{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2026.1.0.dev0"}, "schedule": {"url": "https://pretalx.com/bsides-tallinn-2025/schedule/", "version": "0.6", "base_url": "https://pretalx.com", "conference": {"acronym": "bsides-tallinn-2025", "title": "BSides Tallinn 2025", "start": "2025-09-25", "end": "2025-09-25", "daysCount": 1, "timeslot_duration": "00:05", "time_zone_name": "Europe/Tallinn", "colors": {"primary": "#154596"}, "rooms": [{"name": "Stage 1", "slug": "4594-stage-1", "guid": "06042611-9901-5633-b251-61cbcd43a9b8", "description": null, "capacity": null}, {"name": "Stage 2", "slug": "4595-stage-2", "guid": "a68468d0-16d2-541f-b7aa-4beaf65b32b5", "description": null, "capacity": null}, {"name": "Workshops", "slug": "4596-workshops", "guid": "2b4509ce-1033-5663-9220-cbf5684b49e7", "description": null, "capacity": null}, {"name": "Village", "slug": "4886-village", "guid": "9ee18814-d584-5f08-91f6-8995cdf9138e", "description": "Village area - hands-on activities all day long.", "capacity": null}], "tracks": [{"name": "VILLAGE", "slug": "6362-village", "color": "#00ccff"}, {"name": "Stage 2", "slug": "6112-stage-2", "color": "#000000"}, {"name": "Stage 1", "slug": "5713-stage-1", "color": "#0000f0"}, {"name": "Workshop", "slug": "5714-workshop", "color": "#1bb845"}], "days": [{"index": 1, "date": "2025-09-25", "day_start": "2025-09-25T04:00:00+03:00", "day_end": "2025-09-26T03:59:00+03:00", "rooms": {"Stage 1": [{"guid": "32e21440-b477-5996-9ff2-d5de04eb2600", "code": "PQAJX7", "id": 72706, "logo": null, "date": "2025-09-25T10:00:00+03:00", "start": "10:00", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-72706-your-security-dashboard-is-lying-to-you-the-science-of-metrics", "url": "https://pretalx.com/bsides-tallinn-2025/talk/PQAJX7/", "title": "Your Security Dashboard is Lying to You: The Science of Metrics", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "Security teams love metrics. Beautiful dashboards, filled with vulnerability counts, alert volumes, SLA compliance for fix times, training hours logged, etc. However, do any of these metrics actually make organizations more secure? The uncomfortable truth is that most security metrics are questionable, at least from a scientific perspective.\r\n\r\nIn this talk, I will focus on the science behind meaningful security metrics. I will introduce a framework that helps define metrics based on organization-specific goals, as opposed to creating purpose around whatever metrics we have lying around. From there, I will break down what are the key qualities of a good metric. Finally, I will briefly present the different data analysis methods and the common validity threats when going from metric values back to supporting your goals.\r\n\r\n\"If you can't measure it, you can't improve it\". However, if your security strategy is built on questionable metrics, you might not be improving the right things. This talk will challenge industry assumptions and provide scientific backing to the fact that many widely used security metrics in the industry might be vanity numbers.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "Z8FVYJ", "name": "Aram H", "avatar": "https://pretalx.com/media/avatars/Z8FVYJ_J3ygtIh.webp", "biography": "Aram is the founder and the CEO of Codific. With over 15 years of application security experience, he has a proven track record in building complex software systems by explicitly focusing on quality.\r\n\r\nAram has a PhD in cybersecurity from DistriNet KU Leuven. His contributions to the refinement and streamlining of the LINDDUN privacy engineering methodology have been incorporated into ISO and NIST standards.\r\n\r\nAram is also a core contributor to the OWASP SAMM project.", "public_name": "Aram H", "guid": "a2a11e60-38d6-574e-bbb3-117a457f1d14", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/Z8FVYJ/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/PQAJX7/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/PQAJX7/", "attachments": []}, {"guid": "fa41cc88-f3f0-5b08-83fd-43ce0b045a1f", "code": "7QMJER", "id": 75815, "logo": null, "date": "2025-09-25T11:00:00+03:00", "start": "11:00", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-75815-from-hours-to-minutes-automating-incident-response-triage-with-open-source-tools", "url": "https://pretalx.com/bsides-tallinn-2025/talk/7QMJER/", "title": "From Hours to Minutes: Automating Incident Response Triage with Open-Source Tools", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "Traditional forensic acquisitions create bottlenecks in incident response, requiring specialized expertise and significant time that delays investigations. This presentation introduces an automated forensic triage workflow using open-source tools to accelerate response operations.\r\n\r\nThe workflow utilizes a Velociraptor offline collector to acquire forensic triage images, automatically uploaded to cloud storage. This triggers an OpenRelik workflow that processes triage data using tools like Hayabusa and Plaso/log2timeline, with AI-powered analysis and summarization. The processed output is uploaded to Timesketch for collaborative analysis.\r\n\r\nSeveral DFIR datasets will be used to show the automation pipeline from initial collection to timeline analysis. The workflow reduces time-to-analysis from hours to minutes while maintaining forensic integrity.\r\n\r\nAttendees will learn to implement automated triage workflows and integrate multiple open-source tools into investigation pipelines. This targets incident responders, digital forensics practitioners and anyone in the security community looking to streamline forensic operations.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "XXEWP9", "name": "Markus Einarsson", "avatar": "https://pretalx.com/media/avatars/XXEWP9_48ql2If.webp", "biography": "Markus Einarsson is a Security Architect and Incident Response Lead at Sectra in Sweden, where he secures cloud-hosted environments for healthcare customers worldwide. With over a decade of experience in cybersecurity, Markus specializes in incident response, digital forensics and security architecture.\r\n\r\nAs part of the Sectra Hunt and Incident Response Team, he has extensive hands-on experience with forensic workflows and modern DFIR toolchains. Markus holds multiple GIAC certifications including GEIR, GCDA, GCFE, GCFA, GRID, GNFA, GCIA and GCIH. He is passionate about scalable incident response methodologies and advancing open-source forensic tools.", "public_name": "Markus Einarsson", "guid": "afda07f0-19ab-5eae-b5ac-9fed441c27f8", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/XXEWP9/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/7QMJER/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/7QMJER/", "attachments": []}, {"guid": "dd751b6a-56c7-56db-89b2-1aaf4ec3e5c6", "code": "ENNUE3", "id": 68852, "logo": null, "date": "2025-09-25T11:45:00+03:00", "start": "11:45", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-68852-organic-freerange-credentials-freshly-harvested-from-your-browser", "url": "https://pretalx.com/bsides-tallinn-2025/talk/ENNUE3/", "title": "organic, freerange credentials - freshly harvested from your browser", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "When I ask audience about 2FA phishing or stealers ... the silence is deafening. With the exception of dude from back row: \"Stealers can't get your passwords from Chrome since ca 2024 August, go home, stunthacker\").\r\n\r\nWell, \"I've seen things you people wouldn't believe\" - not C-beams glittering in the dark near the Tannh\u00e4user Gate, but trying to guess organisations' password policy from leaks / stealerlogs. Much fun, not time to die, though.\r\n\r\nSo, let's run a 2FA phising campaign live against Estonian TARA auth (with scoring) and see what we can grep from some recent freely shared stealerlogs drop (as of 2025 April: 3000 logs from BreachForums rando = 183 WordPress admin cookies).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "TWAF7C", "name": "Peeter Marvet", "avatar": "https://pretalx.com/media/avatars/TWAF7C_IXtNyIv.webp", "biography": "I've seen things you people wouldn't believe. I have also made mistakes you people wouldn't believe - which is fine, as I have also seen mistakes you, people, make. You wouldn't believe...", "public_name": "Peeter Marvet", "guid": "ee06c0cf-79bf-594c-a91b-3054a4ce6965", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/TWAF7C/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/ENNUE3/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/ENNUE3/", "attachments": []}, {"guid": "771a3a49-0d03-5d14-bac6-22a404f93eba", "code": "S3V8UY", "id": 75494, "logo": null, "date": "2025-09-25T13:30:00+03:00", "start": "13:30", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-75494-committing-css-crimes-for-fun-and-profit", "url": "https://pretalx.com/bsides-tallinn-2025/talk/S3V8UY/", "title": "Committing CSS Crimes for fun and profit", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "CSS is an often overlooked aspect of web security, but in the right hands it can be extremely powerful.\r\n\r\nThis talk takes you through my journey of making silly browser games to pwning companies like Apple and Google through this fun little styling language.\r\n\r\nSlides: https://lyra.horse/slides/2025/2025-09-committing-css-crimes-for-fun-and-profit.html", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "F3KBJ3", "name": "Lyra Rebane", "avatar": "https://pretalx.com/media/avatars/F3KBJ3_RC4jsBb.webp", "biography": "I like to play around with the web and browsers for fun. Sometimes I find bugs. 9 CVEs in Chrome.\r\nhttps://lyra.horse/blog/", "public_name": "Lyra Rebane", "guid": "8b74ea64-1e0e-50a3-a555-576132b8ad9f", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/F3KBJ3/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/S3V8UY/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/S3V8UY/", "attachments": []}, {"guid": "1cff2a98-2276-579a-9d0b-6e69cc31fcf0", "code": "NFS7PD", "id": 75875, "logo": null, "date": "2025-09-25T14:15:00+03:00", "start": "14:15", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-75875-hype-vs-hands-on-what-genai-actually-brings-to-incident-detection-response", "url": "https://pretalx.com/bsides-tallinn-2025/talk/NFS7PD/", "title": "Hype vs. Hands-On: What GenAI Actually Brings to Incident Detection & Response", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "Generative AI promises to revolutionize how security operations teams and investigators detect and respond to threats but, how much of this promise is real and how much is just hype?\r\n\r\nIn this talk, we go beyond vendor marketing to explore what practitioners and experts really think about GenAI\u2019s place in modern detection and response workflows. Drawing from a Delphi study I conducted with global SOC leaders and AI specialists as part of my academic research with Lule\u00e5 University of Technology in Sweden, we\u2019ll uncover:\r\n\r\n- Where GenAI is already making an impact (and where it's not) for detection and response workflows\r\n\r\n- Key opportunities for GenAI in threat detection, triage, and investigation\r\n\r\n- Real-world challenges: hallucinations, trust issues, operational risks, and more\r\n\r\n- How security analyst roles and skills are evolving in the face of GenAI adoption\r\n\r\n- Practical considerations for integrating GenAI into existing detection and response SOC processes\r\n\r\nExpect an honest, evidence-based discussion, free of buzzwords, and grounded in what the experts are actually experiencing on the ground.\r\n\r\nWhether you're skeptical or optimistic about AI in detection & response workflows, this session will give you a grounded view of the path forward.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "GYNGG7", "name": "Marvin Ngoma", "avatar": "https://pretalx.com/media/avatars/GYNGG7_CrABpCe.webp", "biography": "Marvin is a seasoned consultant and security architect. He has a strong passion for helping nordic and baltic organizations succeed in their cybersecurity programs. He has led many projects in both the private and public sectors, architecting and building Security Operations and Intelligence capabilities; unifying tools, processes, and people. Prior to joining Elastic, Marvin worked as a security consultant at IBM and was the primary SME for QRadar in the nordics and baltics.\r\n\r\nIn addition to his work with clients, Marvin frequently speaks at conferences, summits, and meetups on the latest security topics, making him a dedicated security evangelist. He holds a masters in Computer Science & Engineering from Chalmers University of Technology in Sweden, and is a very proactive member of ISC2, among other security bodies.", "public_name": "Marvin Ngoma", "guid": "b4b66cc0-04a5-5840-b18f-a7ce5599a215", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/GYNGG7/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/NFS7PD/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/NFS7PD/", "attachments": []}, {"guid": "14b85abb-2eba-544e-8d52-16ae4dc4373a", "code": "PVPN88", "id": 73051, "logo": null, "date": "2025-09-25T15:00:00+03:00", "start": "15:00", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-73051-releasing-your-inner-tiber-in-regulated-adversary-simulations", "url": "https://pretalx.com/bsides-tallinn-2025/talk/PVPN88/", "title": "Releasing Your Inner TIBER in Regulated Adversary Simulations", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "Red team testing has evolved from underground art to regulated operations, and if you're hoping to deliver these services professionally, you should know the game has completely changed. The financial sector's adoption of TIBER-EU offers a masterclass in what works in structured adversary simulation.\r\n\r\nThis talk is for practitioners delivering threat intelligence and red team testing services who want to understand how regulatory frameworks are reshaping client expectations and project dynamics. While TIBER-EU emerged from financial sector requirements, its methodologies offer valuable lessons for any industry serious about adversary simulation.\r\n\r\nYou'll discover the hidden complexities of \"threat-led\" testing, why many threat intelligence reports fail to drive realistic attack scenarios, and how to navigate the minefield of control teams, blue teams, and regulatory oversight. We'll explore the craft skills that separate professional adversary simulation from basic penetration testing: building credible threat actor personas, designing scenarios that test resilience rather than find vulnerabilities, and managing the delicate dance of \"leg-ups\" and purple teaming.\r\n\r\nWhether you're expanding into the threat intelligence and red team testing services market, or simply curious about the professionalization of red teaming, this session offers practical insights from these complex engagements.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "3FEZXL", "name": "Marko Buuri", "avatar": "https://pretalx.com/media/avatars/3FEZXL_GBjHLkB.webp", "biography": "Marko has worked for over 20 years in IT and cybersecurity across companies, public sector, and as a consultant to many industries. Most recently, he has shaped and operated TIBER-FI and other cyber resilience initiatives at the Bank of Finland.", "public_name": "Marko Buuri", "guid": "b20c0011-eab6-5627-b591-c6a82c8bf3d1", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/3FEZXL/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/PVPN88/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/PVPN88/", "attachments": []}, {"guid": "f5bdc417-20ca-56eb-82a0-9f41e4288f5d", "code": "FJXXXF", "id": 71956, "logo": null, "date": "2025-09-25T16:15:00+03:00", "start": "16:15", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-71956-victim-of-your-own-cyberattack-a-story-from-the-trenches", "url": "https://pretalx.com/bsides-tallinn-2025/talk/FJXXXF/", "title": "Victim of your own cyberattack: A story from the trenches.", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "Administrators are meant to take care of your systems but what happens when they go rogue?\r\n\r\nIn this gripping incident response case study, we take you behind the scenes of a real-world insider threat that targeted internal systems. What began as suspicious access patterns on the network led to the uncovering of a calculated and deeply damaging betrayal from within.\r\n\r\nThe threat eventually became victim of his own attack.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU9NMF", "name": "Hendrik Noben", "avatar": "https://pretalx.com/media/avatars/QU9NMF_ReIAUma.webp", "biography": "Hendrik Noben is the co-founder of Resilix, focusing on cyber incident management and practical security assessments that lead to strategic guidance. As trusted advisor, provinding a pragmatic and people-aware approach to modern security challenges. Hendrik brings a hands-on background as a penetration tester and security architect. He is also the (co-)founder of BSides Limburg, a community-driven security event in Belgium.", "public_name": "Hendrik Noben", "guid": "810a545e-728c-595f-9e62-0a29dea6d3a1", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/QU9NMF/"}, {"code": "B7Z7VZ", "name": "Stephan Van Dyck", "avatar": "https://pretalx.com/media/avatars/B7Z7VZ_oG4mYPM.webp", "biography": "I am a cyber architect and incident responder by trade, chaos manager by necessity, and coffee addict by choice. Based in Belgium, he\u2019s one of the co-founders of Resilix, where I help organizations stay cool during digital fires \u2014 from ransomware to insider threats and everything in between.\r\n\r\nOver the years, I have seen my fair share of breaches, panic rooms, and \u201cuh-oh\u201d moments. I thrive in high-pressure situations where quick thinking, clear communication, and just a touch of black humor go a long way. Whether it\u2019s containing an active attack or helping a team rebuild after the dust settles, I am all about turning messes into meaningful lessons.", "public_name": "Stephan Van Dyck", "guid": "331c4aaf-6510-54f7-b920-351f61b8ef23", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/B7Z7VZ/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/FJXXXF/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/FJXXXF/", "attachments": []}, {"guid": "1a837781-1d71-5781-aeea-c74a0aea2f5d", "code": "JPCAHE", "id": 75642, "logo": null, "date": "2025-09-25T17:00:00+03:00", "start": "17:00", "duration": "00:45", "room": "Stage 1", "slug": "bsides-tallinn-2025-75642-why-playing-board-games-and-d-d-in-cyber-security-is-actually-useful", "url": "https://pretalx.com/bsides-tallinn-2025/talk/JPCAHE/", "title": "Why playing board games and D&D in cyber security is actually useful?", "subtitle": "", "track": "Stage 1", "type": "Main track", "language": "en", "abstract": "I had a tiny bit of experience playing tabletop security games, as well as being an organizing team. But never alone, nor am I an expert in game theory. I just like DnD and RPG-s and I work in cyber security.\r\n\r\nWhen I reworked the incident response process in Opera and there was a need for training, I decided to do it in the form of tabletop exercises using pen and paper and fake scenarios.\r\n\r\nIn total I held 8 tabletop games (Half a day each) in 4 different offices, total participants ~100. 3 different main scenarios and some variations. \r\n\r\nMy talk would be about the experience and suggestions (general + personal experience)", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "GHRLPK", "name": "Hans Metsoja", "avatar": "https://pretalx.com/media/avatars/GHRLPK_6uUruEl.webp", "biography": "Currently information security manager at Opera browser company.\r\n\r\nPreviously various roles in MS/Skype, Telco, software development. Usually does random things what are needed so never have I had a clear role definition.", "public_name": "Hans Metsoja", "guid": "8525a3fb-2941-5885-a10c-924423221dd7", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/GHRLPK/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/JPCAHE/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/JPCAHE/", "attachments": []}], "Stage 2": [{"guid": "79b3440b-d5a2-5a53-be9c-705263754300", "code": "SA3U83", "id": 74478, "logo": null, "date": "2025-09-25T11:00:00+03:00", "start": "11:00", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-74478-lost-in-translation-making-pentest-reports-speak-the-client-s-language", "url": "https://pretalx.com/bsides-tallinn-2025/talk/SA3U83/", "title": "Lost in Translation? Making Pentest Reports Speak the Client\u2019s Language", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "Penetration testing reports play a significant role in helping organizations identify and mitigate security vulnerabilities as they are the only tangible product of the conducted tests. The report effectiveness relies on the extent to which customers can translate the findings into actionable decisions. \r\n\r\nOur study investigated the usability gaps in penetration testing reports from a customer-centric perspective, focusing on the challenges organizations face in understanding, prioritizing, and acting on the provided insights.\r\n\r\nWant to know how to improve Your reports? Join us and find out!\r\n\r\n\r\n\r\nSneak peak\r\n\u201eFrom Reports to Actions: Bridging the Customer Usability Gap in Penetration Testing\u201d K. Galanska, A. Kruzikova, M. P. Murumaa, V. Matyas, M. Just; IEEE Access, vol. 13, pp. 73975-73986, 15.04.2025, 10.1109/ACCESS.2025.3561220", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "F98SWD", "name": "Katarina Galanska", "avatar": "https://pretalx.com/media/avatars/F98SWD_yoFajFG.webp", "biography": "Katarina has for the past several years worked in offensive cybersecurity. She previously graduated in IT security at the Faculty of Information Technology at Brno University of Technology and at the University of South Wales in Cardiff. Currently, she is a PhD candidate at the Centre for Research on Cryptography and Security at Masaryk University. Her research focuses on penetration testing reports concerning IT professionals in the field of usable security, in collaboration with commercial companies.", "public_name": "Katarina Galanska", "guid": "2c7d059a-c8f8-5e7b-96df-13fd201638af", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/F98SWD/"}, {"code": "VMWDGZ", "name": "Maria P. Murumaa", "avatar": "https://pretalx.com/media/avatars/VMWDGZ_faa7fAB.webp", "biography": "Maria is a Security Engineer at Cybernetica AS.  Combining both theoretical knowledge and hands-on experience  she applies a practical and forward-looking approach to securing digital environments. Her professional focus is rooted in continuous learning, collaboration, and a genuine enthusiasm for making the digital world safe for everyone.", "public_name": "Maria P. Murumaa", "guid": "1a395baa-9452-5f77-a84b-890ef4dcdc78", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/VMWDGZ/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/SA3U83/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/SA3U83/", "attachments": []}, {"guid": "7e0b7c40-51bd-50ed-8850-04e868d95bd3", "code": "KMFGNJ", "id": 75792, "logo": null, "date": "2025-09-25T11:45:00+03:00", "start": "11:45", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-75792-when-1-1-11-the-hidden-math-of-application-vulnerabilities", "url": "https://pretalx.com/bsides-tallinn-2025/talk/KMFGNJ/", "title": "When 1 + 1 = 11: The Hidden Math of Application Vulnerabilities", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "Manual penetration tests don\u2019t always reveal critical vulnerabilities \u2014 but even minor issues, when linked together, can result in significant risks. In this session, Axinom and Neverhack share highlights from a recent engagement that brought such vulnerability chains to light. You\u2019ll also discover how a single pentest can deliver value across multiple areas within a company, turning one investment into value several times over.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "JYXDYW", "name": "Giorgi Sharia", "avatar": "https://pretalx.com/media/avatars/JYXDYW_PgGnJjC.webp", "biography": "Giorgi is a Senior Penetration Tester at NEVERHACK Estonia specializing in web and mobile application security. He is experienced in uncovering complex vulnerabilities through manual testing and advanced logic flaw exploitation. Giorgi conducts ethical social engineering engagements to identify and improve human-related security weaknesses. He also brings a practical, business-aware approach to offensive security, helping teams turn findings into real improvements. On top of everything he is a creator of Security Summit CTF Challenge.", "public_name": "Giorgi Sharia", "guid": "64f7dee4-c91d-5d93-8b02-c640b16bf307", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/JYXDYW/"}, {"code": "QVG3G8", "name": "Velmar Piibeleht", "avatar": null, "biography": "Senior Penetration Tester | NEVERHACK Estonia\r\n\r\nVelmar Piibeleht is a seasoned professional with about 15 years of experience in the realm of cybersecurity, spanning across both private and public sectors. Now with more than 5 years of experience as a Penetration Tester and Red Teamer, he has successfully earned CISSP, OSCP, GWAPT, GMOB and GCFA certifications. Leveraging his expertise, Velmar is dedicated to assisting companies by conducting offensive security operations that uncover potential vulnerabilities and weaknesses.", "public_name": "Velmar Piibeleht", "guid": "9b088ca4-c0c7-5167-8af1-7e0d2cab7153", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/QVG3G8/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/KMFGNJ/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/KMFGNJ/", "attachments": []}, {"guid": "7b235fdf-b590-5612-801e-d46b0c556506", "code": "RZQFAY", "id": 75865, "logo": null, "date": "2025-09-25T13:30:00+03:00", "start": "13:30", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-75865-unleash-the-crowd-lessons-from-building-a-human-firewall", "url": "https://pretalx.com/bsides-tallinn-2025/talk/RZQFAY/", "title": "Unleash the Crowd: Lessons from Building a Human Firewall", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "Are you feeling it...? \r\n\r\nThat relentless pressure as your attack surface expands \u2013 but your security resources just can\u2019t keep up? \r\n\r\nWe\u2019ve been there at Bolt, grappling with the exact same challenge. The relentless growth of digital assets, coupled with limited internal security resources has created critical blind spots and persistent exposure to threats. While our product security team excels at developing extensive and scalable security solutions, we often lack the capacity for the deep, narrow focus required by every application and service. Traditional penetration tests, while valuable for targeted assessments, by design provide a time-boxed and limited view, often leaving vast areas of the attack surface unexamined.\r\n\r\nEnter crowdsourced security through bug bounty programs \u2013 a powerful, indispensable complement to Bolt\u2019s existing defenses. Imagine leveraging a global, always-on network of ethical hackers, each bringing unique expertise and a fresh perspective. Unlike the constraints of traditional pentests, these skilled researchers aren't limited by scope or time. They can relentlessly delve into our features and services, uncovering subtle, systemic issues hidden deep within our systems. This collaborative, continuous approach doesn't just bridge the security resource gap; it dramatically reduces our window of exposure, transforming vulnerability management from a reactive burden into a proactive and resilient defense effort.\r\n\r\n<b>Join this session to uncover:</b>\r\n* Strategic Integration: How crowdsourced security has enhanced our overall vulnerability management framework?\r\n* Real-World Triumphs & Challenges: Practical insights into the challenges and undeniable benefits of running a successful bug bounty program.\r\n* Actionable Intelligence: How to transform raw bug findings into strategic insights that identify systemic weaknesses and inform the security roadmap?\r\n* Unique Discoveries: Why crowdsourced findings often differ from, and complement, those from internal teams or traditional pentests?\r\n* Program Playbook: Navigating the critical decision: Is a private or public bug bounty program the right fit for an organization?", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "NS9AXE", "name": "Allar Lauk", "avatar": "https://pretalx.com/media/avatars/NS9AXE_s3TOKcC.webp", "biography": "Allar Lauk is a Cybersecurity Engineer on the Product Security team at Bolt. Passionate about securing digital products, he focuses on integrating proactive security throughout the development lifecycle to protect Bolt's global users and diverse services.", "public_name": "Allar Lauk", "guid": "58201d88-dee7-5d5c-aec8-9066c68b1f7c", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/NS9AXE/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/RZQFAY/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/RZQFAY/", "attachments": []}, {"guid": "7dea7778-9b58-5ddc-8072-9e7e5626bfbd", "code": "MAXQZM", "id": 75684, "logo": null, "date": "2025-09-25T14:15:00+03:00", "start": "14:15", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-75684-every-step-counts-strategic-defense-for-the-modern-blue-team", "url": "https://pretalx.com/bsides-tallinn-2025/talk/MAXQZM/", "title": "Every Step Counts: Strategic Defense for the Modern Blue Team", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "The idea that \"attackers only need to succeed once\" has long influenced the development of defensive strategies. This talk challenges that myth by reframing the defender\u2019s role: not as a gatekeeper who must be perfect, but as a strategist who can disrupt the attacker\u2019s journey at multiple points.\r\n\r\nWe\u2019ll explore how a layered defense strategy, enhanced by detection engineering, attack surface management, and deception technologies, can shift the advantage toward defenders.\r\n\r\nTo ground these ideas in practice, we\u2019ll look at how MITRE\u2019s Summiting the Pyramid and Attack Flow projects help defenders visualize, prioritize, and disrupt adversary behavior across the kill chain. These tools offer actionable frameworks for mapping detection coverage and understanding attacker movement in complex environments.\r\n\r\nAttendees will gain practical insights into designing and implementing strategic defenses that turn every layer, every alert, and every response into an opportunity to stop attackers in their tracks. Because in modern cyber defense, every step truly counts.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "CK8GEB", "name": "Jarkko Kinnunen", "avatar": "https://pretalx.com/media/avatars/CK8GEB_wyFisXy.webp", "biography": "Jarkko Kinnunen is a Security Solution Engineer at Microsoft and Co-Founder of KuoSec. A passionate advocate for the Blue Team, he specializes in developing continuous security services and enhancing SOC operations. By day, he advises companies and partners on designing and implementing solutions built on Microsoft security technologies. After working hours, he loves helping the community to do stuff...", "public_name": "Jarkko Kinnunen", "guid": "f9fee086-e86f-55ba-a5b6-621095d00917", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/CK8GEB/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/MAXQZM/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/MAXQZM/", "attachments": []}, {"guid": "c5c083f6-72b2-523a-b91d-8f9d56ddfeaf", "code": "YYCDXX", "id": 75418, "logo": null, "date": "2025-09-25T15:00:00+03:00", "start": "15:00", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-75418-don-t-take-the-bait-online-deception-beyond-your-inbox", "url": "https://pretalx.com/bsides-tallinn-2025/talk/YYCDXX/", "title": "Don't Take the Bait - Online deception beyond your Inbox", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "Bolt's product security team secures applications for over 200 million customers and 4.5 million partners across 600+ cities in 50 countries. This massive scale makes our platform a prime target for a diverse array of malicious actors, many of whom specialise in scalable, low-tech scams. We've seen an increasing professionalisation even in these \"low-tech\" schemes, leading to an arms race between threat actors and security measures that often unfolds within weeks, if not days.\r\n\r\nTraditional phishing techniques are now being repurposed from email to modern chat applications. We're observing 2FA bypasses via recovery flows and constant probing for business logic issues that can be abused for quick financial gain.\r\n\r\nDuring this presentation, we'll shed light on the variety of sophisticated phishing techniques we've encountered in the wild. Attendees will gain insights into:\r\n\r\nAbused Communication Channels: Discover how in-app chat functionality and chat applications such as Telegram and WhatsApp are misused.\r\n\r\nReward vs Punishment: Understand persuasion techniques threat actors use to manipulate targets.\r\n\r\nBypassing Protections: Learn how 2FA, chat filtering and business logic checks could be bypassed. \r\n\r\nAuthentication Strengths & Weaknesses: Explore the benefits and drawbacks of existing authentication methods", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "YFL3M8", "name": "Andres J\u00f5gi", "avatar": "https://pretalx.com/media/avatars/YFL3M8_HIseQ2N.webp", "biography": "I'm paid to tell you that the fancy AI lock on your bathroom window won't help if your front door is wide open.", "public_name": "Andres J\u00f5gi", "guid": "32479b17-881a-55a9-8d11-71db79e57944", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/YFL3M8/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/YYCDXX/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/YYCDXX/", "attachments": []}, {"guid": "e5964398-9003-57ac-8b22-b49080e7370a", "code": "7WBZXR", "id": 72940, "logo": null, "date": "2025-09-25T16:15:00+03:00", "start": "16:15", "duration": "00:45", "room": "Stage 2", "slug": "bsides-tallinn-2025-72940-cloud-s-dirty-little-secret-it-was-misconfigs-all-along", "url": "https://pretalx.com/bsides-tallinn-2025/talk/7WBZXR/", "title": "Cloud\u2019s Dirty Little Secret: It Was Misconfigs All Along", "subtitle": "", "track": "Stage 2", "type": "Main track", "language": "en", "abstract": "Think cloud security is all about stopping attackers at the gates? Think again. The biggest threats in the cloud aren\u2019t zero-days or nation-state actors \u2014 they\u2019re misconfigurations. Yep, the stuff we set up wrong ourselves.\r\n\r\nAfter digging into the guts of hundreds of Azure-based solutions across industries, I\u2019ve seen the same security faceplants over and over again \u2014 and they\u2019re not just rookie mistakes. In this talk, I\u2019ll walk through the most common cloud security pitfalls I\u2019ve found, why they keep happening, and how to actually fix them. Whether you're a red teamer, blue teamer, or somewhere in between, you\u2019ll walk away with practical takeaways and a few war stories from the trenches.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "CDLAKP", "name": "Karl Ots", "avatar": "https://pretalx.com/media/avatars/CDLAKP_tAGk7Po.webp", "biography": "Karl Ots breaks and secures cloud stuff for a living \u2014 and has been doing it since back when \u2018cloud security\u2019 meant locking the server room door. By day, he\u2019s Head of Cloud Security at EPAM Systems, wrangling enterprise-scale chaos across industries and continents.\r\n\r\nHe\u2019s written books (most recently Securing Microsoft Azure OpenAI), dropped a bunch of cloud security courses on LinkedIn Learning, and collected more acronyms than a compliance checklist (RD, MVP, CISSP, CCSP, SABSA SCF \u2014 yeah, it\u2019s a problem).\r\n\r\nKarl\u2019s no stranger to the stage \u2014 he\u2019s spoken at BSides SF, Microsoft Build, T2, Gartner Security & Risk, InfoSec World, and more. If it involves cloud, misconfigs, or weird edge cases, he\u2019s probably got a story.", "public_name": "Karl Ots", "guid": "4db3924c-ab3b-5584-a793-be4c72a45765", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/CDLAKP/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/7WBZXR/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/7WBZXR/", "attachments": []}], "Workshops": [{"guid": "2bc4470e-964b-5441-9770-7b663dac4538", "code": "JFZRXX", "id": 73485, "logo": null, "date": "2025-09-25T11:00:00+03:00", "start": "11:00", "duration": "01:00", "room": "Workshops", "slug": "bsides-tallinn-2025-73485-keys-are-optional-the-side-b-of-physical-security", "url": "https://pretalx.com/bsides-tallinn-2025/talk/JFZRXX/", "title": "Keys are optional - the side B of physical security", "subtitle": "", "track": "Workshop", "type": "Main track", "language": "en", "abstract": "Forget your PINs and proper keys - at this **hands-on** workshop, you can try how to:\r\n\r\n* open a car door lock via a CAN bus attack\r\n* decode a key safe at a holiday home without any special tools\r\n* control building automation over a solar Wi-Fi\r\n\r\nYou will need a phone that can connect to a local Wi-Fi for the last lab.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "K7CUKR", "name": "Mait Peekma", "avatar": "https://pretalx.com/media/avatars/K7CUKR_F98q4VF.webp", "biography": "If you are reading this, you probably get paid to build or protect stuff. Mait does the opposite \u2014 but has somehow avoided handcuffs so far.", "public_name": "Mait Peekma", "guid": "13b5395e-9b19-5917-b9aa-2081505c3584", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/K7CUKR/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/JFZRXX/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/JFZRXX/", "attachments": []}, {"guid": "8c0417cf-f4c2-5f5c-afca-6cd0239fdf0f", "code": "8QRDSA", "id": 71727, "logo": null, "date": "2025-09-25T13:30:00+03:00", "start": "13:30", "duration": "01:00", "room": "Workshops", "slug": "bsides-tallinn-2025-71727-privacy-by-design-in-the-age-of-ai-key-to-anonymisation-and-lessons-from-real-world-security-incidents", "url": "https://pretalx.com/bsides-tallinn-2025/talk/8QRDSA/", "title": "Privacy by Design in the Age of AI: Key to Anonymisation and Lessons from Real-World Security Incidents", "subtitle": "", "track": "Workshop", "type": "Main track", "language": "en", "abstract": "In the age of AI and large-scale data processing, it\u2019s tempting to assume that applying security practices equals good privacy. But as multiple real-world breaches have shown\u2014from Estonia\u2019s Asper Biogene genetic data exposure to pharmacy data leaks at Allium UPI\u2014 insufficient security controls and a lack of privacy by design can expose organizations to significant privacy risks. \r\n\r\nThis interactive workshop is tailored for security and privacy professionals whose organizations work with sensitive or large datasets, especially in the context of AI/ML training or internal analytics. We\u2019ll break down the differences and overlaps between infosec and personal data breaches, demystify what anonymisation and pseudonymisation really mean under the GDPR, and explore how to make data useful and safe. Participants will also gain practical insights into breach response basics and how to act when things go wrong. \r\n\r\nWe\u2019ll wrap with a practical group exercise where attendees get to \u201canonymise\u201d a fictional database based on publicly available data\u2014and see if their efforts withstand real-world re-identification threats.\r\n\r\n----\r\nKEY TOPICS:\r\n1. How large datasets fuel AI innovation yet at the same time cause regulatory risk. Why effective privacy compliance is not a checklist task but active daily practice. \r\n2. Key differences between infosec incidents and personal data breaches (and when they overlap).\r\n3. Legal definition of anonymisation and pseudonymisation, hands-on practical task to understand both the value as well as the risk of these measures.\r\n4. Case study examples:\r\n4.1. Asper Biogene (genetic data breach) \r\n4.2. Allium UPI (pharmacy breach)\r\n4.3. European Data Protection Board\u2019s recent recommendations:\r\n4.3.1. Guidelines 01/2025 on Pseudonymisation\r\n4.3.2. Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models\r\n5. What to do when a breach happens: notify, assess, contain, communicate.\r\n----\r\nPRACTICAL WORKSHOP EXERCISE:\r\nParticipants are expected to have at least one device per team. Participants are given a dataset for a machine learning exercise. Their task in teams is to:\r\n1. Anonymise the dataset using privacy enhancing techniques (masking, generalization, suppression, etc.).\r\n2. Switch files between teams and evaluate potential for re-identification based on auxiliary data.\r\n3. Determine whether their approach met the standard of anonymisation or only pseudonymisation.\r\n4. Present each teams\u2019 anonymisation strategy and summarize a residual risk assessment. Discuss what would be the potential consequences of a leak of such data - would it be merely a security incident or a data breach.\r\n----\r\nLEARNING OBJECTIVES:\r\n1. Understand how anonymisation supports safe AI use and data reuse.\r\n2. Recognize when a breach is a security issue, a privacy issue, or both.\r\n3. Learn to evaluate anonymisation effectiveness using legal and technical criteria.\r\n4. See how access control gaps can escalate into reportable personal data breaches.\r\n5. Get hands-on anonymisation experience and peer feedback.\r\n----\r\nSPEAKERS: \r\nMargot Arnus - CIPP/US, Co-founder and Privacy Expert at Damus, Senior Legal Counsel at Veriff\r\nStella Goldman - CIPM, Co-founder and Privacy Expert at Damus, Lead Legal Counsel at Veriff", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "Q8FW7K", "name": "Margot Arnus", "avatar": "https://pretalx.com/media/avatars/Q8FW7K_5npp5GS.webp", "biography": "I'm a lawyer specializing in EU and US data protection law, with a modest side-interest in intellectual property laws, IT and programming.\r\n\r\nLinkedIn: https://www.linkedin.com/in/margot-arnus/", "public_name": "Margot Arnus", "guid": "05f4aef8-04ef-5b5a-a257-ecc28ef1046f", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/Q8FW7K/"}, {"code": "U8FFMH", "name": "Stella Goldman", "avatar": "https://pretalx.com/media/avatars/U8FFMH_QcLP5ga.webp", "biography": "Stella Goldman is Co-founder and Privacy Expert at Damus and Lead Legal Counsel \u2013 Privacy & Product at Veriff. She is International Association of Privacy Professionals accredited Certified Information Privacy Manager (CIPM) and a member of Estonian Bar Association (currently inactive due to in-house position). \r\n\r\nStella is a trusted cross-functional partner to product, information security and business teams, translating complex legal requirements into compliant, actionable and scalable business-enabling solutions. \r\n\r\nhttps://www.linkedin.com/in/stella-raudsepp/", "public_name": "Stella Goldman", "guid": "3e467c32-1764-590e-8ab6-49e117be7d2c", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/U8FFMH/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/8QRDSA/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/8QRDSA/", "attachments": []}, {"guid": "ad58f118-c59b-55de-8997-6459e8f9d48b", "code": "SAFPTK", "id": 75856, "logo": null, "date": "2025-09-25T14:45:00+03:00", "start": "14:45", "duration": "01:00", "room": "Workshops", "slug": "bsides-tallinn-2025-75856-examining-document-file-structure", "url": "https://pretalx.com/bsides-tallinn-2025/talk/SAFPTK/", "title": "Examining document file structure.", "subtitle": "", "track": "Workshop", "type": "Main track", "language": "en", "abstract": "Short overview off file analysis\r\nBrief deep dives into:\r\nPDF Format \r\nOffice formats (DOCX, XLSX...DOC,XLS..) \r\nImage formats (JPEG, PNG)\r\nArchives (ZIP, RAR, 7z...)\r\nEach topic we look at \r\n* Headers and  structure basics\r\n* How file structure  had ben used in attacks.\r\nDetection artifacts in file format  with Hands-on file Dissection  with using  tools like:\r\nHexeditor ,\r\nExifTool\r\noletools , pefile ,PDFid ,PDF-Parser and so on.\r\nTask to understand structure and  identify potently malicious  components\r\nToolset :https://remnux.org/\r\nFails for workshop : https://tinyurl.com/4mjzjxjt -\r\n small prices: https://bsides.nopcoders.com/\r\nSlides: https://docs.google.com/presentation/d/1J6IfCLnQNAK83MoshP9il4NGWYzEhG3Y2ZozRLE4uXI/edit?usp=sharing", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "ECDJ8N", "name": "Toomas Lepik", "avatar": "https://pretalx.com/media/avatars/ECDJ8N_1R1eEHr.webp", "biography": "well  seasoned Cyber Security Analyst with over 20+  years of experience in the IT industry. \r\nSpecialises in  network forensics, malware analysis and in incident handling. \r\nWork blends hands-on technical analysis with emphasis on critical thinking and laziness being  also passionate about secure software practices. Likes  to pet dogs and other domestic animals.", "public_name": "Toomas Lepik", "guid": "63b9c23d-b8e3-586a-9501-70af6b2b758c", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/ECDJ8N/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/SAFPTK/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/SAFPTK/", "attachments": []}, {"guid": "e54ed1b0-1047-520c-838f-fd4af92e6b3a", "code": "9N8ZAY", "id": 75881, "logo": null, "date": "2025-09-25T16:15:00+03:00", "start": "16:15", "duration": "01:00", "room": "Workshops", "slug": "bsides-tallinn-2025-75881-threat-hunting-develop-and-test-a-threat-hypothesis", "url": "https://pretalx.com/bsides-tallinn-2025/talk/9N8ZAY/", "title": "Threat Hunting: develop and test a threat hypothesis", "subtitle": "", "track": "Workshop", "type": "Main track", "language": "en", "abstract": "In this hands-on workshop, participants will walk through the core steps of a threat hunt - from forming a threat hypothesis to testing it against real-world data. You\u2019ll learn how to frame hypotheses based on attacker behaviors, identify the right data sources, and validate your findings using structured hunting techniques. Whether you're new to threat hunting or looking to sharpen your approach, this session will give you practical skills to hunt smarter.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "GYNGG7", "name": "Marvin Ngoma", "avatar": "https://pretalx.com/media/avatars/GYNGG7_CrABpCe.webp", "biography": "Marvin is a seasoned consultant and security architect. He has a strong passion for helping nordic and baltic organizations succeed in their cybersecurity programs. He has led many projects in both the private and public sectors, architecting and building Security Operations and Intelligence capabilities; unifying tools, processes, and people. Prior to joining Elastic, Marvin worked as a security consultant at IBM and was the primary SME for QRadar in the nordics and baltics.\r\n\r\nIn addition to his work with clients, Marvin frequently speaks at conferences, summits, and meetups on the latest security topics, making him a dedicated security evangelist. He holds a masters in Computer Science & Engineering from Chalmers University of Technology in Sweden, and is a very proactive member of ISC2, among other security bodies.", "public_name": "Marvin Ngoma", "guid": "b4b66cc0-04a5-5840-b18f-a7ce5599a215", "url": "https://pretalx.com/bsides-tallinn-2025/speaker/GYNGG7/"}], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/9N8ZAY/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/9N8ZAY/", "attachments": []}], "Village": [{"guid": "67611655-ea1a-581e-add3-9b2b5e0d751d", "code": "JT9XMT", "id": 81785, "logo": null, "date": "2025-09-25T10:00:00+03:00", "start": "10:00", "duration": "07:00", "room": "Village", "slug": "bsides-tallinn-2025-81785-village-hands-on-activities-retro-gaming-fiber-fixing-hacker-house-ctf-lockpicking-student-demo-projects-etc", "url": "https://pretalx.com/bsides-tallinn-2025/talk/JT9XMT/", "title": "VILLAGE hands-on activities (retro gaming, fiber fixing, hacker house CTF, lockpicking, student demo projects etc. )", "subtitle": "", "track": "VILLAGE", "type": "Main track", "language": "en", "abstract": "Village area has hands-on activities for you throughout the entire event day. Just hop in and get your hands dirty!\r\n\r\n### LAPIKUD\r\n\r\n- Retro TV gaming, student demo projects\r\n\r\n### OpenLocks.at - \u201cPick locks, get Austrian goodies\u201d\r\n\r\nLockpicking guided by an Austrian lockpicking champion Michael Altenhuber. \r\n\r\n### CTF - Hacking the Smart House by Viris\r\n\r\nCTF registration now open! <https://bsidestallinn.vuln.casa/> \r\n\r\nIntroducing our challenge this year: an IoT house is begging to be pwned \u2026\r\nBreak the locks, pwn the fridge, capture the flags.\r\nShow us what you\u2019ve got BSides fam!\r\n\r\n### Tartu H\u00e4kkerikoda\r\n\r\n- 3D printing crash course\r\n- Programmable USB-devices\r\n- Raspberry PI 5 + cybersecurity hands-on activities\r\n\r\n### VALLIM\u00c4E & PUUSEPP FIX FIBER\r\n\r\nCan you fix fiber with glue, knife and tape? Learn from the PROS!\r\n\r\n---\r\nVillage area at BSides Tallinn 2025 is sponsored by [NEVERHACK](http://neverhack.ee/) Estonia.", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://pretalx.com/bsides-tallinn-2025/talk/JT9XMT/feedback/", "origin_url": "https://pretalx.com/bsides-tallinn-2025/talk/JT9XMT/", "attachments": []}]}}]}}}