Standoff
101

Reverse engineering is a branch of information security that analyzes off-the-shelf software and devices without having direct access to their code. This approach takes an outsider’s view of the software, helping to identify its vulnerabilities that hackers could also find.

Leonid will describe how to enter this profession, what kind of problems reverse engineers solve, how reverse engineering tasks in CTF competitions can help in becoming a reverse engineer, and how infosec researchers reverse-engineer malware used in complex APT attacks.

The age of artificial intelligence has brought with it new opportunities in IT and also new challenges. We will look at technology challenges facing infosec researchers, identify major cyberthreat trends, and map out the skills you need to acquire today in order to counter the threats of tomorrow.

Penetration testing is a special area of information security. Pentests simulate real attacks to find vulnerabilities in the IT infrastructure and recommend remediation measures. Egor will share the tips and tricks of entering the profession in 2023, challenges, expected income level, and what you need to become a real pro.

Capture the flag (CTF) is a team competition; the main goal is to capture the opponent’s flag. The competition is open to both professionals and players with no experience in information security. We’ll explain in detail how such competitions are run, what kind of tasks you can expect, and how CTF relates to the real world of cybersecurity.

To excel in cybersecurity, you need to constantly upgrade your skills, stay up-to-date on current trends, and build on your personal knowledge base. This talk will reveal what knowledge and skills you need to be in demand now and in 10 years from now.

Hackers, information security experts, malware analysts: who are they? Which character traits are well-suited for each profession, and which ones are incompatible? And does your personality even matter? We’ll present a practical profiling approach so that everyone can find an answer to the question "What specialty is right for me?"

Operating system security is a very complex subject area. Beginners may find it difficult to understand. Alexander Popov will show the roadmap for entering the field of Linux operating system security.

At 22, in his 4th year of university, Vladimir got interested in information security and started studying the topic on his own. At first, he could not get a job and only collected rejection letters.
Now Vladimir is 25, works at Positive Technologies, and teaches at the Moscow Technical University of Communications and Informatics. How he did it, what helped him advance in his profession, and how to become a pro — Vladimir will share these and other insights in his inspiring story.

At the beginning of his career, Dmitry Gadar developed cryptanalysis software. After moving to the financial sector, he worked his way up from an infosec analyst to the Head of Information Security at Tinkoff Bank. In the course of his career, he worked at Barclays Bank, GE Money Bank (General Electric Company), and Otkritie Bank.
Dmitry will explain how businesses view cybersecurity and information security professionals: what they expect in terms of basic skills, soft skills, information security, and understanding of business objectives.

What can a former KGB colonel with a PhD in physics and mathematics, a veteran of Internet intelligence, and the developer of the Avalanche technology tell us about working in cybersecurity? Join the presentation of KiberDed and find out.

There is a lot of freedom to grow in cybersecurity. Combined with your ambitions, skills, and passion, this is the key to success. Unlike in IT, you can become an expert in a particular cybersecurity field in just 2−3 years, but to assume a management role, you need initiative, responsibility, and willpower. In this track, we will discuss what else is important for your vertical and horizontal growth.

15 years, 6 universities and 3 countries: these are just some of the numbers that tell the story of Daria Grits' educational journey. We will look at the demand for cybersecurity services in Russia and abroad, and outline ways for beginners and advanced experts to enhance their skills. We will also discuss what you can realistically expect from universities, vendors, and managers—and where you need to rely on yourself.

The eternal problem for beginners is that they have theoretical knowledge but little to no practical experience, which is why they are often rejected by employers. Using his professional path—from a junior malware analyst to a recognized expert and manager—as an example, Alexey will show how hiring in infosec works. Specifically, how and where to look for a job, what criteria are used to assess candidates, what is important for a successful interview, and other tips and tricks.

Application security, or AppSec, is the branch of information security that deals with application security. AppSec engineers analyze application infrastructure, configure various scanning systems, as well as identify and fix vulnerabilities. In this talk, we’ll look in-depth at AppSec, share the challenges of the profession, and reveal what is required to become a real pro.

The speed at which information security has evolved in recent years is impressive, so it’s crucial that aspiring professionals clearly understand industry trends to be able to choose their career path. In this talk, we will cover cybersecurity trends: how open-source solutions are expanding the understanding of information security and why you should do eBPF and WebAssembly when looking at artificial intelligence. And, of course, there will be plenty of case studies and anecdotes from the industry.

For quite some time, cybersecurity was perceived as a closed area that many people were hesitant to venture into. However, the current trends show that cybersecurity has become cool and quite accessible for those who want to protect the world from cyberthreats. This talk will describe the steps you need to take to join this professional field, including soft and hard skills you need to work on; and we’ll also share stories from personal experience.

Choosing the right source of knowledge is a key to rapid and remarkable professional growth. Knowledge can be acquired in educational institutions, courses, internships, apprenticeships, and through self-guided search for information on the web. In this talk, we will explore how to choose a major in information security and plan your educational path leading to a successful career.