Security BSides Sofia 2024

23 - 24 March, 2024

What is Security BSides?

Security BSides is a community-driven framework for building events by and for information security community members. These events are already happening in major cities all over the world! We are responsible for organizing an independent Security BSides-Approved event for Sofia, Bulgaria.

Security BSides Sofia 2024

Date: March 23 - 24, 2024

The idea

The idea behind the Security BSides events is to organise an open (and low cost) Information Security conference where professionals, experts, researcher, and InfoSec enthusiasts come together to discuss the next "big thing".

BSides is not restricted only to ethical hacking, but instead the conference is open to a wide range of subjects related to security such as incident response, IoT security, computer forensics, security standards and of course compliance.

Our Goal

To bring a well-known event to the InfoSec community in Bulgaria, where professionals, academics and researchers can participate for free and educate themselves on various InfoSec related disciplines.

The event will also provide an opportunity to students, rookies and security enthusiasts to get involved and be heard in a worldwide exposed event.

Who is organising this event?

The short answer to this is YOU. This is what makes these events so successful and a unique experience. Security BSides events are organized: ..by the community, for the community

Behind the scenes to drive the event are a number of people, professionals in the area of Information Security, who decided to take the first steps and bring this global event in Bulgaria.

BSides Sofia 2024 Speakers, Agenda and CTF winners

Vulnerabiltiy Full Disclosure

Stoyan Kolev, Lyubomir Vanyov (CEO shkolo.bg) and Vladimir Dimitrov from Cybercrime unit

watch video +

The internet is full with vulnerabilities. If more people are looking to identify and disclose them responsibly it will be a safer place. We are going to discuss the how can responsible disclosure help business and public sector to stay safe and bounty hunters out of trouble.

Application security into DevOps

Svetlomir Balevski

watch video +

Embedding security into DevOps pipelines

Charge my car for free forever

Vangelis Stykas

watch video +

During this talk, we will see that they suffer from typical "rush to market" problems that can potentially allow a remote attacker to control them.

Front-end Security

Martin Stoynov and Spas Genov

watch video +

Evolution of client-side applications, common security misconceptions, demonstrating impact, improvements and good practices.

Securing Kubernetes with Open Policy Agent

Anton Sankov

watch video +

This presentation will go over what admission controllers are, how they work and how OPA leverages this functionality to protect your Kubernetes cluster. We will also dive into Rego and writing our custom OPA policies.

Decrypting IPTV

SRadoslav Gerganov

watch video +

Many ISPs in Bulgaria are offering IPTV to their customers in addition to internet services. Usually IPTV is delivered with a set-top box device (STB) which is connected to the ISP network and the user's TV.

Common security pitfalls in AWS Public cloud for highly regulated industries

Daniel Rankov

watch video +

Common misconfigurations and vulnerabilities making the cloud presense insecure

Where and how to implement Security in Software Development

Radostina Kondakova, Jordan Popov

watch video +

A walk-through over the Secure Software Development Life Cycle(SDLC) focusing on prevention and early adoption of security concepts and mechanisms in easy steps.

Active Directory Reconnaissance (Red Team Exercise in Finding Hidden AD Relationships)

Kristian Mladenov, Tsvyatko Bikov

watch video +

The Active Directory (AD) in an organization holds the keys to the kingdom. Although your vulnerability scanner shows no critical vulnerabilities at the OS and software level, could you say the same for your Active Directory configuration?

How to collect linux Malware

Sergey Kostov

watch video +

How and where can we find a Linux malware and how we use itfor "good" purposes.

A survey of blockchain consensus algorithms and attacks

Bozhidar Bozhanov, Minister of e-Government

watch video +

Description of the differences between the blockchain consensus.

Unfortunately, there is no video avaliable from this presentation.

BSides Sofia 2023 Intro

Have you missed the opportunity to join #BSides #Sofia on-site? No worries, we got some highlights for you.

watch video +

BSides Sofia 2023 - Conference Opening

Deputy Minister Atanas Maznev e-Government, Ph.D. Rosen Kirilov UNWE

watch video +

BSides Sofia 2023 - Keynote

Peter Kirkov, e-Government

watch video +

BSides Sofia 2023 - Hacking Attacks against Government Institutions

Vasil Velichkov

watch video +

BSides Sofia 2023 - Advanced Enterprise Vulnerability

Evgeni Sabev

watch video +

BSides Sofia 2023 - Hunting unsigned DLLs to find APT

Daniela Shalev

watch video +

BSides Sofia 2023 - Stalking the Stalkers

Vangelis Stykas and Felipe Solferini

watch video +

BSides Sofia 2023 - Hyundai head unit hacking

Radoslav Gerganov

watch video +

BSides Sofia 2023 - Linux ELF Binary obfuscation

Sergei Kostov

watch video +

BSides Sofia 2023 - Bypassing Anti Virus using badUSB

Cristian Cornea

watch video +

BSides Sofia 2023 - Nothing is secure

Bojidar Bojanov

watch video +

BSides Sofia 2023 - Commit to memory making the best of your notes

Plamen Kalchev

watch video +

BSides Sofia 2023 - Unencrypted malware, the invisible threat

Alexander Nedelchev

watch video +

BSides Sofia 2023 - Keytap acoustic keyboard eavesdropping

Georgi Gerganov

watch video +

BSides Sofia 2023 - Ghetto Forensic, command line Linux investigation

Peter Dangov

watch video +

BSides Sofia 2023 - Secure distroless OCI images via YAML

Victor Bonev

watch video +

BSides Sofia 2023 - The secure software supply chain Function S3C

Alexandar Andonov

watch video +

BSides Sofia 2023 - Purple Team assessment

Iliyan Velikov

watch video +

BSides Sofia 2024 Registration pack

Includes:

Venue and lectures access • Workshop access • Food and drinks throughout the day • Special gift for the first 100 registerred • Collectors T-shirt • Sponsor package • Access to After party
* checkout is in Bulgarian
* for 90% student discount use coupon BSIDES_STUDENTS on checkout

19 .90 лв.