Hacks in Taiwan Conference (HITCON), a technology-orientated cybersecurity conference annually held in Taiwan, is dedicated to bringing the latest and the most in-depth technologies and practices to the security community.
Over the years, we have invited worldwide speakers and congregations to participate in these grand events. Also, we provide this avenue for the community to exchange technical research, bleeding-edge hacking technology, and a relatively wide range of corporate security issues.
This year, HITCON will be divided into community and enterprise conferences. In the enterprise conference (ENT), we will focus more on the practicalities of technology, defense techniques and security management, and connect with domestic and foreign cybersecurity communities to cultivate cyber security.

Summit Time: 2023.11.15 (Wed) 09:30-16:30

Location: Taipei New Horizon 14F No. 88, Yanchang Rd., Xinyi Dist., Taipei City

Automation Security Ascendancy: Systematic Evolution to Maturity

Given the general shortage of security experts and the increasingly complex security challenges faced by enterprises, the need for a systematic approach to assess and automate the daily tasks of security teams is of paramount importance.
The emergence of AI techniques offers a promising avenue for automating security tasks, reducing the need for extensive manual effort. However, effectively harnessing AI is no simple feat. Integrating AI into real-world security scenarios demands extensive research, experimentation, and careful implementation.
Ultimately, we must emphasize the crucial role of "measurement." Evaluating the security maturity across various aspects is a fundamental prerequisite for any automated and intelligent system. Therefore, determining how to measure the success of a security team in a practical manner remains a significant challenge.
Only when we have established a robust security maturity model and an intelligent mechanism can we truly make automation a viable reality. These critical components will form the cornerstone upon which we can construct a more secure and efficient future for our organizations.


09:20 Opening Remarks - HIT
09:30 Opening Remarks [Invitation]
09:50 Keynote:Maturity, of CSIRT, by what, for whom Seiichi Komura / The Chair of SIM3 promotion committee, Nippon CSIRT Association.
10:30 Break
10:40 Cyber-Resilient IoT devices with IoT Threat Intelligence Yuki Osawa / Chief Engineer, Panasonic Product Security Center.
Jun Sato / Staff Engineer, Panasonic Product Security Center.
11:20 Break
11:30 一個容易被忽略的資安問題,來源污染 Boik / CyCraft Senior Researcher
Stanley / CyCraft Senior Researcher
12:10 Lunch Time
13:00 The U.S. CMMC Overview and Implementation Insights from a C3PAO's Perspective President & CISO - KLC Consulting / Kyle Lai
13:40 濫用企業通訊與公務平台之社交工程戰略 馬聖豪 / Senior Threat Researcher, TXOne Networks
14:20 Break
14:30 國際規範趨勢下的人工智慧安全基準與需求 Thomas Wan / Managing Director of Ernst & Young Taiwan Management Consulting
15:10 Panel Discussion: 漏洞揭露與通報流程的成熟度 主持人:CK / 台灣駭客協會理事
Thomas Wan / Managing Director of Ernst & Young Taiwan Management Consulting
林志鴻 / TWCERT/CC 組長
林涵恩 / Synology SIRT 經理
Shaolin / DEVCORE 紅隊總監 & HITCON ZeroDay 前審核員
Ta-Lun Yen / Security Researcher, TXOne Networks
15:50 Break
16:00 Measure Your Cloud Identity Attack Surface: Attack Scenario and Defense Practice Gary Sun / Cyber Security Engineer, CyCraft
16:40 (Im)maturity of telecommunication systems security and the way forward Ta-Lun Yen / Security Researcher, TXOne Networks
17:20 Break
17:30 HITCON Carnival Closing with CTF and CyberRange Awards ceremony

Advisor and Organizers