Close
Back | Home Agenda
Download PDF

Track: Hacking Village

Tue 13
10:00h
Workshop | HACKING VILLAGE

CaixabankTech Capture the Flag “Unleash your Hacking Skills”

Marc Palau Marti
Marc Palau Marti Caixabank Tech Security Architecture Manager Speaker

13-05-2025 10:00 13-05-2025 10:10 Europe/Madrid CaixabankTech Capture the Flag “Unleash your Hacking Skills” Welcome to the exciting CaixaBank Tech Capture The Flag (CTF) Challenge, taking place at the Barcelona Cybersecurity Congress from May 13-15. This special event is designed to test your cybersecurity skills across 8 challenges encompassing areas such as Web, Forensic, Cryptography, Reverse Engineering, Steganography, and Exploitation. Event Details: Time: From 10:30 AM to 23:59h Introductory Talk: Don’t miss the introductory talk about the CTF instructions at 10:10 AM before the challenge begins. Registration: https://www.caixabanktech.com/en/cybersecurity-congress-2025-en/ Join this unique challenge by registering from May 7th until the end of the contest. Prizes: 1st Place: €300 on a Money To Pay card. 2nd and 3rd Place: Samsung Buds 2 headphones. Prize Ceremony: Winners will be notified by email, and the prize ceremony will take place on May 15th at 11:30 AM at the CaixaBank Tech stand. Follow the real-time ranking at the CaixaBank Tech stand and don’t miss the chance to demonstrate your skills and win fabulous prizes! Hacking Village 1
10:00h - 10:10h Hacking Village 1
Read more
10:10h
Workshop | HACKING VILLAGE

OWASP Top 10 Vulnerabilities in Large Language Models (LLMs)

Joan Regidor Sanfeliu
Joan Regidor Sanfeliu CaixaBank Incident Responder & Forensics Analyst Speaker
Andres Cancho Fernández
Andres Cancho Fernández CaixaBankTech Security Architect Speaker

#Artificial Intelligence, #Cybersecurity, #Standards and Regulations

13-05-2025 10:10 13-05-2025 11:25 Europe/Madrid OWASP Top 10 Vulnerabilities in Large Language Models (LLMs) We will be exposing the most critical security risks associated with the use of LLMs within companies, focusing on describing each case and bringing examples of each one. Some of them include model behavior manipulation, data poisoning, prompt injection, security breaches and hallucinations. A special chapter will also focus on AI Agents and the risks involved with them. Our aim will be to clarify what companies are facing, concerning security AI risks, and expose some mitigating clues. Hacking Village 1
10:10h - 11:25h Hacking Village 1
Read more
11:35h
Workshop | HACKING VILLAGE

No Time to Breach: The CISO’s Role in I(O)T Security

DrBA MSc Jeroen Van Der Vlies
DrBA MSc Jeroen Van Der Vlies checksec.nl Trainer, Writer, A.I. CISO/CISPO & Auditor Speaker

#CISO, #Cybersecurity

13-05-2025 11:35 13-05-2025 12:50 Europe/Madrid No Time to Breach: The CISO’s Role in I(O)T Security As cybersecurity grows critical for I(O)T environments, CISOs play a key role in ensuring I(O)T security aligns with business strategy. Security is no longer just technical—it’s a strategic imperative, with compliance requiring leadership attention. Rising Threats – I(O)T systems face ransomware & nation-state attacks, risking business continuity. Business Impact – Breaches cause financial & operational damage. Boards must prioritize proactive measures with GDPR, NIS2, & CER in mind. Strategic Imperative – I(O)T security ensures resilience & operational continuity, requiring integration into risk management. Collaboration & Culture – Leadership must foster a security-aware culture & embed security into performance metrics. Actionable Steps – Boards should implement risk assessments, zero-trust models, & continuous training. Hacking Village 1
11:35h - 12:50h Hacking Village 1
Read more
12:40h
Workshop | HACKING VILLAGE

Livin’ on the Edge

Jose de la Cruz
Jose de la Cruz Trend Micro Iberia  Technical Director Speaker

#Cybercrime, #Cybersecurity

13-05-2025 12:40 13-05-2025 13:10 Europe/Madrid Livin’ on the Edge The Threat Landscape is more complex than ever: cybercriminals have built a profitable business model around hacking, data theft, and extortion. They perform targeted and sophisticated attacks that are hard to detect and cause economic, reputational, and operational damage to organizations. On top of that, new regulations (e.g., DORA, NIS2) require companies to meet strict security controls. Failing to comply may lead to severe penalties. Trend Vision One helps companies define a global strategy to protect all attack vectors, comply with regulations, and respond to incidents. A single pane of glass and a scalable approach meet any organization’s needs, regardless of size. This year, Trend Micro brings to the Hacking Village the opportunity to explore our platform. We’ll deliver a short presentation, then participants will compete in our Capture the Flag challenge: a journey through Trend Vision One, responding to realistic cybersecurity scenarios. Hacking Village 2
12:40h - 13:10h Hacking Village 2
Read more
13:00h
Workshop | HACKING VILLAGE

Cyberwatch: Uncover, Prioritize, and Defend Against Critical Vulnerabilities

Julien Piera
Julien Piera Cyberwatch International Presales Manager Speaker

#Cybersecurity, #Protection, #Risk

13-05-2025 13:00 13-05-2025 13:30 Europe/Madrid Cyberwatch: Uncover, Prioritize, and Defend Against Critical Vulnerabilities In today’s digital landscape, companies must combat the relentless influx of CVEs (Common Vulnerabilities and Exposures). With 40,000+ new CVEs annually, staying ahead is harder than ever. Beyond volume, cybersecurity teams face complex IT environments—from networks, web servers, and cloud infrastructures to Docker, Kubernetes, and OT. Add multiple global sites, remote workforces, and hybrid infrastructures, and traditional approaches fall short. Join our workshop to see how Cyberwatch transforms cybersecurity by: Prioritizing Vulnerabilities: Our ""Prioritization 3D"" methodology targets critical threats first. Seamless Integration: Connect Cyberwatch with ticketing, patch management, CI/CD, MDM, and more. Unified Oversight: Get a centralized view of your infrastructure, no matter how diverse. Don’t let vulnerabilities overwhelm you—let Cyberwatch keep you proactive, efficient, and secure. Hacking Village 1
13:00h - 13:30h Hacking Village 1
Read more
14:30h
Workshop | HACKING VILLAGE

Mortal vs Machine: How AI is Transforming Cybersecurity Investigations

David Riff
David Riff SentinelOne Sr. Solution Engineer Speaker

#Artificial Intelligence, #Cybersecurity

13-05-2025 14:30 13-05-2025 15:45 Europe/Madrid Mortal vs Machine: How AI is Transforming Cybersecurity Investigations In the current context where cyber threats are increasingly sophisticated and frequent, an agile and effective response is required to mitigate risks. Incident investigation is a crucial task that can be significantly improved by using endpoint detection and response (EDR) and artificial intelligence solutions. We will explore how SentinelOne's EDR solution, equipped with PurpleAI, enables rapid identification, analysis, and response to security incidents. We will present the key features of the solution, including the automation of data collection, analysis of suspicious behaviors, and correlation of events in real time. We will demonstrate how AI can reduce research time and increase accuracy in threat detection, allowing security teams to focus on strategy and informed decision-making. With case studies and a lab session, we will illustrate the positive impact that these technologies can have on organizational resilience against cyber attacks. Join us to discover how the combination of EDR and AI is revolutionizing cybersecurity Hacking Village 1
14:30h - 15:45h Hacking Village 1
Read more
15:55h
Workshop | HACKING VILLAGE

Securing Digital Identities: The Power of Hybrid Authentication

Alfonso Egio
Alfonso Egio i2Cat Technical Project Lead Speaker
Ignasi Oliva
Ignasi Oliva i2Cat Blockchain Line Manager Speaker

#Cybersecurity, #Protection, #Risk

13-05-2025 15:55 13-05-2025 17:10 Europe/Madrid Securing Digital Identities: The Power of Hybrid Authentication Current authentication systems rely on password management and third-party identity providers, some offering 2FA and biometric authentication. However, vulnerabilities persist, including single points of failure, data breaches, and replay attacks. Public-key cryptography systems are gaining popularity with decentralized ledgers and blockchains for digital identities and assets. They address centralization risks and third-party reliance but require users to manage private keys responsibly. Advancements like Ethereum’s ERC-4337 (Account Abstraction) now enable seamless integration of mainstream and decentralized authentication. These innovations support identity recovery and compatibility with protocols like OpenID Connect. i2CAT will showcase a hybrid authentication system combining traditional email/password authentication with account abstraction, public-key cryptography, and smart wallets, offering enhanced security and flexibility. Hacking Village 1
15:55h - 17:10h Hacking Village 1
Read more
Wed 14
11:35h
Workshop | HACKING VILLAGE

CrowdStrike Identity Protection Virtual Survivor Games *Registration needed*

Efrain Gamboa
Efrain Gamboa CrowdStrike Sales Engineers Speaker
Andres Gomez
Andres Gomez CrowdStrike Sales Engineers Speaker

#Cybersecurity, #Protection, #Risk

14-05-2025 11:35 14-05-2025 12:50 Europe/Madrid CrowdStrike Identity Protection Virtual Survivor Games *Registration needed* Identity Protection Survivor Games – an exhilarating, dynamic, hands-on Capture the Flag style competition. This challenge will drop you into real-world attack scenarios where you’ll need to think fast, hunt threats, and outmanoeuvre adversaries to stay in the game. What to expect: • 90 mins of game play tackling real-world identity threats • Analyse, hunt, and respond to attacks like a pro • Compete for awesome prizes and showcase your expertise with industry peers Who Should Attend: Security professionals, threat hunters, and anyone passionate about staying ahead of advanced cyber threats Registration Link: https://go.crowdstrike.com/crowdstrike-identity-protection-survivor-games.html Hacking Village 1
11:35h - 12:50h Hacking Village 1
Read more
14:05h
Workshop | HACKING VILLAGE

From Code to Shield: DevSecOps Gets Smart with AI & LAZARUS

Panagiotis Markovits
Panagiotis Markovits SOLVUS TECH Senior Researcher Speaker
Adriana Freitas
Adriana Freitas APWG.EU Director of Research Projects Speaker

14-05-2025 14:05 14-05-2025 15:20 Europe/Madrid From Code to Shield: DevSecOps Gets Smart with AI & LAZARUS This session introduces LAZARUS, a 3-year EU-funded project focused on reshaping how we approach software security. LAZARUS delivers an AI-powered DevSecOps platform that brings intelligence into every phase of the Software Development Life Cycle (SDLC)—from coding to deployment—ensuring continuous, automated vulnerability detection and secure code development. Through this 40-minute technical workshop, participants will get a live look into several cutting-edge tools developed by the project, including: Secrets Management Detection AI-based Secret Scanning Static Code Analysis & Linting SQL Injection Detection CVE and Container Vulnerability Scanning Designed to be hands-on, attendees will be able to test selected tools directly via our cloud-based platform and see how AI can empower security automation. We’ll conclude with a short Q&A and offer opportunities to join the LAZARUS Stakeholder Community. Hacking Village 1
14:05h - 15:20h Hacking Village 1
Read more
15:30h
Workshop | HACKING VILLAGE

Strengthening Cyber-Physical Resilience in Critical Infrastructures

Gonzalo Nicolás Barreales
Gonzalo Nicolás Barreales Tecnalia Research& Innovation Researcher Speaker
Nicolas Ferry
Nicolas Ferry Kairos Team Associate professor, University Côte d’Azur Speaker
Hui Song
Hui Song SINTEF Digital  Senior Research Scientist Speaker
Valeria Valdés Ríos
Valeria Valdés Ríos Montimage Research Engineer Speaker
Gonzalo Martínez Rioja
Gonzalo Martínez Rioja Cintra, Ferrovial  CISO Europe and New Markets Speaker
Jason Xabier Mansell
Jason Xabier Mansell Project Manager Tecnalia Research& Innovation Speaker
Víctor Muntés Mulero
Víctor Muntés Mulero Beawre Digital SL  Co-founder & CEO Speaker

#Cybersecurity, #Protection, #Risk

14-05-2025 15:30 14-05-2025 16:45 Europe/Madrid Strengthening Cyber-Physical Resilience in Critical Infrastructures What if one malicious command didn’t just shut down a tunnel—but triggered a chain reaction, blocking traffic, emergency response, and entire regions? Welcome to the age of cascading cyber-physical failures. As critical infrastructures grow hyper-connected, small breaches can escalate into major crises. This hands-on workshop introduces DYNABIC, an AI-powered cybersecurity framework to anticipate, contain, and respond to these threats. You’ll model, simulate, and disrupt failure chains before they unfold. Interactive exercises include: Proactive risk modeling: Use live digital twins to visualize threats and build bowtie risk diagrams via AI. Reactive threat response: Apply real-time intelligence and automated decision-making to stop attacks before they spiral. Real-world case: Ferrovial highways & tunnels in Portugal Defending tunnel control systems from message injection attacks. Protecting free-flow tolling from ransomware threats. Equip yourself with AI-driven strategies to prevent cascading failures. Are you ready? Hacking Village 1
15:30h - 16:45h Hacking Village 1
Read more

Pedro Mier

Pedro Mier holds a degree in Telecommunications Engineer ing from the Polytechnic University of Catalonia, MBA from ESADE and PADE from IESE. He is currently President of AMETIC (Association of Electronics, Information Technology and Telecommunications Companies of Spain), Shareholder and Chairman of the Board of Directors of TRYO Aerospace & Electronics, Board Member of the Premo Group and Committee of CTTC. member of Space Angels Network and Member of the Sc ientific Advisory

Close