About us

NotPinkCon is an information security conference whose talks are given by women. The event is held annually in Buenos Aires, Argentina. NotPinkCon has a technical focus and admission is free for all who wish to attend.

The main goal of NotPinkCon is to encourage more women to participate as speakers at cybersecurity events. We believe that they all have interesting investigations to share and we want to break down the barriers that prevent them from doing so. For this, we propose a more comforting stage, which works as an intermediate step before taking the leap of appearing in a mixed scenario, which - due to the unfortunate gender inequality - could be somewhat intimidating to begin with.

We also want to have experienced speakers on our stage. Undoubtedly, their experience will not only be of help for the new speakers but also of great inspiration for the audience.

Our second goal is to encourage women to join the fascinating world of infosec! We have found that the fact that the speakers are women, makes other women take even more interest in the conference, which is positively reflected in an audience of high parity between men and women.

In summary, NotPinkCon has the following goals:

  • Encourage the participation of women as speakers in CyberSecurity events.
  • Increase the interest of women in Information Security.





Speakers 2021

Yarden Shafir


Abril Rozwadowsky


Melissa Nole Soto

Red de Energía del Perú

Catherine De Mesa

Google Intern

Carol Valencia

Aqua Security

Sol Gonzalez


Milagros Zea Cárdenas

Martina Lopez


Zuzana Hromcová


Ileana Barrionuevo

Naranja X

Evelyn Landa

Athena’s Mexican Force

Karina Astudillo

Consulting Systems

Zally Meza

Andrea Celeste Vera

Naranja X

Noelia Multari

Agenda Talks 2021

Note: All times are GMT-3
Talks have live translation EN ↔ ES

20 Nov, 2021

10 : 00 AM - 10 : 45 AM

Keynote: Heap-backed Pool: The Good, the Bad and the Encoded

For decades, the Windows kernel pool remained the same, using simple structures that were easy to read, parse and search for, but recently this all changed, with a new and complex design that breaks assumptions and exploits, and of course, tools and debugger extensions.

This new design modernizes the kernel pool and makes it significantly more efficient. Additionally, it has significant security implications - both good and bad. Major code changes break a lot of existing code and might make future pool-related exploits more difficult, or in some cases nearly impossible to write. But could this open up a whole new attack surface as well?

By Yarden Shafir - Language: English.

10 : 55 AM - 11 : 20 AM

NFT artists - a new prime target for cryptocurrency cybercrime?

Did you know that in 2021 alone, the NFT art market grew more than 800% by the end of the April? As NFT artists report several cryptowallet compromises since June, a question surfaces: could this marketplace become a new venue for cryptocurrency attacks?

By Abril Rozwadowsky - Language: English.

11 : 35 AM - 12 : 10 PM

Infraestructura Critica, ¿Castillo de bases sólidas o Castillo de naipes?

Las Infraestructuras Críticas (IC) deben ser una base sólida cuyos componentes deben funcionar y engranarse perfectamente. Si estos fallaran por una causa accidental o intencional podrían generar un desastre; mitigar el riesgo de estas situaciones es parte de la gestión de la Ciberseguridad en IC.

By Melissa Tatiana Nole Soto - Language: Spanish.

12 : 10 PM - 12 : 35 PM

Swag in Security: Better code for you and me

Many of us have difficulty implementing security into our code! But if you integrate ‘Swag’ into your code, pipeline, and everyday life, you will have a much easier time overall. This talk will explore (in a silly way,) how you can implement these concepts into your code on a daily basis.

By Catherine De Mesa - Language: English.

12 : 35 PM - 13 : 00 PM

Exploring runtime Security and Forensic using eBPF

Understanding eBPF and how can be used to analyze the container activity in runtime to collected events to detect suspicious behavioral patterns. We will explore this powerful tool with demos. Tracee is a runtime security and forensics tool for Linux. It uses eBPF technology in order to introspect internal kernel behavior with little overheard, collecting different kinds of events to be used in detecting suspicious behavioral patterns.

By Carol Valencia - Language: Spanish.

14 : 15 PM - 15 : 00 PM

It’s all connected! Have fun with Threat Intelligence

Recolectar y procesar información de las fuentes OSINT de forma manual para Threat Intelligence suena aterrador y si, probablemente sea un dolor de cabeza. Para que sea divertido y no morir en el intento, ¿Sabias que la ciencia de datos y CTI pueden ir de la mano a través de la automatización?.

By Sol Gonzalez - Language: Spanish.

15 : 00 PM - 15 : 45 PM

Administración de AWS S3 basado a través IAM

Se mostrará como securizar un S3 de AWS con roles y policies de forma que pueda ser accedido solo por usuarios o recursos que tengan permiso para accederlo. Se irá desde el caso del más simple donde un S3 es público, explicando conceptos y configuración necesaria para que el S3 no quede expuesto.

By Milagros Zea Cárdenas - Language: Spanish.

15 : 45 PM - 16 : 15 PM

Lo bueno, lo oscuro y lo profundo: Navegando en la deep web

Cientos de mitos rodean a la deep -y dark- web, incluso dentro del mundo tech. Sin embargo ¿sabías que es vital para tu privacidad? ¿conoces las comunidades que existen allí? Por esto, y más, vamos a adentrarnos en los qué y cómo de la seccion de la web de la cual se habla tanto como se desconoce.

By Martina Lopez - Language: Spanish.

16 : 30 PM - 17 : 15 PM

A crash course in combating native IIS malware

Internet Information Services (IIS) is a Microsoft web server software for Windows with an extensible, modular architecture, allowing developers to replace or extend core IIS functionality. This session looks at how the same extensibility is misused by malicious threat actors to intercept or modify network traffic flowing through the IIS servers. We will share the results of our internet-wide scans, which allowed us to identify and notify victims of this malware. Finally, we will provide practical steps that defenders can take to identify and remediate a successful compromise.

By Zuzana Hromcová - Language: English.

17 : 15 PM - 18 : 00 PM

Secure Code Review en proyectos open source

En esta charla se abordarán técnicas y herramientas para el análisis de seguridad de código fuente, tomando como ejemplo repositorios de Github, a los fines de proporcionar mecanismos para el reportar vulnerabilidades de manera responsable mediante plataformas de Bug Bounty. También el objetivo es mostrar cómo los análisis de tipo whitebox pueden complementar a los análisis blackbox.

By Ileana Barrionuevo - Language: Spanish.

Agenda workshops 2021

Note: All times are GMT-3

19 Nov, 2021

09 : 30 AM - 11 : 30 AM

Firewall Humano: Cómo combatir ataques de Ing. Social

Se presentará un caso práctico de cómo las empresas podrían implementar controles para combatir ataques de ingeniería social en distintos niveles de la organización, basándose en frameworks, metodologías y mejores prácticas del mercado. También de cómo cuidarse desde el hogar, la vía pública, restaurantes o cafés, entre otros

By Andrea Vera y Noelia Multari - Language: Spanish.

Enroll for free!

12 : 00 PM - 14 : 00 PM

Análisis Forense de una Intrusión

Análisis forense de un caso ficticio sobre una intrusión en un Banco usando la suite forense open source, Autopsy.

By Karina Astudillo - Language: Spanish.

Enroll for free!

14 : 30 PM - 16 : 30 PM

Malware reversing 101

Revisaremos la arquitectura de artefactos maliciosos para windows, es decir los PE (portables ejecutables). Con un repaso de qué sucede paso a paso en la ingeniería reversa al realizar un análisis estático y luego un análisis dinámico de un ejemplar real de malware.

By Zally Meza - Language: Spanish.

Enroll for free!

17 : 00 PM - 19 : 00 PM

Mis primeros pasos en OSINT

En este workshop aprenderemos a acondicionar ambientes virtuales que nos permitan realizar investigaciones en fuentes abiertas, mostraremos tips útiles en la creación de cuentas puppet, conoceremos diferentes herramientas y compararemos la eficiencia de algunas de ellas mediante diversos ejercicios, pondremos en práctica el uso de Google Dorks y la búsqueda a partir de imágenes.

By Evelyn Landa - Language: Spanish.

Enroll for free!

Sponsors 2021

Our friends


If you've had the opportunity to attend a infosec event, you may have noticed that most (and often all) of the speakers are men. When a woman wants to be a speaker there, she will know that will most likely be the only speaker representing the genre throughout the event, this inevitably attracts attention and criticism that can be difficult to deal with in a first experience.

That is why at NotPinkCon we set out to create a more comforting stage, where women have to share that space only with other women. This intends to be an intermediate step as a first experience and then be encouraged to speak on mixed stages.

It has worked? Yes! In the first edition of NotPinkCon there were women who dared to present their research on stage for the first time, and some of them performed again at other events with mixed settings. Thanks to the fact that our objective is fulfilled, you will see more and more women being speakers at information security events.

Yes, NotPinkCon is open to all public.
NotPinkCon takes place in the Autonomous City of Buenos Aires (CABA), in Argentina. However, this year it will be online due to the COVID-19 pandemic.
NotPinkCon is free. However, you must register through the form located here.
There is no age limit for access to the conference unless expressly stated otherwise in any section of the event.
You do not need prior knowledge to attend. At NotPinkCon you will find talks for all levels, as well as parallel activities.
We accept talk proposals from cis and transgender women.
All research related to information security, which is the topic of the event, will be well received as a talk proposal as long as it does not have any type of commercial orientation. We do not accept talks with commercial purposes. If your intention is to promote your company or product, we invite you to visit the FAQ section for Sponsors.
If you have an investigation that you would like to present at NotPinkCon but have never completed a CFP process before, you can write to us at [email protected] and we will guide you so that you can write your talk proposal.
NotPinkCon has a review board for the selection of talks made up of women specialists in CyberSecurity. You can find information about them by checking out the section on “About us”.
We are looking for parallel activities for our 2021 edition! If you have an interesting proposal, we invite you to send us an email to [email protected].
Yes, we have a Code of Conduct with which we want to promote the inclusion of all people and be an event free of any kind of harassment. You can read it here.
We are looking for collaborators who can help in the coordination and organization of NotPinkCon, especially during the day of the event.
If you are interested in providing your help, we invite you to write to us at [email protected].
As a free event, NotPinkCon is possible thanks to the support of our Sponsors. We are happy to work with companies that want to support our mission, and the community of women in infocec.

If you are interested in becoming a sponsor of NotPinkCon, feel free to write us directly to [email protected].
You can contact the NotPinkCon organization by writing to us at [email protected].

Would you like to be speaker at NotPinkCon 2021?

Send us your talk proposal!

Call For Papers!


Send us an email to info[at]notpinkcon[dot]org