BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securityfest.com//2026//speaker//KELUPJ
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-BXGMG9@cfp.securityfest.com
DTSTART;TZID=CET:20260528T160000
DTEND;TZID=CET:20260528T164000
DESCRIPTION:Mainframes still underpin critical infrastructure such as bank
 ing\, airlines\, and government systems\, yet most modern security teams a
 pproach them using assumptions formed around Unix\, Windows\, and enterp
 rise platforms. These assumptions often fail on z/OS\, creating blind spo
 ts that are difficult to detect and easy to underestimate.\n\nThis talk 
 explains how mainframe security actually works and why familiar concepts
  such as "root\," shells\, ports\, and lateral movement do not translate 
 cleanly. Focusing on components like JES\, JCL\, RACF\, CICS\, and PR/SM
 \, we explore where attackers and defenders truly operate today: transact
 ions\, security managers\, and management boundaries.\n\nFrom an offensiv
 e perspective\, the talk reframes how attackers actually move inside main
 frame environments: not through shells or services\, but via job submissi
 on paths\, inherited authority\, transaction routing\, and security manag
 er behavior. The session highlights concrete failure modes red teams enc
 ounter when modern assumptions are applied to z/OS\, and how those blind s
 pots are exploited in real assessments.\nUsing real TN3270 terminal scre
 ens and practical examples\, attendees will learn a repeatable methodolog
 y for assessing mainframe environments and identifying misconfigurations t
 hat appear harmless but can have severe impact.\n\nThe talk also demonst
 rates an AI-assisted assessment approach: a local LLM interprets TN3270 s
 creens in real-time\, narrates walkthroughs\, and tutors interactively\; a
 ll running 100% offline with no cloud APIs or data exfiltration risk.\nN
 o prior mainframe experience is required.
DTSTAMP:20260625T172855Z
LOCATION:Main Stage
SUMMARY:Hacking Big Iron: When Modern Security Assumptions Fail on Mainfram
 es - Adam Toscher
URL:https://cfp.securityfest.com/2026/talk/BXGMG9/
END:VEVENT
END:VCALENDAR