Tag Archives: PHDays

Impressions from PHDays Fest

Impressions from PHDays Fest.

The scale was just insane. You walk and walk – and there’s action everywhere, and all of it is PHDays, every bit of it. It totally blew my mind, I saw just a tiny fraction of everything that was going on.

In the public area, I was impressed by the university pavilions – BMSTU, HSE, MSU, ITMO, and Polytech. I see a lot of potential here for smaller activities, like alumni talks. I’ll try to be part of something like that next year.

In the ticketed-access exhibition area, I mostly hung out at Security Vision booth. Great folks – I learned a lot about their VM product; will share insights soon.

As for my own talk – everything was really well organized. Huge thanks to everyone who came and asked questions!

I caught other talks in bits and pieces – planning to watch the full recordings later.

Thanks to the organizers! It was awesome! See you next year!

На русском

I’m done preparing the slides for my talk about Vulristics at PHDays

Leave a reply

I’m done preparing the slides for my talk about Vulristics at PHDays. I’ll be speaking on the last day of the festival – Saturday, May 24, at 16:00 in Popov Hall 25. If you’re there at that time, I’d be glad to see you. If not – join online!

I’ll have an hour to dive into Vulristics, vulnerability analysis & prioritization. I’ll walk through the Vulristics report structure, typical tasks (like analyzing Microsoft Patch Tuesday, Linux Patch Wednesday, individual trending CVEs, and vulnerability sets), how the work with data sources is organized, the challenges of accurately detecting vulnerability types and vulnerable products. Finally, I’ll discuss Vulristics integration into pipelines. Feel free to use the code – Vulristics is MIT-licensed.

Talk on the PHDays website – you can download the .ics calendar file there
May 24, 2025, 16:00 (MSK)
Luzhniki, Popov Hall 25

На русском

PHDays 11: towards the Independence Era

Leave a reply

PHDays 11: towards the Independence Era. Hello everyone! In this episode, I want to talk about the Positive Hack Days 11 conference, which took place on May 18 and 19 in Moscow. As usual, I want to express my personal opinion about this event.

Alternative video link (for Russia): https://vk.com/video-149273431_456239091

As I did last year, I want to start talking about this conference with a few words about the sanctions. US sanctions against Positive Technologies, the organizers of Positive Hack Days, were introduced a year ago. At that time it seemed very serious and extraordinary. But today, when our country has become the most sanctioned country in the world, those sanctions against Positive Technologies seem very ordinary and unimportant. In fact, it even seems to benefit the company somehow.

Continue reading →

PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM

Leave a reply

PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM. Today I will talk about the Positive Hack Days conference, which took place on May 20 and May 21 in Moscow. I can say that this was and remains the main event for Information Security Practitioners in Russia.

First of all, I have to say a few words about the sanctions. The organizer of the event, Positive Technologies, is under the sanctions of the US Treasury Department since April 2021 among the “COMPANIES IN THE TECHNOLOGY SECTOR SUPPORTING RUSSIAN INTELLIGENCE SERVICES”. In a press release, the Treasury Department wrote that Positive Technologies hosts large-scale conventions that are used as recruiting events for russian special services. Well, I don’t know exactly what they mean. Maybe they mean PHDays or maybe not. But to say this about PHDays is like saying that any major international conference, Black Hat or RSA, is a recruiting event. This is ridiculous. In my humble opinion, these are some dirty political games. It is sad that reputable information security companies and security researchers are suffering from this.

Now let’s talk about my speech at PHDays 10. This year I had the opportunity to talk for an hour about my pet project – Vulristics. This project can help you prioritize known vulnerabilities. Anything that has a CVE id. There is a full video of my speech. I have uploaded this to my YouTube channel.

Russian version.

And a version that was dubbed into English.

So, if you’re interested, I recommend watching the full video. Here I will simply repeat the main points.

Continue reading →

PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Management products

6 Replies

PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Management products. On May 21, I spoke at the PHDays 9 conference. I talked about new methods of Vulnerability Prioritization in the products of Vulnerability Management vendors.

PHDays9 new ways of prioritizing vulnerabilities

During my 15 minutes time slot I defined the problems that this new technology has to solve, showed why these problems could NOT be solved using existing frameworks (CVSS), described what we currently have on the market and, as usual, criticized VM vendors and theirs solutions a little bit. ?

Continue reading →

PHDays8: Digital Bet and thousands tons of verbal ore

3 Replies

PHDays8: Digital Bet and thousands tons of verbal ore. It’s time to write about Positive Hack Days 8: Digital Bet conference, which was held May 15-16 at the Moscow World Trade Center. It was the main Russian Information Security event of the first half of 2018. More than 4 thousand people attended! More than 50 reports, master classes and round tables held in 7 parallel streams. And, of course, impressive CTF contest for security experts and hackers with an fully-functioning model of the city.

Hack Days 8: Digital Bet

I was very pleased that there was a separate section dedicated to Vulnerability Management. Something similar happened only at ISACA meetup last year. But here we had an event for several thousand people!

The session was held in Fast Track format: 20 minutes for the presentation and questions. I was the first to speak. My report was called “Vulnerability Databases: sifting thousands tons of verbal ore”. Here is the video:

And here’s a link to the version with only Russian sound track.

Continue reading →

Vulchain scan workflow and search queries

1 Reply

Vulchain scan workflow and search queries. This post will be about my Vulnerability Scanner project – Vulchain. Recently I’ve spent couple of my weekends almost exclusively on coding: refactoring the scan engine, creating API and GUI.

I was doing it because of the conferences, where I will be speaking soon:

April 11-13 CyberCentral in Prague. upd. Read about it at “CyberCentral Summit 2018 in Prague“
April 23–24 CISO Forum. upd. Read about it at “CISO Forum and the problems of Vulnerability Databases”
May 15–16 PHDays in Moscow. upd. Read about it at “PHDays8: Digital Bet and thousands tons of verbal ore“

Pretty intense schedule for a guy who spends most of his time in PyCharm and Linux console. Very excited! So, it seemed right to add a couple of slides about my project and show that something is already working.

Continue reading →

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.

Alexander V. Leonov

Vulnerability Management and more

Tag Archives: PHDays

Impressions from PHDays Fest

I’m done preparing the slides for my talk about Vulristics at PHDays

PHDays 11: towards the Independence Era

PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM

PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Management products

PHDays8: Digital Bet and thousands tons of verbal ore

Vulchain scan workflow and search queries