11-22, 11:20–11:50 (Europe/Vienna), Second Room
Most benchmarks make your EDR, IDS, or SIEM look great - until a human attacker shows up.
In a 9-hour live challenge, 60 specialists from leading security companies and universities, all with deep expertise in offensive cyber operations, formed 12 international red teams from the UAE to Ireland. Their mission: infiltrate and evade detection in a multi-layer, multi-stage IT/OT environment built for realism, featuring multiple Active Directories, segmented networks, and digital twins of PLCs.
The testbed, implemented entirely via Infrastructure-as-Code and validated by Austrian critical infrastructure providers, hosted two high-stakes objectives: (1) take over the Enterprise IT network of Plumetech, a fictitious company serving as the scenario base, and (2) manipulate the OT control network to leak chemicals by taking over a PLC.
The twist: achieve both objectives without being detected by a layered stack of open-source and leading commercial EDR, IDS, and SIEM solutions. Each team operated in its own isolated infrastructure, had access to live detection logs, and could reset their environment at will, forcing them to balance speed, stealth, and adaptability under real-world constraints.
This session reveals the tactics that worked, the detections that failed, and a comparison of leading commercial and open-source IDS along with the code, recorded live data, and detection rules you can use to strengthen your own defenses.
Manuel Kern is a researcher and security consultant who started his career as a server admin and soon shifted his focus solely to IT security. During his time as a professional pentester at the Austrian Institute of Technology, he explored ways to improve detection methods and decided to write his Master’s thesis on efficiently detecting adversaries in computer networks. This research led him to continue his academic path, currently working on his PhD in threat detection. In his free time he is NIS and ISO27001 auditor, travels the world, is an amateur DJ and enjoys scuba diving.