We will be part of the Disobey, the Nordic Security event, again this year!

This year we are hosting 5 workshops during the weekend of Friday 11.1.2019 and Saturday 12.1.2019 at Kaapelitehdas.

Read more about Disobey’s program for the whole weekend https://disobey.fi/program.php.

Please buy your ticket at the door. (Presale tickets are sold out).

Feel free to join the other program of the Disobey event with same ticket. Ticket prices: one day ticket 40 € and two day ticket 60 €. Ticket also includes free ticket to after party at Biitsi in Ruoholahti.

Anyone can join the events, female & males!

Our program at Disobey

*** Friday 11.1.2019 at 14:00 – 15:00 ***

Red teaming for fun and education (1 h)

How to build a game-like experience out of Cyber Attacks in Cyber Security exercise? How to entertain the blue teams and enable blue teams to defend themselves but stay one step ahead of the defenders to keep the game going? Red teaming for fun and education!

Hosted by Tuuli Siiskonen, CuddyCom Security Ltd
hacker, agile security coach, technology enthusiast with human interface.

Capacity: max. 70

*** Friday 11.1.2019 15:00 – 16:00 ***

Architecture threat analysis on car heater (1 h)
Do you want to learn to think like a hacker? Would you like to avoid introducing security vulnerabilities in your software before coding at all? Have you been wondering what kind of design decisions affect the security of your surroundings? If you answered yes to any of these questions or you would like to learn to do threat analysis, this workshop is for you!
Hosted by Tuuli Siiskonen, CuddyCom Security Ltd
hacker, agile security coach, technology enthusiast with human interface.

Capacity: max. 20

*** Friday 11.1.2019 16:00 – 18:15 ***

Bug Bounting Web Applications (2 h)

Have you always wanted to take part in bug bounty hunting but don’t know how? This talk will give you the info you need for web applications: where, how, what to look for, what not to do, tools & techniques and their limits.

Hosted by Lea Viljanen. Lea ‘LadyBug’ Viljanen has been in the Finnish security scene for 20+ years doing technical auditing and consulting, building processes etc. In addition to that she is one of the founders of Hackrfi, a Finnish company specialized in organising bug bounties.

Capacity: 70

Saturday 12.1.2019 10:30 – 13:00

*** Think Security ***

Hackers? White hats? Black hats? Cybersecurity Experts? Who are these people and how technical do I have to be to become one of them?

During the workshop, you will be immersed in the world of cybersecurity and get a feel of how attackers and defenders think. You will get a feel of how an attacker could about infiltrating a company by looking for weakest links and extracting valuable information such as passwords and confidential documents. Various professionals with careers in penetration testing, software development, security research and risk management will guide you on how to “Think Security” and improve the defenses of an individual’s and a company’s systems and networks against these types of attacks. These experts will also share their stories and experiences from their careers.

Hosted by Laura Kankaala, Karmina Aquino, Christine Bejerasco and Laura Noukka

Laura Noukka
Senior Risk Management consultant, Privacy service lead
Risk management professional who have made a deep dive in to the world of privacy and IT security while working for the F-Secure cyber security services

Capacity: 32

*** Saturday 12.1.2019 17:15 – 20:45 (with a break) ***

Hands-on Threat Modeling – Securing Your Software Design

Threat modeling is about thinking what bad can happen to our
systems and what can we do about it. It can identify logical flaws and reveal
problems in the architecture or software development practices.
These vulnerabilities cannot usually be found by technical testing.

As a result, threat modeling helps you deliver high quality
software, prioritize your preventive security measures, and focus your penetration testing on the most risky parts of the system. The beauty of threat modeling is that you can assess security already in the design phase. In addition, it is something every team member can participate in
because it doesn’t require any source code, special skills, or tools. Threat modeling is for everyone: developers, testers, product owners, and project managers.

In this workshop, you will learn practical methods, such as the
STRIDE model, for finding security and privacy threats in a realistic target system. You will also learn to analyze use stories and features for finding business level threats.

Hosted by Anne Oikarinen and Nadin Torralba

Anne Oikarinen is a Senior Security Consultant who works with
security and software development teams to help them design and develop
secure software. She will find the weak points of your architecture and
security concerns that threaten your business also from the things
that cannot be tested.

Nadin Vazquez Torralba is a Security Consultant with experience in
risk management, IAM and pentesting who helps architects, developers and
system owners assessing and securing their systems.

Anne and Nadin work at Nixu Corporation, a cybersecurity
specialized company whose mission is to keep the digital society running.

Capacity: max 30 people