Budapest
Congress Center

3 Competitions
From Policy to Cyber-Range

30+ Performers
Skilled professionals

3000+ sitting and standing room
Sign up and be a part of it!

Overview

Shortest way to explore what will happen on SecOps Europe 2018.

We would like to invite you to our IT Security professional days.


SecOps Europe 2018’s concept is to develop and enhance cyber security awareness with both offensive and defensive presentations and workshops by sharing experience with real cyber warriors from both sides while following closely a scenario-driven, strategic decision support simulation and CERT championship.


Visitors can earn CPE points!

DAY 1: INTERNATIONAL CYBER COMPETITION

“HOW DO YOU REACT TO AN EVER ESCALATING CYBER ATTACK?”

The International Cyber Competition is a scenario-driven, strategic decision making and communication simulation TTX (Tabletop Excercise). During the excercise the competing teams will be given a basic scenario of a major cyber incident to which they need to prepare with adequate responses in action and communicate the situation. The cyber incident will escalate a few times during the course of the competition and each escalation will require further action and official communication of steps taken. The student teams of various participating universities will compete in the morning.

The afternoon features a TTX for industry professionals. Teams will be drawn on the spot during lunchtime so that each team will consist of members of different national policy expert and CERT staff members. The jury consists of industry experts and journalists that will assess the professionalism of the actions taken and the proficiency in communicating the mitigation to the ever-escalating incident.

The winners will get full financial support for Cyber912 competition.


Call for participation

DAY 2: TECHNICAL CYBER SECURITY EXERCISE FOR NATIONAL CERTS

The national CERTs from Europe will be given identical environments that operate critical infrastructure. Their role is to defend the infrastructure from the attacking red team.

Visual effects and scoreboards will be placed all around the venue so visitors can keep an eye on the developments of the attacks and the defences while they are visiting the conference.


Blue Teams:


9:00
Karoly Dan

Opening

09:40
Prof. Dr. Zoltan Rajnai

Keynote

10:20
Rainer Fahs - EICAR

Trustworthiness Strategy for IT Security products

EICAR Trustworthiness Strategy The EICAR Trustworthiness Strategy is to enhance transparency in the contemporary IT Security environment and its ever evolving threats and vulnerabilities scenario and to enable trust into IT Security products that help creating a safer environment. The strategy encompasses first steps to enhance trust and transparency into IT security products by developing minimum standards for the trustworthiness of IT security products, starting by developing minimum standards for Anti Malware-products and the development of minimum requirements for testing organizations. Subsequent steps encompass testing, verification and certification schemes and community building. The minimum standards will be implemented first in a voluntary self-control approach that is controlled/approved by EICAR. The "self-declaration" process will later be complemented by a formal EICAR Certification process. The start into the scheme about two years ago was quite promising and EICAR successfully certified AV and other IT security products and, with AV Comparatives in Austria, the first "Trusted Lab" and with Veszprog in Hungary the second one. Part of our strategy is the research initiative together with the Technical University in Mannheim to investigate options for the verifiability of trustworthiness. The status of this initiative will be presented as second part of our briefing. Currently the strategy has been reviewed and we have decided to go one step back, putting the product certification on hold and rather put emphasis on the strategy seeking partners in industry to put the strategy on a broader platform to be able to discuss with partners our next steps towards formal certification and possibly verification of trusted functionality.

11:00
Milan Pikula

From zero to working SOC and CERT, the open-source way

11:40
András Veres-Szentkirályi

High-performance web application fingerprinting based on SCM repositories

Network security assessments often reveal web servers running variou outdated versions of FLOSS web applications such as RoundCube, phpMyAdmin or SquirrelMail. Narrowing the set of vulnerabilities that could affect such a setup is easier if we know the version installed, however in many cases, obvious clues such as READMEs and changelogs are removed on purpose. When the source code along with its history is available online, it is possible to correlate static file contents with specific commit ranges, and we had done so in the past manually. However, much of this could be automated, so we developed a tool that can identify a Git commit range based on static file contents. It can be used either as a standalone tool or as a Burp Suite plugin. The talk describes and demonstrates our tool from source code to everyday usage, along with an intro to git internals to understand how this can be done fast on repositories with hundreds of thousands of commits. Source code is already up on GitHub, pull requests are welcome: https://github.com/silentsignal/burp-git-version

Lunch break

13:30
ISAC
14:10
Timur 'x' Khrotko

Tell me stories about your appsec, let's skip the pentest.

15:30
MySec Talk

Roundtable

Incident handling
09:00
Zuk Avraham

9:40
Mukund Hirani

Destructive Malware

This session will provide insight into highly disruptive APT breaches that MANDIANT investigated over the past year. It describes how threat actors have destroyed system infrastructure and taken companies offline for weeks. The threat actors are split into two categories for this talk and focused on the SHAMOON cases. I will also talk about highlights from Incident Response cases of 2017. * Financially motivated vs Non Financially motivated. I will talk about how recent attacks with SHAMOON differ - their motives compared to financially motivated threat actors. * Highlights from a couple of Shamoon cases - Overview of TTPs of the important State Sponsored Attacks seen in 2017.

10:20
Rapid7

11:00
Balazs Csendes

Threat Hunting with IBM i2

11:40
Zoltan Balazs

How to PWN Windows domain?

Windows domain is used in 99% of the Fortune 500 companies. It is the foundation of all enterprise IT system. The domain is a central database with all the users, workstations and servers in the enterprise. The IT staff uses domain administrator credentials to do the daily admin tasks, like resetting user passwords, troubleshooting issues on the workstations, installing new services on the servers, etc. Whenever an attacker gains domain admin credential, only the imagination is the limit what the attacker can do with this. I will detail the common steps attackers use to gain user credentials on the network and how this user credential can be escalated to local admin credentials. And last but not least, how a local admin user can elevate to domain admin. I will talk about pass the hash, GPP, MS14-068, and other tricks. I will close the presentation with tips and tricks to protect against such attacks.

Lunch break

13:30
Michael T. Rowland, IAEA

Computer Security for I&C Systems At Nuclear Facilities

14:10
SOC

15:30
Awards ceremony

For the winners and participants of TTX and Cyber-Range

9:00
Palo Alto Networks

09:40
Michal Ciemiega

Privileged accounts - wide and easy path to the heart of the Enterprise

10:20
Ian Wills

Use cases covered by PKI and Auth solution relative to the Government organizations.

Ian has been with Entrust for over 20 years covering the technical and the sales roles at the organization. He is highly knowledgeable on the Entrust solutions, in particularly PKI, and overall IT security market trends.

Lunch break

13:30
Laszlo Hargitai

Cyber security of critical infrastructure operators - From challenges to actions in cyberspace

15:30
Fortix

9:00
Lockpick

Workshop

Lock picking is the art of unlocking a lock by manipulating the components of the lock device without the original key.

Performers

Well known professionals will give a panoramic view to the audience about the present technologies, products, and the latest solutions and developments in the field of IT security

Zoltan Rajnai

Professor Zoltan Rajnai PhDCybercoordinator of Hungary

Zuk Avraham

Zuk AvrahamZimperium

Karoly Dan

Karoly DanAmbassador at Permanent Mission of Hungary to the OSCE, the UN and Other International Organisations in Vienna

Timur Khrotko

Timur 'x' KhrotkoOWASP

Kim Zetter

Kim ZetterWired

Mukund Hirani

Mukund HiraniIncident Response Function Lead in Mandiant

Balazs Csendes

Balazs CsendesSecurity Operations & Response Leader at IBM CEE

Michal Ciemiega

Michal CiemiegaCyberArk

Gergo Gyebnar

Gergo GyebnarBlack Cell Ltd.

Andras Veres-Szetntkiralyi

András Veres-SzentkirályiSilent Signal

Milan Pikula

Milan PikulaIP Security Consulting

Laszlo Hargitai

Laszlo HargitaiKPMG

Keleti Arthur

Arthur KeletiCyber-Secret Futurist, Book Author - Speaker

Laszlo Kovacs

Professor Laszlo Kovacs PhDNational University of Public Service Faculty of Military Science and Officer Training Department of Electronic Warfare

Rainer Fahs

Rainer FahsEICAR - Chairman of the Board

Krasznay Csaba

Csaba KrasznaySecurity Evangelist at Balabit

Zoltan Balazs

Zoltan BalazsChief Technology Officer at MRG Effitas

Ian Wills

Ian WillsEntrust Datacard Sales Director, Europe

TBA

To be announced

Call for Paper

If you would like to share anything about your topic or latest experience Let us know!.

We are keen to hear the opinions of new talents!! If you may have an idea which could change the game in the IT security industry we are eager to hear about your innovation and your work or deep search in that topic. Please let us know by downloading and filling out our form below.


Sponsors

Partners

Media Partners

Contact