Skip to main content



Photo of Patrice Auffret


Profile Image Description

Photo of Patrice Auffret

Speaker Bio for Patrice Auffret

Patrice Auffret (AKA GomoR) is a senior security expert specialized in network protocols hacking, network discovery and big data analytics. He is author of multiple Perl modules to craft network packets and analyze responses (Net::Frame framework, SinFP3 OS fingerprinting suite or the OSPF Attack Shell). He writes articles in French security magazine MISC and speaks at various security conferences including IT Underground 2007, SSTIC 2008, 2012, EuSecWest 2012, ekoparty 2012, SSTIC 2016 and 2016, TROOPERS 2017. He created his own company ONYPHE in 2017 specialized in collecting open-source and cyber threat intelligence information (OSINT & CTI).

Photo of Gregory Boddin


Profile Image Description

Photo of Gregory Boddin

Speaker Bio for Gregory Boddin

Having started his career as a sysadmin/DevOps in small to large companies and institutions, Gregory Boddin quickly became passionate with the security issues those positions incurred. He's a self-taught security researcher focusing on the mistakes made during deployment and configuration of the services building an infrastructure.

Talks and Workshops

Profile image for Jorina Baron


Speaker Bio for Jorina Baron

Jorina Baron recently graduated in computer science at ETH Zurich and currently works as a threat intelligence analyst at Infoguard.

Talk: What can time based analysis say in Ransomware cases?

Profile image for Victor Barrault


Speaker Bio for Victor Barrault

Victor Barrault graduated with a Bachelor in Computer Science and in Mathematics in 2020 and is currently pursuing a Master's degree in Cybersecurity at Université de Paris. He is in apprenticeship at ANSSI in the IOC management unit, since September 2021 mostly working on tooling. He is the main developer of the sftp2misp tool.

Talk: How to meet operational challenges when working with MISP on an air-gapped network.

Profile image for Cyril Bras


Speaker Bio for Cyril Bras

Cyril Bras has been Director of Cybersecurity at Whaller since March 2022. He was previously the CISO for Grenoble-Alpes Métropole, where he initiated the creation of a CISO network for local authorities. He is also Vice President of the INCRT and is an IHEDN auditor for the 2nd national digital sovereignty and cybersecurity session. Finally, he is a citizen reserve officer with the French National Gendarmerie.

Talk: Sharing IOC with customers and partners

Profile image for Antoine Cailliau

Belgian Defense

Speaker Bio for Antoine Cailliau

Antoine Cailliau got a PhD degree in Computer Science Engineering from the Louvain School of Engineering, UCL (Belgium) in Feb 2018. His PhD thesis focused on risk management in software at a requirements-level. He is currently a Cyber Risk Prevention Expert for the Belgian Defense.

Talk: DocIntel - A Context-Centric Cyber Threat Intelligence Platform

Profile image for Alexandre De Oliveira

POST Luxembourg

Speaker Bio for Alexandre De Oliveira

Passionnate about Telecom Networks and their security, I explore since 10years critical infrastructures around the world. I work today at POST Luxembourg in the Cyberforce Labs & Innovation creating security solutions we provide to other operators around the world. I had the chance to talk and give trainings at, HITB, Troopers, CCC, GSMA FASG, ENISA Telecom Security Forum, BSIDES Luxembourg & ETIS.

Talk: Actors and threats targeting telecom signalling networks

Profile image for Patrick Grau


Speaker Bio for Patrick Grau

Patrick Grau is the Cyber Threat Intelligence Lead at Bosch Group where he's hands-on managing and coordinating the CTI program. Prior to that, he was part of the Bosch CERT as an incident manager with a preference for analysis and digital forensics. In addition, he graduated somewhere, holds a degree in something, has some expired certificates and owns more than one computer.

Talk: Report Curation and Threat Library - How to organize your Knowledge

Profile image for Andras Iklody

CIRCL - Computer Incident Response Center Luxembourg

Speaker Bio for Andras Iklody

Andras Iklody works at the Luxembourgian Computer Security Incident Response Team (CSIRT) CIRCL as a software developer and has been developing the MISP core since early 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool. He is also a big fan of Hungarian beers.

Talk: Community orchestration via Cerebrate

Talk: What's HOT in MISPland - latest development and roadmap update

Profile image for Quentin Jerome

Speaker Bio for Quentin Jerome

Quentin has been working as incident responder for several years before focusing on endpoint threat detection. He recently dedicated all his time to an open-source EDR project. His main topics of interest are ranging from threat detection to bug hunting but what he likes the most is to develop tools and open-source them when he judges it is relevant enough to do so.

Talk: WHIDS Update

Photo of Paul Jung

Excellium Services

Profile Image Description

Photo of Paul Jung

Speaker Bio for Paul Jung

Paul Jung is since a long time a security enthusiast. He works in the security field in Luxembourg since more than two decades. During this time, Paul has covered operations as well as consulting within various industries. He possesses a wide range of skills and experiences that enable him to perform multiple roles from offensive security audit to security incident handling. From 2008 to 2014, prior to join Excellium Services, Paul was Senior Security Architect in the Managed Network Security department of the European Commission. In this previous position, Paul was responsible for leading technical aspects of security projects. He also wrote a few articles in MISC magazine (French) about DDos, Botnets and incident response. Since 2014, Paul works at Excellium Services. He leads Excellium Services CSIRT (CERT-XLM). Within this position, Paul leads the response team involved in incident handling and intrusion responses. Paul is often speaker at local events and some security conferences.

Talk: How to fail your CTI usage

Photo of Markus Ludwig


Profile Image Description

Photo of Markus Ludwig

Speaker Bio for Markus Ludwig

CEO at Ticura

Talk: Communities – the underestimated super power of cyber threat intelligence

Profile image for Olivier Memin


Speaker Bio for Olivier Memin

Olivier Mémin graduated from Grenoble INP Ensimag and had his first positions in the private sector as a network & telco expert. When joining ANSSI in 2016, he specialized as security architect with the key mission to help organizations protect their most critical IT systems. In 2021 he joined the IOC management unit as a coordinator with the objective to make internal tools and processes as much actionable as possible for IOC.

Talk: How to meet operational challenges when working with MISP on an air-gapped network.

Profile image for Sami Mokaddem

CIRCL - Computer Incident Response Center Luxembourg

Speaker Bio for Sami Mokaddem

Sami Mokaddem is a software developer who has been contributing to the open-source community since 2016 in the fields of information sharing and leak detection. He is working for CIRCL and is part of the MISP core team where he develops and maintains the software as well as its related tools. He is Belgian and dislikes Hungarian beers.

Talk: MISP Workflow - An improved way to support your CTI pipelines


Speaker Bio for Robert Jan Mora

Robert Jan Mora is a principal threat investigator at Volexity. He used to manage the Threat and Analytics team at Shell. He also performed malware forensics in some high-profile breach investigations and security assessments for governments and corporations in previous roles. In addition, he tracks nation-state threat actors for fun, and assesses digital forensic candidates who apply as digital forensic expert witnesses for the Netherlands Register of Court Experts (NRGD).

Talk: Webshells in 2022

Profile image for Mikesh Nagar


Speaker Bio for Mikesh Nagar

Mikesh Nagar is a Senior Associate in the in the Cyber Risk practice, based in London. Mikesh leverages extensive experience in applied threat intelligence, as well as in developing, provisioning and operating on-premises and cloud based solutions. Prior to joining Kroll, Mikesh was a security operations analyst at Redscan before it was acquired by Kroll in 2021. He is experienced in AWS, Microsoft Azure and Google Cloud among others. Further, Mikesh received a Bachelor of Science in Ethical Hacking and Network Security from Coventry University.

Talk: Scaling MISP With The Cloud

Profile image for Robert Nixon


Speaker Bio for Robert Nixon

Robert Nixon is a seasoned cybersecurity veteran with more than 13 years of experience in the realm of information technology and cybersecurity. He currently leads the Cyber Threat Intelligence services at NVISO as a part of the larger CSIRT and SOC Team. He specializes in Cyber Threat Intelligence at tactical, organizational, and strategic levels; as well as automation, CTI infrastructure, malware analysis and SIEM integrations/use case development. Robert also is a member of the NVISO CSIRT incident response team. Here is shows his skills in threat hunting, compromise assessments, and forensics.

Talk: In Curation We Trust - Generating Contextual & Actionable Threat Intelligence

Talk: Visualize the potential - MISP to Power BI


Speaker Bio for Paul Rascagneres

Paul Rascagneres is a principal threat researcher at Volexity. He performs investigations to identify new threats. He has presented his findings in several publications and at international security conferences. He has been involved in security research for 10 years, mainly focusing on malware analysis, malware hunting, and more specifically on advanced persistent threat (APT) campaigns and rootkit capabilities. He previously worked for several incident response teams within the private and public sectors.

Talk: Webshells in 2022

Profile image for David Rufenacht


Speaker Bio for David Rufenacht

David Rüfenacht works as senior threat intelligence analyst at Infoguard. Previously he worked for the and has a background in social sciences.

Talk: What can time based analysis say in Ransomware cases?

Profile image for Christian Studer

CIRCL - Computer Incident Response Center Luxembourg

Speaker Bio for Christian Studer

Christian Studer joined CIRCL in 2017 after he graduated with a Master in Computer Science. During his master thesis at CIRCL he showed his capacity to lead existing CIRCL software such as the Potiron framework, a tool to normalize, index and visualize network captures. He is mainly working on MISP, contributing to the core development and several integrations with other tools and formats, most notable, he leads the STIX implementation of the project. He is also the co-chair of the OASIS CTI STIX Subcommittee.

Talk: The holy grail for STIX and MISP format - misp-stix

Profile image for Louise Taggart

PwC’s Global Threat Intelligence

Speaker Bio for Louise Taggart

Louise is a Senior Manager in PwC’s Global Threat Intelligence team, focusing on strategic analysis and working with clients across a variety of different industries and sectors to help them understand their specific cyber threat profiles. She tracks politically aligned malicious cyber activity associated with Eastern European threat actors, translating this into strategic analysis and reporting. Louise also hosts PwC's 'A to Z of Tech' podcast. Before joining PwC, Louise was head of the intelligence department at a boutique risk consultancy and has also worked as a researcher at two international think tanks. She holds MA (Hons) in Russian, MSt (Oxon) in Slavonic Studies, and MA in Politics, Security and Integration.

Talk: Why does Strategic Threat Intelligence matter?

Profile image for Koen Van Impe

Speaker Bio for Koen Van Impe

Incident Response & Threat Intelligence

Talk: CTI Operational Procedures with Jupyter Notebooks and MISP

Talk: MISP Web Scraper

Profile image for Axel Wauer


Speaker Bio for Axel Wauer

Axel is a Senior Threat Analyst at DCSO. He holds a Master's degree in IT Security from TU Darmstadt, which comes in handy at his daily work where he is responsible for technical threat analysis and CTI curation. Prior to working with DCSO, Axel has worked for Huawei and tracked Botnets for Fraunhofer FKIE. His hands-on mentality and curiosity in combination with a lot of coffee have resulted in him running a Peer-to-Peer botnet tracker, owning a CVE and maintaining a PyPi package. Beside this, he is one of the authors for DCSO's technical analysis Blog 'DCSO CyTec'.

Talk: HZ Rat goes China - Following the tail of an unknown backdoor.