehicle 
Black Hat: 3PM Wednesday, August 5, 2015
DEF CON: 2PM Saturday August 8, 2015


Colin CassidyColin Cassidy: Security Consultant for IOActive, focusing on Industrial Control Systems (ICS). He has a strong development and software engineering background. He is also a seasoned leader in the areas of security and software engineering. Before joining IOActive, Cassidy served for a number of years as Technical Manager and Security Technical Lead for a major industrial software & hardware vendor. He has hands-on experience with a leading Outage Management System/Distribution Management System (OMS/DMS) solution for electricity distribution management. He also led a team of developers in producing new functionality within the core product and worked with customers to understand their requirements. Cassidy has a BSc (Hons) in Computing Science from the University of Glasgow. Cassidy will speak at both Black Hat and DEF CON, with the presentation: 

Switches get Stitches 
Black Hat: 3PM Wednesday, August 5, 2015
DEF CON: 4PM Saturday August 8, 2015


Damon SmallDamon Small: Managing Consultant for IOActive. Small began his career studying music at Louisiana State University. Pursuing his desire to actually make money, he took advantage of computer skills learned in the LSU recording studio to become a systems administrator in the mid-1990s. Following the dotcom bust in the early 2000s, he began focusing on cyber security. This has remained his passion, and over the past 15 years as a security professional Small has supported infosec initiatives in the healthcare, defense, and oil and gas industries. In addition to his Bachelor of Arts in Music, Small completed his Master of Science in Information Assurance degree from Norwich University in 2005. Small will speak at DEF CON, with the presentation: 

Beyond the Scan: The Value Proposition of Vulnerability Assessment 
DEF CON: 2PM Thursday, August 6, 2015


Fernando ArnaboldiFernando Arnaboldi: Senior Security Researcher and Consultant for IOActive. Arnaboldi has over 10 years experience in security research (Deloitte, Core Security Technologies, and IOActive), and he holds a Bachelor’s degree in Computer Science. Arnaboldi will speak at both Black Hat and DEF CON, with the presentation: 

Abusing XSLT for Practical Attacks 
Black Hat: 3:50PM Thursday, August 6, 2015
DEF CON: 2PM Saturday August 8, 2015

Jason LarsenJason Larsen: Principal Security Consultant for IOActive. Larsen is a professional hacker specializing in critical infrastructure and process control systems. Over the last several years he has been doing focused research into remote physical damage. Larsen graduated from Idaho State University where he worked doing Monte Carlo and pharmacokinetic modeling for Boron-Neutron Capture Therapy. He was one of the founding members of the Cyber-Security department at the Idaho National Labs, which hosts the ICS -CERT and the National SCADA Tested .Jason has audited most of the major process control and SCADA systems as well as having extensive experience doing penetration tests against live systems. His other activities include two years on the Window 7 penetration testing team, designing the anti-malware system for a very large auction site, and building anonymous relay networks. Larsen will speak at Black Hat, with the presentation: 

Remote Physical Damage 101 – Bread and Butter Attacks 
Black Hat: 9AM Thursday, August 6, 2015

Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion
DEF CON:  6PM Friday, August 7, 2015


Kenneth ShawKenneth Shaw: Senior Security Consultant for IOActive. Shaw brings a BSEE and much enthusiasm for breaking hardware, firmware, and software of all varieties. Shaw has years of experience finding and exploiting ICS vulnerabilities, as well as hacking all manner of web and mobile infrastructure. When he isn’t helping to harden customers’ systems Shaw is engaged in larger experimental and research questions in ICS, such as: what physical damage can be done, and characterizing nation state-level threats. Shaw will host a table in the IoT Village at DEF CON, and will present a demo and explanation of vulnerabilities in the US electric grid: 

The Grid: A Multiplayer Game of Destruction  
DEF CON: 12PM Sunday, August 9, 2015, ICS Village, Bronze Room

Sofiane TalmatSofiane Talmat: Security Consultant for IOActive, with more than 10 years experience performing security assessments and reverse engineering engagements, identifying vulnerabilities and developing exploits for IOActive’s clients in such industries as software development, telecommunications, financial services, aviation, and retail. Talmat has proven skills in design, implementation, enhancement, testing, maintenance, and support of myriad software instances; and can both test software as well as assist development teams with the implementation of software protection mechanisms. Talmat will speak at Black Hat, with the presentation: 

Subverting Satellite Receivers for Botnet and Profit 
Black Hat: 5:30PM Wednesday, August 5, 2015

Security and the New Generation of Set Top Boxes
DEF CON: 2PM Saturday, August 8, 2015, IoT Village, Bronze Room


DEF CON Village Talks Track (in the Bally’s Convention Center):

Security and the New Generation of Set Top Boxes - Sofiane Talmat
2PM Saturday, August 8, IoT Village, Bronze Room

Brain Waves Surfing - (In)security in EEG (Electroencephalography) Technologies - Alejandro Hernández
7PM Saturday, August 8, BioHacking Village, Bronze Room

The Grid: A Multiplayer Game of Destruction  - Kenneth Shaw
12PM Sunday, August 9, ICS Village, Bronze Room