Secure9 2023
It's time again for us to do it!
Secure9, an annual Levi9 security event built on our core belief – empowerment. Here, security is not just protocol, it’s our passion. Everyone is vital in safeguarding our cyber realm, protecting our services and customers.
We warmly welcome all levi niners, our customers, alumni, and partners. Secure9 isn’t merely an event, it’s our leap into a safer digital future.
So, gear up for an exciting adventure and let’s unlock security together!
See you at Secure9!
Program
Jenny Radcliffe
Monday September 25th 15.00-16.00 CEST
People Hacking — why social engineering is still the biggest security threat.
Have you ever wondered if the human side of hacking is still relevant? In this talk, Jenny, the “people hacker” will share with us why social engineering will always be a threat to organizations, the psychology and tactics behind malicious approaches illustrated from her vast experience. Join this talk to receive advice on how to protect yourself and your organization from social engineering and hackers.
Jenny Radcliffe (The People Hacker), is a world renowned Social Engineer, hired to bypass security systems through a mixture of psychology, con-artistry and cunning. She can talk her way into secure locations and physically penetrate organisations to help secure money, data, and information. Jenny is the author of the book People Hacker: Confessions of a Burglar for Hire and has many industry awards, frequently sharing her experience as a global keynote speaker at major conferences and an active TEDx contributor.
Ruben van Well
Wednesday September 27th 15.00-16.00 CEST
Operation Cookie Monster: are you a victim?
In April this year the FBI, the Dutch police and law enforcement from more than 17 countries collaborated to take down the criminal website Genesis Market and arrested many of its users around the world. The market sold packages of “online fingerprints”, which includes usernames and passwords for over two million victims. Join this talk to hear how the police fights cybercrime and what each of us need to do to avoid becoming the next victim.
Ruben van Well has worked for more than 20 years in the Dutch National police. He started with patrolling the streets of Rotterdam, moving to Riot police, to working in criminal law and currently being team leader of the cybercrime unit. Innovation has been a common thread throughout his career. As he stated: “Cybercrime is the innovation of crime, you need to be very agile to fight it effectively. Luckily, I have an awesome team with a variety of specialists who all share a goal to fight impactful cybercrime to protect society.”
Edwin van Andel
Friday September 29th 15.00-16.00 CEST
How to break the police bodycams for fun and pizza.
When the police asked to collaborate with the hacker community from the Netherlands they replied with “invite us to hack police and eat pizza’s”. Edwin thought that they will never hear back from them but surprise, surprise — eventually they accepted. So they created a team of brilliant hard- and software hackers and went to the Amsterdam police station to try to hack some of their obsolete bodycams. Did they succeed? Join this session to find out!
Edwin van Andel started hacking from the age of 13. Although he is now CTO of hacker company Zerocopter, his relationship with the hacker community is still the main driving force in his life. Together with the “Guild of Grumpy Old Hackers”, he is actively guiding and leading young hackers in the right direction in order to create his ultimate goal – a safe society through a safer internet. Next to all this he is known as the organizer of Defcon group Defcon3120 (Amsterdam).
[Past Event] Do More With Less - Powered by Azure
Do More With Less
Making Technology Decisions to Achieve More with Less
A mini conference for CTO’s, Architects and other experts
February 9th | 13.30 - 17.00h | Microsoft - Schiphol
Why this event?
We believe making good decisions requires a mix of theory and practice. Knowing the theory is relatively easy, but finding good, relevant practical experiences takes time. In this event, we organize a fast-track to connect people to experiences that will help to do more with less.
In this high-intensity, content-rich event, you’ll be engaging with different viewpoints that equip you to make better decisions going forward. Spending this afternoon will give you a new perspective, new connections and directly applicable ‘to-do’s.
[Past Event] Secure9 2022
What is Secure9?
In Levi9 we believe in empowerment. We think that security should be driven by passion and genuine interest of everyone in the company. To get people enthusiastic and curious about security, we started an annual event: Secure9.
This year the slogan of the event is They call me 009. Why? Because everyone in the company is a special 009 agent, making sure we are safe, our customers are protected, and we strive together for better security.
Whether you are a levininer, Levi9 customer, Alumni or partner – we welcome you at the event.
Get into Secure9 vibe and join our force of 009 agents!
Program
Monday October 17th 15.00-16.00 CEST
Jim Manico
What does OWASP Top 10 2022 mean to you?
The OWASP Top 10 recently received a major update which represents a broad consensus about the most critical security risks to web applications in today’s challenging security landscape. To build safe software all developers need to embrace and practice various secure coding techniques. Join this talk to find out more about defensive instructions in relation to the OWASP Top Ten to help you in writing secure code.
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for 10Security, Aiya, MergeBase, Nucleus Security, KSOC and Inspectiv. Jim is a frequent speaker on secure software practices, is a member of the Java Champion community, and is the author of “Iron-Clad Java: Building Secure Web Applications” from Oracle Press. Jim also volunteers for the OWASP foundation as the project lead for the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series. For more information, see https://www.linkedin.com/in/jmanico
Tuesday October 18th 15.00-16.00 CEST
Milic Vuletic
Phishing – a never ending story
Would you ever guess what is the best day to get phished?! Join this session to learn from real life cases on how other companies have learned this lesson the hard way. Find out how you can become 009 agents and never get fooled by phishing emails.
Milic Vuletic’s Security career recipe: throw in 10 years of development, mix with 10 year of testing experience, spice it with a lot of passion for Security; bring offensive security into the pot and add commitment to explore new things. And here you are leading Cyber Security Team in Levi9. Join his session and find out more about phishing, how it is done and how to avoid it.
Wednesday October 19th 15.00-16.00 CEST
Anastasiia Voitova
Data is a new security boundary
Modern application platforms gather, process and store data everywhere: from mobile apps and web to backend services, data warehouses, ML models, and BI analytics tools. The data protection approach has switched from “protect the data where it’s stored” to “protect the data wherever it exists”.
We will talk about data security 101: application level encryption (ALE), end-to-end encryption (E2EE), searchable encryption, and zero knowledge / zero trust architectures. Then we will discuss how data security is combined with traditional security controls (appsec & infrasec) to build secure & resilient systems.
Anastasiia Voitova builds security tools for protecting data during the whole lifecycle (encrypt everything!). She shares a lot about “boring cryptography”, end-to-end encryption, data security, zero knowledge / zero trust systems, software security architecture. She speaks on international conferences, conducts workshops and training for developers, and co-organizes cybersec events.
Thursday October 20th 15.00-16.00 CEST
Ruslan Plakhuta
Blockchain security through transparency
Together we will look into how blockchain works, what are the new security paradigms, what are weak points and how security in blockchain is achieved through transparency.
Ruslan Plakhuta is a software architect and IT professional developing software products and managing productive teams for more than 15 years. He is a proud Levi9 Alumni and Levi9 Software Architect who was driving many changes and improvements in Levi9 as a part of Arch9 team. Since 2016 he is working with crypto building various dapps in NFT, Defi and GameFi areas. He is co-founder of Toreus.Finance and Metasvit.io. His mission is to accelerate blockchain adoption, by making it more accessible and understandable. Through his consultancy work he shares the passion about this topic with businesses in the Netherlands.
Friday October 21th 15.00-16.00 CEST
Shairesh Algoe
The Red Cross of the Internet
The Dutch Institute for Vulnerability Disclosure (DIVD) scans the internet for vulnerabilities and reports these to people who can fix them. Shairesh will go into some of the recent cases, ranging from KaseyaVSA, to Log4j in 2021 and shares some of the 2022 highlights. He will also give an introduction on how the DIVD has professionalized vulnerability disclosure and why they are allowed to somewhat break laws on computer crime and privacy.
Shairesh Algoe is passionate about information security and enjoys teaching and telling stories. He manages to keep information security simple with more than 12 years of experience in technical and leadership roles. His day job is being a Chief Information Security Officer for TM-Pro, a FinTech company which provides banking as a service platform. He is also a board member at the DIVD, as well as an entrepreneur who delivers security products and services to multiple companies. Shairesh is a speaker, and he teaches students about information security and quantum technology.