Northern Security Conference

The first professional IT Security Conference of North Netherlands powered by


Training: 10 and 11 September 2018
Conference: Wednesday, 12 September 2018


WestCord WTC Hotel
Leeuwarden, The Netherlands

What is the Northern Security Conference?

It is first of its kind at the northern provinces of the Netherlands with the intent of providing a common and integrated environment for exchanging information related to information security and its latest happenings throughout the cyber world. Our main motto is to bring out maximum possible security awareness and knowledge in northern Netherlands, keeping in sync the global wisdom in cyber world. The conference is one of the finest platform to learn and get to know the latest technology, tips and tricks to keep our selves safe and secure in this complex, daily growing cyber arena.


Evil Mainframe Mini

Come live your cyberpunk dreams! Mainframes are the workhorse behind almost every fortune 500. It’s probably time you learned how to hack one. This workshop provides a one of a kind experience, allowing you to get hands on mainframe hacking experience with multiple labs. This workshop lays the groundwork for mainframe penetration testing. Walkinging you through techniques for gaining system access, performing end-to-end penetration tests, and teaching you to ‘own’ the mainframe.

After a brief overview of how z/OS works and how to translate from Windows/Linux to “z/OS” the instructors will lead students through multiple real world scenarios and labs against a real live target mainframe brought on site for the workshop. The areas explored include VTAM, CICS, TSO, and Unix. Students will be given access to a mainframe environment for the duration of the course where they will learn to navigate the operating system, learn some easy wins, and privilege escalation techniques. They will get introduced to the open source tools and libraries available for all the steps of a penetration test including Nmap, python, kali, and metasploit as well as being able to write their own tools on the mainframe using REXX, and JCL.

The majority of the course will be spent performing instructor led hands on mainframe testing with tools provided by the instructors. Goals for each segment will be laid out with appropriate time afforded to students to allow them the ability to gain a deep understanding of how a mainframe pentest could and should be performed. Exercises will be based on real world attack scenarios.

While this class is outlined as a beginner class to mainframe hacking the attendee should have knowledge of IT security, penetration testing and very basic Python.

Training Syllabus

Adversary Hunting, Detection and Compromise Assessment

Organizations are always under attack and adversaries of all skill levels are on the lookout for new vulnerabilities, tools, and techniques to compromise an enterprise network. It becomes really difficult as well as important for defenders to stay on top of the game. The workshop is intended towards people interested in learning the methodology and approach for hunting, detection and compromise assessment in an enterprise environment.

Target Audience: People interested or working in Security Operation Centre, Blue Team, Incident Response, Threat Hunting or any defensive role in their organizations. Training Syllabus

Ethical Hacking

During the training the attandee will learn how to perform a penetration test against an organisation. The training will teach the offensive security methodologies and the phases of an attack during an attack. During the talk blackhat techniques will be teached which can be fully exercised in a lab environment. The trainer will demonstrate how to perform a sophisticated phishing attacks against organistations.

Privacy by Design

Privacy by Design is an approach for projects that promote privacy and data protection compliance from the start. Unfortunately, these issues are often bolted on as an after-thought or ignored altogether.

Mobile Exploitation

Even wondered how different attacking a Mobile application would be, from a traditional web application? Gone are the days when knowledge of just SQL Injection or XSS could help you land a lucrative high-paying infoSec job. After a sold out class as multiple conferences over the last few years, we have revamped the material to include a host of new tools and techniques. This will be an introductory course on exploiting iOS and Android applications, suited well for both beginners as well as advanced security enthusiasts. We now also cover ARM and OS exploitation techniques. The training will be based on exploiting Damn Vulnerable iOS app, Android-InsecureBankv2 and a large range of real-world applications in order to give an in-depth knowledge about the different kinds of vulnerabilities in Mobile applications. Training Syllabus

Cybersafety: the human aspects of cybercrime

Research shows that over 95 per cent of all cybersecurity incidents involve human error. Our highly digitized society offers many chances, but new risks arise as well. In the past, bicycle theft was the most common type of crime in the Netherlands, but is this still the case? Hasn’t phishing, for example, taken over this position? Are people aware of the fact that they themselves play an important role in the victimization of cybercrime? In this training, we will work on these questions and bring you the latest insights and developments in cybersafety.


One-day training - 11th of September: €625

Two-day training - 10th, 11th of September: €1250

Security talks

Offensive Cyber Intelligence

Akbar Qureshi - Independent Security Researcher/Consultant

The speaker will talk about how offensive cyber intelligence collection techniques can be used to proactively monitor and track attacker activities. The speaker will focus on the benefits of incorporating offensive cyber intelligence into an existing traditional threat intelligence program. Tools and techniques will be demonstrated to further explain the importance of using offensive cyber intelligence.

Malware adventures

Mohammed Aldoub - Security Consultant

In this talk we will learn how to quickly analyze malware and see methods and techniques used by malware to mask activities, trick users and bypass or fool detection, including tricks used by government sponsored malware in the Middle East.

This talk will contain some reverse engineering, code analysis and script tracing.

Making the web secure, by design!

Glenn ten Cate - Security Researcher

During our work as penetration testers we found that there are a lot of vulnerabilities being introduced in applications that could have been prevented in an early stage of development. We can see the latest trend in integrating security tooling into CI/CD pipelines. However, security tooling integrated in your security pipe-lines will not cover the whole attack surface. This is because the tooling can never understand the full context of the applications functions and logic. On the other hand, resources in the form of manual verification can often be scarce and expensive. Where do we find the right balance between security test automation and manual verification? Even more importantly, how do we train the developers understand the metrics and make security part of their process and culture? This could been achieved by setting up an (S)SDLC, but what does a good (S)SDLC consists of? This talk will guide everybody willing to take the maturity of their security in software development to a higher level.

Compromise Assessment / Applying Intelligence and Counter Intelligence Techniques

Kamal Ranjan - Researcher / IR / Consultant

The speaker will show how to perform compromise assessment and show how to use the samples to collect intelligence from attackers. During the talk the speaker will explain how intelligence techniques can be used by companies to collect data from attackers to prevent future attacks.

State of the (Evil) Mainframe

Henri Kuiper - zDevOp B.V.

During the talk Henri Kuiper will show how Mainframe security is overseen during many penetration test because the lack of knowledge. The speaker will focus on how to enumerate a Mainframe with tools already available and which are actively used by attackers. The talk will show what is possible if an attacker can access a Mainframe from inside an organisation.

Capture the flag

During the conference a CTF event will be running and multiple teams can join. The goal is to get an active community and to attract new and good talent to the event. The winner(s) can be invited by companies and even be recruited. The winners of the CTF, maybe in the form like 1st, 2nd and 3th can get a price and will be published on the Internet and to the media.

Sponsor: ConnectFRL

CTF Organiser: ING Leeuwarden Security Team & Defcon Group, DC3158

1st prize: 3x Raspberry Pi starterskit

2nd prize: 3 Raspberry Pi


  • csv_pls
  • csv_pls2
  • Libya
  • NothingForNow
  • hatstack
  • NCS268
  • Onyx



Free student access Students with a valid student pass and the code "NSC268" can get free access.
One-day training €625 (training only) €775 (conference included)
Two-day training €1250 (training only) €1400 (conference included)
Conference only €250 €175 for early birds until 1st of August!

Conference agenda

Wednesday, 12 September 2018

09:00 – 09:30 Coffee
09:30 – 10:00 Kick-off
10:00 – 10:30 CTF kick-off
10:30 – 11:30
Making the web secure, by design!
with Glenn ten Cate
11:30 – 12:30
Malware Advantures
with Mohammed Aldoub
12:30 – 13:30 Lunch break
13:30 – 14:30
Offensive Cyber Intelligence
with Akbar Qureshi
14:30 – 15:30
Compromise Assessment / Applying Intelligence and Counter Intelligence Techniques
with Kamal Ranjan
15:30 – 16:30 Break
16:30 – 17:30
Evil Mainframe
with Henri Kuiper
17:30 – 18:00 CTF Winners
18:00 – 19.30 Beers & Bites



Henri Kuiper

Henri started his love (or addiction) for computers at the age of 9. Via C64, MSX, Amiga onto the 286. Hosted a BBS in the early nineties, was part of the Amiga Demo Scene and used to love copying 5 14” floppies whilst playing tetris. Fell in love with the Mainframe when he was 22. Programmed PL/1 on the financial systems for a large Insurance company. Became a systems programmer on OS/390, later z/OS. Founder of zdevops and still working in the Mainframe environment for a multitude of clients.

Organised the first Dutch Evil Mainframe Training. Speaker at international conferences (GSE-UK, GSE-NL, GSE-BE, ISACA Lux) on a variety of subjects. He has a soft spot for all things related to security (red and blue). First Dutch guy have a “Shop zSeries”-account without having an actual Mainframe so he could download PTF’s for his zPDT.

He’s the technical coordinator for the Dutch Region of the Guide Share Europe, co-creator of a world-wide secret society dedicated to Mainframe Security, chairman of the GSE security workgroup and a 100% certified IT-junkie who never stopped loving to tinker with hard- and software. Proud producer of various Mainframe tools (SU for z/OS, WhatsApp gateway, and the (almost production ready) ISPF Git Interface.

Akbar Qureshi

Akbar Qureshi has over 15 years of information security experience with a background in ICS/SCADA security, Threat Intelligence, Cyber Network Defense and Exploit Research. He has turned in security flaws to various bug bounty programs as well to private organizations that he can’t disclose.

He is currently researching innovative ways of using artificial intelligence and data mining technologies to proactively hunt down cyber threats. He also has extensive experience in cyber offense and defense attack vectors.

Mohammed Aldoub

Mohammed Aldoub (@Voulnet) is a security consultant from Kuwait, who, in his 10 years of experience, worked on creating Kuwait's national infrastructure for PKI, cryptography, smartcards and authentication. Mohammed delivered security trainings, workshops and talks in the Netherlands, Czech Republic, Lebanon, Riyadh, Kuwait and other places.

Mohammed is deeply interested in malware, especially those used by state actors in the Middle East zone, where he volunteers as OWASP Kuwait's chapter leader.

Kamal Ranjan

Kamal works as a Security Consultant for a well known international cyber security company. He has over 8 years of cyber security experience specializing in Digital Forensics, Incident Response and Threat Hunting. He has delivered talks and workshops for cyber security meet ups and conferences like Hack In The Box Singapore, Bsides Delhi, null etc. in the past.

Sandeep Singh

Sandeep is an Information Security Professional. He has over 6 years of experience in delivering high-end security consulting services to clients across the globe. He is the co-lead of OWASP Delhi chapter and Community Manager of null community and actively contributes to the local security community. He has conducted and delivered many talks and workshops for the local community in the past.

Glenn ten Cate

As a coder, hacker, speaker, trainer and security researcher employed at ING Belgium Glenn has over 10 years experience in the field of security. One of the founders of defensive development [defdev] a security trainings series dedicated to helping you build and maintain secure software and also speaking at multiple other security conferences in the world.

Not only does Glenn train developers, he and his brother Riccardo also donated an entire knowledge framework solely dedicated to help developers make their code secure by design to OWASP. See: SKF (Security knowledge framework).

Glenn also has expertise on implementing security test automation in CI/CD pipelines. This helps create short feedback loops back to the developer and prevents bugs from getting into production into an early phase of the development lifecycle.

Dr. Kees (C.N.J.) de Vey Mestdagh

former Associate professor University of Groningen and Chairman of the Foundation for Law & ICT. The Foundation initiates and coordinates education and research in the field of Law & ICT. Kees obtained his doctorate in the field of Artificial Intelligence and Law. He has published journal articles and book chapters on the Automation of the Administration of Justice, Internet Governance and Global Self-Regulation, the Representation of Inconsistent Knowledge, the Disposal of Embedded Data, the Organization of the Investigation of Cybercrime, Law in the Digital World, Privacy Law, and Autonomous Systems.