HITB Labs

HITB LABS

august 30th - 10:00 - 12:30
OPEN TO COMMSEC TRACK ATTENDEES

Should You Fully Bank on Your Cybersecurity? Practical Workshop for Banking and Financial Services

Maxim Kostikov is the Head of Application Security Analysis at Positive Technologies

Konstantin Polishin/Head of Red Team SE in the Penetration Testing Department at Positive Technologies

The financial sector is a battleground for cybercrime. Banks are constantly under siege by ever-evolving threats from malicious actors.

As a security expert, you’re the shield that protects the bank. You’re the one who identifies and neutralizes these threats before they can steal money or cripple financial systems. Your expertise is vital in safeguarding the financial wellbeing of the bank and its customers.

This workshop will equip you to understand how attackers infiltrate external and internal perimeters, including the DMZ. You’ll also gain insights into how bad actors compromise mobile banking, POS systems, and ATMs.

In this lab, you'll gain insights into:

The Evolving Threat Landscape in ASEAN: Understand the current cyber threats specific to the ASEAN region.

Breaching Banking Defenses in Minutes: Learn how hackers can exploit vulnerabilities to gain access to your network.

Fortifying Your Infrastructure: Discover the weakest points in banking systems and strategies to prevent data breaches and financial losses.

Identify current cyber threats specific to the ASEAN region: the workshop will equip participants with knowledge about the evolving cyberthreat landscape in Southeast Asia.

Recognize vulnerabilities in banking systems: participants will learn how to identify weaknesses in financial infrastructure that hackers might exploit.

Understand common hacking techniques: the workshop will delve into how attackers breach banking defenses, giving participants valuable insight into their methods.

Develop strategies to prevent data breaches: participants will gain practical knowledge on fortifying banking systems and preventing data leaks.

Learn methods to minimize financial losses: the workshop will cover strategies to mitigate financial damage caused by cyberattacks.

Gain overall cybersecurity expertise: by covering these points, the program aims to enhance participants’ overall cybersecurity knowledge and skills in the banking sector.

Who Should Attend?

  • Chief Information Security Officer 
  • Security Analyst
  • Cybersecurity Manager
  • Network Security Engineer
  • Security Architect

Certification

Upon successful completion of the course, you’ll earn a Certificate of Completion so you can showcase your newfound skills!

About PT SWARM

PT Security Weakness Advanced Research and Modeling (PT SWARM), with 100+ offensive security experts, tackles penetration testing (red teaming), software security (mobile/web/finance), social engineering, wireless audits, and ATM/POS assessments. Boasting 200+ annual successes, our results speak for themselves:

Maxim Kostikov (Head of Application Security Analysis at Positive Technologies)

Maxim graduated from MIREA with a degree in cybersecurity in 2018.

Before joining Positive Technologies, Maxim worked at Advanced Monitoring, where he specialized in penetration testing and web application security analysis.

He joined the Positive Technologies Digital Banking Security Analysis department in 2018. Now Maxim leads teams of over 30 experts specializing in web application, banking system, and mobile app security. 

He placed second in the Google Play Security Reward Program on the HackerOne platform. Maxim has spoken at PHDays, VolgaCTF, and OFFZONE conferences, and holds OSCP, eWPTX, and OSEP certifications.

Konstantin Polishin (Head of Red Team SE in the Penetration Testing Department at Positive Technologies)

Konstantin graduated with honors from the MPEI National Research University in 2021 with a degree in information security.

He has been a part of the Positive Technologies team since 2020. Konstantin handles complex red team assessments for Russia’s largest companies, requiring seamless teamwork to gain initial access to corporate networks, swiftly escalate attacks, and achieve maximum privileges in the infrastructure while staying under the SOC’s radar.

Konstantin specializes in identifying financial risks in major banks by demonstrating potential fund withdrawal threats, bypassing the email security stack of Anti-APT systems, and expanding our expertise in social engineering with results applied in practice. 

Konstantin also holds OSCP and OSEP certifications and is a speaker at PHDays forums. 

About Positive Technologies

Positive Technologies is an industry leader in result-driven cybersecurity and a major global provider of information security solutions.

Our mission is to safeguard businesses and entire industries against cyberattacks and nontolerable damage.

Over 4,000 organizations worldwide use technologies and services developed by our company.