Jump to navigation Jump to content
© Mapbox, © OpenStreetMap

Speaker

Davide Cioccia

Davide Cioccia

Founder at DCODX Cybersecurity

Amsterdam, The Netherlands

Actions

Davide Cioccia is the founder of DCODX, an ethical hacking, and security training firm focusing on DevSecOps and web3. Speaker and trainer at multiple international conferences like Black Hat, HITB, OWASP AppSec, DevSecCon and DEF CON. He is also a conftributor of the OWASP Mobile Testing Guide and chapter lead of DevSecCon Netherlands.

Links

Area of Expertise

  • Information & Communications Technology

Topics

  • DevSecOps
  • DevSecOps and GitOps in practice
  • Pentesting
  • Hacking
  • Security
  • IT Security
  • Application Security
  • Security & Compliance
  • Cyber Security basics

Sessions

Secure Coding AI Wargame

Come join a fun and educational secure coding AI wargame. You will be given an AI chatbot. Your chatbot has a secret that should always remain a secret! Your objective is to secure your chatbot to protect its secret while attacking other players' chatbots and discovering theirs. The winner is the player whose chatbot survives the longest (king of the hill). All skill levels are welcomed, even if this is your first time seeing code, securing a chatbot, or playing in a wargame.

Let's experience first-hand the challenges in protecting LLM based apps!

Hackable.sol - Do you know how to hack smart contracts?

The financial implications of smart contract vulnerabilities are substantial. Smart contracts often handle large amounts of value, and successful exploitation can lead to significant financial losses for users and project developers. In this session I will share the latest smart contract /web3 security trends and vulnerabilities. The attendees will learn how to create tests for security issues in smart contracts written in Solidity, and how to "profit" from it.

Cracking mobile applications using Frida and Ghidra

If you are curious about how hackers and security experts look at mobile applications and how they manage to hack them, this is definitely something for you. This talk focuses on two main aspects of mobile application security: runtime analysis and reverse engineering. We will look the process of hacking mobile applications, with a live demo using Frida( https://frida.re) and Ghidra (the NSA reverse engineering tool) to crack the OWASP CrackMe challenges.

DevOps meet Sec: Your journey to delivering secure code fast

After spending the last 1 or 2 years getting your DevOps process right, here it comes the new security guy: "We need to move to DevSecOps". This talk wants to share my personal experience, challenges, and successes as DevSecOps Architect in implementing DevSecOps in different DevOps processes. The talk starts with the main question: "where do we start?" to then moves to topics like IaC security, policy as code, SAST, SCA, SBOM, Security Champions, CI/CD security, supply chain security, logging and monitoring and DevSecOps maturity. Don't look at it as a list, but as a mix of connected resources that will increase automation and reduce manual bottlenecks. At the end of the talk, attendees should already be able to picture their DevSecOps journey ahead. DISCLAIMER: if you are hoping to completely "remove" the security guy from the picture, this is not the goal of this talk.

Events

SECCON 2023 Sessionize Event

September 2023 Amsterdam, The Netherlands

Davide Cioccia

Founder at DCODX Cybersecurity

Amsterdam, The Netherlands

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top