The proliferation of non-human identities (NHIs) – APIs, service accounts, tokens, and keys – has introduced a vast and often underestimated attack surface. This talk unveils the hidden dangers of NHIs and equips defenders with the knowledge to combat them.

Congratulations on breaking into cyber! You did it, you got your first job, now what? Spending meaningless hours reading logs, while nothing happens? Pressing one button to get an automated vulnerability report for the customer? Your more senior colleagues only give you routine tasks?
Or worse, you get 6 hours of meetings every day where you have nothing to say. Also, your salary is not that great. You start thinking that maybe cyber is not for you. Is it time to find a way out or a way to stand out? Let's have a look together!

In today's digital era, even robust security frameworks like OWASP and MITRE ATT&CK can prove inadequate against sophisticated phishing attacks. These attacks leverage official chat functionalities in web and mobile applications, causing significant disruptions within the tourism and lodging sectors of modern web applications. This presentation unveils a series of firsthand encounters with such attacks, illustrating their impact and tracing them back to a major cybercriminal ecosystem that utilizes Telegram bots. Through meticulous research and open-source threat intelligence, the discussion explores the vulnerabilities and shortcomings major organizations face in defending against these threats. Key lessons in secure coding, detection engineering, proactive threat intelligence, and security awareness are highlighted, providing attendees with insights to fortify their defenses with a multi-layered security approach. This approach aims to mitigate evolving cyber risks and protect both web applications and brand integrity.

Did you discover a critical vulnerability that could lead to Remote Code Execution on a customer's asset?
Did you only find low-severity vulnerabilities during your most recent penetration test?

Let us work to help draft a report explaining what your test results mean to the customer, how it impacts their business, and what actions they can take to address it promptly.

Entra ID's Administrative Units (AU) are great for defenders… and for attackers! AUs are a useful method for creating scoped Entra ID role assignments. However, this scoping also offers juicy new methods for anyone looking to persist quietly in an Azure tenant: Obscure parameters can hide AU membership, and restrictions can prevent removal of malicious accounts. AUs are a globally-enabled tenant feature. Are you prepared to keep an eye on them?

No background necessary: We'll start by reviewing Azure permissions, Entra ID role assignment, and the advantages AUs can provide. Then, we'll demonstrate scenarios where an attacker can leverage them for invisible, privileged tenant persistence. We'll conclude with detection, remediation, and reflections on these double-edged features of user administration.

In the complex landscape of modern cybersecurity, identifying coordinated attacks within massive volumes of security data is a formidable challenge. Security professionals often grapple with distinguishing these attacks from numerous false positives and isolated incidents. This talk will illuminate how data science can be harnessed to transform tons of events, logs, and alerts into a bunch of clusters, a few kill chains, and fewer actionable insights, with open-source models.

Join us on a journey to enhance application security & security operations efficacy and efficiency

AI has been pushed into almost every part of our lives. The most common one is a GPT based algorithm that makes it to every product and company. Is it the right solution? Do we even know what problem are we trying to solve? You'd be surprised...

Looking to build in robust vulnerability management processes into your CI pipelines? Learn how to generate & leverage Software Bill of Materials (SBOM) all from within your pipelines utilizing open source tools. This talk enables you to secure your development workflow without breaking the bank!

In the ever-evolving landscape of cybersecurity, threat modeling has become a cornerstone for identifying, assessing, and mitigating potential security risks. The process involves various techniques, each with its own set of advantages and limitations. This talk, titled "Deciphering Threat Modeling: Balancing Tools and Manual Approaches for Effective Security," delves into the intricacies of threat modeling by exploring both automated tools and manual methodologies.

I am a cybersecurity student at Sheridan College, where I am obtaining my bachelor's degree. The Code Injection Cyber Range is my capstone project, it is designed to educate and train students in identifying, analyzing, and mitigating code injection vulnerabilities. This project aims to provide a hands-on learning environment, simulating real-world scenarios to enhance students' practical skills and prepare students for the real world. Through interactive exercises and comprehensive training modules, the cyber range fosters a deeper understanding of code injection attacks and equips students with the necessary tools to effectively defend against them.