DefCon Holland: Dc 3120 meetup

A meet up for Dutch Hackers in a Dutch bar after work or school. We will have a stage with amazing speakers, some oldschool games and if you had too much beer & bitterballen you can do some hacker karaoke if you want.

DefCon Holland rules

• • • • • • • • • • • • • -

• Follow the 3-2-1 Rule Daily
• Socialize
• Don't be an Asshat/fucktard
• Press, headhunters & sales are not allowed
• No sponsors

EVENT INFO

• • • • • • • -
              Date: Thursday 30 january 2020
              Location: Pllek - T.T. Neveritaweg 59, 1033 WB Amsterdam
              Take over: 18:00 till 22:00

• FREE ENTRANCE * + FREE stickers

Pllek is just on the other side of the River IJ, next to the crane of the NDSM wharf. You can park your car in the area around Pllek for 1.40 per hour till 7 p.m. With the free ferry from Central Station or from the Pontsteiger you are within 5 minutes walk to Pllek.

SCHEDULE

• • • • • • • -
              18:00 - Walk-in
              19:00 - Endpoint Detection Super Powers on the cheap by Olaf Hartong
19:30 - JSONs everywhere by Daniela
              19:45 - Break
              20:30 - Why Security Professionals Should Write Code by Valentine
              21:00 - InfoSec != Hacking by Ciphernaut
              21:30 - Beer and wine

TALKS

• • • • • • • -
              Endpoint Detection Super Powers on the cheap by Olaf Hartong
              Olaf Hartong is a co-founder of FalconForce and a security researcher who specializes in understanding the attacker tradecraft and thereby improving detection.

In order to become a super hero, able to hunt for bad in your environment you first need some great powers. Starting blind, you need means to listen. I will introduce a modular Sysmon configuration to cover your Windows environment, mapped extensively to the ATT&CK framework.
By using the ATT&CK framework as a basis for hunting the likelihood of catching at least part of the attackers trail is significantly increased. To make use of this rich data source I will demonstrate a Threat Hunting application which will guide your investigation along all covered ATT&CK techniques.

JSONs everywhere by Daniela
Daniela is currently working as security architect, has a technical background and a passion for automation.

As network security components are manageable via a web interface and have an API for automation, the importance of understanding web related risks in the network security roles is more and more important. Same goes for the cloud related migrations. Basically everything talks JSON and responds to web requests.

Why Security Professionals Should Write Code by Valentine
As a purple teamer for KPN-CERT, Valentine's work mostly consists of proactive threat hunting, application and infrastructure compromise, threat model visualisation. She is the co-founder of WICCA, a community for women in cybersecurity based in Amsterdam.

As pentesters, we point out mistakes made by software developers and we like to have a laugh at it once in a while. But do we realise how hard it is to actually write complete secure code? This presentation is to challenge the hacker mindset to think about secure coding and the many difficulties that arise when building secure software.

InfoSec != Hacking by Ciphernaut
Ciphernaut is an old school hacker.

The past few years, we’ve seen an increase in the popularity of offensive security techniques among young people that would like to build a career in the information security industry. Often, hacking is made synonymous with these techniques without exploring the broader mentality, history and culture of the hacker spirit, which extends beyond Infosec and can be found in other fields, such as art and music. During the talk we will explore a few examples of works created by artist hackers in The Netherlands in the past twenty years and why it is still important to keep the hacker spirit alive beyond information security.

"Hacker" is not synonymous with criminal. A hacker is someone who finds a new and different way to do something"