“Introduction lstio Service Mesh” Stanislav Kolenkin · Talk (40 minutes)

We will talk about Service Mesh and Istio.

---

“OWASP Top-10 A2: Broken Authentication” Svyat Login · Talk (40 minutes)

Broken Authentication and what attack vectors it has.

---

“Email as an initial attack vector” Artur Hil · Talk (40 minutes)

Email as an element of attack kill-chain. Some interesting examples of phishing emails.

---

“Application Threat Modeling” Vlad Styran · Talk (40 minutes)

In this talk, I am going to walk the audience through the Threat Modeling introduction. The program will consist of the overview of popular Threat Modeling methodologies and available tools.

---

“Subdomain discovering as an essential part of the reconnaissance phase” Kostiantyn Sanduliak · Workshop (90 minutes)

In this presentation, I will talk about: DNS, DNS scrapping, DNS enumeration, and subdomain takeover.

---

“Building SQL firewall: insights from developers” Artem Storozhuk · Talk (40 minutes)

How SQL firewalls can help to protect databases from SQL injections: the main difference from WAFs, common usage scenarios, pros, and cons. Developing SQL firewall is a hard task – we will share insights about parsing SQL protocols, matching rules, hidden dangers of logging, best of configuration a…

---

“Web Application Firewall bypass techniques Workshop” Bohdan Lukin · Workshop (90 minutes)

A short demonstration of essential Web Application Firewall bypass techniques with 3 practical examples related to SQL Injection and XSS attacks.