Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague
The OpenSSL Corporation and the OpenSSL Foundation are issuing a final call for speaker proposals for the inaugural OpenSSL Conference 2025, taking place October 7–9, 2025, at the Vienna House by Wyndham Diplomat Prague.
With just 7 days remaining until the submission deadline of June 30, 2025, the organisers invite global contributors from academia, industry, and the open-source community to submit their proposals and help shape the agenda of this landmark event.
A Global Stage for Cryptography Innovation
The OpenSSL Conference 2025 will bring together a global community of cryptography experts, developers, legal professionals, security researchers, and open-source contributors for three days of focused discussion and exchange.
The conference program is structured around four key tracks:
The organisers are seeking original research, case studies, and practical insights that push boundaries and inspire new thinking across cryptographic domains.
Esteemed Speakers Already Confirmed:
Rob Duhart, Senior VP, Oracle Cloud Infrastructure
Krishna Narayanaswamy, Founder & CTO, Netskope
Peter Schmidberger and Dragan Zuvic, Mercedes-Benz Tech Innovation
Jason Lawlor, President, Lightship Security Inc.
Hayden Delaney, Partner, Thomson Geer Lawyers
Stephen Farrell, Researcher, Trinity College Dublin
Tanja Lange, Professor, Eindhoven University of Technology
The OpenSSL Conference 2025 promises a premier platform for advancing open standards, securing critical infrastructure, and fostering dialogue among the world's leading cryptographic minds.
Proposals slould be submitted by June 30, 2025
Interested speakers can submit proposals and review detailed submission guidelines at:
https://openssl-conference.org
Partnership & Sponsorship Opportunities
The OpenSSL Conference also offers customisable sponsorship and partnership packages designed to deliver value through thought leadership, brand visibility, and direct access to a technically influential audience.
Organisations of all sizes are encouraged to explore how they can participate meaningfully in this foundational event.
For sponsorship inquiries or assistance, users can contact: info@openssl-conference.org
About The OpenSSL Corporation
The OpenSSL Corporation is a global leader in cryptographic solutions, specializing in developing and maintaining the OpenSSL Library – an essential tool for secure digital communications. The OpenSSL Corporation provides a range of services tailored to assist businesses of all sizes to ensure the secure and efficient implementation of OpenSSL solutions. The OpenSSL Corporation also supports projects aligned with its Mission and Values by providing infrastructure, resources, expert advice, and engagement through advisory committees, particularly in the commercial sector. Collaboration among these projects fosters innovation, enhances security standards, and effectively addresses common challenges, benefiting all our communities.
Contact
MarCom Mgr.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
4 days ago
- Business Insider
SquareX Discloses Architectural Limitations of Browser DevTools in Debugging Malicious Extensions
Palo Alto, California, July 29th, 2025, CyberNewsWire Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as 'Verified' and 'Chrome Featured' provided by extension stores as a security indicator. The recent Geco Colorpick case exemplifies how these certifications provide nothing more than a false sense of security - Koi Research[1] disclosed 18 malicious extensions that distributed spyware to 2.3M users, with most bearing the well-trusted "Verified" status. SquareX researchers disclosed the technological reason behind this vulnerability, highlighting an architectural flaw in Browser DevTools that prevents browser vendors and enterprises from performing the thorough security analysis many enterprises expect. 'Aside from the fact that thousands of extension updates and submissions are being made daily, it is simply impossible for browser vendors to monitor and assess an extension's security posture at runtime,' says Nishant Sharma, Head of Security Research at SquareX, 'This is because existing DevTools were designed to inspect web pages. Extensions are complex beasts that can behave dynamically, work across multiple tabs and have 'superpowers' that allow them to easily bypass detection via rudimentary Browser DevTool telemetry.' In other words, even if browser vendors were not inundated by the sheer quantity of extension submission requests, the architectural limitations of Browser DevTools today would still allow numerous malicious extensions to pass DevTool based security inspections. Browser DevTools were introduced in the late 2000s, long pre-dating the widespread extension adoption. These tools were invented to help users and web developers debug websites and inspect web page elements. However, browser extensions have unique capabilities to, among others, modify, take screenshots and inject scripts into multiple web pages, which cannot be easily monitored and attributed by Browser DevTools. For example, an extension may make a network request through a web page by injecting a script into the page. With Browser DevTools, there is no way to differentiate network requests made by the web page itself and those by an extension. Detailed in the technical blog, SquareX's researchers propose a novel approach that uses the combination of a modified browser and Browser AI Agents to plug this gap. The modified browser exposes critical telemetry required to understand an extension's true behavior, while the Browser AI Agent simulates different user personas to incite various extension behaviors at runtime for monitoring and security analysis. This not only allows a dynamic analysis of the extension, but also discoveries of various 'hidden' extension behaviors that are only triggered by time, a certain user action or device environments. Named the Extension Monitoring Sandbox, the research details the necessary modifications required for the modified browser. The revelation of Browser DevTools' architectural limitations exposes a fundamental security gap that has led to millions of users being compromised. As browser extensions become a core part of the enterprise workflow, it is critical for enterprises to move from superficial labels to solutions specifically designed to tackle extension security. It is absolutely critical for browser vendors, enterprises and security vendors to work closely together in tackling what has become one of the fastest emerging threat vectors. This August, SquareX is offering a free enterprise-wide extension audit in August. The audit involves conducting an extensive audit of all extensions installed across the organization using all three components of the SquareX Extension Analysis Framework - metadata analysis, static code analysis and dynamic analysis with the Extension Monitoring Sandbox - providing a full analysis of the organization's extension risk exposure and a risk score for each extension. About SquareX SquareX's browser extension transforms any browser on any device into an enterprise-grade secure browser. SquareX's industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks including malicious browser extensions, advanced spearphishing, browser-native ransomware, GenAI data loss prevention, and more. Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users' existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser. Contact Head of PR Junice Liew
Business Insider
22-07-2025
- Business Insider
AccuKnox Named Top AI Security Startup at Security BSides Bangalore 2025
Menlo Park, United States, July 21st, 2025, CyberNewsWire 'Innovator and Leader in AI Security' AccuKnox was given the #1 AI Security Startup of 2025 Award by EmergeX: Unveiling Innovation at the influential BSides Bangalore Cybersecurity Conference in Bangalore. AccuKnox presented its Agentic AI runtime security solution. The competition judges were very accomplished CyberSecurity leaders and voted AccuKnox as the leading innovator. The unique and highly differentiated innovation in the area of AI Agentic Security positions AccuKnox ahead of established industry incumbents in addressing a vexing problem in AI Technology Adoption. The recognition positions AccuKnox as the platform leader and innovator poised ahead of established incumbents who offer legacy/pathwork solutions to this complex problem. AccuKnox presented clear user problems when it comes to security issues faced by users wanting to deploy Agentic AI solutions, such as: Automated Red Teaming to understand the LLM guardrails posture Providing visibility into AI pipelines and helping users to identify Shadow AI Securing untrusted models at Runtime using AccuKnox's patented/developed Sandboxing engine Handling PredML as well as GenAI as part of the same platform Securing AI Infra, Apps, and AI Models/Datasets with full Enterprise integration options The following is a summary of the AccuKnox Agent AI solution Sandboxing Agentic AI deployments Securing datasets leveraged by RAGs and model fine-tuning Automated Red teaming of LLMs AI Security Posture Management for managed and unmanaged deployment A real-time demo was showcased that showed how Guardrails of the popular LLM (Anthropic Claude) can be bypassed by simple prompt engineering and how the AccuKnox solution could be used to prevent the attacks at the next level because of sandboxing. AccuKnox AI Security solutions offer the following unique differentiators: During the EmergeX demo, they showcased how easy the asset onboarding process is, which immediately provides a consolidated view to the users about their AI Security Posture. The Agentic AI solution not only talks about Runtime Prompt Firewall but also about sandboxing the Agentic AI solution. There was a question from one of the judges about the licensing model. AccuKnox's licensing model is based on the number of deployed models, which is easy to quantify. AccuKnox presentation at BSides Bangalore can be viewed here Supporting Quotes " Agentic AI isn't just about automation—it's about intelligent delegation. In a world overwhelmed by complexity, it marks the rise of proactive digital partners that think, plan, and act alongside us", Golan Ben-Oni, CIO, IDT Telecom Congratulations to the AccuKnox team for winning the EmergeX: Unveiling Innovation contest! Your demonstration of cutting-edge AI-driven security solutions showcases the transformative potential of agentic AI across the industry,' said Sujatha Yakasiri, Founder - Security BSides Bangalore and W3-CS (Worldwide Women in Cybersecurity) ' AccuKnox's win at BSides Bangalore is more than a trophy—it's a validation of years of deep research, customer obsession, and fearless innovation. As enterprise buyers shift from bulky, outdated tools to nimble, AI-enhanced platforms, AccuKnox stands at the forefront of this wave. We didn't build this for awards—we built it for the enterprise teams stuck with legacy tech that's failing them,' said Rahul Jadav, co-founder, CTO, AccuKnox. 'Winning EmergeX is incredible validation, but we derive immense satisfaction from the fact that clients can adopt AI-technology and deliver shareholder value and do it most safely and securely.' AccuKnox is a next-generation CNAPP and Zero Trust security platform purpose-built for the cloud-native era. With its roots in open source and research from Stanford, AccuKnox delivers AI-enhanced detection, automated remediation, and seamless policy enforcement to secure enterprise workloads across Kubernetes, VMs, and multi-cloud environments. Contact
Business Insider
10-07-2025
- Business Insider
INE Security Launches Enhanced eMAPT Certification
Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry's Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry's most comprehensive and practical approach to mobile application security testing. CSO Magazine recently recognized eMAPT among the Top 16 OffSec, pen-testing, and ethical hacking certifications for 2025, noting that the eMAPT certifications "offer hands-on training and up-to-date curricula, equipping offensive security professionals with their choice of specialized or broad skill credentialing." The publication specifically highlighted eMAPT as the only certification to focus on mobile application penetration testing among all cybersecurity certifications reviewed. "The enhanced eMAPT certification delivers exactly what pentester professionals need in today's mobile security landscape," said Dara Warn, CEO of INE Security. "The certification training focuses on sophisticated analysis techniques, runtime protection bypasses, and effective communication with development teams. With the enhanced eMAPT, we've built a certification that teaches practical skills while maintaining the technical rigor that advanced mobile security work demands." Mobile Security Skills Gap Threatens Organizations Mobile applications handle financial transactions, healthcare data, and critical business operations, creating an exponentially expanded attack surface. Organizations need security professionals who can think like attackers while understanding the business context of their findings. The enhanced eMAPT certification produces professionals who deliver both technical expertise and clear communication, whether they explain SSL pinning bypasses to development teams or document OWASP MASVS compliance for executives. Dual-Exam Format Validates Real-World Skills The enhanced eMAPT certification features an innovative dual-exam approach that validates both conceptual understanding and practical application. This comprehensive assessment ensures certified professionals have the theoretical knowledge and hands-on abilities to secure mobile applications effectively in professional environments. The enhanced certification delivers: Comprehensive iOS and Android Coverage: Training now covers both major mobile platforms with equal depth and focus Hands-on, Lab-Based Training: Candidates gain practical experience through real-world mobile application testing scenarios Professional-Level Validation: Certification validates knowledge and skills required for professional mobile application penetration testing roles Advanced Technical Skills: Curriculum includes mobile application fuzzing, reverse engineering, and malware analysis Industry Framework Integration: Assessments map to OWASP MASVS, MTTG, and PTES methodologies Business-Ready Communication: Training emphasizes vulnerability documentation and stakeholder reporting Seven Critical Domains Target Real Security Challenges The enhanced eMAPT certification covers seven essential knowledge domains that reflect actual penetration testing workflows: Mobile Application Security Foundations (10%) - Core principles and architectural security concepts Threat Modeling and Attacker Mindset (10%) - Structured assessment methodologies and threat analysis Reconnaissance and Static Analysis (20%) - Advanced binary analysis and code inspection techniques Dynamic Testing and Runtime Manipulation (20%) - Live app testing and security bypass methods API and Backend Security Testing (15%) - Authentication, authorization, and API vulnerability assessment Reverse Engineering & Code Deobfuscation (10%) - Binary analysis and custom tool development Mobile Malware Analysis (10%) - APT campaigns and evasion technique analysis Reporting and Communication (5%) - Documentation and stakeholder engagement Target Audience Spans Multiple Security Disciplines The enhanced eMAPT certification targets intermediate-level cybersecurity professionals across multiple specializations. Pentester professionals gain mobile-specific expertise to expand service offerings. Mobile application security analysts learn to recognize attack patterns and improve incident response. Developers building secure apps gain attacker perspectives to identify flaws during development. Red team operators master mobile attack vectors for comprehensive adversary simulation. Cybersecurity consultants develop hands-on skills for client guidance. Malware analysts acquire mobile-specific reverse engineering capabilities. 'The eMAPT establishes the gold standard for mobile application penetration testing certification,' said Warn. 'While other mobile web application certifications cover some aspects, eMAPT addresses the specific needs of mobile application penetration testing with unmatched depth and practical focus. The certification covers advanced techniques like mobile malware analysis and custom deobfuscation tool development – skills that become increasingly valuable as mobile threats grow more sophisticated.' Immediate Availability with Launch Promotion The enhanced eMAPT certification is available immediately at The corresponding learning path includes comprehensive training materials, hands-on lab environments, and access to an industry-leading mobile security testing tool. It is available with a Premium subscription. Through August 6, 2025, INE Security is offering special launch pricing for early adopters of the enhanced eMAPT certification. About INE Security: INE Security is the award-winning premier provider of online networking and cybersecurity training and certification. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE's suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career. Contact
