BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//talk//9JT9GR
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesluxembourg-2026-9JT9GR@pretalx.com
DTSTART;TZID=CET:20260507T112000
DTEND;TZID=CET:20260507T120000
DESCRIPTION:What if I told you the security tool you trust the most (your X
 DR) is also an attacker's favorite weapon? You spent time\, money\, and ef
 fort deploying it\, testing it\, fine tuning it\, believing it had your ba
 ck. But what if\, instead of stopping threats\, it was helping them?\n\nYo
 ur XDR isn't broken\, in fact\, it's doing exactly what it's designed to d
 o and what you set it up to do. The problem? Attackers have figured out ho
 w to make it work for them instead of against them. \n\nIn this session\, 
 we'll discuss how the bad guys manipulate XDR implementations\, abuse dete
 ction logic\, weaponize built-in components\, and turn trusted security co
 ntrols into defensive tools. From abusing existing workflows to full explo
 itation\, you'll see why your XDR might not be protecting you the way you 
 think it is.
DTSTAMP:20260411T221409Z
LOCATION:Main Stage
SUMMARY:The Spy Who Logged Me - When your XDR joins the attackers - Melina 
 Phillips
URL:https://pretalx.com/bsidesluxembourg-2026/talk/9JT9GR/
END:VEVENT
END:VCALENDAR