MCTTP

Agenda-2024

MCTTP MUNICH CYBER TACTICS, TECHNIQUES AND PROCEDURES

Cyberattacks have evolved from a rivalry between IT-nerds to cybercrime, operation of
state agencies and cyberterrorism. The impact on companies and organizations is devastating and the pressure on CISOs and cybersecurity managers is enormous.
The task to protect IT infrastructure and business-critical data in current era of the »New Normal« from elaborate cyberattacks and provide a proactive IT security is their focus.

Therefore, we offer an intensive three-day program:

On the first day, deep security topics are highlighted and discussed in full-day training sessions in small groups of participants.

At the following two-day conference, participants can expect technically advanced, practice-related papers on current attack methods and effective defense ideas in the context of the Offensive Track.
The Corporate Defense Track deals with effective crisis prevention strategies, negotiations with perpetrators, criminal prosecution, and data protection in the event of a crisis.

A unique event for security technicians, C-Levels and all, whose main responsibility is to create future-proof cybersecurity in their enterprises.

KEYNOTE SPEAKER

Florian Hansemann

Top-ranked red teamer, expert in attack techniques and in the field of offensive security
Button
Prof. Dr. Dr. H. C. Julian Nida-Rümelin

Professor of Philosophy and
Political Theory
Button
Max Schrems

(Luckily not only) Privacy Lawyer, Honorary Chair of noyb, Author and Speaker
Button

PROGRAM

TRAININGS | SEPT 17

9:00 - 10:30

Registration

10.30 - 13.30

Windows Domain Analysis with Bloodhound

Florian Hansemann

@CyberWarship

(Hansesecure)

10.30 - 13.30

Masterclass – Cybercrime, NIS2 & Cyber Resilience Act

Dr. Marc Maisch, Maisch.law

Stefan Hessel, LL.M.

Christoph Callewaert, reuschlaw

10.30 - 13.30

Cyber Security Masterclass:

Notfallmanagement für KMU

Falko Weiß & Florian Oelmaier

Corporate Trust

10.30 - 13.30

Cyber Security Masterclass:

Supply Chain Security & Softwareentwicklung

Arthur Naefe, Corporate Trust

Stefan Fleckenstein, MaibornWolff

Johannes Geiger, MaibornWolff

13:30 - 15:00

Lunch Break

15.00 - 18.00

Windows Domain Analysis with Bloodhound

Florian Hansemann

@CyberWarship

(Hansesecure)

15.00 - 18.00

Masterclass – Cybercrime, NIS2 & Cyber Resilience Act

Dr. Marc Maisch, Maisch.law

Stefan Hessel, LL.M.

Christoph Callewaert, reuschlaw

15.00 - 18.00

Arthur Naefe, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Cyber Security Masterclass:

Ransomware IT-Forensik

Arthur Naefe

Corporate Trust

15.00 - 18.00

Cyber Security Masterclass:

100-Tage Hands on IT-Sicherheit

Falko Weiß & Florian Oelmaier

Corporate Trust

CONFERENCE DAY 1 | SEPT 18

Offensive-Track

Corporate Defense Track

08:45 - 10:00

REGISTRATION & Morning Coffee plus Snacks

10:00 - 10:15

Opening by Vera Nikolic, Florian Oelmaier, Florian Hansemann & Dr. Marc Maisch

10:15 - 10:55

OPENING KEYNOTE

Prof. Dr. Dr. H. C. Julian Nida-Rümelin

Professor of Philosophy and
Political Theory

Beyond apocalyptic and salvatory visions in the age of AI: a plea for Digital Humanism

10:55 - 11:35

Talk & Q&A

Sean Metcalf, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Sean Metcalf
CTO, Trimarc

A Decade of Active Directory Attacks:

What We've Learned & What's Next

What's next against AD and Entra ID / Azure AD?

TALK & Q&A

Christoph Callewaert, Senior Associate at reuschlaw

Stefan Hessel, Salary Partner / Head of Digital Business

NIS-2 and CRA: Cybersecurity update for IT contracts

The EU thinks that IT is dangerously underregulated. Let's see what´s next.

11:35 - 13:05

Lunch Break & Networking

13:05 - 13:45

TALK & Q&A

Daniel Feichter

Founder of RedOps GmbH

EDR Analysis: An introduction to reversing sophisticated detection

TALK & Q&A

Dr. Günther W. Weber, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Dr. Günter W. Weber

CEO Institute for Conflict Research & Crisis Consulting

Staying Positive in Times of Crisis

From a psychological point of view:
What does it take to stay resilient?

13:45 - 14:25

TALK & Q&A

Will Summerhill

Senior Security Consultant at Mandiant

Simplified Malware Evasion – Entropy and other Techniques

How malware escapes your detection

TALK & Q&A

Hila Fish

Senior DevOps Engineer, International Public Speaker

Navigating the Chaos: A Holistic Approach to Incident Management

Production incidents happen more often. Prepare for it.

14:25 - 15:00

Coffee Break & Networking

15:00 - 15:40

TALK & Q&A

Oddvar Moe

Principal Security Consultant @TrustedSec.
Microsoft Security MVP

A C2 Story – Outlook's One-Setting Wonder

Exciting news from the redteaming world.

TALK & Q&A

Stefan Fleckenstein

Head of Cybersecurity at MaibornWolff

SBOMs in practice

Software Supply Chain Management: how to use the tools available

15:40 - 16:20

TALK & Q&A

Chirag Savla, Senior Cloud Security Engineer

Raunak Parmar, Senior Cloud Security Engineer

Hacker's Story from Reader to Global Admin in Azure

How attackers can get Global Admin rights in your tenant

TALK & Q&A

Hanno Schaz, Security Consultant

Julian Geils, Senior IT-Security Consultant & Engineer

Enhancing Defenses: A Practical Guide to Vulnerability and Remediation Management

Fixing security problems is tedious work. But it needs to be done.

16:20 - 16:50

Coffee Break & Networking

16:50 - 17:30

TALK & Q&A

Rico Komenda

Senior Security Consultant

Pentesting Large Language Models 101

How to security test AI functions in software?

TALK & Q&A

Philipp Pelkmann

Co-Founder and CTO CyberCompare | VP Bosch

Challenging the in-transparent Cybersecurity Provider Market

How to separate useful security products from snakeoil

17:30 - 18:10

TALK & Q&A

Szymon Chadmam, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Szymon Chadam

SecuRing

How (not) to implement secure digital identity – case study of Poland's Digital ID system

Digital IDs are the future. Build it in a secure way!

TALK & Q&A

Jonas Mayer, Senior Consultant

Martin Förtsch, Principal Consultant

Thomas Endres, Managing Partner

TNG Technology Consulting GmbH

The AI Elections:
How Technology Could Shape Public Sentiment

AI vs. democracy – who will prevail?

18:45 - 23:00

Dinner at the famous Motorworld Inn - join in and enjoy great food & drinks, gaming and talks!

CONFERENCE DAY 2 | SEPT 19

Offensive-Track

Corporate Defense Track

09:00 - 09:15

Opening by Vera Nikolic, Florian Oelmaier, Florian Hansemann & Dr. Marc Maisch

09:15 - 09:55

KEYNOTE

Florian Hansemann

@CyberWarship (Hansesecure)

The value of our CyberSecCommunity:

Unlocking the secret to survive in the modern cyber world

Friends over Tools: a new security paradigm for a new world

09:55 - 10:35

TALK & Q&A

Emeric Nasi

BALLISKIT Owner and Researcher

Bypass Antivirus Dynamic Analysis – 10 Years later

Cat vs Mouse: what's state of the art in EDR evasion?

TALK & Q&A

Truls Dahlsveen

Security Architect at Sopra Steria, Microsoft Security MVP

Field notes on Security Strategy

To "enable all" is not a plan. Alert fatigue drowns the defenders.

10:35 - 11:15

Coffee Break & Networking

11:15 - 11:55

TALK & Q&A

Stefan Gerling, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Stephan Gerling

Security Evangelist

How to hack a Yacht (remotely)

Goal is to show and make aware of possible attack scenarios against modern vessels.

TALK & Q&A

Jasper Bongertz

Head of the Incident Response team at

G Data Advanced Analytics

Under Lock & Key: a deep dive into Ransomware Encryption

Your data is encrypted by a ransomware gang. What about decryption?

11:55 - 12:35

TALK & Q&A

Arun Nair, Independent Researcher

Nikhil Bhure, Cyber Security Professional

Automation Tactics for Modern Threat Emulation

Leveraging infrastructure automation tools for red teaming.

TALK & Q&A

Stefan Feuerstein

CEO @ Lutra Security

Stairway To Heaven

A Red Teamer's View Of The Cloud

12:35 - 13:45

Lunch & Networking

13:45 - 14:25

TALK & Q&A

Danish Tariq, Security Researcher &

Hassan Khan Yusufzai, Director at Laburity

Secret scanning in open source at scale (in-depth)

Identifiying the scale of our software supply chain problem

TALK & Q&A

Klaus Schmeh, Chief Editor Marketing

Simon Ulmer, Head of Eviden Digital Identity

Migration to Post-Quantum Cryptography: It’s not Science Fiction, or is it?

NSA and others are deeply in quantum computing. PQC is a necessity!

14:25 - 15:05

TALK & Q&A

Wietze Beukema

Sr. Threat Detection & Response Engineer

Command-Line Obfuscation:

You can run, _and_ you can hide

What the heck does this command line do?

TALK & Q&A

Klaus Kursawe

OT Security Expert

Critical Infrastructure Protection:

Where IT fails OT and what to do about it

SpaceX uses standard IT in space. But can you use standard IT-security for OT?

15:05 - 15:30

Coffee Break & Networking

15:30 - 16:10

TALK & Q&A

Mark Heiterbrink, MCTTP, Munich Cyber Tactics, Techniques and Procedures

Mark Heitbrink

Specialized IT Consultant in Group Policy

Prevent Ransomware with onboard technic and behavior

TALK & Q&A

Lianne Potter, Cyber Anthropologist, Head of Security Ops., technology podcast host @ Compromising Positions

Jeff Watkins, Chief Product and Technology Officer

Compromising Positions: how understanding human behaviours can build a great security culture

Security is preaching the same since years. Why is it not working?

16:10 - 16:55

CLOSING NOTE

Max Schrems

(Luckily not only) Privacy Lawyer, Honorary Chair of noyb, Author and Speaker

Uncle Sam is Watching: FISA702 and the US Cloud

Who is watching the watchmen? Max Schrems is!

16:55 - 17:10

Closing Ceremony & Conference End

With keynote presentations, tech talks and practical reports by international speakers and IT security managers, the MCTTP offers an intensive three-day program:

TRAININGS | SEPT 17

On the first day, we will cover, explore and discuss various deep security topics in 4 parallel trainings. These sessions will be led by Dr. Marc Maisch, Florian Oelmaier and Florian Hansemann. Participants can expect to engage in in-depth conversations within a small, dedicated group of like-minded individuals, fostering a collaborative learning environment.

Don't miss this opportunity to deepen your understanding of security topics and network with professionals in the field.

CONFERENCE | 18-19

At the following two-day conference, participants can expect technically advanced, practice-related papers on current attack methods and effective defence ideas in the context of the Offensive Track.

The Corporate Defence Track deals with effective crisis prevention strategies, negotiations with perpetrators, criminal prosecution, and data protection in the event of a crisis.

The aim of the MCTTP is to create a better understanding of the nature of current threats and to provide concrete approaches and insights into technical, legal, and organisational aspects.

Kindly note that the conference will be mainly held in English. However, some of the training sessions and talks at the conference may be in German.

VENUE

The IT place in Munich for automotive culture, lifestyle, events, and conferences

Here you will find more than 30 of the world’s most exclusive vehicle brands, various event locations as well as the four-star AMERON München Motorworld hotel, eight different restaurants, bars and cafes, and 120 glass parking boxes.

MOTORWORLD München
Am Ausbesserungswerk 8
80939 Munich
motorworld.de

Venue Motorworld München, MCTTP, Munich Cyber Tactics, Techniques and Procedures

PARTNER

FOUNDER

MEDIA & COOPERATION PARTNER

Button

Follow or write to us

Legal notice

Privacy

GTC