NetSecure Day 2019 Conference (NSD19)

NetSecure Day is an annual French cybersecurity event, free and open to all.
This year, the 7th edition took place on Thursday, December 12th at the Rouen Exhibition Center and brought together nearly 600 people.

During this day, two conference tracks took place in parallel:

Track 0

• Inspiring and refreshing opening talk by Yoann ONO DIT BIOT, technical director at ATEXIO
• Limit the attack surface: build a low-tech site by Bertrand KELLER
• Secure the future by Fabien Buisson, security consultant at Sopra Steria
• From GDPR to the cyber resilience of local authorities by Flore BONHOMME and Vincent KELLNER, DPO and CIO of the Normandy Region
• Business continuity: being ready when the time comes… by Lionel MOURER, president of ATEXIO and administrator of Clusif
• How a hacker maps a company's web attack surface by Florent BESNARD, security consultant at Intrinsec
• Phish & profit by Jérémy CARON, security consultant at Digital Security

Track 1

• Cryptography gone wrong by Mathis HAMMEL, Deputy Technical Director at Sogeti
• Martine goes to Threat Hunting by SaxX
• Identify threats with Elastic SIEM by Vincent MAURY, solutions architect at Elastic
• Attacks and defenses against an Active Directory by Guillaume KADDOUCH, security consultant at ATEXIO
• Machine Learning – Types and models to enrich effective artificial intelligence by Philippe Rondel, security architect at Check Point

Various workshops were also offered throughout the day:

• Traffic analysis and network topology reconstruction using the IVRE tool by Vivien VENUTI and Vincent RUELLO, safety engineers at the CEA
• Development of a Smart Contract on the Ethereum blockchain by Benoît BERENGER, training engineer at CESI Rouen
• Capture The Flag (computer security challenges) organized by Sybix, Josselin and Majinboo from the HZV and Glitch Lab associations

You can find the programs and presentations in detail on the official conference website.

Intrinsec was pleased to host a technical conference on web perimeter discovery.
A methodology based on publicly accessible tools, notably used during our services Red Teaming and for our service of Cyber Threat Intelligence it was presented there.
This allows the various players in IT security to identify and analyze all the assets of a targeted company exposed on the Internet (domain names, IP addresses, etc.).

Furthermore, the various elements presented were illustrated by real-life scenarios encountered in Bug Bounty programs.

The slides can be downloaded by clicking here.