Programma 2023

11:40 – 12:10
Cyberattacks are not an act of black magic!

Detecting a cyberattack before real damage is done; it’s possible! Sadly enough, we don’t hear much about these stories and positive outcomes.  Negotiating a ransom really is not the only outcome after all there’s a red line that can be found in every cyberattack.

So, what approach should security leaders take to mitigate these challenges?

Join this session to learn how a modern Threat Detection capability can reveal the traces left behind, so you have time to react instead of negotiating.

11:40 – 12:10
Actief monitoren supply chain

Het grootste datalek ooit bij onderzoeksbureau Blaauw vanuit critical supplier Nebu BV. Wat is de noodzaak van het actief monitoren van je critical suppliers?

11:40 – 12:10
Collaborative Intelligence: The Future of Email Security with Crowdsourced Intelligence and Machine Learning

Join us for this session to find out how crowdsourced intelligence combined with machine learning could protect your organisation from the latest live email threats that aren’t stopped by traditional security technology. We’ll share some of the latest threat trends and look at our unique solutions that access the intelligence from our 35+ million global reporters.

13:00 – 13:30
Cyberattacks are not an act of black magic!

Detecting a cyberattack before real damage is done; it’s possible! Sadly enough, we don’t hear much about these stories and positive outcomes.  Negotiating a ransom really is not the only outcome after all there’s a red line that can be found in every cyberattack.

So, what approach should security leaders take to mitigate these challenges?

Join this session to learn how a modern Threat Detection capability can reveal the traces left behind, so you have time to react instead of negotiating.

13:00 – 13:30
See what they see, know what they know

To stop an adversary, you must first understand their tactics, techniques, and motivations. We have to adapt, fast!

2022 was a year of explosive, adaptive and damaging threats. Adversaries continue to be relentless in their attacks as they become faster and more sophisticated. CrowdStrike’s 2023 Global Threat Report uncovers notable themes, trends and events across the cyber threat landscape, including: 33 newly named adversaries, 200+ total adversaries tracked and 95% increase in cloud exploitation.

13:00 – 13:30
API Security: Why context is key

APIs are ruling the world. More and more companies choose to leverage APIs to fuel digital transformation, increase collaboration and grow their markets, often driven by government directives. This reliance on APIs leads to direct exposure of the business logic to the outside world, expanding the attack surface available to hackers, and traditional security solutions can’t keep up with today’s attacks. API security requires a new approach where context is key. During this presentation, you will learn how to effectively implement an API Security architecture with Salt.

13:00 – 13:30
Will follow (SecurityScorecard)

13:40 – 14:10
Protecting your Linux environment through Identity Consolidation

Managing local accounts and sudo rights on Linux systems is complex and fraught with errors, which often makes those servers particularly vulnerable to cyberattacks. If cybercriminals access powerful root accounts, they can leverage super user privileges to exfiltrate sensitive data and move laterally to compromise the rest of your IT environment.

Leveraging a PAM solution allows for greater consistency, visibility, and control over Linux systems. By centralizing identity and access management for Linux, you not only save countless hours of manual work but also reduce the risk of privileged-based attacks on your servers.

Join this session to learn how a layered approach to PAM gives you additional protection at the server level for greater cyber resilience.

What will I learn?

• Which operational challenges of Linux identity and access administration waste time and increase the risk of cyberattack
• How attacks on Linux machines progress through privilege elevation
• Strategies to ensure consistent, compliant PAM practices throughout your diverse IT environment

Get answers to these important questions:

• Why are Linux teams often left out of PAM programs?
• What are the risks of fragmented Linux identity and access management practices?
• How can I join Linux systems into Active Directory for consistent identity management?
• How can I extend Secret Server for greater resilience against server-based attacks?

13:40 – 14:10
Nowhere to hide

Get ready to go on a hunt for adversaries with the CrowdStrike® Falcon OverWatch™team – our very own elite team of threat hunting experts, hunting relentlessly to see and stop the most sophisticated threats.

In this session, you’ll have the opportunity to learn the secrets to effective threat hunting, based on OverWatch’s proprietary SEARCH methodology.

Additional Information: Nowhere to Hide is led by the OverWatch team, and they’ll be using scenarios derived from real-world OverWatch case studies. In addition to the hands on exercises, the workshop includes a deep dive into OverWatch’s threat hunting methodology, and walks through each attack in detail to highlight what OverWatch uncovered.

13:40 – 14:10
The OWASP API top 10 – notes from the field

When (not if!) your public APIs are under attack, very likely it will be via one of the attack methods on the OWASP API top 10. How do these attacks actually work? During this session you will get a look from the attacker viewpoint, enriched with some real-life examples. After this session you will have a real good understanding why your traditional WAF or API Gateway are having a very hard time stopping these attacks, as most of them go unnoticed.

13:40 – 14:10
Collaborative Intelligence: The Future of Email Security with Crowdsourced Intelligence and Machine Learning

Join us for this session to find out how crowdsourced intelligence combined with machine learning could protect your organisation from the latest live email threats that aren’t stopped by traditional security technology. We’ll share some of the latest threat trends and look at our unique solutions that access the intelligence from our 35+ million global reporters.

14:40 – 15:15
Work Protected : How to safeguard against Phishing and Business E-Mail Compromise

Productivity suites like M365 & G-Suite are where work happens. It is also where risk occurs.

More than 90% of attacks involve email; and often, they are engineered to succeed in today’s M365 and G-Suites dependent world.

Learn how to Work Protected and safeguard against phishing and Business E-Mail Compromise.

15:15 – 16:15
Closing talk / Keynote (Edwin van Andel)

Edwin van Andel neemt je mee op een rit door het prachtige -maar soms behoorlijk enge- landschap van bugs, mislukkingen en wonderen, gelegen in de mistige vallei van informatie beveiliging. Cyber!

Er zullen verhalen zijn over verkeerd gerichte focus. Er zullen anonieme pijlen vliegen naar de wonderlijke bugs die gevonden zijn bij de clientèle van Zerocopter’s bug-bounty platform. En we zullen naar de zonsondergang staren over de onsterfelijke velden van domheid.

Edwin geeft voorbeelden van prachtig aan elkaar geketende exploits, ronduit stomme ontwerpen, mislukkingen en de soms grappige reacties van de eigenaar. Plezier, gelach en zeker tranen, terwijl we afkoelen en samen zwemmen in wateren vol IoT. Terwijl hij altijd terugkeert bij de boodschap van al zijn presentaties: Hackers kunnen helpen.

Stap jij in voor een rit van 45 minuten door deze verborgen bossen? Zoals altijd inclusief visuele domheid!