SIGS Special Interest Group
19th SOC Forum

Save the DateClick on the .ics file to save the date

Target Audience Security Operations Center Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in the Security Operation Processes) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.

If you are not on the dedicated invitation list and you like to take part in this community and get the invitations, please fill out the application form.

Rules This platform is held under Chatham House Rules!
CPE Credits Earn 4.5 CPE (Continuing Professional Education) for attending this SIGS forum. Please request a confirmation.
Location Hilton Zurich Airport Hotel
Hohenbuehlstrasse 10
8152 Opfikon-Glattbrugg

There are a lot of free park places available.
Train: railway station Zurich Airport – take the hotel shuttle

Date of Event 1st December 2020
Further planned dates in 2021: (will follow)
Language English
Participation Costs Fr. 55.— per participants
Organization, presentations, beverages and Apéro riche included



1:30 – 2:00 pm Registration & Coffee
2:00 – 2:00 pm Welcome from the moderator
2:00 – 2:30 pm David Anumudu, Solutions Architect at Flashpoint
David’s IT career includes 18 years working in a wide range of roles including software development, product management and scalability testing, and 12 years in software security and risk intelligence. David’s role as a Solution Architect for Flashpoint involves working with both enterprise and public sector customers across EMEA to help them develop and drive their risk intelligence activities, giving them unique insight in to a diverse and illicit landscape encompassing both cyber and physical threats.

Secrets of Illicit Forums: Actionable insights from cybercrime communities
Each and every organisation is facing a complex range of threats through multiple channels, both cyber and physical. A critical piece of this puzzle is a thorough understanding of threat actor motivations, tactics, techniques, and procedures that can be gleaned from online illicit communities. In this presentation David Anumudu, Solutions Architect for Flashpoint describes:

  • What does Risk Intelligence actually mean?
  • How do illicit communities operate?
  • Is my organisation mature enough to gain value from intelligence products?
2:30 – 3:00 pm Rudolf Maculan, Security Consultant – Cyber Defense Services at Accenture

Adversarial AI and It’s Implications for the Security Operations Center
Artificial intelligence technologies have demonstrated huge potential for cyber security applications, such as Intrusion Detection Systems that leverage machine learning for anomaly detection. While security software providers usually do not fall short in promoting machine learning capabilities of a particular product, less attention is usually paid to the malicious use of artificial intelligence. This talk gives an introduction to so called Adversarial AI, explores SOC-relevant threat scenarios and describes how methods employed by malicious actors can be used to craft adversarial samples of cyber alert data to tackle the challenge of class imbalance – a ubiquitous characteristic of datasets within the realm of cyber security.

3:00 – 3:30 pm (not confirmed yet) Alexandru Stamate, Cyber Security Principal Consultant at SIX Group
Alex has worked 8 years as a security escalation engineer at Microsoft, 2 years as DFIR & Threat Hunting Consultant with Mandiant Dubai and 2 years as DFIR consulting team leam in SecureWorks Dubai.

Threat Hunting – best practices in large enterprises
Learn how to structure a threat hunting engagement for best results. In this session Alex will give you a DFIR consultant’s perspective about TH life-cycle & methodology and the tips & tricks that can transform it into success.

3:30 – 4:15 Coffee Break
4:15 – 5:00 Roundtable Discussions
3 different tables to discuss different topics. You can chose the one you like to attend and we will change the tables one time

–> Roundtable 1
moderated by David Anumudu, Solutions Architect at Flashpoint

Follow up “Secrets of Illicit Forums: Actionable insights from cybercrime communities”

–> Roundtable 2
(not confirmed yet) moderated by Alexandru Stamate, Cyber Security Principal Consultant at SIX Group

Follow up “Threat Hunting – best practices in large enterprises”


–> Roundtable 3
(not confirmed yet) moderated Achim Kraus, Sales Engineer Central & Eastern Europe at Corelight

Measure, Validate, Decide: the value of Network Security Monitoring in modern times – for better quality of decisions Security Operations and Response”
At this roundtable we will discuss the following topics:

  • Wire data – what is it good for?
  • Data-first vs. detection-first for more efficient Security Operations
  • Is Network Security Monitoring dead because encryption killed it?
  • MITRE Att&ck TTPs coverage at the data source of network evidence

5:00 – 5:45 2nd turn – change to another table

5:45 – 6:30 3rd turn – change to another table


The Sponsor of this event is:

Main Sponsor Co-Sponsor


This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it for use with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.

Earn CPE Credits for
attending SIGS Events

Registration here!

If it’s the first time you like
to attend, please send us in addition your application