Almost whole last week I spent in Prague at CyberCentral conference. It was a pretty unique experience for me. I was for the first time at the International conference as a speaker. And not only I presented my report there, but lead the round table on Vulnerability Management and participated in a panel session.
From my point of view, everything was pretty good. I successfully closed my gestalt on public speaking in English. I definitely can do it.
The event was hold in Lucerna passage right in a center of Prague. Beautiful building in Art Nouveau style with famous ironic "Statue of King Wenceslas Riding an Upside-Down Dead Horse".
Even to speak in this building was a great honor. In my opinion the place was chosen ideally. It is beautiful and really good located. Lots of good hotels, restaurants and all main tourist attractions were in nearby. It was easy to go for a walk in a spare time. Some photos you can see at my Facebook page [1,2] .
First pre-conference day I spent at the Application Security training by Milan Pikula, Security Analyst Lead at SK-CERT. He demonstrated how to exploit some basic web application vulnerabilities and use methods of binary analysis. It was possible to give it a try: all vulnerable applications were available for the audience.
I need to say that the Small Lucerna cinema Hall is very comfortable for such trainings. In every chair there was a built-in small table for the laptop and a power socket.
At the evening we had a great dinner for the speakers at the Výtopna Restaurant. Great feature of this restaurant is the functional railroad that goes right on the tables and the small trains serve drinks to the customers. Food was also pretty good.
CyberCentral is not a very big conference, comparing to the main Russian events for security practitioners: PHDays and ZeroNights. At the same time it is an advantage. It's much better for networking. Everyone in sight, everyone is available for a talk.
The important reason to visit European information security events is that you can meet there people who do not attend Russian international conferences. Moscow is a little bit far away for them and it's necessary to get visa. It's much easier to meet in one of the European countries. By the way, despite the fact that the conference was held in the Czech Republic, most of the attendees were from neighboring Slovakia. There were also many people from Germany, Great Britain and the Balkan countries. And practically from all other corners of Europe.
At the first day of the conference I can mention great presentation of Marco Ermini,
Senior Security Architect Hosts & Networks at Telefonica O2. He was talking how security risks and threats are connected with merger and acquisition activities. I especially liked the second part of his presentation. It was OSINT tools. I had some experience in Competitive Analysis and used similar techniques for getting information about different organisations from the publicly available data.
At the same day I lead the round table on Vulnerability Management. Networking was pretty fun. 5 people participated. We discussed Tenable and other VM vendors, who drag everything into their clouds. ^_^ We also talked about compliance scanning, GDPR and about life in our countries.
The second day was THE day for me. First of all, I presented my report "Enterprise Vulnerability Management: fancy marketing brochures and the real-life troubles".
You can see slides at Slideshare:
I was preparing this presentation since October 2017 and partly shown it at ISACA Moscow meetup. Of course, for CyberCenter I updated it a lot: added research on CWE, Nessus exploits, IDC and Forrester marketing reports, the latest problems with Nessus and OpenVAS. I also spoke a little bit about my vulnerability scanner Vulchain and added wonderful examples of patching problems related to the latest Specter and Meltdown vulnerabilities.
Finally, I've got this presentation plan:
And made the following conclusions:
In the Q&A section, we talked very nicely about problems of detecting vulnerabilities in self-assembled software packages and about backported patches. Also there were interesting questions about Vulchain and the detection methods that it currently uses. ^ _ ^
In the same technical stream I liked 2 presentations:
Then I was participating in "International Panel on Worldwide Trends". It was the last talk of the event.
The plenary session also went well:
It was very intense week. Lots of new connections and interesting talks. Big thanks to the organizers, especially to Alexander Nevski, Cyber Security Program Director at EBCG, and all participants! It was awesome. =)