Sponsor Keynotes

Industry Keynote: AI on the Rise: Security Challenges in the Era of Artificial Intelligence

Speaker: Lucas Boscaini

Abstract: Artificial Intelligence is transforming the world at an accelerated pace, opening doors to incredible innovations but also bringing to light new and complex security challenges. In this talk, we will explore how the rapid adoption of AI is impacting the global landscape, from the creation of sophisticated cyberattacks to infiltrations in critical systems. We will discuss the crucial role of security experts in developing new technologies and strategies to ensure that AI integration is done responsibly and sustainably, protecting individuals, organizations, and society as a whole.

Mini Bio: Engineer at Google, leading research and open-source teams in privacy and security.

Industry Keynote: Tempest and the Connection between Academia and Industry  

Date | Duration: September 16 | 15 minutes (will occur before the official event opening)  

Abstract: Emphasizing the strategic importance of collaboration between academia and industry, we will present a concise overview of the investments and results achieved through Tempest’s educational and Research, Development, and Innovation (RDI) initiatives in recent years.  

Speaker: Gerson Castro (Head of Academy, Research & Publishing – Tempest)  

Speaker Mini-Bio: Gerson Castro is the Head of Academy, Research & Publishing at Tempest Security Intelligence. A senior executive with over 30 years of experience, he is known for his entrepreneurial spirit, leadership, and results-oriented pragmatism. Gerson also has extensive experience in the educational sector, having been a co-founder of higher education institutions, Vice-President of Graduate Studies, Research, and Extension, Head of Competence Centers, and Coordinator and Professor in undergraduate and graduate programs. Through the Cisco Networking Academy program, he has trained thousands of students in Brazil since 2001. Due to his impactful results, Cisco Brazil invited him to lead the planning, management, and execution of its Expansion Plan between 2011 and 2021, during which he trained over 5,000 new teachers from various public and private institutions, armed forces, and corporate academic programs across the country. https://www.linkedin.com/in/gersoncastro/ 

Industry Keynote: Tempest AI: Security, Attacks, and Innovation in R&D  

Date | Duration: September 17 | 40 minutes  

Abstract: This lecture will cover Tempest’s investments and initiatives in research, development, and innovation in the field of Artificial Intelligence, focusing on the application of these technologies to address cybersecurity challenges. We will present the significant results achieved so far and discuss the risks associated with deploying machine learning (ML) models in production without proper security evaluation. A case study will be demonstrated where Tempest conducted a security analysis using the concept of adversarial attacks against a liveness detection model, illustrating the observed impacts and effects. We will conclude with recommendations on how to mitigate financial, reputational, and social impacts when deploying ML models in production environments.

Speakers: Henrique Arcoverde (CTO – Tempest) & Gerson Castro (Head of ARP – Tempest)  

Speakers Mini-Bio:  

Henrique Arcoverde is a cybersecurity expert with over 15 years of experience in the field. He holds a Master’s degree in Computer Science from the Center for Informatics at the Federal University of Pernambuco (CIn/UFPE) and is currently pursuing a Ph.D. in the same field at CIn/UFPE. Henrique serves as the Director of Operations at Tempest Security Intelligence, a leading cybersecurity company in Brazil. His expertise lies in identifying and mitigating security vulnerabilities and implementing intrusion detection mechanisms. Passionate about staying updated with the latest trends and technologies in the sector, Henrique actively contributes to the advancement of cybersecurity through research and practical applications.  

Gerson Castro is the Head of Academy, Research & Publishing at Tempest. A senior executive with over 30 years of experience, he is a professional driven by challenges and recognized for his entrepreneurship, leadership, and results-oriented pragmatism. He has also made significant contributions to the educational sector, consistently bridging the gap between academia and industry. Gerson has been a co-founder of higher education institutions, Vice-President of Graduate Studies, Research, and Extension, Head of Competence Centers, as well as Coordinator and Professor in undergraduate and specialization courses. He has made a notable contribution to the Cisco Networking Academy program, leading the national planning, management, and execution of its Expansion Plan between 2011 and 2021, during which he trained over 5,000 new teachers from various public and private institutions and armed forces. https://www.linkedin.com/in/gersoncastro/   

Industry Keynote: Presentation of the EMBRAPII CESAR Competence Center in Cybersecurity

Abstract: In recognition of the research conducted in the field of cybersecurity, CESAR was awarded an investment of R$ 60 million by the MCTI in 2024 to become a Competence Center in Cybersecurity. This presentation will showcase the research carried out and the challenges within the main research areas defined by the center, as well as opportunities for partnerships and cooperation in research with universities, science and technology institutes, and companies.

Ioram Schechtman Sette

Coordinator of the EMBRAPII CESAR Competence Center in Cybersecurity and Lead Researcher of the Identity and Access Management (IAM) research line. Faculty member of the Graduate Program in Software Engineering at CESAR School. PhD in Computer Science from UFPE with a sandwich period at the University of Kent (United Kingdom).  

Milton Vinícius Morais Lima  

Lead Researcher of the Cyber Threat Intelligence (CTI) research line. Faculty member of the Graduate Program in Software Engineering at CESAR School. PhD in Computer Science from UFPE. Member of the National Cybersecurity Committee (CNCiber). Currently conducting postdoctoral research at UFRPE.  

Erico Souza Teixeira  

Lead Researcher of the Data Protection and Privacy (DPP) research line and Researcher in the area of Quantum Technologies. Faculty member of the Graduate Program in Software Engineering at CESAR School. PhD in Theoretical and Computational Chemistry from UFPE, with a sandwich period at the University of Florida (United States). Completed postdoctoral research at UFPE and Texas Tech University (United States).  

Helda Oliveira Barros  

Lead Researcher of the Legal, Ethical, and Behavioral Aspects (ALEC) research line. Research Manager, Stricto Sensu and Cooperation, and Faculty member of the Graduate Program in Design at CESAR School. PhD in Design from UFPE.  

Georgia Pinto Barbosa  

Executive Manager of the EMBRAPII CESAR Competence Center in Cybersecurity. Head of project management at CESAR, responsible for the organization’s PMO, and Faculty member of the Graduate Program in Software Engineering at CESAR School. Master in Computer Science from UFPE. 

Industry Keynote: Beyond Foundation Models: What You Really Need to Secure in LLM-based Systems

Abstract: Large Language Models (LLMs) have become indispensable assets, excelling in tasks like text summarization, translation, and generation. These advancements are driving innovation in various fields, particularly in intelligent user interface systems that can adapt to user intent. Despite their impressive capabilities, LLMs face significant challenges, including outdated information due to their training cut-off date, hallucinations, and limited planning abilities.

To mitigate these limitations, LLM-based systems often integrate multiple components such as Retrieval-Augmented Generation (RAG) pipelines, specialized tools (e.g. internet search), and, more recently, multi-agent systems. This presentation delves into the current state-of-the-art in LLM-based systems, examining the components that constitute these advanced application frameworks and emphasizing the critical role of reliable data throughout the application lifecycle. By understanding these elements, we can understand new cybersecurity challenges that must be addressed that must span beyond the LLMs themselves to effectively secure the entire system.

Mini-bio: Claudionor is the Chief AI Officer at Zscaler, he is chartered with driving the vision and implementation of advanced AI technologies to strengthen the world’s largest security platform and propel Zscaler’s innovation engine forward, and an invited Professor for Deep Learning and Natural Language Processing at Santa Clara University.

Prior to joining Zscaler, Claudionor served as the Chief AI Officer and SVP of Engineering at Advantest, where he led the development of a Zero Trust private cloud solution tailored for the semiconductor manufacturing market, enabling companies to securely run Machine Learning workloads. Before that, Claudionor was the VP/Fellow of AI and the Head of AI Labs at Palo Alto Networks where he led the charge in AI, AIOps and Neuro-symbolic AI, an advanced form of AI that enables reasoning, learning, and cognitive modeling, to help revolutionize time series analysis tools on a massive scale. Claudionor’s career also includes vital roles in Machine Learning and Deep Learning at Google, where he developed a state-of-the-art Deep Learning technology designed for automatic quantization and model compression which played a pivotal function in the search for subatomic particles at CERN. This work was featured in the cover page of Nature Machine Intelligence in August, 2021.

He has held Executive positions at Cadence,  Synopsis,  and Jasper Design Automation, being responsible for opening Cadence and Jasper Design Automation in South America, beyond being the person who negotiated opening a site for the ACM Programming Contest in the Southern Hemisphere of the planet.

Claudionor holds a PhD in Electrical Engineering and Computer Science from Stanford University and an MBA from Ibmec in Brazil. He earned both his M.Sc in Computer Science and B.S. in Electrical Engineering (summa cum laude) from the Universidade Federal de Minas Gerais.

Talk: Brazilian AI Observatory and Incident Monitoring  

Speaker: Tuca Reali Costa  

Summary: The Brazilian Artificial Intelligence Observatory (OBIA) will be presented, a strategic initiative of EBIA and, more recently, part of the Brazilian AI Plan, aimed at monitoring and analyzing the development of AI in Brazil.  

Context of OBIA and its relationship with the Brazilian AI Strategy.  

Objectives and principles of OBIA.  

The risks involved in the lifecycle of AI solutions, and the challenges in measuring incidents.  

Mini-bio: Engineer, responsible for the Brazilian AI Observatory (OBIA), linked to the Brazilian Network Information Center (NIC.br). Post-graduate in Computer Science and Artificial Intelligence at USP (University of São Paulo), he worked as an executive director in telecommunications companies such as iG (the largest internet service provider in Brazil) and GVT (telephone and internet provider in Brazil). While pursuing his master’s in computer vision, he was invited as a visiting researcher at NEC Inc and Siemens Research Institute in Princeton, USA, as well as at the Courant Institute at New York University (NYU). He is currently pursuing a PhD in Artificial Intelligence at the Polytechnic School of USP. 

Talk: Careers in Cybersecurity at SiDi

Date | Duration: Tuesday – Company Session – 15-minute Presentation

Speaker: Marcus Farbiarz  

Abstract: SiDi is a scientific, technological, and innovation institution with units in Campinas, Recife, and Manaus. With over 12 years of experience, cybersecurity is one of its key specialties. In this presentation, we will provide an overview of our cybersecurity competencies, main activities, results, challenges, and job opportunities in offensive security (offsec) and application security (appsec).

Mini-bio: Marcus Farbiarz is a computer engineer graduated from UNICAMP with over 20 years of experience in R&D, 14 of which are dedicated to cybersecurity. Working at SiDi as a security specialist, he leads the offensive security team responsible for validating and enhancing the security of software embedded in mobile and IoT devices used by millions of users worldwide, as well as cloud systems and desktop applications. LinkedIn Profile

Industry Keynote: Follow that Link! Privilege Escalation in 10 Minutes Using Symbolic Links on Windows

Date | Duration: Wednesday – Main Stage – 10-minute Presentation

Speaker: Giuliano Sanfins  

Abstract: Privilege escalation and denial-of-service vulnerabilities in Windows applications through symbolic links lead to the assignment of numerous CVEs annually. Although the use of symbolic links has been a common practice in Windows for a long time, many applications are not designed to handle them securely. Exploiting them can be complex without a solid understanding of their functionality. In this presentation, we will cover the basic concepts of symbolic links and demonstrate how privilege escalation occurs in practice.

Mini-bio: Giuliano Sanfins works as an offensive security analyst at SiDi. He has a strong interest in binary exploitation, reverse engineering, and conducts penetration testing on applications developed for the Windows platform. LinkedIn Profile

Title: Challenges for a National Cybersecurity Strategy

Date | Duration: Monday, September 16th, from 11:00 to 12:30

Speaker: Percival Henriques

Abstract: The implementation of a national cybersecurity strategy involves overcoming several challenges, ranging from the rapid evolution of digital threats to the need to strengthen cooperation between the public sector, private sector, and civil society. The increasing reliance on digital technologies makes countries more vulnerable to cyberattacks, which can compromise critical infrastructures, data security, and even national sovereignty. Thus, the first challenge is to create a solid normative and governance framework that balances technological innovation with cyber protection and resilience.

Additionally, another key challenge is the continuous training of professionals and raising awareness among society about good cybersecurity practices. The shortage of qualified personnel, combined with the low perception of risk among common users and organizations, worsens the situation. The national strategy needs to include investments in education, research, and development, as well as strengthen legislation and international collaboration, to ensure a comprehensive and effective approach to addressing digital threats.

Bio: A physicist and law graduate, Percival Henriques was the technical director of Inmetro/Imeq in Paraíba and is a specialist in Public Management from UFCG. He is also a specialist in Constitutional Law and Jurisdictional Protection of Rights from the University of Pisa, Italy, and a Master’s candidate in Law and Digital Citizenship at the Catholic University of Pernambuco. Currently, he serves as the president of the National Association for Digital Inclusion (ANID), is a full member of the CGI.BR Board, a full member and vice-president of the NIC.BR Board of Directors, Coordinator of the Security and Rights Chamber of CGI.BR, and a full member of CNCiber.