09:00-09:45 / sala duża
He works in the Network Security Methodology Team at NASK. His interests are focused around monitoring and analysis of network traffic, network attacks detection and penetration tests. Currently he is involved in the SISSDEN project within which he is responsible primarily for the methods of network traffic analysis (SMTP and darknet).
John Bambenek is Manager of Threat Systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for +17 years researching security threats. He is a published author of several articles, book chapters and one book. He has contributed to IT security courses and certification exams covering such subjects as penetration testing, reverse engineering malware, forensics, and network security. He has participated in many incident investigations spanning the globe. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.
Brał udział w opracowywaniu kursów dotyczących bezpieczeństwa IT oraz certyfikowanych egzaminów obejmujących takie zagadnienia jak: testy penetracyjne, inżynieria wsteczna złośliwego oprogramowania, informatyka śledcza i bezpieczeństwo sieci. Badał zdarzenia naruszenia bezpieczeństwa IT o zasięgu międzynarodowym. Prelegent na konferencjach na całym świecie. Prowadzi kilka prywatnych grup wywiadowczych koncentrujących się na dezorganizacji i likwidacji grup zajmujących się działalnością kryminalną.
He is a security specialist at CERT Polska/NASK and a PhD student at the Cybersecurity Department, Warsaw University of Technology. His main fields of interests include detection of network anomalies and methods of communication in botnets.
PhD student at the Centre for Cybercrime Research at Nicolaus Copernicus University where he conducts research on the use of remote search by law enforcement. His interests focus on modern investigation methods used by government agencies, reverse engineering and counterintelligence aspects of information security. He is a member of the Secretariat of the Cambridge International Symposium on Economic Crime. He works as a Security Analyst for Atos, where he is responsible for detecting and identifying threats as well as responding to detected incidents.
Członek sekretariatu Cambridge International Symposium on Economic Crime. Na co dzień pracuje jako analityk bezpieczeństwa w Atos, gdzie zajmuje się reagowaniem na incydenty bezpieczeństwa i wykrywaniem nowych zagrożeń.
IT engineer and security director at Elit Partner. He carries out dozens of auditing and training projects in the field of information security. Over the last 3 years, he has trained several thousand people in the field of information security and personal data protection. He has certificates such as ISO/IEC 27001:2013 Lead Auditor, ISO/IEC 22301:2013 MCP, MCSA. Graduate of the University of Lodz (Faculty of the Applied Informatics). In his free time, he develops leadership skills and public speaking, is passionate about personal development.
Working more than 5 years on Cuckoo Sandbox, the leading open source automated malware analysis sandbox. Jurriaan is the development & team lead in charge of realizing its roadmap and managing its future success.
He specializes in IT security products, especially Endpoint security solutions and DLP systems. In McAfee, he is responsible for pre-sales activities addressed to all Polish customers, partners and distributors. Before joining the current team, he had been working for five years for Arrow ECS, a distributor of IT solutions. He has participated in many different projects related to IT security and other technologies.
IT security expert, member of ComCERT.PL Team, the team that delivers IT incident response related services. He specializes in the security of industrial control systems. A graduate of the University of Warwick in the Great Britain. Founder of the scientist circle at the Military University of Technology, dealing with cyber security. He has been awarded twice for finding vulnerabilities in Microsoft products. Together with the team, he won the award for the best decision-making document in case of cyber conflict in the Cyber 9/12 Europe Competition, organized by the Atlantic Council.
Absolwent brytyjskiej uczelni University of Warwick. Założyciel koła naukowego zajmującego się cyberbezpieczeństwem na Wojskowej Akademii Technicznej. Dwukrotnie nagradzany za znalezione błędy bezpieczeństwa w produktach Microsoftu. Razem z zespołem zdobył nagrodę za najlepszy dokument decyzyjny w przypadku konfliktu cybernetycznego w konkursie Cyber 9/12 Europe, organizowanym przez Atlantic Council.
IT security consultant with over 15 years of experience in the field. Managing Partner at SecuRing, a company dealing with application security testing and advisory on IT security. Has led multiple security assessments and penetration tests especially for financial services, payment systems, SaaS and startups. A lecturer at many security conferences, e.g. AppSec EU, BSides London, SECURE, CONFidence, Security Audit and Management Forum. Main areas of interests include: financial systems security, threat modelling, security in development lifecycle. Since 2011 a leader of OWASP Poland Chapter (Open Web Application Security Project).
Kierował wieloma projektami z zakresu audytu, oceny i testowania bezpieczeństwa systemów informatycznych i aplikacji, między innymi dla wiodących firm z sektora finansowego i wielu instytucji publicznych. Prelegent na licznych konferencjach poświęconych problemom bezpieczeństwa IT, m.in. AppSec EU, Infosecurity Europe, BSides London, SECURE, CONFidence, Security Audit and Management Forum. Główne obszary zainteresowania to bezpieczeństwo systemów finansowych, modelowanie zagrożeń, bezpieczeństwo w cyklu rozwojowym oprogramowania. Od 2011 pełni funkcję lidera polskiego oddziału fundacji OWASP (Open Web Application Security Project).
Wojciech is a legal counsel, specialist in new technologies, personal data protection, copyright law, media and telecommunications, as well as competition and consumer protection. He advises many leading companies in the media, IT, telecommunications and e-commerce sectors. He participates in IT system implementation projects as a legal advisor and participant in negotiations. He also deals with legal aspects of e-commerce sector, advising companies from various areas of activity. He served as the Director of Public Affairs and CSR at Orange Polska and managed key projects in the TP Group, and previously worked for ITI media group. He was the member of the National Broadcasting Council. In 2000-2005 he worked as the Director of the Legal Department at the Ministry of Culture. He is a plenipotary of the Board of the Polish Chamber of Technology and Telecommunication PIIT for data protection and data management.
Bug & malware hunter at CERT Polska, operating within the structure of NASK. He professionally disarms malware and searches for vulnerabilities in open-sources projects. Speaker and trainer at IT security conferences: Warsaw Information Technology Days 2017, SECURE 2016, Security BSides 2015 & 2016.
Founder and editor-in-chief of one of the most popular security-related websites. Security specialist by passion, a keen speaker and trainer, entertaining and teaching audience in Poland and abroad. For the last several years he had been responsible for information security issues at UPC Polska. Today he focuses on describing threats in the cyber world and educating users.
Prof. Dr. Udo Helmbrecht has more than 40 years of professional management experience in the IT sector. Udo Helmbrecht was born in 1955, in Castrop-Rauxel, North Rhine-Westphalia, Germany.
He studied Physics, Mathematics and Computer Science at Ruhr-University, Bochum, and in 1984 he was awarded a PhD in Theoretical Physics. In 2010 Udo Helmbrecht was appointed honorary professor at the Universität der Bundeswehr Munich, Germany. His experience in the field of security has been acquired through work in a variety of areas, including the energy industry, insurance, engineering, aviation, defence, and the space industry. He became the president of the German Federal Office for Information Security (BSI) in 2003. Udo Helmbrecht took office as Executive Director of the European Union Agency for Network and Information Security (ENISA) in October 2009.
Professionally he deals with the widely understood security problem from the point of view of large enterprises and services they provide. He supports decisions on network technologies and security and advices how to use them effectively. Active participant and speaker of many conferences on information security issues. In private, he is a security campaigner on the Internet.
Przemek Jaroszewski is a member of CERT Polska (part of Research and Academic Computer Network in Poland) since 2001, where his current position is the head of incident response. He started his education as a programmer at Warsaw University of Technology, to eventually get his master's degree in Social Psychology from University of Social Sciences and Humanities in Warsaw. Przemek was involved in a number of projects on data exchange and collaboration of incident response teams. He was also a co-author and teacher of trainings for incident responders, including ENISA CERT Exercises and TRANSITS.
Jarosław Jedynak is a malware analyst and security engineer at CERT.PL. His research interests focus on malware, especially P2P botnets. Additionally he is actively tracking new malicious campaigns, in order to disrupt criminal activity. In his free time, he is a passionate CTF player, and cofounder of p4 team.
Michał specializes in personal data protection law, new technologies, the Internet, online services, advertising, and e-commerce. He actively participates in projects concerning comprehensive implementation of new solutions and services. He was also involved in the GIODO/President of UOKIK audit. He has gained his experience while representing clients in administrative and judicial proceedings related to the area of personal data protection, unfair competition, copyright and industrial property rights. He has supported clients in projects related to monetization of personal databases and implementation of omnichannel solutions for the e-commerce industry. He is the author of press publications and books. He participates in legislative and consultative works.
Maciej Kotowicz is Principal Botnet Pwner at CERT.pl with a special interest in reverse engineering and exploit development as well as automation of both. Occasional speaker. In his free time he likes to drink beer and play CTFs, in no particular order.
Programmer, technology enthusiast & homegrown Linux evangelist. Fan of Uncle Bob and Software Craftsmanship approach. If he could, he would write a unit test even for this description. He combines experience with working on web applications, financial systems, and Big Data processing with the challenges of the security team at Consdata. Actively involved in OWASP meetings for some time. Graduate of the Poznań University of Technology and a beginning author of the technical blog.
Vladimir is researcher with Trend Micro FTR team. Active for over 15 years in information security projects and research, he previously built and led incident response teams at some of Fortune 500 companies, was head of Incident Response Team at Positive Technologies since 2014, and holds a masters degree in applied mathematics and information security. He participates in various projects for leading financial, industrial, and telecom companies. His main interests lie in network traffic analysis, incident response, botnet and cybercrime investigations. Vladimir regularly appears at high-profile international conferences such as FIRST, CARO, HITB, Hack.lu, PHDays, ZeroNights, POC, Hitcon, and many others.
For over 15 years he has been working in the IT security sector. Currently as an information security expert at one of the largest financial institutions in Poland, he supervises the security of customer funds and data. Architect, developer and administrator of security systems.
Éireann Leverett once found 10,000 vulnerable industrial systems on the internet. He then worked with Computer Emergency Response Teams around the world for cyber risk reduction. He has since worked on powergrids, incident response metrics, cyber risk, cyber insurance, and medical device vulnerabilities. He likes teaching the basics, and learning the obscure.
Aaron Luo is the cyber threat expert from Trend Micro core technology group. Prior to joining Trend Micro, Aaron worked in the cybercrime investigation department at a local government as a security consultant. He has started the security research since 2005 and is active around information security communities in Taiwan. He was the founder of PHATE hacker group, and a core member of ZUSO Security. Now he is a member of CHROOT/HITCON security research group. He has several research papers published in HITCON, UISGCON ,BalCCon, CLOUDSEC, SYSCAN360 and DEFCON.
Co-founder of Prevenity company. He is passionate about security for more than 18 years. Together with the Prevenity team he provides security advisory services, performs mobile application security testing and assists organizations in handling security incidents. Speaker at numerous conferences on security. Professional experience gained on Polish and international markets. Before Prevenity he worked for Hewlett Packard and Oracle Corporation. Graduate of the Rzeszów University of Technology. CISM, CISSP and CISA certificates holder.
Mirko joined the German Federal Criminal Police Office (Bundeskriminalamt or BKA for short) in 1994. During his career, Mirko has served on a variety of positions in the field of Software Development, Counter-Money-Laundering operations, Hostage Negotiations as well as Counter Terrorism Operations. In 2006, he was assigned to lead the BKA’s Cybercrime Intelligence Operations Team and has been serving the global Counter-Cybercrime-Community in this position since. He holds the rank of a First Detective Chief Inspector and can’t get promoted anymore - which makes operational decision easy from time to time.
Graduated from Poznań University of Technology, for years now has been involved with developing software for the financial sector. Over the course of his career, Marcin has been creating systems for largest banks in Poland, including both corporate and retail ones. His experience also includes delivering solutions for energy companies and the public sector. Long term employee, and a member of the security team at Consdata. Co-organizer and speaker at the OWASP meetings. Common sense enthusiast, aspiring game developer.
Global CTO Security at Huawei. Excellence C-level Technology Leader. Leading teams around the world and communicating from CxO to developer. Driving Security in large software development organizations, from a requirement level to an intrinsic culture of the organization. Solid Business Background in multiple industries (automotive, high-tech, telecommunication,...) and business application areas (CRM, ERP, PLM,…). Definition of technology strategies, into implementation guidelines and development projects. Leading worldwide distributed organizations. Building and running training programs for 20000+ developers around the world. Holder of 17 patents.
Amihai Neiderman is a security researcher in the field of vulnerability research. Amihai has worked on everything from embedded devices, IoT, OS exploitation and web security. In past years he has worked as an independent researcher for various companies and now works as a researcher for Azimuth Security.
Krzysztof Nierodka has been working at Check Point Software Technologies for 10 years. At the beginning he was employed as a sales support engineer and now he supports the company's key customers. In past, he worked as an engineer at Internet Security Systems and spent many years in state administration institutions where he was involved in broadly understood information security. A graduate of the Faculty of Cybernetics at the Military University of Technology.
Adrian Pruski, pseudonym “Just Edi”, is a man who for over 8 years has been professionally using the social strategical workshop in the artistic performances on stage and streets where, above all, a proper social communication strategy ensures the success of each performance. As an artist he has many achievement such as: participation in final of the Polish edition of programme “Got Talent”, street performances in the United States, India, Dubai, London, Edinburgh and many other cities; he guarantees smidge of magic during the presentation.
Inbar has been teaching and lecturing about Internet Security and Reverse Engineering for nearly as long as he has been doing that himself. He started programming at the age of 9 on his Dragon 64. At 13 he got a PC, and promptly started Reverse Engineering at the age of 14. Through high-school he was a key figure in the Israeli BBS scene. He spent most of his career in the Internet and Data Security field, and the only reason he's not in jail right now is because he chose the right side of the law at an earlier age.
Inbar specializes in outside-the-box approach to analyzing security and finding vulnerabilities. Using his extensive experience of over 25 years in the Internet and Data security fields, he spent 3 years at Check Point, running the Malware and Security Research, and 2 years at PerimeterX, performing fascinating research on Bots and Automated Attacks and educating both customers and the public about the subjects.
Inbar has presented at a number of conferences, including Defcon, Kaspersky SAS, Hack.lu, CCC, Virus Bulletin, ZeroNights, ShowMeCon, several Law Enforcement events and Check Point events.
I am a PHD student under the supervision of professor Adi Shamir at the Department of Computer Science and Applied Mathematics of the Weizmann Institute of Science. My research interests are security and applied cryptography.
Polish Safer Internet Centre Coordinator and the head of the Training and Social Projects Team at the Research and Academic Computer Network. She has wide experience in working on international projects and has been a speaker and organizer of a range of conferences on safety in telecommunication. In recent years she has worked as an expert in working groups at ENISA dealing with WEB 2.0 security and online threat awareness raising. Since 2003 she has been one of the organizers of SECURE conference – the oldest cyclical ICT security conference in Poland. Since 2007 she has been a vice chair of the international conference “Keeping Children and Young People Safe Online”. She graduated from the Warsaw University, Institute of Journalism, with specialization in media economics, as well as the Institute of Archaeology, Department of Historical Anthropology – Andean Archaeological Mission.
Michał Sajdak has long experience in topics related to technical IT security. He runs penetration tests and security audits, as well as training on IT security. Holder of CISSP, CEH, CTT+ certificates. Founder of sekurak.pl.
Paweł Srokosz is a security researcher and a malware analyst at CERT.PL, constantly digging for fire and doing reverse engineering of ransomware and botnet malware. Free-time spends on playing CTFs as a p4 team member and studying Computer Science at Warsaw University of Technology.
Raj Samani is a McAfee Fellow and Chief Scientist at McAfee. His prior roles include VP and Chief Technology Officer, EMEA, at Intel Security/McAfee and Chief Information Security Officer for a large public-sector organisation in the United Kingdom. A leading international cybercrime expert, Samani has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3/EUROPOL). Samani volunteers as the Cloud Security Alliance EMEA Strategy Advisor, and is on the advisory councils for Infosecurity Europe and Infosecurity Magazine. Samani has published numerous security papers and is the author of 'Applied Cyber Security and the Smart Grid'. SC Magazine named Samani as one of the Top 10 Influencers in cyber security in 2016. Raj Samani is a sought-after speaker and regularly appears on television commenting on the top IT security issues driving headlines today.
He can be found on twitter @Raj_Samani
Head of Computer Emergency Response Team at PSE S.A. – Transmission System Operator in Poland.
IT security consultant with over 20 years of experience with specialization Computer Forensics and Information Security Management System based on ISO/IEC 2700x. Trainer cooperated with academia, universities and training centers delivers lectures concerning all aspects of information security, risk management (ISO/IEC 27005), ISMS (ISO/IEC 27001), BCM (ISO/IEC 22301), cyber threats and investigations on cybercrimes. Former law Enforcement Officer, until 2014 member of the Management Board of Europol, Polish representative to Heads of Europol National Unit forum, member of a working group of IT and corporate systems. Product Manager, Train the trainer of Europol IT systems. Former Head of Europol National Unit in Poland responsible for the area of fighting of cybercrimes and IP crimes. Holder of many of IT certifications: CISSO, CDFE, CPTE, ISO/IEC 27001 - Lead Auditor, CDRE, Lead PenTest Professional. A graduate of the Interpol Academy – Intellectual Property Crimes.
IT Security Advisor - Expert at Croatian Government's CERT, part of the Information Systems Security Bureau (ZSIS). Born in 1982, writing and breaking computer code for as long as he can remember. A PhD candidate with Master's Degree in Computer Science at Faculty of Electrical Engineering and Computing (FER), University of Zagreb, Croatia. Also, open source contributor (sqlmap, Maltrail, tsusen, ipsum, etc.) and Croatian Chapter Lead for The Honeynet Project.
Janusz A. Urbanowicz runs the Early Recon Team of Poland National Cybersecurity Centre (NC CYBER). Before that he was project analyst at CERT Polska, co-founder of a commercial CERT, INFOSEC commentator for a major Polish news site and security architect for a cloud platform.
Absolwent wydziału Cybernetyki Wojskowej Akademii Technicznej. Po ukończeniu studiów przez sześć lat pełnił obowiązki asystenta naukowo-dydaktycznego w Zakładzie Teleinformatyki na macierzystym wydziale. W latach 2004-2015 pracował u czołowego dystrybutora technologii zabezpieczeń w kraju, gdzie pełnił funkcję konsultanta oraz trenera. Obecnie na stanowisku inżyniera systemowego w firmie Palo Alto Networks zajmuje sie technicznym wsparciem sprzedaży. Jest współautorem publikacji książkowej z dziedziny bezpieczeństwa sieci, prelegent podczas wielu konferencji branżowych, posiada ponad 10 certyfikatów kompetencji kluczowych producentów zabezpieczeń.
Head of the NASK SA Security Department with a long experience in IT sector who combines strictly technical, design and verbal skills, using them to develop and implment IT security products and services.
Product manager at NASK SA with a long experience in the ITC industry. He has co-created many projects in the following fields: telecommunication services, value-added services, security services. Coach of training programs concerning telecommunications services and ICT security.
Paul Vixie was responsible for BIND from 1989 to 1999, and is the author of a dozen or so IETF RFC documents about DNS. He also started the first anti-spam company (MAPS), and was the founder and later president of the first U.S.-based commercial Internet Exchange (PAIX). Today he serves as CEO of Farsight Security, home of the Security Information Exchange (SIE) and the world's leading Passive DNS database (DNSDB). He is also co-inventor of the DNS Response Rate Limiting (RRL) and Response Policy Zone (RPZ) feature-sets now in widening use. He received his Ph.D. from Keio University in 2011, and was inducted into the Internet Hall of Fame in 2014.
Or Yaacov is and experienced security-focused architect at F5 Networks, covering the EMEA region. Specializing in application deliver, secure access, application protection and availability. Consultant and trusted advisor to major accounts in the EMEA region and active speaker in event and conferences, evangelizing F5 Networks within the information security community.
Kim Zetter is an award-winning investigative journalist and book author who has been covering computer security and the hacking underground since 1999, first for “PC World” magazine and more recently for “WIRED”, where she wrote about security, cybercrime, surveillance and civil liberties for more than a decade. She has broken numerous stories over the years about NSA surveillance, WikiLeaks, and the hacker underground and has three times been voted one of the top ten security journalists in the U.S. by her journalism peers and security industry professionals.
She's considered one of the world's experts on Stuxnet, a virus/worm used to sabotage Iran's nuclear program, and published a highly-acclaimed book on the topic – “Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon”. The book is being translated into Polish by Helion, and will be available in Poland in September 2017.
09:00-09:15 / Sala Galaxy II
09:00-09:45 / sala duża
09:00-09:20 / Sala
09:00-09:45 / sdfsdf
aN:00- / Galaxy I, II, III
- / Galaxy I, II, III
- / Galaxy I, II, III
- / Galaxy I, II, III
Check Point Software Technologies
- / Galaxy I, II, III
- / Galaxy I, II, III
- / Galaxy I, II, III
- / Galaxy I
Jarosław Jedynak, Paweł Srokosz,
CERT Polska (NASK), CERT Polska (NASK),
- / Galaxy II
- / Galaxy III
Adam Lange, Adam Haertle,
, Zaufana Trzecia Strona,
- / Galaxy I
- / Galaxy II
- / Galaxy III
Janusz A. Urbanowicz
- / Galaxy I
Karol Wróbel, Wojciech Wrzesień,
NASK SA, NASK SA,
- / Galaxy II
CERT Polska (NASK)
- / Galaxy III
Michał Kowalski, Marcin Mergo,