Agenda
Filter by category
Hacking
Supply Chain
Cloud Security
Application Security
Architecture
Culture
Design
Fun
People
Security Tooling
IoT
Platforms
Experience report
Programming
AI/ML
Bug Bounties
Dark Arts
Cloud
DevOps
Tooling
.NET
Security
Process
Keynote
SDLC
Privacy
Tools
Testing
Kubernetes
Filter by length
All
Talk
Workshop
Wednesday
4 March
Thursday
5 March
09:00 - 10:00 (UTC+01)
Room 1
Three decades of curl
Daniel Stenberg
Room 2
The server that talked back: a deep dive into SSRFs
Sofia Lindqvist
Room 3
app.alert(1) is the new alert(1): PDFs as a vector to inject JavaScript code in web applications
Luigi Gubello
Room 4
From fighting crime in the streets, to fighting cybercrime
Ruben van Well
Room 6 - OWASP
Automated Security Testing with OWASP Nettacker
Sam Stepanyan
Arkadii Yakovets
10:20 - 11:20 (UTC+01)
Room 1
Zero-Knowledge Proofs: Simultaneously ensuring integrity and privacy
Tjerand Silde
Room 2
Is Your Approach to Pipeline Security Flawed? Rethinking CI/CD Security
Patricia R
Room 3
Placeholder - Dawid Czagan
Dawid Czagan
Room 4
Prompt Injection Attacks in LLM-Powered Applications
Magno Logan
Room 5
Part 1/2: Securing your AI code generation workflow
Armin Buescher
Room 6 - OWASP
Breaking the Black Box: Why Testing Generative AI Is Full Spectrum
Jason Ross
11:40 - 12:40 (UTC+01)
Room 1
Post-quantum cryptography for .NET developers
Filip W.
Room 2
Hijacking Google’s CI/CD Through Prompt Injection: The New Era of AI-Based Exploits
Mackenzie Jackson
Room 3
From WAN to NAS: A Pwn2Own Journey Through the SOHO Attack Surface
Daan Keuper
Room 4
MCP Security: Keep Your AI Agents from Spilling the Tea
Awar Abdulkarim
Manfred Bjørlin
Room 5
Part 2/2: Securing your AI code generation workflow
Armin Buescher
Room 6 - OWASP
OWASP Juice Shop: Take your security vitamins!
Jannik Hollenbach
Björn Kimminich
13:40 - 14:40 (UTC+01)
Room 1
Connecting the dots to go from tabular security incident data to behavioral graph understanding
Sindre Breda
Manfred Cheung
Room 2
Worms in our software supply chain - Where do we go from here?
Charlie Eriksen
Room 3
Attacking AI
Jason Haddix
Room 4
Protocol-Hopping C2: Transport-Agnostic Command & Control That Won't Die
Francine Solheim
Room 5
Part 1/2: Introduction to the new post-quantum standards
Tjerand Silde
Room 6 - OWASP
AppSec Security: The SDLC in the age of agentic
Jon Mccoy
15:00 - 16:00 (UTC+01)
Room 1
Learning security monitoring through failure
Truls Dahlsveen
Room 2
Anti-Patterns: How to Not implement a Cloud Security tool
Johan Paramanathan
Room 3
Secure and Compliant APIs - By Design
Daniel Sandberg
Tobias Ahnoff
Room 4
The TPM and You - How (and why) to actually make use of your TPM
Mathias Tausig
Room 5
Part 2/2: Introduction to the new post-quantum standards
Tjerand Silde
Room 6 - OWASP
It is rough without a WAF
José Carlos Chávez
16:20 - 17:20 (UTC+01)
Room 1
Supercharging Incident Response: Practical Automation and AI-Driven Investigations
Giorgio Perticone
Room 3
BOLA, BOPLA, and BFLA: Let’s get rid of broken authorization!
Eivind Jahr Kirkeby
Room 4
Has your flight been cancelled? You might be eligible for a cybersec session!
Konstantinos Fouzas
Room 5
Lightning Talks 2
Inge Amdal Halvorsen
Bendik Schartum Thorbjørnsen
Karim El-Melhaoui
Even Tillerli
