Day 1

Get registered, drink coffee and have some breakfast!

Marcus Murray holds the welcoming speech and keynote.

Speakers: Marcus Murray

Social engineering plays a role in almost every breach. In this deep dive into social engineering techniques, security experts Alexander and Erik will share their experience from investigations and red team assignments. This talk covers the latest phishing techniques, CEO scams, physical intrusions, vishing and many other social engineering vectors.

Speakers: Alexander Andersson / Erik Wilhelmsson

Language: English

This session will focus on how to secure the modern Windows 10 desktop through both on-premise and cloud delivered management solutions. Security features including BitLocker, Exploit Guard, AppLocker, Defender ATP and more will be demonstrated. Real world scenarios will also be shared where implementing these technologies can prevent your enterprise being the victim of a security based attack.

Speakers: Peter Löfgren / Maurice Daly

Language: English

I den här sessionen går vi igenom hur man utför riskanalys i en så kallad konsekvensbedömning, ett krav som kom med GDPR för alla behandlingar som utgör hög risk för den registrerades rättigheter och friheter. Vi presenterar en lämplig modell för att bedöma allvaret i en personuppgiftsincident för att bedöma om den måste anmälas till de registrerade, och vad som egentligen är en personuppgiftsincident. För att sedan skydda uppgifter rätt behöver de klassificeras för att kunna skyddas på rätt sätt – sessionen går igenom hur ostrukturerat data kan klassificeras och skyddas.

Speakers: Mårten Thomasson

Language: Swedish

A quick break and leg stretcher.

A vulnerable web application could result in major reputational and financial losses, and it is often the entry point that hackers use to compromise entire organizations. This demo-oriented talk will cover advanced topics such as exploitation of second-order flaws and insecure de-serialization exploitation. The talk also features vulnerability identification methodology with a discussion of how to best combine manual and automated tests

Speaker: Alexander Andersson

Language: English

During software development you are often faced with different architectural choices. These choices can affect the security of your application in different ways. Join us in a journey along different scenarios and security considerations.

Speaker: Fredrik Hagfjäll

Language: Swedish

One of the major challenges for the penetration tester is to understand the systems being tested. One of the major challenges for the customer is to get real value for money. We provide this value by working continuously with our customers over longer periods of time. We deliver results directly into our customers’ existing workflows, only writing reports when explicitly requested to do so. In this session I will describe how this has been implemented at one of our customers.

Speaker: Magnus Sjöberg

Language: Swedish

We all gather at the bar (in the same building) for drinks and mingle!

Day 2

A stolen computer, a phished account, a weak password, a badly configured service, a vulnerable application or an unattended computer at the reception desk. Just a few examples of the many possibilities to get access to an internal network. What happens when the attackers are in the network? What tools do they use? What are they after? How visible are they? In this session we will show the attack methodology, lateral movement techniques and tools for internal network dominance. We will also look at ways we can make the attackers’ life more difficult and force them to be noisy.

Speakers: Fabio Viggiani / Hasain Alshakarti / Davide Girardi

Language: English

Join Björn and David on stage to get an insight into current cyber criminal activities, and the tools and methods to detect, mitigate and investigate their crimes.

Speakers: Björn Brolin / David Lilja

Language: Swedish

Eat, stretch your legs, talk to other cyber security people.

With both cyber crime and real-world crime the main objective is generally to steal assets. But while most crimes performed in the real world will be detected and investigated, the same does not hold true in the cyberworld without proper preparations. Recent studies of cybercrime economy have estimated a world-wide annual revenue of $1.5 trillion during 2018. How much did they steal from your organization? Do you have the tools to know?

Speakers: Fabio Viggiani / Hasain Alshakarti

Language: English

The word “coffee” entered the English language in 1582 via the Dutch koffie, borrowed from the Ottoman Turkish kahve, borrowed in turn from the Arabic qahwah (قهوة).

Most of the enterprises worldwide are at great risks due to lack of identity-based segmentation and problematic exposure of high and important privileges. Using real-life examples we show how and what to consider when building and identity segmentation model and how that will put effective measures against cyber attacks lateral movement. We will demonstrate different cases and scenarios based on real-life challenges we encounter when designing and building Privilege Access Workstations PAW’s as well as how to build a working tire model and harden your domain to protect your identities and infrastructure.

Speakers: Mikael Nyström / Hasain Alshakarti

Language: English

All the speakers enters the stage to answer all the questions you have after these two days. Take your chance!

Cookie Information

We use cookies for this website to work properly for you. By continue to navigate this website, you agree to this. Read more about cookies here and our Privacy Policies here.