OFFZONE 2022, the 3rd annual conference on practical cybersecurity, took place at Moscow’s LOFT HALL on August 25–26. The event brought together security professionals, developers, researchers, and academia.
“The third OFFZONE should have been held back in 2020, but had to be rescheduled twice due to the pandemic,” commented Evgeny Voloshin, CSO at BI.ZONE. “This time, nothing stood in our way, we had a truly exciting event loaded with even more technical talks, cases, and activities than before. We raised the bar very high, yet were able to retain the friendly atmosphere of a genuine community, which was a huge priority for us.”
The two‑day event included five presentation tracks and three workshops, featuring a total of 68 speakers from VK, Avito, Tinkoff, Kaspersky, Positive Technologies, Sber, BI.ZONE, and other companies.
This year’s OFFZONE also saw the launch of the BI.ZONE Bug Bounty platform, which immediately attracted 235 bug hunters to compete for a cash prize. At the event, BI.ZONE released its first public program on the platform, enabling ethical hackers to earn up to ₽300,000 in reward for discovering vulnerabilities. The second public program—scheduled for publication on BI.ZONE Bug Bounty in the coming weeks—will be provided by the Russian classifieds giant Avito.
The keynote speaker of OFFZONE 2022 was Dmitry Evdokimov, founder and CTO of Luntry, who offered his view on the evolution of cybersecurity and the challenges brought by recent changes in the landscape of information systems.
The topics addressed at the conference included privilege escalation on Apple devices, APT attacks, network attacks and vulnerabilities in FHRPs, as well as other hot issues. Many speakers shared their pentesting experience.
In parallel to the main conference, OFFZONE 2022 hosted three breakaway sessions dedicated to the security of financial systems and banking infrastructures (Finance.Zone), web applications (AppSec.Zone), and hardware (DC&HW.Zone).
Tech buffs eager to boost their communication skills had a chance to learn from a seasoned journalist: Хакер’s Editor‑in‑Chief Andrey Pismenny held a master class on how to write a good tech article.
Apart from the educational content, OFFZONE 2022 was filled with interactive entertainment where participants could research vulnerabilities in smart devices, upgrade their badges by soldering, and even get tattoos. Six of the guests got the OFFZONE logo tattoo, which gives them a free pass to all the future OFFZONE conferences and speaker parties.
This year’s OFFZONE also featured CTFZone, an international ethical hacking competition: 1,207 teams from 54 countries had 48 hours to solve a variety of challenges in web, crypto, pwn, reverse, and other categories. The top three spots were earned by teams from Israel, Switzerland, and the United States.
A special mention goes to OFFZONE’s attendee badges. This time, they were integrated into fully operational microcomputers enhanced with a payment processing system. The badges enabled participants to earn and spend Offcoins, the event’s internal currency. Over the course of two days, a total of 475,000 Offcoins was earned and exchanged for exclusive merch from OFFZONE and partners.