{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2024.3.1"}, "schedule": {"url": "https://program.wiccon.nl/wiccon-2024/schedule/", "version": "1.9", "base_url": "https://program.wiccon.nl", "conference": {"acronym": "wiccon-2024", "title": "WICCON 2024", "start": "2024-10-31", "end": "2024-11-01", "daysCount": 2, "timeslot_duration": "00:05", "time_zone_name": "Europe/Amsterdam", "colors": {"primary": "#000000"}, "rooms": [{"name": "Main stage", "guid": "92272933-c356-57af-a458-c9fcb2b2d9e9", "description": "Talks", "capacity": 400}, {"name": "Workshops", "guid": "9afffbb4-421c-56d8-906a-eaae6b47e077", "description": "Follow the workshop arrows", "capacity": 100}], "tracks": [{"name": "Talks", "color": "#4F1473"}, {"name": "Workshops", "color": "#9C0000"}], "days": [{"index": 1, "date": "2024-10-31", "day_start": "2024-10-31T04:00:00+01:00", "day_end": "2024-11-01T03:59:00+01:00", "rooms": {"Main stage": [{"url": "https://program.wiccon.nl/wiccon-2024/talk/PSGUEL/", "id": 111, "guid": "f98a23c3-5ee6-5ef6-944c-0347f5c01fbd", "date": "2024-10-31T09:00:00+01:00", "start": "09:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-111-0-walk-in-registration", "title": "WALK-IN & REGISTRATION", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Time to get to the venue, hang your coat, get your badge and get some coffee or tea.", "description": "**Venue**\r\nLichtfabriek, Energieplein 73, 2031 TC Haarlem, The Netherlands.\r\n\r\n**Parking** \r\nThere is free street parking in the area, but as it is also an area with a lot of offices you may not be able to park in front of the venue on the street or maybe even have to walk a little bit. Another option is reserving a spot on the Haarlemmer  Stroom parking terrain via [Mobypark](https://www.mobypark.com/nl/parkeerplaats/3967/parkeren-haarlemmerstroom-lichtfabriek-haarlem-parkeerplaats-haarlem-netherlands) or [ParkBee](https://maps-web.parkbee.com/nl/pages/garage-details/cfc97531-dbb9-4027-a7dc-9b6ddbd61b64?garageName=Haarlemmer%20Stroom&city=Haarlem&startTime=2024-10-15T13:45:00.000Z&endTime=2024-10-15T15:45:00.000Z&zoneNumber=27192&product=prepaid&address=My%20Way%20Parkeren%20Haarlemmer%20Stroom,%202031%20TD%20Haarlem,%20Netherlands&pbSessionId=1728998358490).\r\n\r\n**Public transport**\r\nTravel to Haarlem station, please check your route in advance because there is some maintenance on the tracks at Haarlem during WICCON.\r\n\r\nFrom Haarlem station there are 2 options to get to De Lichtfabriek:\r\n1. Walking. De Lichtfabriek is 1 km away from the station. This is about a 13-minute walk.\r\n2. By bike. You can rent an OV-fiets at Haarlem station. By bike you can reach De Lichtfabriek within 5 minutes.\r\n\r\n**Registration**\r\nKeep your ticket at hand, it was sent to you from tickets@eventix.nl\r\n\r\n**Badge**\r\nOnce again this year you will get a badge from us, this time it will have plenty of space for SAO's, so bring them if you have them :)\r\n\r\n**Dress code**\r\nWe don't have a dress code, but since we do WICCON during Halloween you are allowed to come dressed up!", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/HBXDNG/", "id": 107, "guid": "d74795db-4e0c-5e0e-a76e-29bc3d208c61", "date": "2024-10-31T10:00:00+01:00", "start": "10:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-107-opening", "title": "OPENING", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Opening of WICCON2024", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "e94a600e-2945-533b-b18a-1d2d1aacb3b6", "id": 2, "code": "9FGQWG", "public_name": "Chantal Stekelenburg", "avatar": "https://program.wiccon.nl/media/avatars/Chantal_Stekelenburg_crop_small_cFOJnMO.jpg", "biography": "Chantal Stekelenburg is Head of Hackers at Zerocopter. She takes care of one of the most important aspects of Zerocopter's services: the community of hackers. As a co-founder and organizer of WICCA (Women in Cybersecurity Community Association), she is also involved in bringing infosec ladies and security enthusiasts together to learn about exploits, hacking, incident response, forensics, the low-level stuff, hardware hacking, and especially making bad crypto jokes! Her main goal is to build a community of badass women in the Netherlands and hopefully inspire future generations to join keyboards and get the hacking started!", "answers": []}, {"guid": "e02811c5-901d-54a8-ab47-5c65d6f0fe0e", "id": 3, "code": "XDXW7K", "public_name": "VM", "avatar": "https://program.wiccon.nl/media/avatars/kip_9IqQqGE.jpeg", "biography": "Jack of all trades. Master of some. Security engineer by day, cybercrime fiction writer by night. As a Security Engineer at GitLab, Valentine's work consists of putting out cyber fires, building automation to make her work easier, and designing value metrics for the division. Besides toying with digital systems, she\u2019s a fiction writer who likes Star Wars, metal music, and useless things like chickens and D&D.", "answers": []}, {"guid": "34b8af75-5c43-533f-a9bd-306e95d102a0", "id": 12, "code": "CEA8H7", "public_name": "Dani\u00eblle Wagemakers", "avatar": "https://program.wiccon.nl/media/avatars/Dany-s_Q4Ub3gl.jpg", "biography": "Dani\u00eblle Wagemakers is a DevSecOps consultant at Sogeti, where she helps clients with threat modeling, shift-left of security to earlier in the development lifecycle and security testing. In 2024 she joined the WICCA (Women In Cybersecurity Community Association) core team  as an organizer. Dani\u00eblle is passionate about threat modeling personal lives as ways of protection against stalkers and has presented on this topic at WICCON, Hacker Hotel and PancakesCon. Besides WICCA Dani\u00eblle is also active in the WHY2025 hacker camp organization, because building up a supportive and inclusive community is what it's all about .", "answers": []}, {"guid": "3730d826-e8ac-5bf1-9475-604c894a6128", "id": 44, "code": "Z7CCCN", "public_name": "Jaimy Thepass", "avatar": "https://program.wiccon.nl/media/avatars/1718334399376_njszvZz.jpeg", "biography": "A former army officer who is guiding the Red Team of Northwave Cyber Security through the mazes of commercial ethical hacking. Loves tech but people in tech even more. Raises questions about leadership in general and especially female- and expert leadership. Loves cars, hates high latency during COD.", "answers": []}, {"guid": "d1c11b2b-bb52-5431-aca1-63ea0d794801", "id": 88, "code": "V7GVJM", "public_name": "Faith Opiyo", "avatar": "https://program.wiccon.nl/media/avatars/Image_JQjTN92.jpeg", "biography": "Faith Opiyo is a Senior Technical Staff Member and Threat Hunt Manager at IBM CISO, where she leads a team in proactively identifying advanced threats and threat actors. In addition to her day job, Faith volunteers as an organizer for Women in Cybersecurity Community Association (WICCA) and co-hosts OutofBand, a podcast that promotes cognitive diversity and honest conversations in cybersecurity. Above all, Faith\u2019s favourite new role is being a mom to her little human.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/RV9HCB/", "id": 50, "guid": "3b19532c-8396-54fd-8f7d-ba9dfbf7f69b", "date": "2024-10-31T10:30:00+01:00", "start": "10:30", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/RV9HCB/Fleur_van_Leusden-70695_23mgqiV.jpg", "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-50-hacking-the-vote-why-the-paper-trail-matters-in-elections", "title": "Hacking the vote: why the paper trail matters in elections", "subtitle": "", "track": "Talks", "type": "Talk 60 minutes", "language": "en", "abstract": "In the Netherlands we have a long standing tradition of voting using the red pencil and paper. But historically we have had a good decade where we voted using votingmachines/computers.\r\n\r\nThe reason we went back to the paper way has everything to do with some very critical hackers. The result of their important work and effort is still relevant today. \r\n\r\nIn this talk you will learn a little bit about the history of votingmachines in the Netherlands, what hackers had to do with them and what the challenges are that we face when trying to digitalize the voting proces.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a36b169e-1443-51a7-b9dd-be41572e07d5", "id": 48, "code": "XSPAPM", "public_name": "Fleur van Leusden", "avatar": "https://program.wiccon.nl/media/avatars/Fleur_van_Leusden-70695_jYWRWq9.jpg", "biography": "Fleur is a well known security expert and CISO, working for multiple Dutch government organisations in the past. She currently works as CISO for the Dutch Electoral Council and has developed a fascination with digitalized voting and voting machines.\r\n\r\nShe also has a podcast (Dutch language) called \"CISO praat\" on security related subjects.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/BW3JVQ/", "id": 100, "guid": "6d1dad0e-5f6d-5a5c-a517-26466f16ae66", "date": "2024-10-31T11:30:00+01:00", "start": "11:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-100-melting-the-ice-heating-up-the-icedid-infrastructure", "title": "Melting the Ice: Heating up the IcedID infrastructure", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Imagine facing a list of the most commonly used malware variants for initial access. As the Dutch Police, where would you begin your investigation? In this talk, I will guide you through one of the investigations from Operation Endgame, where we began with just the name of the malware: IcedID. I will illustrate the complexities involved in tracking and dismantling the malware infrastructure, as well as apprehending the cybercriminals behind it.", "description": "Operation Endgame was a collaborative effort involving international law enforcement agencies, judicial authorities, and private industry, aimed at dismantling several key botnets that played a critical role in cybercrime. This operation enabled us to simultaneously take down these botnets and disrupt the infrastructure used by cybercriminals.\r\n\r\nInitially designed as a banking Trojan, IcedID has expanded its capabilities to include credential theft, financial fraud, and serving as a delivery mechanism for secondary threats such as ransomware. In this talk, I will provide a detailed analysis of its architecture, focusing on its modular design, command-and-control (C2) infrastructure, and our investigative findings.\r\n\r\nI will also highlight the collaborative efforts between law enforcement agencies and cybersecurity professionals in effectively combating the threat posed by IcedID. This includes the importance of threat intelligence sharing and the role of international cooperation in dismantling cybercrime networks.", "recording_license": "", "do_not_record": true, "persons": [{"guid": "334e10df-67cc-56a2-b970-92ca89fccfb1", "id": 99, "code": "MWSWBA", "public_name": "Ilse Ruesink", "avatar": "https://program.wiccon.nl/media/avatars/IMG_3340_f9r7IZt.jpg", "biography": "Ilse works at the Dutch Police for almost 5 years as part of the regional Cybercrime Unit of Midden-Nederland. She is working as a digital forensic examiner on different kind of cybercrime cases, from hunting botnets and their creators to different kinds of banking fraud.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/FFCVZK/", "id": 61, "guid": "4406f8d1-ecd8-5f0c-a3e8-1bccc4a1db92", "date": "2024-10-31T12:00:00+01:00", "start": "12:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-61-inside-job-tackling-insider-risk-from-all-angles", "title": "Inside Job: Tackling Insider Risk from All Angles", "subtitle": "", "track": "Talks", "type": "Talk 60 minutes", "language": "en", "abstract": "Prepare for a dynamic and engaging presentation by two field specialists (Diana Makienko: Business Information Security Officer (BISO) at Swift and Lucile Renhas: Insider Risk Consultant at Signpost Six). This session will blend theoretical insights, academic studies, and real-life examples to provide a comprehensive understanding of insider risk. Attendees will uncover hidden risks within their organisation and learn how to effectively combat insider threats. This session will equip them with the knowledge and tools to enhance their organisation's resilience, ensuring a holistic approach to security.", "description": "In today's threat landscape, insider risk remains a critical yet often overlooked issue. While cybersecurity professionals have primarily focused on external threats, experience has shown that these measures are far from sufficient.\r\nOur presentation will delve into the complexities of managing malicious insider threats, highlighting the unique challenges organisations face in detection and mitigation. We will discuss the rise of awareness in Europe, contrasting it with the US focus on technical tools and Europe's emphasis on employee protection and privacy. Key topics include:\r\n\u2022 The portrait of a malicious insider: Understanding these characteristics, personal traits, and motives that drive people to commit insider crimes. \r\n\u2022 Balanced Approach: Combining technical tools with employee protection, favouring in-house capacity building over-reliance on large American providers.\r\n\u2022 Comprehensive Mitigation: Addressing Governance & Culture, IT & Physical Security, Employee and Third-Party Management, and Training & Communication, with an emphasis on the importance of employee awareness and training against social engineering.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a4f1912d-1aa9-51f7-bec4-15725967364d", "id": 60, "code": "G7XTQV", "public_name": "Diana Makienko", "avatar": "https://program.wiccon.nl/media/avatars/IMG_0048_EOp3vQl.jpeg", "biography": "I have been working in customer-facing roles in the multinational financial industry from the very beginning of my career. The Bangladesh hack ignited my interest for cybersecurity, leading me to enroll into executive cyber security masters at Leiden University. I graduated cum laude with a research paper on malicious insider threats. I'm particularly passionate about the human factor in cybersecurity and am a certified insider risk manager. Currently, I am the Business Information Security Officer (BISO) at Swift.\r\n\r\nBeyond my professional endeavors, I am a proud mother of two young adults, a certified coach, a creative public speaker, and a skilled debate moderator. I speak six languages, enjoy traveling, sports, cooking and music, and have a keen interest in politics.", "answers": []}, {"guid": "49d2aa7a-4dd2-52b7-abb7-868022bfbe91", "id": 61, "code": "LYMM9H", "public_name": "Lucile Renhas", "avatar": "https://program.wiccon.nl/media/avatars/Profile_pick_gNhAWZp.jpg", "biography": "Lucile Renhas is an accomplished Insider Risk Consultant at Signpost Six, bringing a background in international relations to her role. She excels in managing and directing projects for multinational clients, collaborating closely with business leads and stakeholders to ensure successful outcomes. For the past two years, Lucile has been at the forefront of guiding a leading pharmaceutical company\u2019s insider risk programme. Lucile holds a master's degree in Crisis and Security Management from Leiden University, specialising in the governance of radicalism, extremism, and terrorism.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/L37CN3/", "id": 108, "guid": "bdfe70c6-1ad6-5dff-bf09-462cfbb71b3c", "date": "2024-10-31T13:00:00+01:00", "start": "13:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-108-0-lunch", "title": "LUNCH", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Lunch", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/7UJDQF/", "id": 64, "guid": "13f63b81-240b-5812-ab10-d107484dced7", "date": "2024-10-31T14:00:00+01:00", "start": "14:00", "logo": null, "duration": "00:45", "room": "Main stage", "slug": "wiccon-2024-64-turning-neurodiversity-into-a-strength", "title": "Turning Neurodiversity into a Strength", "subtitle": "", "track": "Talks", "type": "Talk 45 minutes", "language": "en", "abstract": "Neurodiversity as your superpower.", "description": "What's a  topic that's as critical as finding your phone charger when it\u2019s on 1% ? The shortage of cybersecurity professionals. But here's the twist: is there really a shortage, or are we just looking for talent in all the wrong places with outdated criteria?\r\n\r\nI'll share my personal journey of being diagnosed with autism later in life and starting a cybersecurity career without traditional diplomas. This talk is aimed at employers to educate them on neurodiversity, helping them understand why some individuals may lack formal qualifications and how to successfully integrate these talented people into their teams.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "185db0b0-7657-5744-a903-f92ae23ce1f9", "id": 65, "code": "DNVYZU", "public_name": "Tirza", "avatar": "https://program.wiccon.nl/media/avatars/ava2_kuzx5IV.png", "biography": "Hi everyone! I\u2019m Tirza, but my friends call me TiDi. Discovering I\u2019m autistic was a huge AHA moment\u2014like finding out I\u2019ve been using the wrong password all my life.\r\n\r\nI\u2019ve always loved computers and technology, but school only interested me when it involved tech. After leaving school early and becoming independent, I turned my passion into a career.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/R3DYWZ/", "id": 92, "guid": "9a15c54a-ace8-5f6a-8ea2-2b813251ae68", "date": "2024-10-31T14:45:00+01:00", "start": "14:45", "logo": null, "duration": "00:45", "room": "Main stage", "slug": "wiccon-2024-92-airdrop-forensics", "title": "AirDrop Forensics", "subtitle": "", "track": "Talks", "type": "Talk 45 minutes", "language": "en", "abstract": "In this talk we\u2019ll examine Apple\u2019s AirDrop functionality from a forensic perspective. We will look at the various forensic artefacts an AirDrop file transfer creates, including unified logs, file metadata, extended attributes and the quarantine database, as well as how to find and analyse them. We will also discuss some of the privacy & security concerns regarding the protocol behind AirDrop.", "description": "Talk outline:\r\n- What is AirDrop & how the technology works\r\n- Existing AirDrop security issues\r\n- Forensics artefacts created by an AirDrop transfer", "recording_license": "", "do_not_record": false, "persons": [{"guid": "e6fb5863-85f8-5ac3-abf0-533d0a99435b", "id": 90, "code": "JLYFTE", "public_name": "Kinga Kieczkowska", "avatar": "https://program.wiccon.nl/media/avatars/profilepic_9AgIld8.png", "biography": "Kinga Kieczkowska is a cyber security consultant with a keen interest in digital forensics. She's passionate about all things cyber security, from building security awareness and culture to security operations and engineering. She currently splits her time between working in security architecture at a bank and consulting through her own consultancy Rada Cyber Security. After hours she blogs about macOS and iOS security on kieczkowska.com.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/37QRBX/", "id": 74, "guid": "9011304e-595e-54d0-a920-1c50be5bf31a", "date": "2024-10-31T15:30:00+01:00", "start": "15:30", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/37QRBX/Slide1_K8HDkNP.jpeg", "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-74-metrics-matter-in-effective-human-risk-management", "title": "Metrics matter in effective human risk management", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Achieving lasting behavioural change is crucial for reducing the human risk element in cybersecurity. However, many decision-makers in cybersecurity are ill-equipped to identify which buttons to push to foster truly cyber-safe behaviour. In presentation, based on research involving over 6,000 employees and insights from the human risk management movement, I challenge the gut feelings that often inform behaviour programs and advocate for a measurement-driven approach to inform interventions. I willl provide practical advice for implementing this approach, including the use of user experience tests, questionnaires, and existing data sources. These tools can inform decisions about effective behavioural interventions. By shifting from intuition to evidence, we can fortify the human element in cybersecurity more effectively.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a03295f1-23d2-5429-b8d6-530c0649f277", "id": 74, "code": "CYLSPD", "public_name": "Gerine Lodder", "avatar": "https://program.wiccon.nl/media/avatars/hoofd_gerine_Old7hqf.jpg", "biography": "Gerine Lodder, a self-proclaimed data lover and a bit of a nerd, currently serves as the Product Manager of Awareness & Behaviour at Northwave Cybersecurity. After earning her PhD in psychology, she spent 12 years as a behavioural scientist before transitioning to cybersecurity in 2022. At Northwave, she applies her scientific insights into effective behavioural measurement and change, focusing on the human factor in cybersecurity, measuring cybersafe behaviour, and mitigating the mental health effects of ransomware, and effective cybersafe behaviour interventions.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/X9JMK9/", "id": 109, "guid": "9c3915aa-9367-570a-b1fb-ba0927db87b8", "date": "2024-10-31T16:00:00+01:00", "start": "16:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-109-0-break", "title": "BREAK", "subtitle": "", "track": null, "type": "Talk 30 minutes", "language": "en", "abstract": "Break", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/E9STQ8/", "id": 53, "guid": "5fc1faf2-9807-5592-ae6d-8f29efd1401d", "date": "2024-10-31T16:30:00+01:00", "start": "16:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-53-how-to-navigate-the-cyber-resilience-act", "title": "How to navigate the Cyber Resilience Act", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "The Cyber Resilience Act is an upcoming EU cybersecurity legislation. It is designed to make sure products with digital elements are developed more securely, ultimately protecting consumers all over Europe. It supplements the existing legal framework for the CE mark (EU declaration of conformity) for security properties. The Cyber Resilience Act marks the first-ever EU-wide legislation of its kind, mandating cybersecurity requirements for both hardware and software products throughout their entire life cycle. This presentation will give an overview of everything you need to know now about the regulation.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "3fb60f6d-56b4-5ed5-aece-7c4501a06b00", "id": 50, "code": "U3VBLT", "public_name": "Raluca Viziteu", "avatar": "https://program.wiccon.nl/media/avatars/U3VBLT_zsIzcqm.jpeg", "biography": "My name is Raluca Viziteu. I work as a cybersecurity consultant for Secura. I am from Bucharest, Romania. I moved to the Netherlands 7 years ago and studied Computer Science and Engineering at the Eindhoven University of Technology for my bachelor's and Information Security Technology for my master's. For my job as a cybersecurity consultant at Secura I focus on certifications. I aid our customers to achieve compliance with various cybersecurity standards and regulations. This year, my main focus has been the upcoming Cyber Resilience Act.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/ESLPUH/", "id": 60, "guid": "f6efebf0-1dd4-5c49-bf09-3058d3c355f5", "date": "2024-10-31T17:00:00+01:00", "start": "17:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-60-from-galactic-hacker-party-1989-to-why2025-the-history-future-and-importance-of-dutch-hacker-camps-", "title": "From Galactic Hacker Party 1989 to WHY2025; the history, future and importance of Dutch Hacker Camps.", "subtitle": "", "track": "Talks", "type": "Talk 60 minutes", "language": "en", "abstract": "Dutch Hacker Camp culture is deeply rooted in the ethos of openness, collaboration, and exploration. These camps are typically organized by volunteers from various hacker and maker communities in the Netherlands and attract participants from all over the world who are interested in technology, hacking, DIY culture, and digital freedom.\r\nThey have a rich history and in this talk, an overview of this history is given .", "description": "Dutch Hacker Camp is part of the larger series of international hacker camps, including the Chaos Communication Camp (Germany) and the Electromagnetic Field (UK).\r\nThese camps often feature a diverse range of activities including workshops, talks, hacking competitions, art installations, and social gatherings. Attendees can learn about topics such as computer security, hardware hacking, cryptography, privacy, and free software.\r\nOver the years, Dutch Hacker Camps have evolved and grown in size and popularity, attracting not only hackers and tech enthusiasts but also artists, activists, educators, and others who are passionate about exploring the intersection of technology and society.\r\nOverall, Dutch Hacker Camps play an important role in fostering a sense of community, promoting innovation and creativity, and advocating for digital rights and freedoms. They provide a unique space for people to come together, learn from each other, and collaborate on projects that push the boundaries of technology and imagination.\r\n\r\nThis talk will take you through the history of Dutch Hacker Camps, and prepares you for the next big one in 2025; WHY2025.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "086930d0-5bfe-59ca-949e-57fc6d064949", "id": 59, "code": "TCH3SN", "public_name": "Boekenwuurm", "avatar": "https://program.wiccon.nl/media/avatars/boekenwuurm_comic_purpke_eOE8F3H.png", "biography": "Christel Sanders is a purple loving physicist whose first hacker camp was EMF in 2016. It was love at the first sight, and she went on to help organizing the dutch hacker camps. She is hanging around Hackalot, the hackerspace in Eindhoven that she helped build.\r\nAs the co-chair of Stichting IFCAT, hacker and a passionate advocate for digital knowledge and maker skills, she loves having an active role in the Dutch hacker community.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/XDY8PX/", "id": 96, "guid": "97f0e017-e4db-520e-b10a-2454f297b3e9", "date": "2024-10-31T18:00:00+01:00", "start": "18:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-96-closing-keynote-are-we-quiet-quitting-in-cyber-", "title": "Closing keynote - are we quiet quitting in Cyber?", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Despite the array of incentives\u2014from subsidies and grants to regulations, DARPA challenges, and X Prizes\u2014cybersecurity remains a persistent and evolving problem. With so many efforts aimed at fixing the vulnerabilities in our digital landscape, why do we still struggle to get it right?", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c9307b66-826b-5255-87d0-5e33a4ec5d5e", "id": 37, "code": "XUDYFN", "public_name": "Jaya Baloo", "avatar": "https://program.wiccon.nl/media/avatars/Jaya-Baloo-1_TWBX7Dh.jpg", "biography": "Jaya Baloo is an information security professional with more than 20 years\u2019 experience leading and contributing to secure network architecture. As Chief Security Officer (CSO) at Rapid7, Jaya leads the efforts to evolve and mature the company\u2019s internal security program, engages with customers as well as with the wider security community, and collaborates across all Rapid7 teams to develop and showcase security best practices.\r\n\r\nBefore joining Rapid7, Jaya was CISO at Avast and at KPN, the largest telecommunications carrier in the Netherlands, where she established and led its security team to create world class best practices in strategy and policy. Jaya has also been a faculty member of Singularity University since 2017, where she regularly lectures.\r\n\r\nJaya sits on the advisory boards of the NL\u2019s National Cyber Security Centre, PQCrypto, and the EU Quantum Flagship\u2019s Strategic Advisory Board. She serves on the audit committee of TIIN capital, a cybersecurity fund, and is also a board member of the RvT of the Dutch Broadcasting station, the NOS. She is recognized within the list of top 100 CISOs globally.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/8YBURU/", "id": 115, "guid": "e0564c34-3500-5cdd-af23-ed08955afd54", "date": "2024-10-31T18:30:00+01:00", "start": "18:30", "logo": null, "duration": "01:30", "room": "Main stage", "slug": "wiccon-2024-115-networking-dinner-party", "title": "NETWORKING DINNER & PARTY", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Networking dinner and a little party", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}], "Workshops": [{"url": "https://program.wiccon.nl/wiccon-2024/talk/PSGUEL/", "id": 111, "guid": "abc8e223-f0f5-59a3-8c50-5f6cfe56ac76", "date": "2024-10-31T09:00:00+01:00", "start": "09:00", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-111-1-walk-in-registration", "title": "WALK-IN & REGISTRATION", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Time to get to the venue, hang your coat, get your badge and get some coffee or tea.", "description": "**Venue**\r\nLichtfabriek, Energieplein 73, 2031 TC Haarlem, The Netherlands.\r\n\r\n**Parking** \r\nThere is free street parking in the area, but as it is also an area with a lot of offices you may not be able to park in front of the venue on the street or maybe even have to walk a little bit. Another option is reserving a spot on the Haarlemmer  Stroom parking terrain via [Mobypark](https://www.mobypark.com/nl/parkeerplaats/3967/parkeren-haarlemmerstroom-lichtfabriek-haarlem-parkeerplaats-haarlem-netherlands) or [ParkBee](https://maps-web.parkbee.com/nl/pages/garage-details/cfc97531-dbb9-4027-a7dc-9b6ddbd61b64?garageName=Haarlemmer%20Stroom&city=Haarlem&startTime=2024-10-15T13:45:00.000Z&endTime=2024-10-15T15:45:00.000Z&zoneNumber=27192&product=prepaid&address=My%20Way%20Parkeren%20Haarlemmer%20Stroom,%202031%20TD%20Haarlem,%20Netherlands&pbSessionId=1728998358490).\r\n\r\n**Public transport**\r\nTravel to Haarlem station, please check your route in advance because there is some maintenance on the tracks at Haarlem during WICCON.\r\n\r\nFrom Haarlem station there are 2 options to get to De Lichtfabriek:\r\n1. Walking. De Lichtfabriek is 1 km away from the station. This is about a 13-minute walk.\r\n2. By bike. You can rent an OV-fiets at Haarlem station. By bike you can reach De Lichtfabriek within 5 minutes.\r\n\r\n**Registration**\r\nKeep your ticket at hand, it was sent to you from tickets@eventix.nl\r\n\r\n**Badge**\r\nOnce again this year you will get a badge from us, this time it will have plenty of space for SAO's, so bring them if you have them :)\r\n\r\n**Dress code**\r\nWe don't have a dress code, but since we do WICCON during Halloween you are allowed to come dressed up!", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/NSBN3N/", "id": 104, "guid": "f819b29d-96ae-55bf-87d6-2902b0b26af3", "date": "2024-10-31T10:30:00+01:00", "start": "10:30", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-104-serious-gaming-for-behavioural-change-", "title": "Serious gaming for behavioural change.", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "Serious game expert Nancy Beers and Karen Sikkema will show you the super power of using games and playfulness to raise security awareness and use playfulness as an educational tool.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "763759cd-4796-52e9-9725-132740033531", "id": 109, "code": "B8L9XU", "public_name": "Nancy Beers", "avatar": "https://program.wiccon.nl/media/avatars/Nancy-Beers-qp7n7vv0a7oxsvjyqyeisljqjgfzmge5thyynsgazk_MYkZgpR.jpg", "biography": "Nancy Beers is a seasoned gamification expert, and the owner of Happy Game Changers. With over 25 years of experience in ICT, Nancy brings a wealth of knowledge and expertise to the table. As the co-chair of Stichting IFCAT, hacker and a passionate advocate for digital rights and freedoms, she has been instrumental in shaping the Dutch hacker community.\r\nNancy is not only an international speaker but also an avid participant in various ICT events worldwide. She is known for her engaging talks on topics ranging from female leadership, Women in Tech, cybersecurity to gamification, captivating audiences with her insights and expertise.\r\nIn addition to her speaking engagements, Nancy is deeply involved in the organization of WHY2025, the next big Dutch Hacker Camp. Her dedication to fostering collaboration, innovation, and exploration within the hacker community is evident in her role as a co organizer of this event.\r\nBeyond her professional endeavors, Nancy is an amateur social engineer, open source hippie and constantly seeking new ways to leverage technology for positive change. With her unique blend of technical skills and social insight, she continues to push the boundaries of what is possible in the world of hacking and beyond.", "answers": []}, {"guid": "ed03f1c3-8f61-5ded-bce1-5e18b879a6e7", "id": 111, "code": "TJA7BP", "public_name": "Karen Sikkema", "avatar": "https://program.wiccon.nl/media/avatars/Foto_0034_vLqJCRn.jpg", "biography": "Karen Sikkema has been working in game-based learning for nearly 20 years at her serious game studio, Living Story. She is an early pioneer in the field of game-based learning and gamification, helping organizations make learning adventurous and interactive. With her team at Living Story, Karen focuses on motivation and job satisfaction in organizations, as well as learning, discovering talents, engagement, and storytelling experiences. Karen is a concept developer and game designer, with extensive experience as a trainer, facilitator, (guest) lecturer, and a sought-after national and international speaker. She is also the author of the 2023 Management Book of the Year, Spelen Werkt (Playing Works).", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/KTVF3E/", "id": 113, "guid": "3498f2d9-6d06-5e6a-8ec1-10b896b38200", "date": "2024-10-31T11:30:00+01:00", "start": "11:30", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-113-hackshield", "title": "Hackshield", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "During Emily Jacometti's demo at Wiccon, you\u2019ll walk away with key takeaways, including:\r\n- A deep understanding of HackShield\u2019s mission and how it positively impacts digital safety for children.\r\n- Insights into how gamification and storytelling can make education fun and engaging.\r\n- Practical steps on how to become a guest teacher and contribute to the movement.\r\n- A clear vision of how HackShield is creating societal change and fostering future talent in tech.\r\nDon't miss the chance to learn how you can be part of this impactful initiative!", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a3e2c619-49ef-5831-ae9a-ab1a483abd04", "id": 113, "code": "WEDMMR", "public_name": "Emily Jacometti", "avatar": "https://program.wiccon.nl/media/avatars/image003_EfoRSSq.jpeg", "biography": "Emily Jacometti is the co-founder of HackShield, a platform focused on digital safety for children. Active in the gaming industry since 2008, she is on the board of the Dutch Game Association and an ambassador for Women in Tech and VHTO. Emily is a keynote speaker who champions inclusivity for women and girls in tech. As a mother of three, she is dedicated to creating a safe and inclusive digital future for children worldwide.  \r\nThe power of gamification and storytelling lies in the heart of HackShield. We truly believe that these values can make education fun and engaging. . My personal goal is to make HackShield equal as fun as educational. My job is done when our players are not even realizing that they are learning anymore.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/L37CN3/", "id": 108, "guid": "e7c596a0-978d-52b1-be2a-e272986ef69c", "date": "2024-10-31T13:00:00+01:00", "start": "13:00", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-108-1-lunch", "title": "LUNCH", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Lunch", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/W8ZCGW/", "id": 79, "guid": "167a8da3-c9cc-5a52-bce1-bdfba818aa0d", "date": "2024-10-31T14:00:00+01:00", "start": "14:00", "logo": null, "duration": "02:00", "room": "Workshops", "slug": "wiccon-2024-79-defender-chronicles-the-defeat-of-the-ransomware-curse", "title": "Defender Chronicles: the defeat of the ransomware curse", "subtitle": "", "track": "Workshops", "type": "Workshop 120 minutes", "language": "en", "abstract": "Explore the art of incident response. Join our D&D-style campaign to thwart the Cryptic Sorceress, recover the crown jewels, and gain resilience in the face of digital calamity. \r\nThere will be a bit of humor and silliness, unexpected twists and turns and opportunity to learn a lot about incident response.\r\nBut beware - victory isn\u2019t guaranteed.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "48e5ed34-7592-5db3-9902-2f37c241a3cf", "id": 78, "code": "XZ8TBG", "public_name": "Maresa Vermulst", "avatar": "https://program.wiccon.nl/media/avatars/foto_VuJvgn9.jpg", "biography": "I am Maresa Vermulst. I\u2019ve worked at  KPN Security as a security researcher and as an incident responder at the Chamber of Commerce.\r\nNow, as a detection engineer at Northwave Cybersecurity, my days revolve around analyzing logs, identifying threats, and fine-tuning our detection. Beyond the office, I\u2019m an OSINT enthusiast and help to find people when needed. I also join the occasional CTF.", "answers": []}, {"guid": "540626f5-55d0-5655-bcc9-9bd3a45f3740", "id": 79, "code": "9SXQER", "public_name": "Martine Koch", "avatar": "https://program.wiccon.nl/media/avatars/1562590183033_juuaush.jpeg", "biography": "Martine is teamlead for a group of SOC engineers at Northwave. She has diverse experience in the field, from pentester to business security consultant. She uses her wide knowledge on security to help improve the daily security operations within Northwave.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/X9JMK9/", "id": 109, "guid": "a25cd93f-e59b-5cf9-97f0-c45e9b96edbe", "date": "2024-10-31T16:00:00+01:00", "start": "16:00", "logo": null, "duration": "00:30", "room": "Workshops", "slug": "wiccon-2024-109-1-break", "title": "BREAK", "subtitle": "", "track": null, "type": "Talk 30 minutes", "language": "en", "abstract": "Break", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/KYX8V7/", "id": 112, "guid": "608618bf-0a9d-5a43-84f4-0d72d222afcb", "date": "2024-10-31T16:30:00+01:00", "start": "16:30", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-112-100-ways-to-die-at-work", "title": "100 Ways to Die at Work", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "Education about hazardous substances doesn\u2019t have to be dull\u2014it can be engaging and fun! In this interactive session, discover how \"100 Ways to Die at Work\", a serious game, tackles critical safety issues in an innovative way: Protect your co-workers, ensure your own safety, and learn about hazard symbols, all at the same time.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "4a73e48e-8b6c-5afb-8cc8-a61eff9db058", "id": 112, "code": "8ZAAQP", "public_name": "Tamara Onos", "avatar": "https://program.wiccon.nl/media/avatars/KK-32_H9NM11M.jpeg", "biography": "Tamara Onos is an occupational hygienist who works for industry associations, trade unions, and companies in the chemical and construction sectors. Her primary focus is reducing exposure to hazardous chemicals to prevent work-related illnesses. A key aspect of her work involves educating both employers and employees about occupational risks. Tamara enjoys using unconventional methods, such as suspense novels and serious games. One example is \"100 Ways to Die at Work,\" a game she co-developed with Living Story and 100kilo.nl.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/TJADYK/", "id": 120, "guid": "094e7be3-6896-52ad-9803-350ed4a23f41", "date": "2024-10-31T17:30:00+01:00", "start": "17:30", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/TJADYK/AW_logo_RGB_Dark_KNGsnEJ.png", "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-120-conversation-starters-security-privacy-skill-games", "title": "Conversation Starters & Security & Privacy Skill Games", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "How do you handle dilemmas in information security? Test your knowledge and decision-making skills with our Conversation Starter game, where you'll face challenging scenarios designed to put your critical thinking and information security skills to the test.", "description": "Conversation Starters & Security & Privacy Skill Games\r\n\r\nHow do you handle dilemmas in information security? Test your knowledge and decision-making skills with our Conversation Starter game, where you'll face challenging scenarios designed to put your critical thinking and information security skills to the test.\r\n\r\nDo you dare to make the right decisions to protect your organization? Find out with the Awareways Conversation Starter Game!\r\n\r\nKnowledge is the foundation, but the ability to apply that knowledge and refine your skills is the key to success. Practice makes perfect, after all. With this principle in mind\u2014and inspired by various learning theories\u2014Awareways has developed multiple Security & Privacy Skill Games. In a safe and engaging environment, you'll have the chance to elevate your skills.\r\n\r\nOn Wiccon, you can play Clickventure, Risky Business, or Handle With Care in the gamified online learning environment, Wave.\r\n\r\nSave the company party by identifying all fraudulent links in Clickventure.\r\nTrain the latest invention and teach it to assess risks in Risky Business.\r\nAfter a lightning strike, Privacy Inc. has gone offline\u2014in Handle With Care, it's up to you to get the information systems back up and running.\r\nDid you know that these games are also available as arcade cabinets? Stop by for more info! ?", "recording_license": "", "do_not_record": false, "persons": [{"guid": "5bcaec1d-ea38-5db7-94d6-8712f885dfbc", "id": 117, "code": "NZBAQE", "public_name": "Za-Zie Kuipers", "avatar": "https://program.wiccon.nl/media/avatars/AW-Za-Zie-Kuipers-800x532_QkpC8Xv.jpeg", "biography": "From her master's studies in Behaviour Change and Communication Science, Za-Zie applies her knowledge and skills as a program manager and social psychologist. Indeed, the combination of a master\u2019s in Psychology *and* a master\u2019s in Communication Science directly engages two fields that we use to facilitate behavior change in security & privacy.", "answers": []}, {"guid": "89ff5a1a-f109-5931-a920-14b1c4816f41", "id": 119, "code": "VBRFUG", "public_name": "Yaren Cirit", "avatar": "https://program.wiccon.nl/media/avatars/AW-Yaren-Cirit-800x532_QHRKI8p.jpeg", "biography": "Yaren is a Digital Product Designer in the Awareways, she combines her Visual Design degrees from Yasar University and Hogeschool Utrecht. Her focus is on understanding business goals and learning objectives and translating them into effective digital learning solutions, such as our learning platform and skill games.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}, {"index": 2, "date": "2024-11-01", "day_start": "2024-11-01T04:00:00+01:00", "day_end": "2024-11-02T03:59:00+01:00", "rooms": {"Main stage": [{"url": "https://program.wiccon.nl/wiccon-2024/talk/9RMGC7/", "id": 110, "guid": "9a9ecc4c-6205-5a2b-8724-80336bb25652", "date": "2024-11-01T09:00:00+01:00", "start": "09:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-110-0-walk-in", "title": "WALK-IN", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Time to get to the venue, hang your coat and get some coffee or tea.", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/J7DJNM/", "id": 62, "guid": "44f68cfe-766d-5148-ab55-33e4ac1effec", "date": "2024-11-01T10:00:00+01:00", "start": "10:00", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/J7DJNM/BrokenGlass_fE8qYeq.jpg", "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-62-mission-impossible-chatcontrol", "title": "Mission: Impossible - Chatcontrol", "subtitle": "", "track": "Talks", "type": "Talk 60 minutes", "language": "en", "abstract": "The EU wants to address digital CSAM (Child Sexual Abuse Material). Their ideas of getting rid of it direct us into a minefield of problems, as the current plans would lead to an unparalleled surveillance of 450 million EU citizens, while it is not clear what it can bring. \r\nIt is a topic that seems to contrast the protection of privacy versus the protection of children. But is that really the case? And are there other solutions?", "description": "The regulation aims to create a system for detecting and reporting online CSAM and so the last two years the EU plans to counter CSAM revolve around breaking encryption (via backdoors) and clientside scanning. If you've heard of it, you probably know the ideas by the name 'Chat Control'. So far, members states are divided because of details, but they seem to be getting closer to passing new rules. Hungary, which took up the rotating Council presidency for six months starting July 1st, is keen to work further on the topic. But what exactly does it mean (spoiler, it's not just about your chat messages), what impact could it have? In this talk I will address the scope of the plans and their possible impact, the legal side, the technical side and the human factor and what could be a reasonable approach with an emphasis on solid security and privacy.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "8a5d01ce-0789-5881-ade3-7eb421f58823", "id": 62, "code": "8TPDRT", "public_name": "Helma de Boer", "avatar": "https://program.wiccon.nl/media/avatars/8TPDRT_8Xl4tMW.jpg", "biography": "Helma is a privacy and security professional, currently working as information security officer with SURF, the ICT cooperation for education and research. Early in her career, she worked as a legal assistant. She taught herself programming in the 1990s and built many websites and databases for SMEs. She worked with Arjen Kamphuis on the book Personal information security for the Dutch Broodfonds and she maintains the website beschermjegegevens.nl. She is certified DPO, Information Privacy Technologist (CIPT) and CISM.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/VTSDJT/", "id": 80, "guid": "789377ac-0c4f-57b8-83d1-8df852e5cc0f", "date": "2024-11-01T11:00:00+01:00", "start": "11:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-80-a-crash-course-in-container-security-what-is-a-container-and-what-does-it-have-to-do-with-security-", "title": "A crash-course in container security: what is a container and what does it have to do with security?", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Nowadays container technology has become a key component of modern software development and deployment practices. In this talk, we will talk about how containers work, what are the security risks that come with them, and how to address these. \r\nNo specific background required in order to follow this presentation :)", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "96117a86-52aa-5351-b63e-6e58d1adb524", "id": 81, "code": "WAPR3S", "public_name": "Irina Chiscop", "avatar": "https://program.wiccon.nl/media/avatars/Screenshot_2024-07-29_at_12.18.30_fJm5n3e.png", "biography": "Irina is a  Security Engineer with background in mathematics. She started her career in cybersecurity doing research on network anomaly detection methods. In 2023 she decided it was time to put all theory in practice, so she joined Adyen. During the day you'll find her delving into complex IT infrastructure and writing python code, during the evening on the volleyball court.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/CCHBRX/", "id": 55, "guid": "b42582b6-24e7-51a9-b39b-d76c688f3f2d", "date": "2024-11-01T11:30:00+01:00", "start": "11:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-55-running-forward-year-1-of-building-a-cti-capability-for-a-sportswear-brand", "title": "Running Forward: Year 1 of Building a CTI capability for a Sportswear Brand", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "In the presentation \"Running Forward: Year 1 of Building a CTI capability for a Sportswear Brand\" Jennifer Wennekers will discuss ASICS' ongoing Cyber Threat Intelligence (CTI) journey, including the evolution of their CTI capability, challenges, opportunities, stakeholder management, technology, and future plans.", "description": "In \"Running Forward: Year 1 of Building a CTI capability for a Sportswear Brand,\" Jennifer Wennekers will discuss ASICS\u2019 recently started Cyber Threat Intelligence (CTI) journey. She will cover the evolution of ASICS' CTI capability, including the initial ad-hoc phase and the subsequent development of a formal capability. Jennifer will address the strategic, operational, and tactical aspects of intelligence and how ASICS integrates them with their security and business capabilities, while also highlighting the challenges and opportunities encountered. Additionally, she will touch on stakeholder management, the role of technology and tools, and the process of generating internal threat reports. Finally, she will reflect on the lessons learned in the first year and outline ASICS' planned next steps in the CTI journey.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "176bc936-733a-569b-b645-aee9e03ab20c", "id": 53, "code": "7LTG9H", "public_name": "Jennifer Wennekers", "avatar": "https://program.wiccon.nl/media/avatars/IMG_8254_1_aQQkwB8.JPG", "biography": "As a dedicated Cyber Threat Intelligence Lead at ASICS, I am committed to safeguarding our organisation and its customers from evolving cyber threats. My role involves not only protecting against potential cyber-attacks but also ensuring we are prepared to respond and improve in their aftermath. I am passionate about staying ahead of the cyber threat landscape to ensure ASICS continues to deliver on its promise of moving minds through the power of exercise and delivering continuous value to our community.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/CQ333M/", "id": 101, "guid": "35b80759-84dd-5b73-8acf-71667ec08365", "date": "2024-11-01T12:00:00+01:00", "start": "12:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-101-when-artificial-becomes-authentic-how-do-i-prove-i-am-me-", "title": "When artificial becomes authentic, how do I prove I am me?", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "In 2024, we have an extensive archive of cyber-related incidents illustrating the various forms of attacks that organizations and individuals face daily. Few things for veterans in the cyber domain can be considered 'surprising' or 'shocking,' and many believe not even AI is going to rock the boat. Cybercrime is, after all, an evolution, not a revolution, and at its core, we recognize its DNA. However, the advent of generative AI introduces unprecedented challenges in both scale and complexity, particularly in the realm of impersonation fraud and identity theft.\r\n\r\nThis presentation aims to delve into how generative AI, with its ability to create highly convincing deepfakes and clone voices, is revolutionizing financial identity theft. We will explore what countermeasures, if any, are already being taken and how we can avoid situations where victims bear the reverse burden of proof. Drawing on my previous research into the facilitating factors of financial identity theft, I will examine how AI complicates an already complex issue and discuss potential strategies to mitigate these emerging threats.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "257d22ad-83c9-5adb-b937-dd645f8da319", "id": 101, "code": "XYBZ8Z", "public_name": "Nicole van der Meulen", "avatar": "https://program.wiccon.nl/media/avatars/1718340963993_yBJmJJB.jpeg", "biography": "Nicole van der Meulen is an experienced professional and thought leader in the area of cybercrime and cyber security. Currently she serves as Cyber Security Innovation Lead at SURF. Previously she was the Head of Policy & Development at Europol\u2019s European Cybercrime Centre (EC3), where she was responsible, amongst others, for the Internet Organised Crime Threat Assessment (IOCTA). Prior to Europol, she held various positions in the Dutch public sector, academia and for nonprofit organisations all focused on enhancing the fight against cybercrime and improving cyber security. She obtained her PhD in 2010 from Tilburg University on a comparative study focusing on digital identity fraud in the United States and the Netherlands.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/SDGSCJ/", "id": 52, "guid": "a08e0b1d-0ec1-52fb-9e4c-7708fc90ed7b", "date": "2024-11-01T12:30:00+01:00", "start": "12:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-52-build-your-own-role-playing-game-the-business-continuity-drill", "title": "Build your own role-playing game: the business continuity drill", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Business continuity is a discipline where SRE and Security meet: they both care about mitigating risks and keeping services available and secure. Whereas it\u2019s often clear how to engineers respond to and manage incident, disasters that threaten a business\u2019 ability to operate their core functions (luckily) don\u2019t occur that frequently and often involve a different group of decision makers. To improve any organization\u2019s resiliency, it\u2019s advisable to run business continuity drills without breaking all applications for our users: this is where simulations and tabletop drills can help you out.\r\n\r\nIn this talk, Janna will share her experiences in creating and running a business continuity drill as a joint effort by Security and SRE teams at WeTransfer. She will share a step-by-step guide for creating a tabletop business continuity drill, including real-life examples, and what her team learned along the way. This way, the audience will leave with the knowledge required to become game masters of their own drills.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "078bd77b-0688-5b52-a387-ee9233675a7d", "id": 49, "code": "PRS9AH", "public_name": "Janna Brummel", "avatar": "https://program.wiccon.nl/media/avatars/Janna_copy_yFEIlJY.jpg", "biography": "Senior Engineering Manager of Site Reliability Engineering, currently at WeTransfer but at ING before, with a love for anything reliability, quality and engineering productivity, preferably through a mix of product and people management. I also run the Site Reliability Engineering NL Meetup group.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/L37CN3/", "id": 108, "guid": "d8770e88-06ab-59fa-b405-cc8c10488d68", "date": "2024-11-01T13:00:00+01:00", "start": "13:00", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-108-2-lunch", "title": "LUNCH", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Lunch", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/JMRPSX/", "id": 86, "guid": "84e0acad-c3b9-5c80-8a69-81fbf307bcf4", "date": "2024-11-01T14:00:00+01:00", "start": "14:00", "logo": null, "duration": "00:45", "room": "Main stage", "slug": "wiccon-2024-86-charting-the-course-navigating-maritime-cybersecurity", "title": "Charting The Course: Navigating Maritime Cybersecurity", "subtitle": "", "track": "Talks", "type": "Talk 45 minutes", "language": "en", "abstract": "The proposed talk will focus on cybersecurity within the maritime industry and its intricate ties to\r\nIndustrial Control Systems (ICS) domains. This session will dissect the essence of cybersecurity for\r\nships, covering the spectrum from understanding threats and actual cyber attacks to fortifying\r\nnetworks, implementing risk management strategies, and offering actionable recommendations.\r\nWe'll delve into the specifics, examining the unique challenges faced in securing maritime networks\r\nagainst unauthorized access and potential breaches. Additionally, we'll explore comprehensive risk\r\nmanagement tactics tailored specifically for maritime operations, emphasizing the importance of\r\nproactive measures to address cybersecurity threats effectively.\r\nA highlight of this talk will be a compelling case study illustrating the intricacies of threat modeling\r\nfor a cruise ship. By dissecting vulnerabilities and devising preventive measures, attendees will gain a\r\ntangible understanding of enhancing onboard security measures.\r\nMoreover, our discussion will extend beyond the maritime sphere, exploring the interconnected\r\nnature of cybersecurity across various ICS industries. Understanding these connections is pivotal in\r\ncomprehending the broader implications and implementing collaborative strategies for a robust\r\ncybersecurity framework.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "d3a4ffcb-549e-55bb-9714-17cbecc6cf99", "id": 21, "code": "X88MF9", "public_name": "Anna Prudnikova", "avatar": "https://program.wiccon.nl/media/avatars/Anna_IUVJRFS.jpg", "biography": "Head of International Cybersecurity, Secura, a Bureau Veritas company.\r\n\r\nAnna Prudnikova is an expert r in the field of industrial cybersecurity with a specific focus on products with over ten years of professional experience in the field of cybersecurity assessment and auditing. Her expertise in cybersecurity ranges from audit and assurance experience to technical expertise in testing. Her career in cybersecurity started in a position as a cybersecurity consultant in 2011. Within BV, Anna is responsible for sales and operations of cybersecurity services delivered in Europe and MER. She is actively involved in activities including supporting the development of services in the areas of ICS, automotive, medical devices, IoT, cloud etc.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/XVGYKK/", "id": 85, "guid": "bc547ba0-5bfd-50fd-92f4-22182cdfc57b", "date": "2024-11-01T14:45:00+01:00", "start": "14:45", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/XVGYKK/abacus_vkgwIws.png", "duration": "00:45", "room": "Main stage", "slug": "wiccon-2024-85-abacus-software-for-secure-and-transparent-voting-results", "title": "Abacus: Software for Secure and Transparent Voting Results", "subtitle": "", "track": "Talks", "type": "Talk 45 minutes", "language": "en", "abstract": "The Dutch Electoral Council has gathered a team of nerds who are developing new election software, named Abacus, to support the process of counting votes during Dutch elections. This talk will focus on the security challenges and threats associated with the software itself and the process of determining election results. What can go wrong and what can we do about it?", "description": "The Dutch Electoral Council is developing new election software in-house. For security and transparency, voting in the Netherlands still happens on paper and the ballots are still counted by hand, but that doesn't mean that no software is involved at all. Once the ballots are counted for each polling station, a piece of software sums up all the counts and determines the distribution of seats. With the necessary checks and balances in place to ensure the results are trustworthy, of course. As such, it's a interesting piece of software. It's not used very often. There's on average one election per year, during which the software is used for a period of only two weeks. And it doesn't run in the cloud, it runs air-gapped at each of the 342 Dutch municipalities. Last year the Dutch Electoral Council gathered a team of nerds and asked us to help build this new election software: 'Abacus Software voor verkiezingsuitslagen en zetelverdeling', or Abacus for short.\r\n\r\nThe contrast between the importance of election software and its incidental use makes for interesting security challenges. Our challenge is not to just build an application that runs correctly and securely, but there is also the human factor to take into account. We aim for high usability, making sure the application supports the municipalities as best as possible during the stressful times of running elections, and due to its short usage period it's important that we get it right the first time. This means catching and preventing security threats to the software itself, such as bugs, vulnerabilities, and user errors. On top of that, the physical (paper) trail needs to be protected as well. We will talk about both aspects of security and explain how we strive to make software that follows the core values of the Dutch Electoral Council: delivering trustworthy and verifiable election results with transparency and integrity.\r\n\r\nThe talk we want to give will start with some background about the Dutch Electoral Council and why we're building the software. We will present a summary of the languages and technologies we're using, and we will explain our reasoning for the choices we've made. As mentioned in the previous paragraph, we will detail what cyber and non-cyber security threats and concerns this project entails, and how we plan to address them. Last but not least, we will present a clickable demo that paints a clear picture of the software and what it aims to do. As we are looking for input on the best way to approach security measures and address threats, along with any other useful input, we would love to be able to present this at Wiccon.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "7c6ecb16-deb2-5ca5-8cc4-deeb3c1cf930", "id": 86, "code": "QFBGDD", "public_name": "Marjolein Tamis", "avatar": "https://program.wiccon.nl/media/avatars/IMG_20230812_023723-small_dVR0wlc.jpg", "biography": "Documentation Specialist", "answers": []}, {"guid": "f4203017-4de8-5795-bede-e7b2116fd935", "id": 106, "code": "AADEP9", "public_name": "Ellen van Leeuwen", "avatar": "https://program.wiccon.nl/media/avatars/20240813_021229_G2NCCJG.jpg", "biography": "I have a BsC in Computer Science and am a Full-Stack software developer with 6 years of experience. Currently I work at the Kiesraad (Electoral Council) and we are building the new software to support vote counting and help with seat distribution. We primarily code in Typescript (React) and Rust.\r\nIn my free time I love watching movies and series and I listen to podcasts all the time. I have a passion for sustainability and train travel and love to hike and scuba dive on holidays.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/RXP8XF/", "id": 57, "guid": "92fca581-3106-55bf-a240-6c74429f300d", "date": "2024-11-01T15:30:00+01:00", "start": "15:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-57-building-an-appsec-program-from-scratch", "title": "Building an Appsec Program from Scratch", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "In today's digital landscape, application security is crucial for safeguarding sensitive data and maintaining user trust. Without a robust AppSec program, or with one poorly implemented, chaos can ensue, leading to vulnerabilities and breaches. This talk explores our journey of establishing an AppSec program from the ground up. We will share the valuable lessons we learned along the way, detailing the obstacles we overcame and the cultural challenges we faced. Join us as we present real-world examples and best practices, offering practical guidance to help you navigate similar challenges and build a resilient AppSec program.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9bf8cacb-5ea8-5a63-860b-7cac839c2810", "id": 56, "code": "YRWJK9", "public_name": "Mireia Cano", "avatar": "https://program.wiccon.nl/media/avatars/Screenshot_2024-06-17_at_08.50.57_IhhmFhi.png", "biography": "I am a security engineer focused on application security, with over 6 years of experience. I have helped companies build their application security programs both as a consultant and as an in-house security engineer. I am passionate about fostering collaboration between development and security teams to enhance organizational security posture and resilience.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/X9JMK9/", "id": 109, "guid": "a3ffa7dc-aa75-5861-a679-bc56ac839224", "date": "2024-11-01T16:00:00+01:00", "start": "16:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-109-3-break", "title": "BREAK", "subtitle": "", "track": null, "type": "Talk 30 minutes", "language": "en", "abstract": "Break", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/8FSEZ9/", "id": 122, "guid": "3c8ef3d4-85e8-537c-9cc7-cd3125a86b7b", "date": "2024-11-01T16:30:00+01:00", "start": "16:30", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-122-ir-to-cti-the-other-side-of-the-coin", "title": "IR to CTI - the other side of the coin", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "The most relevant intel is intel which applies directly to our environment. It's also the most neglected source of intel. It has become my favourite subject during last few years.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a85f7c50-8bae-5a4c-845a-0793d575326c", "id": 89, "code": "GWFJVQ", "public_name": "Daniela", "avatar": "https://program.wiccon.nl/media/avatars/dc8rr3sQ_400x400_EE87jPK.jpg", "biography": "Working in cyber for a bit over 20 years. Many roles, many projects, still very happy to stay hands on and in the operations side of things.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/JQHTJK/", "id": 121, "guid": "7489fa31-5831-58bd-b751-ef2e390a0548", "date": "2024-11-01T17:00:00+01:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-121-a-glimpse-into-the-world-of-ics-monitoring", "title": "A Glimpse into the World of ICS Monitoring", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "Network monitoring is standard practice in the corporate IT world, but what about monitoring industrial process networks? These networks operate factories, control energy grids, water dikes and support other essential aspects of our modern life and yet they often lag in security. In this session, we\u2019ll dive into the deployment of ICS (Industrial Control Systems) monitoring solutions, the challenges we often face, lessons learned and of course what to look for once we gain the visibility!", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2546c21d-b240-5c78-976f-69868a518685", "id": 120, "code": "M9XYJ8", "public_name": "Dominika Rusek Jonkers", "avatar": "https://program.wiccon.nl/media/avatars/Screenshot_2024-10-31_at_11.05.59_Ef4ab2a.png", "biography": "Dominika is one of the Senior Security Specialists at Secura with 10 years of experience in industrial cybersecurity. Her experience spans from pentesting critical infrastructure (like manufacturing, energy, pharma, terminals, trains) to implementing concrete solutions (like ICS monitoring, or network segmentation). She also enjoys occasional hacking of IoT devices and some good old soldering projects. Her background is in Security and Network Engineering.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/QJQTHB/", "id": 69, "guid": "07a523f1-6180-5bb4-bf29-bee71e178b9b", "date": "2024-11-01T17:30:00+01:00", "start": "17:30", "logo": "https://program.wiccon.nl/media/wiccon-2024/submissions/QJQTHB/shelly-raban-400_eHUCQGP.png", "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-69-who-watches-the-watchmen-stealing-credentials-from-policy-as-code-engines-and-beyond-", "title": "Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and beyond)", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "If an attacker could execute arbitrary policies on a policy engine, would that pose a danger? Turns out, the answer is yes. Policy engines are crucial for enforcing compliance and security rules within business-critical processes, including Infrastructure-as-Code (IaC) deployments and Kubernetes operations. Our research focused on inherent risks associated with popular policy-as-code and IaC domain-specific languages (DSLs): OPA's Rego language and Terraform's Hashicorp Configuration Language (HCL).\r\n\r\nIn this talk, we will explore and demonstrate malicious techniques targeting these DSLs, including novel methods such as DNS tunneling discovered during our research. We will discuss the adoption of these techniques by attackers and evaluate the effectiveness of current scanning tools against them.\r\n\r\nFinally, we will conclude by providing practical detection rules and best practices to safeguard PaC and IaC environments against such risks.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2f050840-7e35-55c7-9914-864b9a890e3c", "id": 63, "code": "VUQ9PM", "public_name": "Shelly Raban", "avatar": "https://program.wiccon.nl/media/avatars/1664876879061_HzVm8ng.jpeg", "biography": "Shelly is a Senior Security Researcher at Tenable, specializing in cloud security research. In her previous roles, Shelly worked as a security researcher and threat hunting expert at Hunters. With 7 years of experience in cybersecurity, Shelly has conducted extensive research in detection engineering, host forensics, malware analysis, and reverse engineering. Outside of work, Shelly loves spending time with her two baby cats.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/QKZDGT/", "id": 118, "guid": "2b80ddbf-9320-5b40-88a3-30caf902d009", "date": "2024-11-01T18:00:00+01:00", "start": "18:00", "logo": null, "duration": "00:30", "room": "Main stage", "slug": "wiccon-2024-118-closing", "title": "Closing", "subtitle": "", "track": "Talks", "type": "Talk 30 minutes", "language": "en", "abstract": "The closing of WICCON", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "e94a600e-2945-533b-b18a-1d2d1aacb3b6", "id": 2, "code": "9FGQWG", "public_name": "Chantal Stekelenburg", "avatar": "https://program.wiccon.nl/media/avatars/Chantal_Stekelenburg_crop_small_cFOJnMO.jpg", "biography": "Chantal Stekelenburg is Head of Hackers at Zerocopter. She takes care of one of the most important aspects of Zerocopter's services: the community of hackers. As a co-founder and organizer of WICCA (Women in Cybersecurity Community Association), she is also involved in bringing infosec ladies and security enthusiasts together to learn about exploits, hacking, incident response, forensics, the low-level stuff, hardware hacking, and especially making bad crypto jokes! Her main goal is to build a community of badass women in the Netherlands and hopefully inspire future generations to join keyboards and get the hacking started!", "answers": []}, {"guid": "e02811c5-901d-54a8-ab47-5c65d6f0fe0e", "id": 3, "code": "XDXW7K", "public_name": "VM", "avatar": "https://program.wiccon.nl/media/avatars/kip_9IqQqGE.jpeg", "biography": "Jack of all trades. Master of some. Security engineer by day, cybercrime fiction writer by night. As a Security Engineer at GitLab, Valentine's work consists of putting out cyber fires, building automation to make her work easier, and designing value metrics for the division. Besides toying with digital systems, she\u2019s a fiction writer who likes Star Wars, metal music, and useless things like chickens and D&D.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/AW9MXA/", "id": 117, "guid": "96933700-27d7-55a0-be44-92c7cca0b2ce", "date": "2024-11-01T18:30:00+01:00", "start": "18:30", "logo": null, "duration": "01:00", "room": "Main stage", "slug": "wiccon-2024-117-vrijmibo", "title": "VRIJMIBO", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Friday afternoon networking drinks and some snacks", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}], "Workshops": [{"url": "https://program.wiccon.nl/wiccon-2024/talk/9RMGC7/", "id": 110, "guid": "0213943e-f9f7-576c-9a7b-1b9beacfe5c6", "date": "2024-11-01T09:00:00+01:00", "start": "09:00", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-110-1-walk-in", "title": "WALK-IN", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Time to get to the venue, hang your coat and get some coffee or tea.", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/8VRJN3/", "id": 58, "guid": "a3d71647-3c29-5f51-8085-c8acfb1d6394", "date": "2024-11-01T10:00:00+01:00", "start": "10:00", "logo": null, "duration": "02:00", "room": "Workshops", "slug": "wiccon-2024-58-introduction-to-industrial-control-systems-hands-on-hacking", "title": "Introduction to Industrial Control Systems: Hands-On Hacking", "subtitle": "", "track": "Workshops", "type": "Workshop 120 minutes", "language": "en", "abstract": "Step into the world of Industrial Control Systems (ICS) with our immersive workshop designed for cybersecurity enthusiasts and professionals. This hands-on session provides a foundational introduction to ICS and protocols.", "description": "You'll get practical experience with our \"Factory in a Suitcase\"\u2014a fully virtualized environment where you can safely explore and hack critical industrial protocols. We\u2019ll guide you through:\r\n\r\n- **ICS Basics:** Understand what a PLC is and how it operates within real-world industrial settings, illustrated with personal examples.\r\n- **Hacking:** Gain hands-on experience hacking the Modbus protocol, allowing you to control devices like switching a lamp on or off in a virtualized environment. We'll also delve into the basics of hacking the Siemens S7 protocol.\r\n- **Reverse Engineering:** Get an introduction to the basics of reverse engineering firmware files. You'll work with older ABB software, learning how to extract passwords and explore the fascinating backstory behind these devices.\r\n- **Do\u2019s and Don\u2019ts:** Learn the essential best practices and common pitfalls in the world of Operational Technology (OT) security.\r\n\r\n**Requirements:** Participants must bring a laptop with Kali Linux installed. All other tools and materials will be provided. \r\n\r\nThis workshop is perfect for those looking to build a strong foundation in ICS security, with practical skills that can be applied in real-world scenarios. Don't miss out on this unique opportunity to get hands-on with the technology that drives today's industrial systems.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "377fb3ac-33a1-5ba8-8904-a6738ac8c049", "id": 57, "code": "M7TR8R", "public_name": "Marc Visser", "avatar": "https://program.wiccon.nl/media/avatars/Marc2_eqmQBIT.jpg", "biography": "i have been working in industrial environments for almost 10 years, from food to energy to automotive.\r\neveryday life is filled with operational equipment, therefor i would like to share my insights of this world and need you to help us safeguard our critical infrastructure", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/L37CN3/", "id": 108, "guid": "eadbb6c0-ed50-5b7f-ad0e-543f60d4b9f1", "date": "2024-11-01T13:00:00+01:00", "start": "13:00", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-108-3-lunch", "title": "LUNCH", "subtitle": "", "track": null, "type": "Talk 60 minutes", "language": "en", "abstract": "Lunch", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/AQBQJE/", "id": 78, "guid": "75a4c956-3371-5cf0-9d70-96218c5a7d9c", "date": "2024-11-01T14:00:00+01:00", "start": "14:00", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-78-hck-the-hague-making-impact-with-your-vulnerability-reports", "title": "H\u00e2ck The Hague: making impact with your vulnerability reports", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "At The Hague, the city of peach & justice, (cyber) security is very important to keep the information and citizens of The Hague safe. Since 2017 we organize a hacking competition called H\u00e2ck The Hague.", "description": "In order to stay resilient to cyber threats, we need to work together. The hacking competition H\u00e2ck The Hague is an example of working together with professional and student hackers, where the goal is to try to find vulnerabilities and fix them together with hacker, municipality and suppliers. But what are we, as an organization, looking for in the vulnerability reports? And what do you as hacker find important? Both from a business and technical perspective, in this workshop we will figure that out!", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b34f78ec-f4a7-57be-84d0-5d9defe18a54", "id": 77, "code": "BRLEC9", "public_name": "Lilian Knippenberg", "avatar": "https://program.wiccon.nl/media/avatars/Lilian_-_annnlies_-21_8XxpCYR.jpg", "biography": "Lilian Knippenberg works at the Municipality of The Hague. At the city of peach & justice, cyber- and information security is very important to keep the information and citizens of The Hague safe. My role as senior advisor and deputy CISO is to work towards a high resilient organization against digital attacks. I am focused on people and processes.", "answers": []}, {"guid": "698f5f7a-e671-5bf0-a33c-db452641b5e6", "id": 110, "code": "DBLLVK", "public_name": "Reinout Hoornweg", "avatar": "https://program.wiccon.nl/media/avatars/Reinout_Hoornweg_pF8TCYw.png", "biography": "Reinout Hoornweg is a senior security advisor with a focus on technology at the Municipality of The Hague. His day to day responsibilities include Managed Detection & Response, Attack Service Management, Coordinated Vulnerability Disclosure, facilitating pentests and, of course, helping colleagues with advice on cybersecurity.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/X9JMK9/", "id": 109, "guid": "14578a6a-0199-5101-86e4-3e953398d44a", "date": "2024-11-01T16:00:00+01:00", "start": "16:00", "logo": null, "duration": "00:30", "room": "Workshops", "slug": "wiccon-2024-109-2-break", "title": "BREAK", "subtitle": "", "track": null, "type": "Talk 30 minutes", "language": "en", "abstract": "Break", "description": "", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "attachments": [], "answers": []}, {"url": "https://program.wiccon.nl/wiccon-2024/talk/EUYBAS/", "id": 102, "guid": "2627714e-f7c7-52c0-a3c4-560cfa37ee91", "date": "2024-11-01T16:30:00+01:00", "start": "16:30", "logo": null, "duration": "01:00", "room": "Workshops", "slug": "wiccon-2024-102-is-telegram-the-new-darkweb-", "title": "Is Telegram the new darkweb?", "subtitle": "", "track": "Workshops", "type": "Workshop 60 minutes", "language": "en", "abstract": "Is Telegram the new Dark Web? That is the main question during this interactive presentation. Due to specific functionalities, Telegram has developed into much more than a chat application and this has not gone unnoticed by criminals. Partly due to the strict privacy and security options and the extensive options for group chats, the use of Telegram has not only increased exponentially, but there has also been a strong growth in criminal activities on Telegram. In this interactive presentation we will take you through the dark sides of Telegram, full of drugs, weapons and more, using concrete examples. During this interactive presentation we not only provide an insight into the criminal activities that take place on Telegram, we would also like to discuss the practical and legal possibilities and limitations for investigation by Law Enforcement. We challenge you to share your thoughts about possible solutions to reduce criminal activities on Telegram.", "description": "", "recording_license": "", "do_not_record": true, "persons": [{"guid": "e19b556b-aa5c-585e-a14b-c330d36456a2", "id": 100, "code": "YXBWJU", "public_name": "Laura Pavias", "avatar": "https://program.wiccon.nl/media/avatars/Laura_color_iEwIbLy.png", "biography": "Laura Pavias is a senior advisor Digital Investigation & Cybercrime at the Netherlands Public Prosecution Service. In complex issues she makes the connections between the legal, the technical and the tactical aspects of a criminal investigation", "answers": []}, {"guid": "5287eca9-c467-5e10-8f20-aad2d88759fe", "id": 103, "code": "SF8RJU", "public_name": "Maike Borst", "avatar": "https://program.wiccon.nl/media/avatars/Maike_server_F3zlsp7.jpg", "biography": "Maike Borst is digital specialist (OSINT) at the Dutch Police.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}