HAL 9000: a Risk Manager for ITSs
HAL 9000 is an Intrusion Tolerant Systems (ITSs) Risk Manager, which assesses configuration risks against potential intrusions. It utilizes gathered threat knowledge and remains operational even in the absence of updated information. Based on its advice, the ITSs can dynamically and proactively adapt to recent threats to minimize and mitigate future intrusions from malicious adversaries. The goal is to mitigate the risk associated with the exploitation of recently discovered vulnerabilities that have not been classified or do not have a script to reproduce the exploit — given the potential that they may already have been exploited as zero-day vulnerabilities. Experiments demonstrate that the proposed solution can effectively learn and replicate the National Vulnerability Database's evaluation process with 99% accuracy.
Speaker Bio
Tadeu Freitas is a PhD student at the Faculty of Sciences, University of Porto, specializing in Fault and Intrusion-Tolerant Systems. His research focuses on developing resilient distributed systems that maintain operational integrity under adversarial conditions. He earned his Integrated Master's degree in Network and Informatics Systems from the University of Porto, where he researched "Privacy-Preserving Crowdsourcing of Photos in Edge-Cloud Environments." His academic interests include distributed computing, cybersecurity, privacy-enhancing technologies, and resilience engineering.
Bringing DevOps into IAM
Traditional identity and access management (IAM) in Entra ID (Azure AD) often relies on manual reviews or expensive premium tiers for automated security checks. This session introduces Maester, an open-source framework that brings DevOps principles to IAM, enabling teams to automate security posture validation, enforce least privilege at scale, and maintain continuous compliance without costly license upgrades. The core problem addressed is that traditional Entra ID management relies on manual reviews or expensive P2 premium licenses for security automation. Maester offers an alternative by allowing teams to automate access reviews, implement custom security guardrails, and integrate DevOps practices. Key functionalities include pre-deployment validation of changes, drift detection for unauthorized modifications, and automated compliance reporting for frameworks like ISO 27001 and NIST.
Speaker Bio
Fabrizio Di Carlo is a cybersecurity strategist with over a decade of experience advising companies across Europe. He currently splits his time as CISO for Cyber Monks and Managing Director of ContrailRisks, a boutique consultancy based in Berlin, where he helps startups and enterprises navigate the complexities of risk, compliance, and security governance. His work focuses on aligning security with business outcomes through pragmatic, risk-based approaches, and he's an advocate for modernizing security leadership through "GRC Engineering," inspired by Site Reliability Engineering.
