CFP closed at  February 04, 2024 23:59 UTC

x33fcon 2024 (8th edition)

When and Where

June 13-14, 2024, Gdynia, Poland

This form is only for talks. There are separate forms to submit your workshop or training proposal.

About x33fcon

Yet another security con? Nope.

The idea behind x33fcon (pronounced /ˈziːf-kɒn/) is to focus on a very specific need of the security industry: collaboration between blue and red teams (sometimes referred to as purple teaming). We know from our professional experience how hard it can be to build a solid bridge between those who assess security and those who guard the castle. Many misconceptions and misunderstandings arise between these two groups.

We want to change that. Rather than continue to think about security from either an offensive or defensive perspective, our goal is to encourage security professionals to consider both perspectives while working more closely together. Both blue and red teams provide unique capabilities to an organization, but the collaboration between the two yields the best results.

x33fcon is an event that brings both groups together, and everyone from both sides of the fence are invited to gather, share ideas and discuss thoughts on security.

Who Should Attend

Anyone interested!

Topics planned for this conference are important for any IT security personnel, especially red teamers, pentesters, incident responders, analysts, and researchers. The conference will include high-level talks on team collaboration, case studies, and deep-dives into attack and defense techniques.

It’s a great opportunity to meet other blue and red team members, learn from their experiences and understand how attackers and defenders think and behave.

Are you responsible for security? Don’t miss out! Come along and help define what’s possible.

About Us

We are a group of security enthusiasts with many years of experience in both the offensive and defensive arena. We have worked for small companies and large multi-national corporations around the world. Our experience spans all major sectors of business including Finance, Healthcare, Energy and Aviation.

We have also contributed to, and presented at, many security events: Security BSides Warsaw, NoVA Hackers, Tech.3camp Gdansk, HackInParis, Geek Girls Carrots, and lectures at Gdansk University of Technology.

Security professionals in offensive and defensive roles should collaborate with each other - more often and more effectively. That’s the main thrust behind the creation of x33fcon; to provide a forum to boost this collaboration.

CFP Description


  • Each presentation should last up to 40 min + 5 min Q&A
  • CFP submissions must be made by speaker himself/herself. No third parties should be involved
  • Priority will be given to new research that has not been presented elsewhere (and will not be before x33fcon)
  • If submitted presentation was already presented elsewhere please provide links to the material (slides, whitepaper, video, etc.)
  • We do not accept vendor specific pitches nor advertisements
  • We will contact potential speakers with questions in regards to presentations if needed
  • Incomplete submissions will be rejected. Please make sure to answer our questions in Additional Information section

Please note that by agreeing to speak at x33fcon you are granting x33fcon organizers the rights to advertise your presentation at, twitter and all other media in paper and electronic form.

Topics of interest

  • Red/blue collaboration (purple teaming)
  • War stories / case studies
  • Offensive TTPs (Tactics, Techniques and Procedures)
  • Research on novel attacks
  • Threat intelligence
  • Blue team best practices
  • Malware research
  • Digital forensic triage
  • Antiforensics and anti-antiforensics approaches
  • Networking incident response, investigation, and evidence handling
  • Network forensics and traffic analysis
  • Social Engineering
  • Active defense
  • Cloud and IoT security
  • DevSecOps

Generally speaking, we try to offer our participants a mix of red and blue talks (better yet, purple ones that will be interesting for both teams) and a mix of very technical and less technical talks. Less technical talks may include case studies, high-level presentations, especially if they concern the organization of security departments, with particular emphasis on red and blue teams and cooperation between them, social engineering, etc. We typically do not accept entry-level presentations unless the topic is very complex.

If you believe your research is interesting but does not fall into the above categories please contact us. We are open to any suggestions.

Attendees (3)