Fler än 15 experter kommer att avslöja den osminkade bilden om hur cyberhoten ser ut i Sverige idag.
Få både insikt i vilka risker ditt företag eller myndighet står inför idag och även teknikerna och metoderna för att undvika att bli drabbad.
Samtliga experter i sessionerna är operativt yrkesverksamma inom cybersäkerhet. Mycket av det som kommer att presenteras baserar sig på verkliga incidenter som skett under det senaste året.
More than 15 experts will reveal the unedited image of how the cyberthreat looks in Sweden today.
Get both insight into the risks your company or authority faces today and also the techniques and methods to avoid being affected.
All experts in the sessions are operational professionals in cyber security. Much of what will be presented is based on actual incidents that have occurred in the past year.
Keynote: Marcus Murray holds the welcoming speech and keynote.
Session 01 - Social engineering – deceiving your way into high security environments
Social engineering plays a role in almost every breach. In this deep dive into social engineering techniques, security experts Alexander, Hanna and Erik will share their experience from investigations and red team assignments. This talk covers the latest phishing techniques, CEO scams, physical intrusions, vishing and many other social engineering vectors.
Speakers: Alexander Andersson / Erik Wilhelmsson / Hanna Ljung
Session 02 - Securing the modern enterprise
This session will focus on how to secure the modern Windows 10 desktop through both on-premise and cloud delivered management solutions. Security features including BitLocker, Exploit Guard, AppLocker, Defender ATP and more will be demonstrated. Real world scenarios will also be shared where implementing these technologies can prevent your enterprise being the victim of a security based attack.
Speakers: Maurice Daly
Session 03 - Impact assessments, classification and data protection
In this session, we go through how to carry out risk analysis in a so-called impact assessment, a requirement that came with GDPR for all treatments that pose a high risk to the data subject’s rights and freedoms. We present a suitable model for assessing the seriousness of a personal data incident in order to assess whether it must be reported to the data subjects, and what is actually a personal data incident. In order to then protect the data correctly, they need to be classified in order to be properly protected – the session reviews how unstructured data can be classified and protected.
Speakers: Mårten Thomasson
Session 04 - Web application vulnerability identification and exploitation techniques
A vulnerable web application could result in major reputational and financial losses, and it is often the entry point that hackers use to compromise entire organizations. This demo-oriented talk will cover advanced topics such as exploitation of second-order flaws and insecure de-serialization exploitation. The talk also features vulnerability identification methodology with a discussion of how to best combine manual and automated tests
Speaker: Alexander Andersson
Session 05 - Tales from alternate universes
During software development you are often faced with different architectural choices. These choices can affect the security of your application in different ways. Join us in a journey along different scenarios and security considerations.
Speaker: Fredrik Hagfjäll
Session 06 - Agile Security: Dropping the reports – Working continuously with the customer to build trust and understanding
One of the major challenges for the penetration tester is to understand the systems being tested. One of the major challenges for the customer is to get real value for money. We provide this value by working continuously with our customers over longer periods of time. We deliver results directly into our customers’ existing workflows, only writing reports when explicitly requested to do so. In this session I will describe how this has been implemented at one of our customers.
Speaker: Magnus Sjöberg
Session 01 - Assume breach: When the attacker is inside!
A stolen computer, a phished account, a weak password, a badly configured service, a vulnerable application or an unattended computer at the reception desk. Just a few examples of the many possibilities to get access to an internal network.
What happens when the attackers are in the network? What tools do they use? What are they after? How visible are they?
In this session we will show the attack methodology, lateral movement techniques and tools for internal network dominance. We will also look at ways we can make the attackers’ life more difficult and force them to be noisy.
Speakers: Fabio Viggiani / Hasain Alshakarti / Davide Girardi
Session 02 - Threat hunting: tools and methods to detect cyber criminals
Join Björn and David on stage to get an insight into current cyber criminal activities, and the tools and methods to detect, mitigate and investigate their crimes.
With both Cyber crime and real-world crime the main objective is generally to steal assets. But while most crimes performed in the real world will be detected and investigated, the same does not hold true in the Cyberworld without proper preparations.
Recent studies of Cybercrime economy have estimated a world-wide annual revenue of $1.5 trillion during 2018. How much did they steal from Your organization? Do You have the tools to know?
Speakers: Björn Brolin / David Lilja
Session 03 - Incident response: When shit hits the fan!
You get a call from a colleague in the middle of the night. He asks if you just used your admin account to access a domain controller. What started as an unpleasant dream turns into a nightmare when you realize that your admin account was used for days giving somebody access to everything.
What do you do when you realize your environment has been compromised? In a situation with panicking managers, data that could be leaked any second, servers and accounts to be checked, data to be protected and an attacker to be kicked out, but no idea where to start.
Based on the many incident responses we have conducted and anonymized results of real investigations, this session will guide you through the process of performing a thorough incident response. We will discuss the typical challenges we face, how you can prepare the environment to facilitate a properly structured response, and the difficult choices that sometimes need to be taken.
Speakers: Fabio Viggiani / Hasain Alshakarti
Session 04 - Building a working identity segmentation to protect your infrastructure
Most of the enterprises worldwide are at great risks due to lack of identity-based segmentation and problematic exposure of high and important privileges. Using real-life examples we show how and what to consider when building and identity segmentation model and how that will put effective measures against cyber attacks lateral movement. We will demonstrate different cases and scenarios based on real-life challenges we encounter when designing and building Privilege Access Workstations PAW’s as well as how to build a working tire model and harden your domain to protect your identities and infrastructure.
Speakers: Mikael Nyström / Hasain Alshakarti
Session 05 - Question Panel with all speakers
All the speakers enters the stage to answer all the questions you have after these two days.