TECH1 – Your new hire turned to be a hacker

November 8, 2023 from 10:50 to 11:30

Speaker: Tomáš Zaťko, Citadelo (SK)

Do you know how to think like a hacker? In Citadelo, we do. We think like hackers, but we don’t abuse it. On the contrary, our main goal is to reveal vulnerabilities without causing damage. Being a leader is a matter of course for us, an ethical approach an essential requirement, and a safer IT world our mission. Citadelo, was founded in 2006 by ethical hackers to help Fortune 500 companies identify vulnerabilities through simulated attacks. By engaging in cloud security testing, application testing, and more, the cybersecurity firm helps businesses achieve a higher level of security. Backed by a team of 30 professionals, the company is a market leader in Slovakia and the Czech Republic and has offices in Zug (Switzerland), Prague and Bratislava.

Tomáš found his hacker talent back in childhood when he wrote his first program aged 8. At 10 he reverse-engineered a proprietary binary data structure in his favorite game to make his soldiers supermen and unlock all the levels. As an adult, he decided to make the world more secure and since 2006 he has been helping companies ranging from e-commerce to major financial institutions with their Cyber Security.

In his talk „Your new hire turned to be a hacker“, Tomáš will share a fascinating case study where Citadelo’s team infiltrated a company’s systems by posing as a new hire. This unique approach to penetration testing offers a fresh perspective on how hackers can exploit vulnerabilities in unsuspecting ways. The talk will delve into the details of how the ‚new hire‘ managed to navigate the company’s security systems, create a reverse tunnel, and even exfiltrate data, all while maintaining his cover as a junior developer. This story serves as a stark reminder that even the most secure systems can be compromised, and that companies must be vigilant and proactive in their security measures. However, this talk is not just about the vulnerabilities; it’s also about solutions. Tomáš will discuss the importance of defense in depth, the implementation of zero trust, and the need for regular penetration testing and bug bounty programs. He will also highlight the significance of proper detection systems and the value of regular war games or simulation exercises to improve a team’s ability to react to incidents. This session is a must-attend for anyone interested in cybersecurity, offering valuable insights into both the mindset of hackers and the strategies for defense. It’s a unique blend of storytelling, practical advice, and a call to action for better security practices. Don’t miss out on this opportunity to learn from one of the best in the field.