2.0 -//Pentabarf//Schedule//EN

PUBLISH BJ8LES@@pretalx.com

-BJ8LES

GCVE Backstage: BCPs, Tooling, and Hackathon Opportunities en

20260414T090000 20260414T091500 001500

GCVE Backstage: BCPs, Tooling, and Hackathon Opportunities

GCVE is a decentralized and open approach to vulnerability identification, publication, and reuse. Behind the initiative is a growing set of public Best Current Practices (BCPs): from signature verification and disclosure workflows to decentralized publication, ID allocation, structured vulnerability records, GNA transparency criteria, and KEV assertions. The interesting part for a hackathon is that GCVE is designed as a living, hackable ecosystem: open formats, open BCPs, open validators, and reference implementations already exist. This session gives a backstage view of the current GCVE tooling and shows where people can contribute right now. Possible hackathon projects range from editors, validators, and sync clients to GNA dashboards, KEV tooling, and quality-of-data improvements. As one concrete example, I’ll be working on a CPE editor to improve structured product metadata in the broader GCVE ecosystem. PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/BJ8LES/ Salle Europe Alexandre Dulaunoy PUBLISH ZRBFZ7@@pretalx.com

-ZRBFZ7

Hidden in Plain Text: Identifying Dark Jargon with NLP en

20260414T091500 20260414T093000 001500

Hidden in Plain Text: Identifying Dark Jargon with NLP

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/ZRBFZ7/ Salle Europe Laura Bernardy PUBLISH SJGAZT@@pretalx.com

-SJGAZT

Pivotick: A generic network graph library en

20260414T093000 20260414T094500 001500

Pivotick: A generic network graph library

Pivotick is a new network graph library designed to be both hackable and plug-and-play for the web. In this short talk, we’ll explore its current capabilities, highlight ongoing development, and preview planned features. The goal is to gather feedback and insights to help shape what comes next. PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/SJGAZT/ Salle Europe Sami Mokaddem PUBLISH XHGLKA@@pretalx.com

-XHGLKA

RADAR meets DECIPHER: from anomaly detection in Wazuh to automated response and cases in Flowintel en

20260414T094500 20260414T100000 001500

RADAR meets DECIPHER: from anomaly detection in Wazuh to automated response and cases in Flowintel

We will briefly present the key subsystems that enable this workflow: - **RADAR**: a risk-aware automated response engine integrated into Wazuh that enables anomaly-based and signature-based detection, computing a risk score on threat alerts informed by live Cyber Threat Intelligence (CTI) to run automated response actions. - **DECIPHER**: a REST microservice for automated, IOC-based severity-confidence scoring of security alerts, backed by [MISP](https://www.misp-project.org/) threat intelligence and integrated with [Flowintel](https://github.com/flowintel) for prioritized incident case creation. - **[PyFlowintel](https://github.com/AbstractionsLab/PyFlowintel)**: a Python library providing programmatic access to the [Flowintel](https://github.com/flowintel) API for case management automation. - **SONAR**: a multivariate anomaly detection engine for [Wazuh](https://wazuh.com/), powered by a deep learning algorithm. **RADAR** detects a threat; **DECIPHER** analyzes the alert IOCs with CTI from MISP and computes a severity-confidence score; **RADAR** computes a risk score combining anomaly detection signal, signature-based risk, and DECIPHER CTI score; **RADAR** uses the risk score for triage and automated response; **RADAR** uses **DECIPHER** to create prioritized incident cases in Flowintel according to the triage. PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/XHGLKA/ Salle Europe Arash Atashpendar PUBLISH HSAY8Y@@pretalx.com

-HSAY8Y

Collaborative Detection Engineering with Rulezet en

20260414T100000 20260414T101500 001500

Collaborative Detection Engineering with Rulezet

https://rulezet.org/ for more informations PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/HSAY8Y/ Salle Europe Théo Geffé PUBLISH WE9P3S@@pretalx.com

-WE9P3S

Phone Check app - collecting iOS Sysdiagnose archives at scale en

20260414T101500 20260414T103000 001500

Phone Check app - collecting iOS Sysdiagnose archives at scale

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/WE9P3S/ Salle Europe Will Moffat PUBLISH FQ3MAQ@@pretalx.com

-FQ3MAQ

AIL Project en

20260414T103000 20260414T104500 001500

AIL Project

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/FQ3MAQ/ Salle Europe Aurelien Thirion PUBLISH EBNJLH@@pretalx.com

-EBNJLH

Lookyloo & Lacus internals en

20260414T104500 20260414T110000 001500

Lookyloo & Lacus internals

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/EBNJLH/ Salle Europe Raphaël Vinot PUBLISH GP7EVV@@pretalx.com

-GP7EVV

Dealing with AI PRs en

20260414T110000 20260414T111500 001500

Dealing with AI PRs

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/GP7EVV/ Salle Europe Raphaël Vinot PUBLISH A9ZLMU@@pretalx.com

-A9ZLMU

Flowintel - Something has changed... No ? en

20260414T111500 20260414T113000 001500

Flowintel - Something has changed... No ?

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/A9ZLMU/ Salle Europe Cruciani David PUBLISH TZD7PP@@pretalx.com

-TZD7PP

HOPLITE-MISP-Modules (AI) en

20260414T113000 20260414T114500 001500

HOPLITE-MISP-Modules (AI)

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/TZD7PP/ Salle Europe Alex Cronin David Curran PUBLISH BKSEWH@@pretalx.com

-BKSEWH

Integrating Ghidra Behavioral Similarity with the MISP Ecosystem en

20260414T114500 20260414T120000 001500

Integrating Ghidra Behavioral Similarity with the MISP Ecosystem

[Misp-ghidra](https://github.com/MISP/misp-ghidra) is a python library and scripts to extend Ghidra for exporting ghidra decompilation indicators (functions names, FID hashes, BSIM vectors) to MISP Objects. [BSimVis](https://github.com/MISP/BSimVis) is a tool to analyze similarities across a collection of binaries, based on Ghidra analyzers and the BSim (Behavioral Similarity) plugin. It provides an API and Web interface to upload large quantities of decompiled binaries and BSim feature vectors to a Kvrocks database for similarity analysis, function diffing, and family clustering. PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/BKSEWH/ Salle Europe Thomas Caillet PUBLISH 3VAFP9@@pretalx.com

-3VAFP9

Dusting Off SSLDump en

20260414T130000 20260414T131500 001500

Dusting Off SSLDump

The SSLDump project lived two lifes since its inception early 2000s by Eric Rescorla (aka EKR) who maintained it till 2008. Adulau took over in 2015, he created a new repository on GitHub and merged publicly available patches that were produced by the community but never ended up in the project itself. This talk is about what followed; modernization of the code base, bug fixing and implementation of various new features. PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/3VAFP9/ Salle Europe William Robinet PUBLISH RAWNS8@@pretalx.com

-RAWNS8

Vibe coding - scoping to reduce risks en

20260414T131500 20260414T133000 001500

Vibe coding - scoping to reduce risks

PUBLIC CONFIRMED Talk https://pretalx.com/hackathon-2026/talk/RAWNS8/ Salle Europe Andras Iklody