Tickets

Trainings and workshops for Qubit Conference® Prague 2025.

Offensive Emailing

The training will take place on May 26, 2025

In-person | Duration: 6 hours | Suitable for: Penetration Testers, Red Teamers | Maximum number of participants: 15

Email remains a critical vector in the modern cybersecurity landscape, serving as a primary channel for various threats, including malware distribution, phishing campaigns, and social engineering attacks. The Offensive Emailing training equips penetration testers and red team professionals with advanced skills to perform comprehensive email-based security assessments.

During this hands-on training, participants will explore:

  • Fundamentals of email and advanced protocols essential for security testing
  • Techniques for mapping and analyzing target infrastructure
  • Building email-sending infrastructure for optimal campaign execution
  • Designing and implementing realistic attack scenarios
  • Methodologies for measuring and analyzing campaign effectiveness

This practical training enables security professionals to simulate real-world email-based threats, helping organizations identify vulnerabilities in their email security and assess employee security awareness. Participants will gain practical skills to conduct thorough email security assessments and provide actionable recommendations to enhance organizational resilience.

Participants will gain expertise in designing and conducting sophisticated email security assessments.

They will learn techniques to bypass common email security controls, understand their limitations, and gain practical experience in building and maintaining sending infrastructure for security testing.

Participants will also learn to create realistic scenarios that test both technical defenses and human awareness.

Requirements for training participants:
  • Basic knowledge of Linux
  • Understanding of DNS

Trainer

Mutina

Boris Mutina

Security analyst | Excello and Virusfree.cz | Czech Republic

Read more >

Mastering Threat Hunting

The training will take place on May 26, 2025

In-person | Duration: 6 hours | Maximum number of participants: 20.
Threat Hunting is the New Cat-and-Mouse Game! Threat hunting has always been about sorting through a flood of alerts, logs, the unknown, and the known. But what if we combine proactive and reactive methods, structured and unstructured threat searches, and criminal profiling all while having fun during training? Grab your keyboards, prepare an extra set of eyes, bring paper and pen, and hunt the unknown from the known from the ground to the cloud!

What We’ll Cover in the “Pure Hands-on” Training:

  • Fundamentals of Threat Hunting: Reactive vs. proactive approaches, what to pursue and ignore.
  • Frameworks for Threat Hunting: Structured and unstructured methods, hunting threats via blogs, scraping Paste Bin, and following rumors.
  • Criminal Profiling: MITRE vs. Any.run vs. the hunter’s instinct.
  • Staying Grounded: Preliminary threat hunting, Indicators of Compromise (IOC), and Indicators of Attacks (IOA).
  • You’ve Got the Gold Pack: Scouting for MOV in Pcaps.
  • Hunting in the Dark: Rootkits and office documents.
  • The Cloud is the New Gotham: MITRE for the Cloud, AWS, and the awesomeness of log collection.
  • Every Cloud Has a Silver Lining (and a Threat): Detecting attack patterns and identifying attempted attacks.
  • H(AI)! Did You Miss Me?: Leveraging AI for triaging alerts, pattern comparison, and model mojo. Can we create playbooks with AI?
Requirements for training participants:

Registered participants will receive details about the VM for download, including files and necessary software, 20 days before the training.

Trainer

Shyam Sundar R.

Shyam Sundar R.

Senior Manager | Arctic Wolf Networks | India
Read more >

Hacking Gamification

The training will take place on May 26, 2025

In-person | Duration: 3 hours | Suitable for: IT security professionals, IT operations teams, incident response teams, system administrators, infrastructure and workstation management professionals, beginners in penetration testing, and anyone looking to transition into cybersecurity roles | Maximum number of participants: 20

Cybersecurity professionals must stay ahead of malicious attackers to protect their organizations from constantly evolving cyber threats. Hacking gamification is an innovative way to learn and understand hacking techniques, penetration testing, and incident response strategies. In this observation-based training, participants will gain valuable insights into hacker tactics, tools, and methodologies without needing hands-on involvement.

The training will guide you through ethical hacking. Joseph will demonstrate tools and techniques commonly used by hackers and provide a detailed walkthrough of two selected systems. He will explain each step of the process, from initial enumeration and exploitation to privilege escalation, while offering actionable recommendations for mitigating risks in real-world environments.

Participants will see live demonstrations of:

  • Techniques for enumerating systems and services on endpoints.
  • Strategies for exploiting vulnerabilities to discover and leverage weaknesses.
  • Methods for creating payloads and executing reverse shells.
  • Privilege escalation techniques to gain elevated access.

At the end of this session, participants will have a deeper understanding of:

  • Ethical hacking tools such as Metasploit, Nmap, BurpSuite, and Netcat
  • Common vulnerabilities and how attackers exploit them
  • Effective strategies for strengthening endpoint security and protecting against malicious threats
Note:

This training is observation-based. It focuses on demonstrating ethical hacking techniques. Participants will not engage in practical activities but will gain critical insights into effectively securing their environment.

Trainer

Joe Carson
Joseph Carson
Chief Security Researcher & Advisory CISO | Wiretrap | Estonia
Read more >
Register

LAZARUS DevSecOps Workshop

The workshop will take place on the May 28 2025, as part of the conference program in the technical track.

This is a hands-on, interactive session—passive participation is possible, but attendees will get the most out of it by testing the tools themselves. Duration: 90 minutes | The maximum number of active workshop participants for whom a testing station can be prepared is 30.
LAZARUS is a 3-year EU-funded project with a talented tech team aiming to simplify software development, particularly for SMEs, while ensuring secure applications for everyone.
Each tool will be available for testing, accompanied by an explanation of its current limitations and stages of development. It is necessary to bring your own laptop with a GitHub account (or local software projects for testing). During the workshop, participants will have access to LAZARUS tools in the cloud by scanning a QR code. After the testing is completed, there will be feedback and a group discussion.

Workshop Agenda:

1. Overview of the LAZARUS EU Project (30 min)

  • Opening remarks and workshop objectives.
  • Introduction to LAZARUS: A holistic platform focused on security and performance throughout the entire Software Development Life Cycle (SDLC).

Project Objectives:

  • Design of an intelligent framework for secure application development.
  • Implementation of automated self-healing mechanisms for compromised systems.
  • Development of innovative methods for vulnerability detection.
  • Integration of AI and machine learning to automate security checks in DevSecOps.
  • Current status and key milestones achieved.
  • FAQ

2. Interactive Demonstrations of LAZARUS Platform Services (55 minutes)

Detection of Secret Management Issues:

  • Capabilities of the tool and current development status.
  • Hands-on testing with a guided scenario.

Code Tainting and Static Code Analysis:

  • Features for identifying code quality issues and potential vulnerabilities.
    Interactive code analysis session.

SQL Injection Vulnerability Detection:

  • Demonstration of detection methods.

Fuzzing Techniques:

  • Overview of fuzz testing and anti-fuzzing capabilities.
  • Live fuzzing demonstration on sample code.
  • CVE Scanning and Container Vulnerability Assessment:
  • Tools for identifying known vulnerabilities in dependencies and container images.
  • Step-by-step scanning process walkthrough.

Network Attack and DDoS Detection:

  • Mechanisms for monitoring and mitigating network threats.
  • Simulated attack scenario.

The workshop will be led by

Adriana Freitas
Adriana Freitas

Director Responsible for Research Projects | APWG.EU | Spain

Read more >
Panagiotis Markovits

Panagiotis Markovits

Senior Researcher / Software Engineer | SOLVUS TECH | Spain

Read more >
created by digital and marketing agency ©CaIS4you, s.r.o., design by graphic designer ©Slaavo

Boris Mutina

Security analyst
Excello a Virusfree.cz | Česká republika

Boris je autorom mnohých článkov a odborných publikácií k danej oblasti. Po mnohých rokoch na cestách za kybernetickou bezpečnosťou je teraz Boris šťastný cybersec analytik v spoločnosti Excello. Boris je audítorom a výskumným pracovníkom. Ako freelancer v oblasti bezpečnosti IT spolupracuje s mnohými spoločnosťami v celej Európe. 

Shyam Sundar R.

Senior Manager | Arctic Wolf Networks | India
Shyam Sundar KR je šéf aplikačnej bezpečnosti s viac ako 17-ročnými skúsenosťami v oblasti aplikácií, digitálnej forenznej analýzy a analýzy pamäte/malvéru. Rečník, autor a profesor “loví” hrozby prostredníctvom logov a výskumu. Je držiteľom magisterského titulu z digitálnej forenznej analýzy a pokračuje v doktorandskom štúdiu, pričom vášnivo stráži digitálny svet.

Joseph Carson

Chief Security Researcher & Advisory CISO | Wiretrap | Estónsko

Joseph Carson je profesionál v oblasti kybernetickej bezpečnosti a etický hacker s viac ako 25-ročnými skúsenosťami v podnikovej bezpečnosti, ktorý sa špecializuje na blockchain, bezpečnosť koncových bodov, sieťovú bezpečnosť, bezpečnosť a virtualizáciu aplikácií, riadenie prístupu a privilegovanú správu účtov.

Joseph je certifikovaný odborník na bezpečnosť informačných systémov (CISSP), aktívny člen komunity kybernetickej bezpečnosti, často vystupuje na konferenciách o kybernetickej bezpečnosti po celom svete a prispieva do publikácií o globálnej kybernetickej bezpečnosti. Je poradcom pre kybernetickú bezpečnosť niekoľkých vlád, kritickej infraštruktúry, finančného, ​​dopravného a námorného priemyslu.

Joseph sa pravidelne delí o svoje znalosti a skúsenosti na workshopoch o hodnotení zraniteľnosti, osvedčených postupoch správy záplat, vyvíjajúcom sa perimetre kybernetickej bezpečnosti a všeobecnom nariadení EÚ o ochrane údajov. Je autorom kníh Cybersecurity for Dummies a Privileged Account Management for Dummies.

Adriana Freitas

Director Responsible for Research Projects | APWG.EU | Španielsko

Adriana je skúsená odborníčka na telekomunikácie s viac ako 20-ročnými skúsenosťami v tomto odvetví, prešla do oblasti kybernetickej bezpečnosti s vášňou pre zabezpečenie digitálnej oblasti. Ako riaditeľka zodpovedná za výskumné projekty v APWG.eu vedie medzinárodnú spoluprácu a formuje globálne úsilie o digitálnu bezpečnosť. Adrianina cesta začala u satelitných gigantov Omnitracs a Globalstar, po ktorej nasledovalo desaťročné pôsobenie v Telefónice, kde riadila medzinárodné projekty vo veľkých mestách. Jej odhodlanie sa rozširuje na zapojenie komunity, aktívnu účasť na technologických podujatiach a podporu startupov ako mentor a investor. Odbornosť a vodcovstvo Adriany sú podporené jej akademickým vzdelaním, vrátane M.S. v odbore Data Science a Big Data, špecializované školenie z ESADE a IE, MBA z IEDE/Universidad Europea Madrid, M.S. v marketingu na UFGV Sao Paulo a titul Master of Engineering na UNB v Brazílii.

Panagiotis Markovits

Senior Researcher / Software Engineer | SOLVUS TECH | Španielsko
Panagiotis Markovits je držiteľom titulu MEng v odbore počítačové inžinierstvo a informatika na Univerzite v Patrase (UPatras) a titulu MSc v odbore bezpečnostného manažmentu a inžinierstva na Univerzite v Pireus (UniPi), kde v súčasnosti študuje doktorát v odbore počítačová bezpečnosť a strojové učenie. Pracuje ako hlavný softvérový inžinier v spoločnosti Solvus a pôsobí ako technický vedúci projektov výskumu a inovácií. Medzi jeho záujmy patrí kybernetická bezpečnosť, strojové učenie a veda o údajoch.

Boris Mutina

Security analyst

Excello a Virusfree.cz | Czech Republic

Boris is the author of many articles and professional publications in the field. After many years traveling in pursuit of cybersecurity, Boris is now a happy cybersec analyst at Excello. He serves as an auditor and researcher. As a freelance IT security specialist, he collaborates with numerous companies across Europe.

Shyam Sundar R.

Senior Manager | Arctic Wolf Networks | India
Shyam Sundar KR is an Application Security Chief with 17+ years of experience in appsec, digital forensics, and memory/malware analysis. A speaker, author, and professor, he hunts threats through logs and research. He holds a Master’s in Digital Forensics and is pursuing his Ph.D., passionately guarding the digital world.

Joseph Carson

Chief Security Researcher & Advisory CISO | Wiretrap | Estonia

Joseph Carson is a cybersecurity professional and ethical hacker with over 25 years of experience in enterprise security specializing in blockchain, endpoint security, network security, application security virtualization, access controls, and privileged account management.

Joseph is a Certified Information Systems Security Professional (CISSP), and an active member of the cybersecurity community, frequently speaking at global cybersecurity conferences, and contributing to international cybersecurity publications. He is a cybersecurity advisor to several governments, and critical infrastructure, financial, transportation, and maritime industries.

Joseph regularly shares his knowledge and experience giving workshops on vulnerability assessments, patch management best practices, the evolving cybersecurity perimeter, and the EU General Data Protection Regulation. He is the author of Cybersecurity for Dummies and Privileged Account Management for Dummies.

Adriana Freitas

Director Responsible for Research Projects | APWG.EU | Spain

Adriana is a seasoned telecom expert with 20+ years of industry experience, has transitioned into cybersecurity with a passion for safeguarding digital landscapes. As the Director Responsible for Research Projects at APWG.eu, she leads international collaborations, shaping global digital security efforts. Adriana’s journey began with satellite giants Omnitracs and Globalstar, followed by a decade-long tenure at Telefonica, managing international projects in major cities. Her dedication extends to community involvement, actively participating in tech events and supporting startups as a mentor and investor. Adriana’s expertise and leadership are bolstered by her academic background, including an M.S. in Data Science and Big Data, specialized training from ESADE and IE, an MBA from IEDE/Universidad Europea Madrid, M.S. in Marketing from UFGV Sao Paulo, and a Master of Engineering degree from UNB, Brasilia.

Panagiotis Markovits

Senior Researcher / Software Engineer | SOLVUS TECH | Spain
Panagiotis Markovits holds a MEng in Computer Engineering & Informatics from the University of Patras (UPatras) and a MSc in Security Management & Engineering from the University of Piraeus (UniPi), where he is currently pursuing a PhD in Computer Security & Machine Learning. He works as a Senior Software Engineer at Solvus, acting as technical lead for Research and Innovation Projects. His interests include cybersecurity, machine learning, and data science.

Jean Gobin

Senior Technical Architect | Truesec AB | Sweden

Jean-Francois is a Senior Technical Architect in Truesec’s leading CSIRT. He focuses mainly on network infrastructure and network forensic investigations. He is a seasoned veteran with a strong track record from engagements during which he assisted customers with security reviews, network designs, and robustness assessments to prevent breaches and minimize impacts of attacks.

Andrea Pezzotti

Global Head Cyber Security Operations | Sandoz | Czech Republic
With over 20 years of experience in IT and Security across multiple countries in Europe, Andrea has primarily worked within the banking and pharmaceutical industries. He has successfully led multiple transformations and programs aimed at enhancing both defensive and offensive security capabilities. In 2019, Andrea spoke at the Advanced Threat Summit in Poland, and furthermore in 2022, he recorded a lesson on modern Vulnerability Management Programs for EC-Council University.

Tiarne Hawkins

CEO & Co-Founder | Optica Labs | USA

Tiarne Hawkins is an AI strategist, entrepreneur, public speaker, podcast host and industry leader driving AI innovation, transformation, and safety on a global scale, ensuring AI services for the greater good of society. Tiarne’s journey began in IT recruitment programs in Australia, where she founded and led her first company at just 22, specializing in digital transformation consulting and recruitment. Through a strategic merger with leading firm Salt, she expanded operations into Asia, the UK, and Dubai, scaling the company to $37 million annual revenue before a successful exit. Following this success, Tiarne played a pivotal role in expanding an international firm in the U.S., contributing to its rapid growth from $500 million to $900 million as part of the global executive team. In 2017, She joined Playable AI, positioning its cutting-edge AI-powered video editing and email marketing platform for market dominance, collaborating with entertainment giants like Disney and ESPN. By 2019, Tiarne joined Welocalize, spearheading the launch of its AI training division, driving advancements in machine translation, multilingual language modeling, and AI data pipeline creation—leading AI programs for Google, Amazon, AWS, Meta, Apple, and more. Before founding Optica Labs, Tiarne served as an Industry Strategist at Invisible Technologies, crafting AI training strategies for LLM research, AI program development, and next-gen AI training breakthroughs—customers included OpenAI, Meta, xAI, Nvidia, Cohere, Amazon, and more. An influential voice in AI, Tiarne leads AI workshops for HPE, Nvidia, and AWS, engages CIO groups across the U.S., and speaks at premier industry events, including CES, AI Boston, AI Summit New York, and Voice & AI. She are also the host of the ‘You & AI’ podcast, featuring conversations with top tech leaders such as Mark Cuban, Adam Cheyer, and many more. Currently, Tiarne Hawkins is the Co-Founder of Optica Labs, an innovation lab operating at the intersection of cutting-edge technology and human interaction.

Michal Susko

IT GRC and Security Team Leader | VOLKSWAGEN Financial Services Slovakia | Slovakia

Michal Susko, the GRC and Security Team Lead at VWFS SK, brings a wealth of experience in IT security, compliance, and risk management. His expertise ensures robust security frameworks and compliance with industry standards, enhancing organizational resilience.

Jozef Filko

Cyber security consultant | beluga | Slovakia

Jozef Filko is a cybersecurity expert with 20 years of experience in IT governance, risk management, and AI security in finance. He leads AI-driven security & IT projects, ensures regulatory compliance, and holds CDPSE, CIPP/E, and ITIL 4 certifications.

Tudor Damian

Cybersecurity & Cloud Advisor | D3 Cyber | Romania

Tudor, an IT consultant with 20+ years of industry experience, Tudor is a Certified Ethical Hacker, and a Microsoft Cloud and Datacenter Management MVP. His commitment to staying at the forefront of technology trends enables him to provide valuable guidance and support to organizations seeking to navigate the ever-changing IT landscape. His passion for sharing knowledge and engaging with the community helped him become a regular presence at local and regional community events, providing valuable insights and guidance to IT industry professionals and enthusiasts.

Charles Tango

CISO | SYSCO | USA

Charles is the Chief Information Security Officer at Sysco, a Fortune 50 global leader in selling, marketing, and distributing food and non-food products to customers around the world. Charles is a Venture Partner at Bloccelerate, one of the largest blockchain focused VC funds, and holds advisory board positions with several companies including OptimEyes, an AI risk management platform and Lytical Ventures, a cybersecurity / AI VC. . Charles is both a seed investor in early-stage startups and board /advisory director having led growth through profitability. Charles also does public speaking several times a year, including a past Keynote panel at RSA. Prior to his role at Sysco, Charles held the Chief Information Security Officer position at Altria as well as senior level Information Security positions with financial institutions in the NY metro area, including Chief Information Security & Risk Officer for Sterling National Bank and Senior Vice President, IT & Operational Risk at Citigroup. During his time in NY he was also a charter founding member of the NY ISC2 Chapter.

Lukas Hatala

Regional CTO | DXC Technology | Slovakia

Lukas currently serving as CTO responsible for Eastern Europe in DXC.technology. Because of his curiosity and strong believe in positive technology impact on human kind he is helping BlockChain Slovakia as Director of International Affairs. He also founded his own project called Neuromorphics Europe, where he serves as CEO. Lukas has experience from HP Labs, the European Commission in Brussels, and large international Go-to-Market (GtM) projects, where in previous years he promoted technologies such as IoT, Edge Computing, Blockchain, and AI.

Pavel Minarik

VP, Product Security | Progress Software | Czech Republic

As a VP of Product Security, Pavel is responsible for the secure software development life cycle across all Progress products defining and implementing product security standards and ensuring that security is inherent to our mindset and product development practice. Pavel is the former Chief Technology Officer of Flowmon Networks responsible for product vision and strategy for Network Performance Monitoring & Diagnostics and Network Detection & Response product portfolio.