POSITIVE HACK DAYS

ORGANIZER

Fasttrack

Download the full program in PDF.

Videos of reports and hands-on-labs (Russian and English).

Applying SIEM to computer security incident investigation

Author: Alexander Vasilyevich Kuznetsov

The reporter will review the technology of Security Information and Event Management (SIEM), the benefits of its use and behaviour of SIEM-systems.
To keep track of developments in modern information system vast amounts of data must be constantly collected from many different sources. This requires an appropriate repository through which professionals could quickly gain access to event logs and use them effectively in the investigation of incidents and to analyse the accumulated statistics. SIEM-systems not only allow for a long time to store a large amount of heterogeneous data, they provide experts access to analytical processing stored information, as well as acting as an independent agent with respect to a pair of "attacking the target-system": criminals are always trying to conceal their actions, but they will hardly  be targeted for attack by SIEM-systems.
The reporter will tell of common misconceptions regarding the use of SIEM technology, and will consider current SIEM solutions, comparing their advantages and disadvantages.

  • Language
  • Russian

CV

Alexander Kuznetsov graduated from St. Petersburg State Polytechnic University with a degree in applied mathematics.
He has been in the business of information security since 2006. He worked as a specialist and leader in the St. Petersburg branch of FSUE "ZaschitaInfoTrans", then in the company "INFORION." He currently manages the department of information system security at STC "Volcano". He lives in Moscow.

Alexander Vasilyevich Kuznetsov Alexander Vasilyevich Kuznetsov

The Ukrainian Information Security Group: achievements and prospects

Author: Konstantin Korsun

The report tells of the formation of the Ukrainian information security community, from the noisy meetings of Ukrainian IT-security personnel in Kiev's pubs, to the creation in 2012 of the Public Organization "Ukrainian Information Security Group" (UISG) as a legal entity. Under the auspices of UISG a conference of the same name is held annually, which is the most prominent and most visited industry event in the Ukraine.

  • Language
  • Russian

CV

Konstantin Korsun is a director of "Isight Partners Ukraine" (www.isightpartners.com), Chairman of the Board of Public Organization "Ukrainian Information Security Group." He graduated from the Kharkov Higher Military Aviation Engineering School (1993) and the National Academy of Security Service of Ukraine (1996).
From 1996 to 2005 worked in the subdivision to combat cyber-crime of the Security Service of Ukraine, from 2005 to 2009 - in the State Service of Special Communication and Information Protection of Ukraine. Founder and leader of CERT-UA
(www.cert.gov.ua).

Konstantin Korsun Konstantin Korsun

Security issues of language D

Author: Pavel Markov

  • Language
  • Russian

CV

Pavel  Markov graduated from Baltic State Technical University "Voenmekh." Currently living in St. Petersburg, he is working in JSC “Radio Control Technologies" as an engineer.

Pavel Markov Pavel Markov

10.*#level 15 in two clicks

Author: Ilya Smith, Kirill Mosolov

  • Language
  • Russian

CV

Ilya Smith, Kirill Mosolov Ilya Smith, Kirill Mosolov

Hijacking VMware vCenter

Author: Alexey Sintsov, Alexander Minozhenko

  • Language
  • Russian

CV

Alexey Sintsov, Alexander Minozhenko Alexey Sintsov, Alexander Minozhenko