Development General
Architecture: system design, microservice architecture and clouds, API, on-premise architecture, protocol parsers, and custom protocols.
Performance engineering: optimization of applications for high load; development and operation of high-load applications.
Databases and storage spaces: storage optimization, efficient search mechanisms, and disk management.
Development Ops
Platform engineering: internal developer platforms (IDPs), large-scale infrastructure management, DBaaS, CI/CD, and DevOps.
Development Data
Data engineering: data platform architecture, processing, management, and DataOps.
Development Security
Secure code development: secure design, threat modeling, network fuzzing, and related practices.
Secure development tools: SAST, DAST, and machine learning for vulnerability detection.
DevSecOps: container security, artifact security, and image build security.
Technologies: computer science, algorithms, security modeling, cryptography development, and custom cryptographic algorithm security.
Development People & Culture
Track focused on employee development and organizational culture, tailored to the specific needs of modern industries. We are seeking speakers to discuss approaches adapted to the unique dynamics of IT, technology, creative industries, and other rapidly evolving sectors.
Cybersecurity through the business eye
Key topics: State-level cybersecurity; Various facets of cybersecurity; Cybersecurity from a top management perspective.
Infosec Architecture
Enterprise information security architecture. Key topics:
1. Unconventional approaches to modern enterprise security architecture;
2. IT asset management: essential for cybersecurity or an unattainable ideal?
3. Segmentation and zoning strategies and applications;
4. Infrastructure services that strengthen enterprise cyber resilience;
5. Layered defense: effective strategy or flawed approach?
6. Building a successful cloud security strategy;
7. Status monitoring;
8. Change management.
IT infrastructure
Modern approaches to building and operating enterprise IT infrastructure. Key topics:
1. Network infrastructure design and development;
2. Data center design and operation;
3. Cloud-based solutions;
4. Modern data management;
5. Application management;
6. User management;
7. Orchestration and monitoring;
8. Practical secure-by-design principles;
9. Digital models and twins.
Offense
Talks by security assessment experts and vulnerability researchers.
Fast Track
Quick-fire talks by security assessment experts and vulnerability researchers.
Web3
Key topics:
1. Cryptography and ZK;
2. Fuzzing tools;
3. Formal verification;
4. Cryptanalysis;
5. Harnessing AI for Web3;
6. Security beyond EVM on alternative platforms;
7. Complex protocol attacks.
Defense
Presentations from leading professionals in incident investigation and the cybersecurity of systems, organizations, and even entire nations.
OpenSource & OpenSecurity
This track focuses on open-source development, particularly in cybersecurity. It includes talks and discussions on communities of developers and information security experts working with open-source technologies.
We are particularly interested in the following topics:
1. Open-source development in cybersecurity and beyond
2. Frameworks and tools for open-source development
3. Open-source cybersecurity projects
4. Knowledge transfer within the professional community
5. Challenges of open-source development in enterprise
AI Track
Classical ML in Cybersecurity: malware analysis; anomaly detection in network traffic; threat classification; vulnerability prediction.
LLMs and Agents: threat analysis, SOC automation, attack scenario generation; cyber threat intelligence: attack forecasting, data collection; risks of LLM misuse (phishing, malicious code).
MLSecOps & ML Security: CI/CD for ML: vulnerability checks, backdoor detection; protection against adversarial attacks and model extraction; data drift management; model auditing and privacy (federated learning, encryption).
AI Red Teaming: pentest automation: exploit generation, APT attack simulation; assessment of ML model robustness; ethical considerations of using AI in attacks.
Positive Labs
This meetup track offers an opportunity to engage in meaningful discussions with a small group of 50 to 70 participants, creating a genuine and collaborative atmosphere. We welcome talks on any security-related topics, ranging from offensive security to SecDevOps. Talk duration: 30–60 minutes. Note: this track will not be video recorded.
Devices & Technologies
Let's explore the gadgets shaping our world: speakers, vacuum cleaners, cars, pacemakers, bicycles, toilets, and more. Talks will cover privacy, technology-driven social changes, and future trends.
Popular science
The popular science track makes IT and cybersecurity accessible to a broad audience. With an open stage that requires no ticket, it's the perfect space for attendees to boost their digital literacy and gain practical knowledge for navigating the cyber world with confidence.
We're seeking dynamic speakers with deep expertise who can simplify complex concepts and deliver them in an engaging, relatable way.
Examples of topics: cyberliteracy (fraud prevention, OSINT, hacking cases, deepfakes, cyberbulling, etc.); AI and its influence on art and design; future technologies (smart devices, bionics, etc.); reverse engineering for beginners; philosophy of the future, transhumanism, and neurophilosophy; IT and cybersecurity startups; HR management and education in cybersecurity; other topics that don't align with the hardcore technical tracks.
Talk duration: 20–30 minutes.
Other
If you haven’t found a track that suits you but want to submit your application, this track is for you.
SOC Life Hacks
SOC (Security Operations Center) teams play a crucial role in modern cyber defense. In order to detect, analyze and respond to security incidents in real-time, an effective SOC needs to prepare and plan for protection and prevention of cyber threats. It also needs to monitor the entire IT infrastructure, neutralize incidents and eliminate their consequences, as well as maintain compliance with security and regulatory requirements.
All these activities involve implementing various cybersecurity functions and selecting, applying and supporting necessary protection technologies. This section is intended for managers and specialists in OT (operational technology) and information security who provide or develop SOC services or interact with SOCs. During the Positive Hack Days international cyber security festival, we will discuss possible approaches, share our experiences and offer useful tips for solving SOC-related tasks and challenges.