Life is about making choices that eventually put us somewhere between ‘ordinary’ and ‘legendary’. We started CONFidence 17 years ago hoping it would eventually grow into one of the most valued events for security experts and enthusiasts worldwide.
Finally we can announce that CONFidence 2022 will be OFFLINE again! Let’s meet at the Krakow Aviation Museum with hackers, security experts, and IT specialists from different backgrounds and regions. Book June 6th - 7th and buy your ticket now so you don't miss the best conference!
It’s 2022 and CONFidence is proud to be ever more ambitious in spreading awareness about cyber threats among European IT sec specialists, developers, managers, bankers and governmental representatives.
One of our top priorities has always been to deliver practical, relevant, and diverse content across the different fields of IT security. Thanks to our cooperation with experts representing a great variety of backgrounds, as well as active, security-focused IT communities, we know what it takes to offer our attendees both highly technical and state-of-the-art expertise.
- practical presentations packed with case studies and hands-on experiences,
- great workshops allowing you to test newly-acquired skills,
- solutions immediately applicable to your professional routine
- discussions with international experts focused on recent events (covering burning questions and timely challenges).
In short, CONFidence 2022 is probably not something you want to miss. See you in Krakow!
The best of the best from all over the world come to CONFidence every year to share their knowledge
Get to know new problems and solutions in cybersec.
Finally you will be able to talk with everyone, discuss new technology and enjoy time with other participants.
Prepare yourself for a whole night of networking and fun.
You will be able to speak with them directly during the conference
It will allow you to apply for points necessary for an expert certificate in the field of ICT security.
The times of lectures in the agenda may be subject to change.
LIVE ONLY - THE LECTURE WILL NOT BE RECORDED
*Available only to conference attendees - advance registration required, number of seats is limited.
API is a hot topic right now and very underestimated in terms of security. Bad guys know that. Business starts to see it. Do we know how to conduct penetration tests upon API? During my workshops you will: • get familiar with all needed terms, vulnerabilities in API and interesting cases from the real World. • You will learn tools which can be helpfull with pentesting API • you will do security testing to find some vulnerabilities. Start your adventure with pentesting API
People will get a small introduction about how car networks work and how to connect devices to them. I will teach them how the most important BUS-System works and what limits and possibilities a hacker has. This first part will take around 30-45 Minutes. The Attendees will then get a CAN-Bus Dongle to connect to a virtual CAN-BUS. Every Device will send and listen to a different address. This will lead to a relatively realistic Scenario with 15 CAN-Bus Devices. Just for comparison a Modern Mercedes Benz has around 170-200 CAN-Bus Devices. So our “Scenario” will be simplified but realistic. To get everything running will take around 20-45 Minutes. After everything is running the Attendees will sniff and “play” with real CAN-Bus Packets I will show the different Types and the meaning of those. In 2018 I created for Confidence the first version of my CAN-Bus Simulator. This Simulator now is much easier to use, and the CAN-Bus dongles are now in a real case like for real Pro-Hackers.
Malware remains as one of the most effective tools used by cyber criminals to commit fraud. Far from now are the days in which viruses were just jokes. And it is not me being dramatic, just look at the news and you will see that this situation is getting worse every day. There are several reasons that make these threats successful, including but not limited to: · Launching a malware attack is NOT rocket science, you can find open source or leaked code on Github and even tutorials on Youtube. · They come in different flavors according to your needs, from very simple keyloggers to highly modular botnets that can be updated on the fly. · If you don’t want to deal with technical stuff, you can even buy malware-as-a-service (and you could get 24/7 support). For us as defenders, understanding the technical details of these type of threats is not an easy task, it requires specialized tools and skills and even with those, be aware that bad guys will always try to obscure their creations to slow down the analysis. This sounds scary, and especially intimidating if it is your first time dealing with these "creatures"; but it is not the end of the world, we just need to adapt and overcome these challenges. Join me in this workshop if you want to learn several techniques that will help you to get rid of the first and most common type of defense implemented by malware to hide its secrets (packers/crypters). Let's remove their armors and see what is hidden behind!
Praktyczne warsztaty pokazujące jak może i powinna wyglądać współpraca między zespołem bezpieczeństwa IT a managementem organizacji. W czasie warsztatów uczestnicy będą uczestniczyć w symulacji reakcji organizacji na incydent. Symulacja obejmie elementy techniczne oraz prawne, a także czynniki zewnętrzne np. PR. Celem warsztatów będzie nauczenie uczestników jak obsługiwać wszystkie aspekty incydentu i jak zminimalizować jego skutki dla organizacji oraz użytkowników.
The schedule of the upcoming edition of CONFidence is ready - now it’s your turn to choose which presentations are a definite must-see!
Yes, meeting people is important during the conference, but we’re here for the knowledge, right?
Are you an Internet of Things, Malware or Mobile expert? Maybe your interests include web security, crypto, live hacking or forensics? Red team or blue team?