KOMITÉ TEKNISK

Tips
Programarbeid
Send inn

Les tips fra komitéene:

Teknisk
Styring
Fysisk
Nasjonal
Respons
Tips
Programarbeid
SEND INN

Les tips fra komitéene:

Teknisk
Styring
Fysisk
Nasjonal
Respons

Spor:


Specific requirements:

  • Application security: English language

Application Security:

  • Good practice architecture
  • Kubernetes/container security
  • Modern identity stacks
  • Cloud IAM
  • Authentication and Authorization
  • AI applied to code
  • AI applied to infrastructure
  • Security of AI applications
  • Writing secure code
  • Writing secure code with AI
  • DevSecOps / CI/CD
  • Mobile/device application security
  • Software supply chain security
  • Red teaming
  • Bug bounties
  • Security tooling

Offensive Security:

  • mobile (android, iOS) and browser & client exploitation
  • Cloud & identity attacks (Entra, hybrid AD, token theft)
  • Active Directory red teaming (DC abuse, Kerberos, gMSA)
  • Detection evasion & red teaming tradecraft (LOLBAS, EDR bypass)
  • AI & LLM red teaming
  • Novel approaches to vr discovery, new exploit techniques or mitigation bypasses

Cloud & Security Architecture:

  • Cloud governance & management
  • Identity & access management in the cloud
  • Cloud vendor management
  • Cloud infrastructure and virtualization
  • Cloud platform
  • Cloud applications and -management
  • Legal and political implications of cloud
  • Digital sovereignty, exit strategy, vendor lock-in etc.
  • Cloud audit
  • Cloud as enabler for business continuity and operational resilience
  • Cloud Service Provider cryptography, quantum resistant crypto
  • Incident response, cloud forensics, e-discovery etc.
  • Logging and monitoring in the cloud (strategic, tactical, operational)
  • Enterprise Security Architecture
  • Business Security Architecture
  • Security architecture, methods, frameworks, application of security architecture in the business (SABSA, ITIL, TOGAF etc)
  • Experience-based talks – “this is how we did it”, “we solved the problem using xxxx”
  • In general, information security, cybersecurity, privacy, personnel security related to cloud services or how it is architected

 

Identity

  • Identity-centric design and architecture, hybrid/cloud/on-premise
  • Identity standards, frameworks and regulations
  • Identity data flows
  • Identity data capture
  • Identity / Access analytics and visibility
  • Identity governance, Access governance
  • Core Access Management: Authentication, Authorization, Federation
  • Customer/Citizen Identity
  • Machine Identities
  • API authorization
  • Higher Privilege Management (aka PAM), incl. JIT, ZSP, privilege, mm.
    • Privileged account and session management
      (PASM)
    • Privilege elevation and delegation management (PEDM)
    • Secrets management
    • Cloud infrastructure entitlement
      management (CIEM)
  • Adaptive access and risk signals in authentication/authorization (Continuous Identity)
  • Professional development and communities

VÅRE SAMARBEIDSPARTNERE

STØTTESPILLER

SIKKERHETSFESTIVALEN

Sikkerhetsfestivalen er en arena for erfaringsutveksling. Den ble arrangert for første gang i 2019. Vår ambisjon er at dette skal bli Norges største og viktigste sikkerhetsarrangement, og en samlende arena for alle med interesse eller ansvar for cyber-, IKT-, personopplysnings- og informasjonssikkerhet.

Navigasjon

Kontakt oss

Sikkerhetsfestivalen

E-post: service@isf.no

Eventarrangør:
Macsimum AS
For spørsmål og billetter og partnerskap:
Send oss en epost

Sikkerhetsfestivalen - Logo