PRAGUE, May 17-18, 2023
Registration
  • About
    • About Qubit Conference Prague
    • About Qubit Conference
    • Past events
      • Qubit Conference Prague 2022
      • Qubit Conference Prague 2021
      • Qubit Conference Prague 2020
      • Qubit Conference Prague 2019
      • Qubit Conference Prague 2018
      • Qubit Conference Prague 2017
      • Qubit Conference Prague 2016
      • Qubit Conference Prague 2015
  • Agenda
    • Call For Speakers Prague 2023
    • Speaking Bureau
    • Pre-Conference Trainings
    • CPE & ECE
  • Sponsors
    • Sponsors Prague 2023
  • Venue
  • Contact us
  • About
    • About Qubit Conference Prague
    • About Qubit Conference
    • Past events
      • Qubit Conference Prague 2022
      • Qubit Conference Prague 2021
      • Qubit Conference Prague 2020
      • Qubit Conference Prague 2019
      • Qubit Conference Prague 2018
      • Qubit Conference Prague 2017
      • Qubit Conference Prague 2016
      • Qubit Conference Prague 2015
  • Agenda
    • Call For Speakers Prague 2023
    • Speaking Bureau
    • Pre-Conference Trainings
    • CPE & ECE
  • Sponsors
    • Sponsors Prague 2023
  • Venue
  • Contact us

Qubit Conference Prague 2022 - Program Guide

Day 1 - May 25

Executive Track

Technical Track

9:00 - 9:30 - Conference opening - Maria Krahulecova & Rastislav Janota & Karel Rehka & Ondrej Krehel

Qubit Conference Prague 2021 Maria Krahulecova

Maria Krahulecova

CEO & Co-founder | Qubit Conference

Qubit Conference Prague 2021 Ondrej Krehel

Ondrej Krehel

Chief Scientist & Fellow, Cyber Risk & Resilience Services | LIFARS, a SecurityScorecard Company & Co-founder | Qubit Conference

Karel_Rehka_PRG

Karel Rehka

Director | NUKIB – National Cyber and Information Security Agency

Rastislav_Janota_PRG

Rastislav Janota

Director, National Cyber Security Centre (SK-CERT) at National Security Authority | NBU

9:30 - 10:10 - Stop Chasing, Start Defending: Preventing Ransomware with Zero Trust abstract

An increasing number of MSPs have reported being victims of ransomware attacks. Cybercriminals are exploiting MSP products and services, including remote monitoring and management (RMM) tools. These tools are often accessed through software vulnerabilities or brute force attacks. Is your MSP prepared to protect against ransomware? Join Ben Jenkins, ThreatLocker Senior Solutions Engineer as we discuss what you can do to prevent cybercriminals from carrying out an attack.

Ben_Jenkins_PRG

Ben Jenkins

Senior Solutions Engineer | ThreatLocker

10:10 - 10:55 - Case study: The First 48 Hours

The first 48 hours after a cyber incident are the most critical time for an organization that has been the victim of a cyber crime. Who? What? Where? How? Why? These are questions every business that has been a victim of a cyber crime want answers to as fast as possible. This presentation will go through the steps that need to be taken to stabilize the victim’s environment, preserve the potential evidence, deal with the threat actors, and mitigate the situation.

Larry_Slusser_PRG

Larry Slusser

Sr. Director of Professional Services | LIFARS, a SecurityScorecard Company 

Leonard_Neagu_PRG

Leonard Neagu

Managed Defense Manager | LIFARS, a SecurityScorecard Company 

10:55 - 11:15 - Coffee Break

11:15 - 11:50 - A New Approach: Redefining Security Validation in Today's World of Endless Threats

If you take a look back, the security industry focused on manual penetration testing and traditional vulnerability scanning to evaluate an organization’s cyber risk and overall security resilience. This is just no longer something that is sustainable with how organizations operate in the digital world. Attacks have become so sophisticated that security teams are realizing that traditional approaches are no longer setting up teams for success and that compliance-focused approaches aren’t indicating the true readiness of an organization against ransomware and other advanced threats.

We are seeing a need to change our approach. Automated security validation is an advanced approach to testing the integrity of all cybersecurity layers.

Shak_Ahmed_PRG

Shak Ahmed

UK, Ireland and CEE Pre Sales Team Lead | Pentera

11:50 - 12:15 - Data Security: From “Need To Know” to “Need To Share”

Organizations are moving from a risk-averse approach of data sharing to data-sharing-first approach. We will discuss the causes for this change, and whether this change is good for security and data teams. Finally, we’ll discuss data security platforms and best practices for data democratization.

Ben_Herzberg_PRG

Ben Herzberg

Chief Scientist | Satori

12:15 - 13:00 - Improving risk management with cybersecurity testing

Secure development lifecycle includes different activities for achieving a secure product or solution, but unexperienced development teams can easily get lost. We will discuss the advantages of a centralized approach to cybersecurity testing and share best practices on setting it up.

Terezia_Mezesova_PRG

Terezia Mezesova

Cybersecurity Team Leader | Siemens Healthineers

11:50 - 12:15 - Anatomy of supply chain attack (Detection and Response)

Vendor of a Helpdesk system was breached and attacker managed to embed a malicious code into the product source code base. Next product build was released with a backdoor implanted and deployed by the customer base.

Pavel_Minarik_PRG

Pavel Minarik

Vice President, Technology | Progress Software

12:15 - 13:00 - How ML is used to find command and control channels?

When lights go out in IT systems of the critical infrastructure in a city thanks to ransomware attack, how can machine learning with its models and underline math help to detect attacker?

Gregory_Cardiet_PRG

Gregory Cardiet

VP Security Engineering, International | Vectra

13:00 - 14:00 - Lunch

14:00 - 14:35 - Connecting the worlds of development and cybersecurity through DevSecOps methodology and tools

Development and cybersecurity teams were disconnected for a longtime, however with emerging threats in the cyberspace, implementation of agile development and push on cybersecurity efficiency, it has to change. Let us guide you though the way how to create synergy between those two worlds and significantly improve your security posture.

Daniel_Joksch_PRG

Daniel Joksch

CEE Solution Design Leader, EMEA Solution Design – Security Services | IBM

Piotr_Biskupski_PRG

Piotr Biskupski

IBM Client Engineering Security Expert | IBM

14:35 - 15:20 - Flying low - a look at some sophisticated and stealthy attacks in the region

It is no surprise that in last few years we are witnessing a number of attacks that are slowly becoming more sophisticated and stealthy. While there will always be opportunistic attackers that are simply going for the low hanging fruit (and they will always be the majority), we started observing dedicated attackers who want to remain as stealth as possible. At the same time, once such attackers become active, the damage they create can be overwhelming.

This presentation will show technical details about several incidents that Bojan and his team worked on. Specifically, we’ll take a look at a very novel attack against the SWIFT connected systems that was identified in a bank, and a devastating attack against a cryptocurrency exchange. What’s interesting about both of these cases is that attackers invested a significant amount of time into understanding their target’s business processes, before they actually launched the attacks.

Bojan_Zdrnja_PRG

Bojan Zdrnja

Chief Technical Officer | INFIGO IS

14:35 - 15:20 - Demystifying Supply Chain Intrusions

Supply chain intrusions represent one of the most concerning but also most hyped intrusion vectors for cyber impact scenarios. Yet while frequently discussed, little effort has been expended to rigorously define what a supply chain intrusion entails, and what actions are necessary for an adversary to successfully conclude such an operation. This presentation will focus on the methodology behind supply chain intrusions, examining critical attacker decision-points for successful execution, while also identifying opportunities for defenders and asset owners to detect, deter, or defeat such efforts. To illustrate these concepts, we will explore several examples to varying degrees of detail, ranging from the NotPetya destructive event to the Nobelium-linked SolarWinds campaign to more recent items in Ukraine and in ransomware operations. Through this discussion, attendees will learn a more nuanced and complete understanding of supply chain intrusion methodologies and how to usefully counter such attacks.

Joseph_Slowik_PRG

Joseph Slowik

Threat Intelligence and Detections Engineering Lead | Gigamon

15:20 - 15:35 - Coffee Break

15:35 - 16:20 - Cybercrime offender Prevention: Understanding Cybercriminal Career Pathways: to Deter, Divert, Degrade or Disrupt

Cybercriminal Career Pathways, youth cybercrime and interventions utilised by Law Enforcement to reduce entry and engagement in all levels of Cybercrime. Interpretation of Digital Responsibility and necessity for Private Sector engagement alongside academic findings on the efficacy of initiatives..

Greg_Francis_PRG

Gregory Francis BEM JP

Consultant | 4D Cyber Security

16:20 - 17:05 - [Re-]Enabling Women in Technology: Lessons from the Past for an Inclusive Future

Computing and cyber are male-dominated fields. Yet software development started out as exclusively women’s work. Learn about how industry changes caused women to leave the field, especially in post-Communist nations, and how to tap into women workers’ potential to combat the talent shortage.

Beatrice_Zhang_PRG

Beatrice Zhang

Threat Detection Engineer | Datadog

15:35 - 16:20 - Anatomy of the CodeCov Breach

In this session, Andy Thompson will dissect and analyze the recent supply chain attack on the DevOps tool CodeCov. He’ll break down what happened, how it happened, and most importantly cover how cybersecurity best practices can prevent such attacks in the future.

Andy_Thomson_PRG

Andy Thompson

Research Evangelist | CyberArk Labs 

16:20 - 17:05 - From Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack

Following in the footsteps of a cyber-criminal and uncovering their digital footprint. This is a journey inside the mind of an ethical hacker’s response to a ransomware incident that brought a business to a full stop, and discovering the evidence left behind to uncover their attack path and the techniques used. Malicious attackers look for the cheapest, fastest, stealthiest way to achieve their goals. Windows endpoints provide many opportunities to gain entry to IT environments and access sensitive information. This session will show you the attacker’s techniques used and how they went from zero to full domain admin compromise that resulted in a nasty CryLock ransomware incident.

In this session I will cover a real-world incident response to the CryLock ransomware showing the techniques used by the attackers. The footprints left behind and uncovering the techniques used.

  • How attackers gained access to system
  • Established staging
  • What tools were used
  • What commands were executed
  • How the ransomware was delivered
  • How AD elevation was achieved

Qubit Conference Prague 2021 Joe Carson

Joe Carson

Chief Security Scientist (CSS) & Advisory CISO | Delinea

Day 2 - May 26

Executive Track

Technical Track

9:00 - 9:30 - Practical Defense Evasion

These days, perhaps most organizations have deployed basic security technologies to protect against cyber attacks. Thus, malicious actors today have to overcome considerable barriers. In my talk, I will show you the various techniques these bad guys use to successfully execute their code, eliminate anti-malware solutions, bypass network restrictions, escalate privileges, or make it difficult for internal security teams to detect and respond. All demonstrated on practical examples on a commonly secured organization.

Jan_Marek_PRG

Jan Marek

Co-founder / Ethical Hacker / Forensic Investigator | Cyber Rangers

9:30 - 10:00 - Cyber security talent crisis: Today and Tomorrow

The cyber security talent shortage is no longer a security problem but a global crisis as all of us are under attack. Insufficient staffing, funding and understanding of this problem will make this worse in the next years.

Codrut_Andrei_PRG

Codrut Andrei

Application Security Manager

10:00 - 10:30 - Panel discussion: Cybersec talent crisis

Beatrice_Zhang_PRG

Beatrice Zhang

Threat Detection Engineer | Datadog

Qubit Conference Prague 2021 Marek Zeman

Marek Zeman

Chief Information Security Officer | Tatra banka

9:30 - 10:30 - Cameras, CACs & Clocks: Enterprise IoT Security Sucks - A Story of Two Million Interrogated Devices

Working globally with Fortune 500 enterprises and government agencies we’ve interrogated over two million production IoT devices. The presentation is based on the analysis of over two million Enterprise Internet of Things (IoT) devices. It outlines security challenges and risk mitigation techniques.

Brian_Contos_PRG

Brian Contos

Chief Security Officer | Phosphorus Cybersecurity 

10:30 - 10:45 - Coffee Break

10:45 - 11:30 - Philosophizing the security in the Apps world

Try to apply philosophy methods to the Mobile apps security subject domain. The best approach to combat biases and go to the core is philosophizing the subject. I propose to look closer at the security and its perception by users of mobile Apps.

Sergiy_Yakymchuk_PRG

Sergiy Yakymchuk

CEO | Talsec 

11:30 - 12:15 - Why do companies need tabletop exercises?

Tabletop exercises are a terrific opportunity for companies to prepare for unexpected. Incident response plans and other documentation are an essential part of a company’s maturity in cybersecurity. All plans should be tested, and it is always better to test it outside an actual cyber crisis.

Tabletop exercises offer companies an opportunity to try to work together as a team in times of crises and see what could be improved and which parts of the crises the company is managing well. In this presentation we will show the most common mistakes that companies are making in exercises and during the major breaches. Who will be making the decision in your company whether to pay or not to pay the ransom and based on which information decision will be made?

Qubit Conference Prague 2021 Zuzana Duracinska

Zuzana Duracinska

Offensive Security Department Team Lead | LIFARS, a SecurityScorecard Company 

10:45 - 11:30 - Dumb and Dumbr

In the age of sophisticated attacks of the 21st century, is there any room left for those who prefer brawns over brains? The answer will shock you… not. Our presentation will look into a few important cases of past and current malware which went the destructive way; focusing not just on the goals they were trying to achieve but also on the means used to do so.

Qubit Conference Prague 2021 Peter Kosinar

Peter Kosinar

Technical Fellow | ESET

11:30 - 12:15 - Cryptocurrrency Crime, Investigation and Crime Prevention

Over the last few years we observed a significant increase in  cryptocurrency adoption. Quite understandably, the growth  attracts legitimate users as well as criminals.  During this session we will discuss several examples of cryptocurrency crimes, how law enforcement agencies and the private sector fight these and what should users do to keep their funds safe.

Jarek_Jakubcek_PRG

Jarek Jakubcek

Director of Investigations | Binance

12:15 - 13:15 - Lunch

13:15 - 13:25 - Introduction of project LOCARD

Digital evidence is nowadays an integral part of criminal investigations, and it is not only focussed on cybercrime specific cases, but also on determining criminal behaviour (i.e., financial fraud, theft of intellectual property, industrial espionage and terrorist networks) that constantly use the Internet and cyberspace. Thus, the ubiquity of digital devices along with its correct management remains extremely important.

The European project LOCARD addresses this need by providing a unique platform for exchanging this evidence. The project would automate the collection of digital evidence in any electronic format and medium. Its goal is to provide a comprehensive management approach to handle digital evidence to be presented in a court of law, alleviating many issues of current art and practice. LOCARD aims to increase trust in the handling and processing of digital evidence and the management of chain of custody by providing transparency and using immutable chain of custody stored with blockchain technology.

Zoriana_Dmytryshyna_PRG

Zoriana Dmytryshyna

Director of Institutional Relations | APWG.EU

13:25 - 14:10 - Engaging your Board and Senior Leadership

Sharing experience as someone who has engaged all levels within large & mid-size companies, Rays presented to governments, ministers, and board directors. Discussing lessons learned with examples of what will be asked from Board Directors & Senior Leaders at this level & how to avoid Bear Traps

Ray_Stanton_PRG

Ray Stanton

Global Executive Partner, Strategy, Risk & Compliance | IBM

14:10 - 14:55 - The Social Dilemma

I will be discussing how social media causes issues for people and companies. This discussion looks at the research we have done into interest groups, propaganda, and unethical practices that social media utilizes to produce fake narratives that trap people, attack teenagers, and force them to be hyper sexually active as well as create an environment of aggression.

Michael_Goedeker_PRG

Michael Goedeker

CEO and Founder | Hakdefnet International

13:25 - 14:10 - The growing problem of leaked credentials - How adversaries find and use secrets to break into our systems

Secrets like API keys are sprawling through the internet at an alarming rate. In 2021 a research project uncovered 6 million leaked secrets publically. This presentation reviews that research and uses recent breaches to show how adversaries discover and exploit secrets to breach organizations.

Mackenzie_Jackson_PRG

Mackenzie Jackson

Security Advocate / Head of DevRel | GitGuardian

14:10 - 14:55 - Traps and gaps of E0T (Email Zero Trust)

Emailing world applies the E0T best practices and standards for decades. Which are the key technologies, their efficacy compared to MITRE ATT&CK TnT’s, and practical impacts on the balance between security and deliverability?

Boris_Mutina_PRG

Boris Mutina

Senior Security Analyst | Excello

14:55 - 15:25 - Cyber Threat Observations

Cyber threats increase in volume and sophistication each year, even taking advantage of the COVID-19 pandemic. See how the FBI views these threats and works to increase awareness to mitigate them.

Paul_J_Vitchock_PRG

Paul J. Vitchock

Assistant Legal Attaché | FBI

Trainings

How to implement risk management in an organization

The goal of the workshop is to show practical ways how to implement security risk management in your organization. We will present the importance of ICT risk management in terms of organizational management and the best utilization of resources in the organization. We will use practical simulations in which we define and test the entire risk management life cycle. We will learn how to set up risk management processes so that the information security and business area would be interconnected, and at the same time understandable for the top management in the organization.

More info

Introduction to hacking gamification

Staying up to date and learning hacking techniques is one of the best ways to know how to defend your organization from cyber-attacks. Hacking gamification is on the rise to help keep security professionals up to date on the latest exploits and vulnerabilities. This workshop is about helping you get started with hacking gamification to strengthen your security team whether it is about understanding hacker techniques, pentesting or incident response.

More info

Targeted Threat Hunting

Incidents happen. The question is when. And maybe even better question is not when it will happen, but what if it has already happened. The attack could be stealthy and undetected yet. However, we can assume that the attack is still ongoing. Now, with this mindset, lets focus on our possibilities. How we can detect the attack and verify our hypothesis? The answer is Threat Hunting.

More info

Additional Conference Events

May 26, 10:30 - 13:30 - CISO Club - 12th meeting

CISO Club represents the independent Slovak – Czech community of CISOs (or similar positions), who discuss the most important cybersecurity topics and challenges. This meeting will be held in Slovak language.

Témy stretnutia

  • Porovnanie Cloud služieb z pohľadu security AWS/Azure/Google
  • Proces na používanie cloud compliance security
  • SOC a využívanie Threat Inteligence v praxi, SW na Incident Management – praktické skúsenosti s nasadením, prevádzkou
  • Skúsenosti s prevádzkou Pentery a podobných nástrojov v spoločnostiach
  • Zmeny v štandardoch: NISv2, nové ISO 27002
  • Nový pohľad na IKT bezpečnosť vzhľadom na udalosti okolo nás

Chairman

Qubit Conference Prague 2021 Marek Zeman

Marek Zeman

CISO | Tatra banka

Bonus virtual sessions

From SEH Overwrite with Egg Hunter to Get a Shell

For end, we gonna learn create from zero an exploit, to exploit a Buffer Overflow vulnerability utilizing the technique SEH Overwrite with use of Egg Hunter, and we will looking for badchars to avoid errors in our shellcode, all this to get a reverse shell.

Rodolpho_Concurde_PRG

Rodolpho Concurde Netto

Penetration Tester

How to Secure Your Software Supply Chain – Practical lessons to protect your app

Open source code makes up 90% of most codebases. How do you know if you can trust your open source dependencies? It is critical to manage your dependencies effectively to reduce risk, but most teams have an ad-hoc process where any developer can introduce dependencies leaving organizations open to risk from malicious dependencies. Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2022 and beyond. We’ll dive into examples of recent supply chain attacks and what concrete steps you can take to protect your team from this emerging threat.

Feross_Aboukhadijeh_PRG

Feross Aboukhadijeh

CEO | Socket 

Insider Threat: What is Social Engineering?

Retired Criminal Profiler & Hostage Negotiator, Crux Conception, has taken his years of training, education, and experience to develop a method that will allow individuals within The Tech Community to utilize: social, people, and observation skills, to detect potential theft.

Crux_Conception_PRG

Crux Conception

Founder, Professor | Crux Conception 

QUBIT CONFERENCE
PRAGUE | 23

QuBit Security, s.r.o.
J. Kozáčeka 2, 960 01
Zvolen, Slovakia

info@qubitconference.com
+421 949 000 338

JOIN THE QUBIT COMMUNITY




SECURE PAYMENT
© 2013-2022 Qubit Conference, The Universe of Cyber Security - Privacy Policy - Privacy Policy in Slovak language - Terms & Conditions - Terms & Conditions in Slovak language - About cookies - O cookies