Curious where are we with CONFidence 2019?

We are working hard to make CONFidence 2019 an unforgettable experience.
Here is some news you might be interested in!

We have 17 lecturers confirmed – wanna know more about them? Click here.

We are launching the CONFidence Class – a series of workshops and lectures for teenagers that will take place before and during CONFidence 2019. For more details click here.

Our WOŚP auction finished at 1425 PLN and all of this money will be used to support children healthcare in specialists hospitals all over the country.

We have announced that CTF competition is back to CONFidence. It will be organized by P4 – 3rd best CTF team IN THE WORLD!

Keep posted as we are just getting started 😉

 

 

Joe Słowik on CONFidence 2019

Joe will talk on: „Meet Me in the Middle: Threat Indications & Warning to enable Operational Threat Intelligence

Discussions on threat intelligence often get bogged down between machine speed ingestion of atomic indicators and in-depth analysis of activity taking weeks (or months) to produce. Left in the cold in such debates is a very important but seldom considered middle ground: time-sensitive and incomplete but enriched threat intelligence. In various military settings, this is referred to as threat indications and warning (I&W) a step beyond a simple observable refined to ensure accuracy and timely receipt. The goal of I&W is to get actionable, important information to those in need of it most as quickly, efficiently, and accurately as possible, even if as a result some context or other insights are lost. As a result of this activity, consumers are better armed and equipped to deal with and counter threats as they emerge, rather than either reacting to items with no context whatsoever or only reading about their challenges weeks after the fact in a complete intelligence report. This discussion will explore the concept of threat I&W within the context of network security generally and threat intelligence specifically to identify this topic as a shamefully ignored middle ground between extremes. The presentation will explore the conceptual background behind this idea, then transition to real-life examples of I&W drawn from the speakers’ past activity in threat intelligence, incident response, and military operations. Attendees will walk away with two key lessons: first, do not let perfect (finished, complete intelligence) be the enemy of the good (actionable, if incomplete, information) when it comes to network defence; second, network defence consists of multiple phases of activity, from tactical to strategic, but ignoring the spaces in between results in fractured and incomplete operations. As a result of this discussion, attendees will be better armed and equipped to ask critical questions of their threat intelligence providers and have an enhanced set of expectations for what threat intelligence can do to support defensive operations.

 

Capture The Flag at CONFidence 2019

We know you’ve missed it so we are coming back to organizing CTF competition at CONFidence. 

 

After a long process of evaluation, we’ve decided to conduct it with a help of P4 – 3rd best CTF team in the world originated in Poland.

 

 

We can’t tell you what tasks to expect but here is what you should know now:

  • Every attendee of the conference can take part in the CTF
  • Your team should consist of 2 to 4 members
  • The competition will last through the whole CONFidence
  • We are planning the teaser (more details soon)

All the other information will be gradually published on our website and in socials!

A while ago we’ve launched an online auction as a part of the 27th finale of WOŚP. 

If you took part in it you know that in this licitation you could win:

  • 2 VIP tickets to CONFidence 2018
  • 2 invitations to dinner with speakers, program committee and organizers before and during CONFidence 2019
  • 2 packages of CONFidence 2019 gadgets

The bidding finished on 16th of January and the winner (going by the enigmatic pseudonym Client:55287580) got the set for 1 425 PLN!

Now this money will help to fund the equipment for specialist children’s hospitals across Poland.

To all who took part in the auction – THANK YOU, YOU ARE AWESOME!

Who can you hear at CONFidence 2019?

Adam Haertle – until recently CSO of a large polish telecommunications company, currently editor in chief of an infosec portal, journalist, researcher, lecturer and trainer. Former ISACA Poland and CSA Poland Board member. A regular speaker at security-oriented conferences, big fan of security and privacy who does not always follow his own advice.


Adam Lange – information security professional with strong experience in malware detection, analysis and prevention. Keeping an eye on clients assets in one of the largest Polish financial institutions, architecting, developing and maintaining security systems and software.


Piotr Konieczny has been helping the biggest Polish and foreign companies to secure networks and web services for 13 years. A graduate of Glasgow Caledonian University. He started working in the IT industry at the British department of Philips Electronics. Founder of Niebezpiecznik.pl, a consultancy company analyzing IT projects in terms of security.

As part of Niebezpiecznik.pl, Piotr manages a team performing audits and penetration tests of ICT systems and conducts training for administrators and programmers in the field of computer network protection, as well as the creation of secure web applications.


Michal Purzynski leads the Threat Management and Incident Response at Mozilla. His team hunts threat actors and helps to protect hundreds of millions of Firefox users. He designed and created managed security services on a datacenter scale, and moved to Mozilla to continue making bad guys life’s miserable. He built the Network Security program, including the Network Security Monitoring system spanning three continents, eight countries, and a cloud. Michal publishes the code for the Bro IDS, spins Suricata above and beyond 40Gbit/sec and makes sure Mozilla has means to detect attacks and respond to them with a „they didn’t even know what hit them” efficiency. He continued sharing his knowledge at various conferences, such as SuriCon and BroCon. Michal is also a member of the Bro IDS Board of Directors.


Ronnie Tokazowski, aka iHeartMalware, is a Senior Threat Researcher with Agari who specializes in BEC intelligence. Ronnie also has experience reverse engineering APT malware and finds enjoyment by messing with threat actors.


Lukas Stefanko is an experienced malware researcher with a demonstrated history of working in the computer security industry. He is a strong engineering professional skilled in security research, Android and mobile security. Lukas joined ESET in 2011, and in the past couple of years, he has primarily focused on researching Android threats.


Vitali Kremez is a Director of Research at Flashpoint. He oversees analyst collection efforts and leads a technical team that specializes in researching and investigating complex cyber attacks, network intrusions, data breaches, and hacking incidents. Vitali is a strong believer in responsible disclosure and has helped enterprises and government agencies deliver indictments of many high-profile investigations involving data breaches, network intrusions, ransomware, computer hacking, intellectual property theft, credit card fraud, money laundering, and identity theft. Previously, Vitali enjoyed a rewarding career as a Cybercrime Investigative Analyst for the New York County District Attorney’s Office.

He has earned the majority of certifications available in the information technology, information security, digital forensics, and fraud intelligence fields. A renowned expert, speaker, blogger, and columnist, Vitali has contributed articles to Dark Reading, BusinessReview, and Infosecurity Magazine and is a frequent commentator on cybercrime, hacking incidents, policy, and security.


Paweł Opitek – doktor nauk prawnych, prokurator delegowany do Prokuratury Krajowej, ekspert Instytutu Kościuszki ds. Cyberbezpieczeństwa, członek Strumienia Blockchain/DLT i Waluty Cyfrowe przy Ministerstwie Cyfryzacji, Polskiego Towarzystwa Kryminalistycznego oraz Centrum Technologii Blockchain przy Uczelni Łazarskiego. Zajmuje się cyberprzestępczością, m.in. kryptowalutami, dowodami cyfrowymi, hakingiem, tokenizacją praw majątkowych. Prelegent na krajowych i międzynarodowych konferencjach naukowych, autor książek, publikacji i specjalistycznych opracowań z zakresu prawa i kryminalistyki. Wykładowca akademicki (SGH, AGH, KSSiP); realizator szkoleń dla służb ochrony prawa, prokuratorów, sędziów i adwokatów. Ukończył studia dziennikarskie, studium pedagogiki i psychologii, studia podyplomowe Cyberprzestępczość w bankowości elektronicznej; obecnie realizuje studia z zakresu prawa nowych technologii.


Dani Goland is a 24-year-old coding machine. At the age of 20, he founded his own boutique company for innovative software and hardware solutions. While gaining experience in the business field, Dani did not neglect his hands-on capabilities. In just a short while he won two coding competitions, one of which was held by eBay. Dani recently relocated from Israel to the United States to study Data Science at the prestigious UC Berkeley. After serving in the Israeli Defense Forces as a commander of a Field Intelligence unit, Dani went on an 8-month journey across South America. He loves snowboarding, music concerts, and having crazy, breathtaking experiences such as spending 5 days in the Bolivian Jungle with no food or water.


Ido Naor is a Senior Security Researcher at GReAT, a team of researchers who’ve been tasked by Kaspersky Lab to investigate the most prolific APT incidents, ransomware distribution, banking heists and other types of internet hacking monsters. Ido’s focusing on threats in the middle east and is actively following groups of hackers who aim to demolish the ordinary lives of citizens and public/gov institutes. In the following years, Ido has been reporting incidents such as the Instagram hack, for responsible disclosure, but also worked with the Israeli military on the case where hackers aimed to spy on soldiers. Both have been widely presented in the media. Ido is 31 years old, a martial arts experts and a father of 3, lives in Tel Aviv, Israel. He served at one of the most notorious intelligence special ops military units, as a combatant, commander and later on as a Krav Maga instructor.


Björn Ruytenberg is an MSc student in Computer Science and Engineering,
specializing in Information Security, at Eindhoven University of
Technology. Being a technology enthusiast, he holds a BSc in Electrical
Engineering as well as Computer Science (cum laude). Aside from his work
as a software developer, he actively participates in bug bounty
programs. His vulnerability research mainly focuses on sandboxing
technology in widely deployed enterprise products, including Adobe
Flash, Microsoft Office and Foxit Reader.


Peter Kálnai is a malware researcher at ESET. As a speaker, he has represented ESET at various international conferences including Virus Bulletin, AVAR, OFFZONE and cyberCentral. He hates mostly malware like crypto-ransomware because it displays hardly any inventiveness and has a very destructive impact on the victim. His golden rule for cyberspace is always to prioritise security measures over user comfort. In his free time, he enjoys table football and travelling.


Michal Poslušný is a malware researcher working at ESET, where he is mainly responsible for reverse engineering of complex malware threats. He also works on developing various internal projects and tools and has actively participated in research presented at AVAR, OFFZONE and Virus Bulletin international conferences in the past. In his free time, he likes to play online games, develop fun projects and spend time with his family.