ZeroNights 2017

Posted on 18 November 2017 in misc

UnfortunallyI had visited only one day of ZeroNights (international conference, devoted to practical aspects of cybersecurity). This time conference took place in famous ZiL Culture Centre. Its building is a monument of Constructivist architecture. Nice place (with a good coffee shop) and it's not so far from city center! Only thing I didn't like in it is hall for Defensive Track. It was openspace and too noisy because of people from first floor. Also slide display was too small so from the last rows of chairs it was like eye examination. What I also liked in ZN2017 is retro style and music (thanks to Retrowave Radio).

According to talks. They were ok. ZN is still hacker's conference. But it will be better to have more web security related talks next year.

This year I spoke about Content Security Policy and how to implement this technology on an industrial scale. (slides). How we do it in Yandex. Hope it was interesting and some of listeners thought about implementing CSP into their services to mitigate risks of XSS attack. I also recommend to watch presentation "So we broke all CSPs... You won't guess what happened next! " by Michele Spagnuolo and Lukas Weichselbaum (slides, video) from last OWASP AppSec EU. They made great research in field of current state of CSP.