PHDays — Positive Hack Days. Section/Business
PHDays video

POSITIVE HACK DAYS



ORGANIZER

Section/Business

Stand or fall. An army of intelligent bots controlled by hackers

Want to visit   +228

Author: Andrei Masalovich

These days, the Web Standoff is not just a warfare between humans and bots, we are talking about a botnet programmed to act in an intelligent, user-like manner, an army with a proper coordination. DDoS botnets have evolved from a basic tool to a powerful weapon of information confrontation in the hands of hackers, intruders, and intelligence services. The speaker will share some real-life examples: from massive password hacking to influencing electoral outcomes.

  • Language
  • Russian

CEO at Lavina Pulse. Supervisor for a number of successful campaigns aimed at implementing analytical technologies in banking, financial-industrial groups, major retailer networks, and public sector bodies. The author of numerous publications, gave a series of lab courses on methodologies for data search and analysis at several universities in Russia and U.S. Conducted workshops on competitive intelligence through web mining at PHDays and more than 700 uniquely designed lab courses on this topic. Creator of the Avalanche search engine. Candidate of Physics and Mathematics, Distinguished Scholar awarded by the Russian Academy of Sciences, served as a Lieutenant Colonel at the Russian Federal Agency for Government Communications and Information.

Andrei Masalovich Andrei Masalovich

SOC Evolution 2017

Want to visit   +96

Moderator: Elman Beybutov, Vladimir Bengin, Alexey Kachalin

What we have been discussing in recent years now has finally happened: numerous companies in Russia have taken along the concept of SOC introduced by pioneers—internal and first commercial SOCs. Specialists and managers have admitted the necessity of SOCs. We invited representatives of companies with hands-on experience in establishing and running security monitoring and incident response centers—both internal and commercial ones—to have their say in the discussion. The participants include Elman Beybutov, Alexander Bondarenko, Vladimir Dryukov, Alexey Novikov, Arkady Prokudin, Vladimir Shadrin, with Alexey Kachalin as a moderator.

  • Language
  • Russian

IoT (in)security

Want to visit   +79

Moderator: Alexey Lukatsky

The internet of things is the next evolutionary jump in IT. On the one hand, this is a business opportunity, and on the other hand—a global threat to the development of companies, the internet and all modern IT world. The report will cover technical, organizational, and legal issues related to IoT safety, including attack and defense. Participants: Dmitry Berezin, Alexander Butenko, Igor Girkin, Uliana Zinina, Grigory Marshalko, Pavel Novikov. Moderator: Alexey Lukatsky.

Among the participants

    Dmitry Berezin and Alexander Butenko, Croc.
    An approach to ensure Enterprise IoT security

    The world of the internet of things is changing rapidly. New kinds of devices, advanced technologies, M2M architecture—all that produces new risks for information security. Each class of IoT devices (Home, Enterprise, Industrial) has its own specific features and security requirements. The speaker will review requirements to IoT in the enterprise. Business takes an advantage of using a big number of geographically distributed devices and at the same time retaining the options of centralized control and monitoring as well as ability to check security settings. The speakers will investigate what technologies ensure protection of distributed IoT systems and what is the difference between IoT and traditional IT solutions.

  • Language
  • Russian

Phishing: size of the problem and countermeasures

Want to visit   +77

Moderator: Vyacheslav Borilin

  • Today's phishing market (Dmitry Malyshev)
  • Awareness Center Phishman (Nikolay Agninsky and Alexander Mitrokhin)
  • Phishing—a curse or an opportunity? (Vyacheslav Borilin)

  • Language
  • Russian

Moderator: Vyacheslav Borilin
Head of the Security Awareness unit, Kaspersky Lab. A member of IETF and ISA.

Developing secure homebrewed products

Want to visit   +71

Moderator: Dmitry Gusev

  • Language
  • Russian

Opening. Information security today: the splendor and misery of corporate security

Want to visit   +63

Moderator: Boris Simis

  • Language
  • Russian

Information security tomorrow: is it a stop factor for digitalization of economy?

Want to visit   +55

Moderator: Alexey Kachalin

Participants:

  • Alexey Sokolov (Deputy Minister of Telecom and Mass Communications)
  • Sergey Plugotarenko (Director of the Russian Association for Electronic Communications)
  • Kirill Kertsenbaum (Kaspersky Lab)
  • Denis Baranov (Director of Research and Development of Positive Technologies)
  • Ilya Sachkov (Group-IB)
  • Dmitry Finogenov (advisor to the director of Positive Technologies)
  • Georgy Gritsay (the Open Networks association)
  • Roman Chaplygin (PWC)
  • Vyacheslav Kasimov (Executive Director for information secueity, Otkritie Bank)

Moderator: Alexey Kachalin (the program director of PHDays, Positive Technologies).

  • Language
  • Russian

Lightning Talks

Want to visit   +55

Moderator: Andrey Petukhov

We invite you to take part in a 5-minute Lightning Talk. Tell the audience about a new vulnerability or a problem in security algorithms, about a new concept for a security analysis tool, or a study. Share your ideas and find people who think the same. To take part in this event, you need to inform the fast track moderator.

  • Each talk lasts 5 minutes (1 or 2 slides).
  • No pre-moderation.
  • Best speakers get an invitation to PHDays VIII.

  • Language
  • Russian

Information security education: new perspectives

Want to visit   +51

Author: Mikhail Saveliev

This event is aimed at young professionals, graduates, and graduate students, as well as agents of the security industry and educational institutions. The speakers from Sberbank, Kaspersky Lab, and Positive Technologies will explain which areas of knowledge are nowadays at a premium and why information security does not fit in traditional education. The representatives of the Moscow Polytechnic University and MIRBIS College will tell about new education models.

  • Language
  • Russian
Mikhail Saveliev Mikhail Saveliev

ICS information security

Want to visit   +47

Moderator: Roman Krasnov and Dmitry Darensky

The section will cover the following issues: R&D in protection of industrial control systems (ICS) and the internet of things, establishment of ICS cybersecurity centers, product compatibility testing and certification, traditional SOC arrangement and modern SOC establishment strategies.

Speakers: Evgeny Gengrinovich, Pavel Lutsik, Andrey Nuikin, Alexey Petukhov, and Ruslan Stefanov.

The participants of a round-table discussion will raise the following issues: shall SOC monitor ICS? What shall SOC be able to do in order to cope with IT and IS incidents? How to deal with remote autonomous objects?

Participants: Denis Babaev, Andrey Nuikin, and Ruslan Stefanov. Moderators: Roman Krasnov and Dmitry Darensky.

Among reports

Kaspersky Lab ICS-CERT. Research and investigations

In October 2016, Kaspersky Lab launched Kaspersky Lab ICS CERT, a visionary project designed to distribute information on current threats and vulnerabilities in industrial automation. Within the first six months of the project, the team eliminated a big number of vulnerabilities, conducted several incident investigations in industrial automation systems and published some reports covering ICS security issues. The report will describe ICS security problems detected in course of investigations and searches for vulnerabilities. The speaker will also tell about the project development plans and give the list of artefacts that can be useful for ICS component vendors, security departments of industrial companies, and independent researchers.

  • Language
  • Russian

Anti-APT Swiss knife

Want to visit   +43

Authors: Kirill Mikhailov, Andrey Semenyuchenko, Anatoly Viklov

Speakers will talk about a standard and a comprehensive approach to protection against APT attacks and demonstrate the possibilities of a "Swiss knife" in investigation of IS incidents.

  • Language
  • Russian
Kirill Mikhailov, Andrey Semenyuchenko, Anatoly Viklov Kirill Mikhailov, Andrey Semenyuchenko, Anatoly Viklov

Innovations in protection tools and security tests

Want to visit   +42

Authors: Anton Ivanov and Egor Nazarov

This section is devoted to advanced information security technologies illustrated by the relevant use cases. Experts seeking new breakthrough solutions are welcome. Moderators: Anton Ivanov and Egor Nazarov.

  • Language
  • Russian
Anton Ivanov and Egor Nazarov Anton Ivanov and Egor Nazarov

Nonpublic section from Informzaschita

Want to visit   +41

Author: Evgeny Klimov

  • Language
  • Russian
Evgeny Klimov Evgeny Klimov

Security practice

Want to visit   +36

Author: Denis Remchukov

Topical approaches and solutions for ensuring information security. Is the working SIEM a truth or a myth? UEBA: tomorrow or never? When will you stop buying these useless end-point antiviruses? Discussion about current and innovative protection technologies. Participants: Oleg Bashkinsky, Pavel Zemtsov, Konstantin Goldstein, Andrey Revyashko, Sergey Rysin. Moderator: Denis Remchukov.

  • Language
  • Russian
Denis Remchukov Denis Remchukov

Anti-plenary session. Technologies security: personal views of leading minds

Want to visit   +35

Moderator: Alexey Kachalin

These days, information security suffers acute internal conflicts. All around, we hear: "No one is interested!", "You'll be hacked in any case!", "Buy new stuff." Both security solution developers and users have lost their faith and motivation. The most outstanding representatives of the community will sit together to share their pains and ideas that can influence every person and industry in general. As minimum slides or any tinsel as possible, and loads of personal experience, understanding of the subject, and emotions.

Participants: Alexey Kachalin, Ilya Sachkov, Alexey Lukatsky, Alexey Volkov, Vladimir Bengin, Elman Beybutov, Mikhail Kader, Dmitry Manannikov, Ivan Novikov.

  • Language
  • Russian

Security Path: Dev vs Manage vs Hack

Want to visit   +29

Authors: Dmitry Mannanikov and Mikhail Levin

We all started our career either as engineers or as operators—developed and created systems, experimented with design and research. But eventually each of us has come up to the question: what to do next, in a year or two, and what we would like to become in five or ten years. How to create a career in the security area? What would help in development, and what can be a dead end both for hackers and defenders? Is it possible to be a bug hunter throughout all life or shifting to a paperwork expert or people manager is inevitable? What is more attractive to hack and design: software or bulletproof enterprise processes? Specialists thinking about their future and managers guiding their staff in development are welcome.

  • Language
  • Russian
Dmitry Mannanikov and Mikhail Levin Dmitry Mannanikov and Mikhail Levin