BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//event.sec-t.org//sec-t-2025//talk//XVLLAY
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-sec-t-2025-XVLLAY@event.sec-t.org
DTSTART;TZID=CET:20250912T143000
DTEND;TZID=CET:20250912T150000
DESCRIPTION:Traditional SIEM solutions focus on detecting attacks—but wha
 t if we flipped the script? Instead of waiting for adversaries to act\, de
 fenders can use SIEM proactively to identify local privilege escalation ri
 sks before they’re exploited. By analyzing Sysmon and Windows event logs
 \, blue teams can uncover hidden misconfigurations in services\, scheduled
  tasks\, DLL loads\, and centralized application deployments that could al
 low an attacker to escalate privileges to SYSTEM. In some cases\, this app
 roach might even reveal new CVEs lurking in your environment. This talk wi
 ll showcase practical techniques for leveraging SIEM as an offensive disco
 very tool\, helping defenders think like attackers to strengthen security 
 from within.
DTSTAMP:20260419T141320Z
LOCATION:Main hall
SUMMARY:Offensive SIEM: When the Blue Team Switches Perspective - Erkan Eki
 ci\, Shanti Lindström
URL:https://event.sec-t.org/sec-t-2025/talk/XVLLAY/
END:VEVENT
END:VCALENDAR