Great to have you here!

DefCamp 2024, the 14th edition of the largest cyber security & hacking conference from CEE is happening between November 28th - 29th. 

First we are a community built in many years and as a community, we encourage knowledge sharing and collaboration.

We encourage all application security practitioners or security researchers to contribute to the DefCamp community by writing articles for the blog and show their work to the world or attending the conference and showcase the research on stage.

First time hearing of DefCamp?

Here are some things to get you hyped:

• 40+ speakers & almost 1800 attendees from 50 countries in 2023
• video overview of the last edition
• in 2024 we move to one of the largest buildings in the world, Palace of the Parliament
• the conference is happening since 2011, lots of stories and experience to share 

What are the benefits for speakers?

• access to one of the largest cyber security communities from CEE
• exposure for your security research
• travel expenses covered by us 
• VIP treatment (including free access for one of your friends or family)

Submission Deadline(s)

Our Call for Papers will include three evaluation phases, meaning you have more chances of being selected if you submit sooner rather than later.

• Deadline for wave #1: August 15th, 2024
• Deadline for wave #2: September 15th, 2024
• Deadline for wave #2: October 15th, 2024

Submission Topics

We accept sessions on any of the following topics (the list is not exhaustive):

Web, Software, and Infrastructure Security

• Web Application Security
• Secure Software Development Lifecycle (SSDLC)
• Cloud & Infrastructure Security
• Critical Infrastructure Security – SCADA, routing, satellite, Cloud and GSM, automotive
• Android/iPhone security research
• Governance, Compliance, and Business Strategy

Security Governance & Compliance

• Legal Issues & related topics (e.g., NIS directive, GDPR, EU & international regulations, etc.)
• Business, Management & Innovation
• Digital Transformation & Security Awareness
• Cyber-Operations, AI & Emerging Technologies

DevSecOps & Security Automation

• Case studies of Cybersecurity incidents/breaches
• Applications of Cryptographic Techniques, including PQC
• AI in Cybersecurity
• Next-gen Exploits and Mitigation Techniques
• Hardware, Forensics, and Reverse Engineering

Hardware application bypass, hardware hacking basics, defeating “secure” hardware

• Forensics applications, physical memory forensics, solid-state disk forensics, network forensics
• Reverse Engineering Malware and Malware Analysis

Wireless, Communication, and Physical Security

• NFC, WLAN, GPS, HAM Radio, Satellite, RFID, and Bluetooth Security Development
• Badging applications, lock-picking, physical access control, physical lock forensics

Evaluation Process

All submitted sessions will be filtered and rated by our content committee. Selected speakers will be invited to attend this year’s DefCamp event on November 28th-29th. Travel and accommodations will be covered for all selected speakers not based in Bucharest (Romania).

Evaluation Criteria

• Technical or management expertise 
• Past experience as a speaker
• Presentation skills
• Session content
• Session level
• Tips for a winning submission

Before submitting your session, you might want to consider the target audience you’ll be talking to and some of the other tips we have put together for you. You can submit more than one session.

We are marking all sessions on the agenda according to their technical depth level. We will use something similar to the TechEd conference session levels (ranked 100-400), so you will be asked to evaluate or plan your target session level before submitting it.

Check out an overview of the SESSION LEVELS we use here.

Feel free to check the sessions from past years if you need some inspiration.  

Also, please keep the following recommendations in mind:   

• Write a descriptive, fun, and enticing title – this should “sell” your session to the audience 
• Target 300-400 level technical content; 100 and 200 level content is in low demand – if you say your talk is level 400, then make sure it is, or be prepared for a barrage of feedback in your evaluations!
• Describe content that is new, unique, or significantly refreshed from a previous presentation
• Take a solution-oriented approach
• Ensure there is minimal marketing talk in your content
• Showcase your speaking experience (past events/sessions you’ve had, ideally sessions which were also recorded)
• If targeting levels 100-200, focus on currently released or upcoming technologies
• Look into an advanced/expert approach to existing technologies and solutions (levels 300-400)
• Include one or more live demos for technical sessions; historically, sessions with strong demos receive higher audience scores
• Include personal experience; this goes down well with an audience of your peers, as everyone prefers to learn from someone else’s mistake instead of having to go through it themselves

Please note that sessions focusing on proprietary technologies or solutions and selling/advertising those technologies will be ignored from the start. Also, the DefCamp organizers reserve the right to select specific sessions based on other criteria or preferences as needed.

Accommodation and travel is covered only for speakers for Nov. 27th - Dec. 1st. There will be also other benefits such as: VIP & Speakers Lounge, Dinner & Trip.