Thank you to everyone who joined us for the 2025 London Briefing at Churchill War Rooms.
Together, we explored the evolving landscape of offensive-driven cybersecurity, heard from our consultants about their latest discoveries, shared our experiences in our PCI DSS compliance project with Engine by Starling, and learnt about the history of the Enigma machine.
You can watch all the consultant sessions below and, if you have any questions, please get in touch.
Watch the Sessions
What your logs won’t tell you: Purple Teaming Entra ID and Microsoft 365
Presented by Christos Avraam, Reversec.
This talk presents our approach to Purple Team assessments targeting Microsoft 365 and Entra ID environments. Based on engagements across various sectors, we will present a set of Test Cases against high-value cloud identity assets, shaped by threat intelligence and real-world telemetry.
We present the challenges around detection engineering and log visibility and learn about compensating controls where detection falls short. We’ll also showcase how we leverage and adapt existing open-source tools to support our exercises.
Legacy code, modern problems – a Java 7 war story
Presented by Miłosz Gaczkowski, Reversec
Legacy software is commonplace in the world of finance – keeping things running often takes priority over innovation, while security gets bolted on to old solutions… with mixed results.
This talk takes attendees on a whistle-stop tour of a thick client test of a large foreign exchange trading solution (running on Java 7) as deployed in the client’s estate. What started as an uneventful test with a few uninspiring retest items quickly turned into multiple paths to compromising the entire application.
Mind the Gap
Presented by Jaco Engelbrecht, Engine by Starling and Antti Laatikainen, Reversec
Engine by Starling is growing at pace, supporting banks globally as they digitally transform. Working alongside Reversec, they’re on a mission to ensure their people, processes, and technology are compliant so they can safely scale to service millions of banking customers.
This case study explores their journey to becoming PCI DSS compliant with Reversec, and its importance for not only cybersecurity, but also their customers.
One Click to root within Jamf macOS environments
Presented by Max Keasley, Reversec
macOS is an Operating System which is being seen more and more within enterprise environments. Due to the difficulties of configuring virtual testing environments compared to windows, fewer people have been scrutinising and evaluating the security of third-party applications.
This session presents the results of some vulnerability research on third-party macOS application targets with a focus of exploiting their presence in enterprise Jamf environments. It provides offensively-minded attendees with a technical walk-through of how the bugs were identified and exploited to achieve privilege escalation objectives.
Related content
Our accreditations and certificates
Don’t be a stranger, let’s get in touch.
Our team of dedicated experts can help guide you in finding the right
solution for your unique issues. Complete the form and we are happy to
reach out as soon as possible to discuss more.
This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.