CFP is closed
EVENT Website = https://www.cisco.com/c/en_uk/products/security/seccon/index.html

It's happening! SECCON NL, September 22nd.

Collaboration and sharing knowledge are the first steps to creating and maintaining a high cyber resilience level. Designed by the industry for the industry, SECCON NL* focuses on knowledge sharing and collaboration in cyber security. The ultimate goal is to further strengthen the cyber resilience of Dutch organizations by learning from each other's experiences and challenges. We will create a podium for experts who share insights into theoretical and practical aspects of the security, privacy, trust, and resilience of networks, systems, services, and applications and novel ways for dealing with vulnerabilities and mitigating sophisticated cyber-attacks.

SECCON NL looks to inspire the security community and will be of interest to SOC analysts, Threat intel researchers, Security Architects, DevSecOps, Pentesters, etc.

SECCON NL looks for submissions from diverse communities, including corporate and academic researchers, open-source projects, standardization bodies, governments, system and security administrators, software engineers, and application domain experts.

Anonymized Evaluation:

Our program committee evaluates submissions anonymously in the first phase. In other words, we don't see the speaker's details to ensure the unbiased validation of the paper's content and its value to the community.

Talks with the highest ratings move onto the second round of evaluation, where the program committee evaluates them for program fit, content, relevant experience, etc.

Confirmed Members Program Committee:

• Wouter Hindriks (Avit)
• Liesbeth Holterman (Cyber Veilig Nederland)
• Renza Gruter (ZeroCopter)
• Koen Sandbrink (NCSC) Koen.Sandbrink@ncsc.nl
• Jochem Smit (Northwave)

Our program committee looks forward to papers around the following topics:

Threat intelligence

Threat Intelligence is one of the lifelines security teams rely on to secure their environment. How do Threat feeds differ from each other? What is the best way to share intel with the community for the common good? What does the future of Threat intel sharing look like when the internet (and or world) start to become more fragmented? Focus area's could be:

• Combining Threat feeds into an actionable feed of information

• MISP integration

• MISP best practices

• Strategic, Tactical and Operational Threat intel

• API integrations to ingest contextual threat intel

Detection and Response

When a compromise is detected, proper mitigation actions need to be taken as a response. But how can you design an adequate Detection and Response framework that matches your organization? And when a full-blown Security Operations Center(SOC) is not within reach, is MDR the way to go, or are there other alternatives? In this track, the community will discuss best practices and try to answer these questions. Focus area's could be:

• A day in life.. Fighting against ransomware?

• EDR vs XDR

• Detection and response in an OT environment

• Signature based detection vs. Anomaly detection with Flow telemetry

• EDR in Airgapped environments

• Encrypted Traffic analytics

• XDR best practices

• Response automated or manual?

• The Hive

• How to develop a SOC (organizational), Culture, KPIs etc.

SOAR (Security Orchestration, Automation, and Response)

Orchestration and Automation initiatives are driven by the security talent shortage and ever-expanding threat landscape. In this track, we are looking for SOAR experts that want to share their experience in orchestrating Threat hunting processes, automating response actions, and integrating cross architectural security workflows. Focus area's could be:

• Workflow creation

• Organizational impact of onboarding SOAR.

• Difference Automation and Orchestration in security

• SIEM vs SOAR, experience sharing of setting up the right match

DevSecOps.

Applications transition from traditional monolithic apps and their associated development methods toward distributed application stacks developed with DevOps methodologies. Security needs to keep up with the pace of modern application development. Advanced apps are deployed as microservices in containers and not in traditional VMs, hence the rise of another platform that needs to be hardened and secured. We are awaiting your paper in anticipation if you are looking to share your insights, outlook, and experience with API Security, Runtime security, Container Security, and other related topics. Focus area's could be:

• API Security

• Security in CI/CD pipeline

• Application Runtime Security

• Securing and hardening a Kubernetes container cluster

• OWASP top 10

• What is the role of a firewall in the container world?

• Organizational impact of DevSecOps

• OpenSource vs Commercial of the shelf

Vulnerability Management

We are experiencing a tidal wave of vulnerabilities, but you can't fix them all. Organizations rely on extensive threat intel and patented prioritization to cut costs, save time, and keep teams focused on reducing the most significant risks. We are looking for experts to share experience in vulnerability scanning, pentests, and the ability to prioritize what is essential. Focus area's could be:

• Risk analysis of vulnerabilities

• Combining Vulnerability Scanning and Pentest outcomes

• CVE, CWE, CVSS and CWSS for dummies

• Experience sharing: How to deal with a High/High from the NCSC

Post-Quantum Security

Sooner or later, Quantum computing will trigger a fundamental security transformation. Are you an expert on QKD? What role will Quantum play in Offensive and Defensive security scenarios? How to protect today's data in transit from potential future threats? Please share your paper. We have a stage waiting for you. Focus area's could be:

• Impact Quantum on Key exchange (QKD)

• The power of Quantum in the hands of APTs

• Quantum as enabler for AI in cybersecurity

• How to prepare for the future?

*SECCON NL is powered by CISCO in support of the Dutch Cyber Security Community