Tag Archives: TNRoIS

PHDays 11: towards the Independence Era

PHDays 11: towards the Independence Era. Hello everyone! In this episode, I want to talk about the Positive Hack Days 11 conference, which took place on May 18 and 19 in Moscow. As usual, I want to express my personal opinion about this event.

Alternative video link (for Russia): https://vk.com/video-149273431_456239091

As I did last year, I want to start talking about this conference with a few words about the sanctions. US sanctions against Positive Technologies, the organizers of Positive Hack Days, were introduced a year ago. At that time it seemed very serious and extraordinary. But today, when our country has become the most sanctioned country in the world, those sanctions against Positive Technologies seem very ordinary and unimportant. In fact, it even seems to benefit the company somehow.

Continue reading

AM Live Vulnerability Management Conference 2022: my impressions and position

AM Live Vulnerability Management Conference 2022: my impressions and position. Hello everyone! This episode will be about the AM Live Vulnerability Management online conference. I participated in it on May 17th.

Alternative video link (for Russia): https://vk.com/video-149273431_456239090

The event lasted 2 hours. Repeating everything that has been said is difficult and makes little sense. Those who want can watch the full video or read the article about the event (both in Russian). Here I would like to share my impressions, compare this event with last year’s and express my position.

Continue reading

Malicious Open Source: the cost of using someone else’s code

Malicious Open Source: the cost of using someone else’s code. Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about malicious open source and the cost of using someone else’s code.

Alternative video link (for Russia): https://vk.com/video-149273431_456239086
Video in Russian from CISO Forum 2022: https://youtu.be/LPXg-MEamVA

To be honest, at the beginning of the year I did not plan to talk about these things. But life changes rapidly and unpredictably, so it becomes impossible not to talk about this.

Continue reading

CISO Forum 2022: the first major Russian security conference in the New Reality

CISO Forum 2022: the first major Russian security conference in the New Reality. Hello everyone! After a two-year break, I took part in Moscow CISO Forum 2022 with a small talk “Malicious open source: the cost of using someone else’s code”.

Alternative video link (for Russia): https://vk.com/video-149273431_456239084

CISO Forum is the first major Russian conference since the beginning of The New Reality of Information Security (TNRoIS). My presentation was just on this topic. How malicious commits in open source projects change development and operations processes. I will make a separate video about this (upd. added Malicious Open Source: the cost of using someone else’s code). In this episode, I would like to tell you a little about the conference itself.

Continue reading