Nullcon Goa 2026
The 16th edition of Nullcon Goa, Asia's largest practitioner-driven infosec conference. February 28 – March 1, 2026 at BITS Pilani, Goa with research talks spanning offensive technique, supply chain, memory forensics, AI security, hardware/IoT, and the new Day Zero executive forum for CXOs and policy leaders.
→ See editor’s top picks at Nullcon Goa 2026
- The SOAP Effect: Breaking Security Assumptions in Real-World Systems — Kamalpreet Khurana
In a compelling presentation at Nullcon, Kamalpreet Khurana, a Senior Offensive Security Researcher at Adobe, shed light on the enduring security risks associated with the **Simple Object Access…
- Volatility Meets AI: Transforming Linux and Windows Memory Forensics for Modern Threats
In an era where cyberattacks are increasingly sophisticated, characterized by **fileless malware** and **in-memory persistence**, traditional disk-based forensics often fall short. These modern…
- Why So QUIC! Racing and Fuzzing HTTP/3 with QuicDraw UI — Maor Abutbul
Maor Abutbul's Nullcon talk, "Why So QUIC! Racing and Fuzzing HTTP/3 with QuicDraw UI," delves into the often-overlooked security implications of **HTTP/3**, the latest iteration of the Hypertext…
- Anatomy of a Supply Chain Worm: Building Detection Systems That Work on Zero Days — Sudhanshu Dasgupta, Sahil Bansal
In the rapidly evolving landscape of cybersecurity, supply chain attacks have emerged as one of the most insidious and impactful threats. This talk, "Anatomy of a Supply Chain Worm: Building…
- Phantom Code: Evading Windows 11 25H2 Through POSIX-Based Self-Deletion and Stealth Injection — Jakkaraju Varshith, Vivek Joshi
This talk, presented by Jakkaraju Varshith and Assistant Professor Vivek Joshi from Rashtriya Raksha University, delved into the persistent challenge of achieving **complete, untraceable file…
- Scalable Third-Party Risk Management with AI-Driven Automation
This Nullcon talk, "Scalable Third-Party Risk Management with AI-Driven Automation," delves into the increasingly complex landscape of cybersecurity risks stemming from an organization's reliance on…
- The Hidden Cost of Sanitization: How Secure Parsing Can Introduce New XSS Attack Surfaces — Ashish Kataria
Ashish Kataria's talk, "The Hidden Cost of Sanitization: How Secure Parsing Can Introduce New XSS Attack Surfaces," delivered at Nullcon, challenges the pervasive assumption that employing…
- Unauthenticated Pre-Pairing GATT Write Vulnerability in Smartwatch Ecosystems — Gurjot Singh, Vipin Venu, Arjun V
This talk, presented by Gurjot Singh, Vipin Venu, and Arjun V from Innspark Solutions at Nullcon, unveils a critical security flaw dubbed **Unauthenticated Pre-Pairing GATT Write Vulnerability**…
- When the Model Outsmarts the Challenge: Building and Breaking AI Security CTFs — SoYeon Kim, Hea-Eun Moon, Sang-tae Woo
This talk, presented by SoYeon Kim, Hea-Eun Moon, and Sang-tae Woo from NSHC in Korea, delves into the intricate process of designing, organizing, and learning from an Artificial Intelligence (AI)…
- Choosing the Right Battles: CISO Leadership in a Time of Constant Disruption — Rishi, M. A. K. P. Singh
In an era defined by accelerating digital transformation, rapidly evolving cyber threats, and the pervasive integration of artificial intelligence, the role of the Chief Information Security Officer…
- Beyond Prediction: Resilient Defenses for the Post-Certainty Era — Gaurav Saxena
In an era where the cybersecurity landscape is constantly shifting, defined by sophisticated adversaries leveraging AI and machine learning, traditional rule-based defenses are proving increasingly…
- The Anthropic Shock: Will AI Really Kill the Cybersecurity Industry as We Know It? — Anant Shrivastava, Saikat Datta
In a thought-provoking session at Nullcon, Anant Shrivastava and Saikat Datta tackled the pervasive question of whether Artificial Intelligence (AI) poses an existential threat to the cybersecurity…
- Building the Three Lines of Defense for 2026 and Beyond — Lt. Gen. Rajesh Pant, Lokesh Garg, Sanjay Bahl, Richard LaTulip
This Nullcon panel discussion, "Building the Three Lines of Defense for 2026 and Beyond," delves into the critical evolution of the traditional three lines of defense model in an era defined by…
- Resilience in the Age of Unknowns: The CXO Playbook Forward — Shailendra Fuloria, Vivek Yadav, Yask Sharma, Nageshwaran Chinnadurai
The Nullcon panel discussion, "Resilience in the Age of Unknowns: The CXO Playbook Forward," delved into a critical re-evaluation of cybersecurity resilience. Moderated by Shailendra Fuloria, the…
- The Expanding Edge of Cybercrime: Bridging India's Intelligence Gap
This talk, delivered by the Director of the National Cyber Crime Training Center (NCTC) at the Indian Cyber Crime Coordination Center (I4C) under the Ministry of Home Affairs, provides a…
- Visibility, Mitigation and Governance for Your Exploding AI Attack Surface — Rajnish Gupta
In an era defined by rapid technological advancement, the integration of Artificial Intelligence (AI) into enterprise operations has become a cornerstone of modern business strategy. Rajnish Gupta's…