Infostealer Intelligence
Is your organization exposed to infostealer malware? Visit the Passguard booth to instantly run a free scan for infections linked to your domain or employees. 

 Infostealers silently steal credentials and sessions from infected devices, often unmanaged or personal, and sell them on underground markets. The result: account takeovers, data leaks, and supply chain risks. Even in the Netherlands, institutions like the Dutch Police and TU Eindhoven have faced breaches where infostealers reportedly played a role. 

This highlights how widespread and stealthy the threat has become. Passguard is a Dutch-developed, fully European-hosted solution, trusted by security teams in healthcare, critical infrastructure, and managed services. 

Stop by to run your scan, explore live data, and see how Passguard helps make invisible infections visible.

Our answer: Ranger is the first to prevent ransomware and data exfiltration entirely from user mode, eliminating kernel risk without trade-offs. It runs fully on-premises and uses a patent-pending algorithm that watches your data, not the malware, blocking future attacks in real time.

Operational edge: Offers stronger NIS2-aligned prevention and sovereignty, strengthens any vendor’s stack, blocks BYOVD and EDR killer attacks by design, emits OCSF-compliant telemetry, and integrates with existing dashboards.

The Centrum voor Cybersecurity Veiligheid en Technologie (CCVT) is a data and analytics organisation specialised in Cyber Threat Intelligence. We provide real-time insights into threats and data originating from the deep and dark web, including leaked credentials, data breaches, and leaks.

At this event, CCVT presents the innovative system Meldingssysteem voor Relevante Informatiedetectie (MRI), developed on behalf of the Ministerie van Economische Zaken.

The system is designed for teams and individuals who work with cybersecurity information from security advisories, news articles, blogs, and other public sources. We aim to address the problem of information overload caused by the enormous volume of intelligence being published every minute of the day. Teams and individuals often struggle to filter this flood of data and identify the publications relevant to their organisation, risking missing critical developments.

MRI offers an innovative solution that reduces this information overload by 97.6%, automatically filtering out irrelevant data and highlighting only actionable threat intelligence. This allows security teams to focus on real threats, respond faster, and minimise the risk of missing critical developments.

ByteJams B.V. fixes what most cybersecurity tools fail to do: actually prevent ransomware and data exfiltration.

Founded in 2022 by Erik Loman, creator of HitmanPro and lead architect of Sophos Intercept X, whose technologies helped stop WannaCry and laid the foundation for Sophos’ rise to a billion-dollar cybersecurity leader.

The challenge: Ransomware still causes over €50 billion in damage annually, despite record security budgets. As the industry shifts to XDR and human-led response, innovation in prevention has fallen behind. Solutions now rely on cloud logic or manual analysis, slowing action when attacks move at machine speed. Attackers abuse trusted tools and evade AI by shaping code to appear statistically benign. In 2024, a global IT outage caused by a leading security vendor exposed the risks of deep system-level security.

OTconnect helps in securing automation systems that keep factories, energy plants and transport systems running. At the One Conference 2025 expo we will unveil OT Monitoring as a Service, a managed hi up security offering that turns raw network traffic from sensors, PLCs and SCADA systems into clear, actionable insight without touching production.

Powered by the open‑source Malcolm framework, our platform quietly listens at key network points, builds a live inventory of assets and their relationships, and flags unusual behaviour the moment it appears. Intuitive dashboards reveal who is talking to what, which files are moving, and where threat indicators surface, so engineers and security teams can act in minutes instead of days with the help of OTconnect.

Using open standards and lightweight sensors, you can start with a single line or lab and scale to multi‑site, high‑throughput coverage. All data stays under your control, while our experts provide tuning, alert triage and continuous‑improvement guidance.

With OTconnect, industrial operators gain the visibility and confidence they need to keep critical processes safe, reliable and resilient in an increasingly connected world.

KnightGuard is an AI Native & Risk Centric Preemptive Threat Exposure Management Platform that lowers the TCO of a Security Program upto 50% by bringing all Preemptive Security Use cases in a single unified platform enabling decision makers by providing a single pane of glass view across their entire security stack.

UbiOps helps vital organizations to run and manage their private AI on any infrastructure, sovereign and secure.

We believe that every organization should be able to seamlessly run their Private AI on their own terms. Sovereign and secure. Whether that is on local, hybrid cloud or multi-cloud infrastructure. The UbiOps software platform allows AI teams to run, manage and scale production-grade AI code, on any cloud or on-premise hardware, without the usual engineering complexity. As such it accelerates AI innovation, reduces time to market, removes vendor lock-in, and maintains robust compliance in a rapidly evolving landscape.  

UbiOps has a growing customer base consisting of international public sector, healthcare and critical infrastructure organizations. Amongst them are Netherlands Government ICT Services provider (SSC-ICT), Netherlands Immigration and Naturalisation Service (IND), Netherlands Supreme Court, Netherlands National Cyber Security Centre (NCSC-NL), Bayer Crop Science, BNP Paribas, University Medical Centre Groningen (UMCG), HagaZiekenhuis the Hague, Royal BAM Group and more.

Indurex: Autonomous Cyber Resilience for Cyber Physical Systems (CPS)

Indurex is a pioneering technology company focused on autonomous resilience for Cyber Physical Systems (CPS). At the intersection of Artificial Intelligence (AI) and Operational Technology (OT), Indurex develops next-generation solutions that proactively protect and adapt critical infrastructure environments—including energy, manufacturing, transportation, and water systems.

Our AI-driven platform empowers industrial operators to anticipate, absorb, and recover from cyber-physical disruptions with minimal human intervention. Designed for real-time adaptability, Indurex enhances system integrity and safety, ensures regulatory compliance, and reduces operational risk in increasingly hostile and complex threat landscapes.

Ready to transform your industrial cybersecurity posture?For more information: www.indurex.io

t.b.a.

Securely is a cybersecurity platform that leverages artificial intelligence (AI) to enhance risk management for organizations. The platform is specifically designed to help businesses to identify, assess, mitigate, and continuously monitor cybersecurity risks across their entire digital environment.

By automating and streamlining risk management processes, Securely empowers organizations to better anticipate and respond to evolving threats, while ensuring regulatory compliance and enhancing overall security posture.

Securely offers a comprehensive and AI-driven risk management solution that empowers organizations to identify, assess, and mitigate cybersecurity risks with precision and speed. This makes it an essential tool for organizations looking to manage and mitigate cybersecurity risks in a modern, digital-first world.

OT-Secure enables organizations to assess and improve their IT/OT cybersecurity maturity through fully automated assessments. Within minutes, we provide clear insights into operational risks, vulnerabilities, and compliance gaps (including NIS2 and IEC 62443), without the need for lengthy consultancy processes.

Our solution is used as a baseline assessment, a starting point for cybersecurity programs, or as part of supplier evaluations. OT-Secure is especially valuable for multi-site environments—standardized reporting provides direct visibility and comparability across locations or entities.

Each assessment delivers actionable improvement recommendations to support compliance, justify investments, and raise internal awareness. Available through scalable subscription models, our assessments serve both end users and partners such as IT service providers.

We are active in key sectors including manufacturing, logistics, energy, and the public domain. OT-Secure empowers IT and OT teams to collaborate more effectively with a shared language, clear priorities, and tangible next steps.

Assess Today. Protect Tomorrow.

We are a cybersecurity awareness platform for companies looking to equip employees against digital threats. With over ten years of experience in the entertainment industry, we approach learning from a completely new perspective. While binge-watching and gaming thrive thanks to smart techniques and high production value, (e-)learning is often left behind. We bring those worlds together: the same cybersecurity topics, delivered through the power and engagement of entertainment. Our serious game has been on the market for a year and enables employees to become quickly and effectively aware of threats in just 1.5 a 2 hours. In January, we’re launching our e-ntertainment learnings: refreshing content focused on long-term behavioral change “66 days of cyber crime” added with infotainment for the rest of the year. A new way of learning! Our clients and partners are no longer just in the Netherlands, but also across Europe, the US, Canada, and Australia. Our mission? No more dull training,, but content that motivates, engages, and sticks. The coolest thing? Fully personalized to each sector, country, and organization. We would love to tell you more!

Neutralizing AI- and Quantum-Powered Threats in Real Time

Our patented, AI- and quantum-resistant technology pre-emptively neutralizes even the most advanced attacks in real time, including zero-day and AI and quantum powered threats, across your entire digital landscape—from endpoint to perimeter and everything in between.

Where traditional cybersecurity reacts after a breach, Cyemptive acts before—isolating and eliminating threats before they can even touch your network. That’s not just protection—it’s true cyber safety.

Cyemptive is EU headquartered at the HSD Campus in The Hague. Our services are delivered from Dutch-based data centers, ensuring full sovereignty and compliance.

We are partnering with TNO/PCSI, HSD Security Delta and the Campus and offer Proof of Concept (POC) services to test specific requirements.

Stop by at our booth at the EXPO and ask for a live demonstration to see how Cyemptive can help your business to stay ahead of AI- and quantum-powered cyber threats.

t.b.a.

Invictus is not your standard incident response provider. As premier trainers and experts in advanced cloud forensics, we bring unmatched technical insight across AWS, Azure, Google Cloud, and beyond. That deep expertise means we don’t just restore your operations but we fortify them against future threats. Any cloud, but one response to confidently secure your multi-cloud and hybrid environments.

Responding to cloud incidents is vastly different from traditional incident response and it’s an area where we truly excel. We began developing our cloud incident response skills nearly 10 years ago, long before it became a widespread focus. Our commitment to cloud security is demonstrated through our extensive library of open-source tools and published articles. We are proud of our core values which center around transparency, quality and creating a true partnership for lasting security, not just a quick fix.

We founded Invictus Incident Response to tackle the surge in cloud cybersecurity incidents and the gap in truly effective cloud incident response. We’ve seen firsthand that handling complex incidents requires more than just reacting, it demands proactive and expert intervention. Our mission is simple: help you emerge stronger and remain unconquered in the face of cyber adversity – that’s the Invictus spirit

t.b.a.

t.b.a.

t.b.a.

Transparent, Fair, and Compliant AI for Recruitment

ObjectiveEye develops an AI-powered recruitment platform that helps organizations hire more fairly, efficiently, and transparently. By focusing on skills-based selection, our platform reduces bias and promotes diversity throughout the hiring process.

Our solution consists of three integrated modules:

• Semantic Matching: Using advanced AI, we translate informal job descriptions into structured competence profiles, ensuring candidates are selected based on skills, not keywords or job titles.
• Content Generation: Our system helps recruiters create inclusive job postings, structured interviews, and scoring rubrics aligned with validated skills frameworks, improving consistency and fairness.
• Evaluation Support: During assessments, the platform provides AI-based, explainable score suggestions linked to behavioral indicators, supporting objective decision-making while maintaining human oversight.

A key success story is our collaboration with the Dutch Central Bank (DNB), where our platform significantly increased the applicant pool and enabled a more objective, compliant, and inclusive selection process.

ObjectiveEye’s platform meets strict data security and compliance standards, supporting organizations in preparing for regulations like the EU AI Act. We actively engage with cybersecurity communities and seek partnerships with organizations aiming to modernize their hiring with responsible, transparent AI.

Nemesis is a Breach and Attack Simulation (BAS) platform developed by Persistent Security to help organizations continuously assess, validate, and strengthen their cybersecurity posture. Nemesis simulates real-world cyberattacks in a controlled environment to uncover gaps in detection and response capabilities.

Unlike traditional security assessments, Nemesis provides ongoing, automated testing aligned with frameworks such as MITRE ATT&CK, allowing organizations to proactively identify weaknesses before attackers do. Its modular design supports diverse scenarios – from cloud infrastructure to endpoint security to SOC testing – enabling companies to tailor simulations to their unique environments.

Nemesis empowers CISOs, SOC teams and security consultants with a tool to proof that cyberdefenses work the way they are supposed, justifying ROI on security investments; 

Persistent Security offers Nemesis as a core part of its mission to make enterprise-grade cybersecurity accessible, measurable, and transparent. Whether used by internal teams or external MSSPs, Nemesis helps organizations not only detect weaknesses but prove the effectiveness of their defenses, making it an essential solution in the age of sophisticated, evolving threats.

GriffinGuard is turning the edge of the internet into the front line of cyber defense.

We operate one of the world’s largest independent honeypot networks, with over 100,000 sensors worldwide, designed to capture real-world attacker activity in real time. Every scan, exploit attempt, and handshake is recorded and analyzed to reveal how attackers behave long before they breach a system. GriffinGuard focuses on what happens at the edge of networks: the reconnaissance, mapping, and early-stage activity that signals intent. Our sensors also capture post-exploitation behavior, providing a complete picture of the threat landscape as it unfolds in real time.

Our mission is simple. Give defenders the same visibility attackers already have. Whether you are a security analyst, a threat researcher, or a decision-maker, GriffinGuard helps you understand what’s out there and how to stay ahead of it.

t.b.a.

Turn sensitive data into a competitive advantage with Synthetic Data. Syntho solves data / privacy challenges around working with real data with our AI Generated Synthetic Data platform. The platform mimics real (sensitive) data with the power of AI to generate synthetic data twins of the real data. We apply AI to model the synthetic data in such a way that we preserve the statistical patterns, relations and characteristics of an original dataset / database to such an extent that it can even be used for analytics.

Though data / privacy challenges are often seen as an obstacle, roadblock or hassle by many organizations, winners see it as a key driver for business success, because it:

• Gains digital trust
• Unlocks data and insights
• Drives industry collaborations
• Realizes speed and agility

Unosecur is a comprehensive identity security platform purpose-built for today’s multi-cloud and hybrid enterprises. It provides real-time protection against identity threats using AI-powered detection, no-code workflows, and automated least privilege enforcement. With support for both human and non-human identities, Unosecur delivers identity threat detection and response (ITDR), identity security posture management (ISPM), and policy-based access controls. Its platform is agentless, quick to onboard, and trusted by global leaders in BFSI, retail, and tech. Unosecur empowers CISOs, IAMOps, and SecOps teams with full visibility, real-time monitoring, and compliance-ready reports aligned to ISO 27001, SOC2, and PCI DSS 4.0, all from a single unified platform

Key2XS: The Key to Secure Physical Access in a Digital World 

Key2XS offers a unique SaaS solution that seamlessly integrates physical key systems, such as ASSA ABLOY’s CLIQ, with modern identity platforms like Microsoft Entra  ID, SailPoint, OKTA, and One Identity. This enables full automation, auditing, and centralized control of key management within existing IAM processes.

For entities with critical infrastructures, such as energy, rail, and water, this means one unified platform for both digital and physical access control, fully compliant with European directives like CER and NIS2. Key2XS combines high-end security with AI-driven automation, reducing human error and lowering operational costs.

With strong partnerships, proven technology, and a scalable licensing model, Key2XS is poised to transform the European access management market

At Crimson7, we deliver high-value cybersecurity solutions through our offensive research lab, focusing on Threat Informed Defense and Adversary Simulation, helping clients in finance, defence and critical infrastructure to further strengthen their security resilience. 

Our mission is to provide tailored technical expertise and managed services to solve complex tasks, replicate the latest and most sophisticated attacks, improve security operations, develop innovative tooling and technology for clients and business partners. 

Crimson 7 shines with Red Teams, Managed Purple Teams, Managed Threat Hunting, Detection Engineering, Hardware Hacking, and supports clients improving their SoC operations.

The ATHENA project is an initiative under the European Union’s Digital Europe Programme, aimed at strengthening cybersecurity capabilities within the water sector.

The project specifically focuses on enhancing the preparedness and competence of personnel working with operational technology (OT).

A core objective of ATHENA is to develop comprehensive training modules tailored to the unique needs of this sector. These modules are designed to increase risk awareness, improve incident response, and foster a proactive security culture.

Training is delivered through a blended approach that includes tabletop exercises, e-learning, and the integration of virtual reality (VR) simulations.

These immersive methods provide realistic scenarios that help personnel recognize vulnerabilities and respond effectively to potential cyber threats.

By simulating cyber incidents in a controlled environment, participants can build experience and confidence without exposing real infrastructure to risk.

The project aims to contribute to the broader European goal of protecting critical infrastructure from the growing threat of cyberattacks.

Led by Rijkswaterstaat (RWS), the consortium includes partners from multiple EU member states.

Together, they develop training solutions based on scientific research and practical expertise to ensure long-term impact and scalability across Europe.

Redline Discovery Ltd (RLD) is a software, data, and investigations company, founded by experienced professionals to develop more effective solutions for the ongoing challenges of modern investigations. In response to persistent problems in the investigative market, we identified a need to develop SPOTLIGHT to improve modern investigation processes, and to align AI innovations with global justice and accountability best practices.

Ogni is an AI-driven platform that streamlines the process of evaluating the cybersecurity compliance of vendors within digital supply chains. Our solution provides ready-made EU cybersecurity compliance roadmaps for key regulations such as NIS2, CRA, RED, and GDPR. On top of these, organizations can add their own specific requirements and build custom evaluation chains tailored to their unique needs, all while benefiting from our comprehensive EU roadmaping tool.

By automating compliance checks and vendor monitoring, Ogni replaces outdated spreadsheets and manual processes with a centralized dashboard. Companies can easily upload internal requirements and supporting evidence, and monitor vendor compliance status in real time. This approach reduces operational friction, helps companies to get compliant, and ensures robust cybersecurity governance throughout the supply chain.

With Ogni, organizations can confidently scale their operations in the EU, knowing their vendor assessments and supply chain requirements are always up to date and aligned with evolving regulations.

t.b.a.

The Cyclotron program is a collaborative program facilitated by the NCTV and the NCSC, co-sponsored by the Dutch Police and the Dutch intelligence services. Government and private sector join forces to strengthen the Netherlands’ digital resilience. In an era of increasing cyber threats, Cyclotron offers a new way of working together, our innovative, collaborative and exploratory approach is comparable to a startup.

What makes Cyclotron unique is its approach based on real-world challenges (use cases). Partners work within a closed and trusted network on meaningful solutions—ranging from statistics and technical detection rules to a network of collaborating professionals.

At the core of the program are three main activities:

• sharing up-to-date threat intelligence and incident data,
• analyzing signals and technical data in collaboration with experts to create resilience products,
• and distributing these products and insights to the right parties.

By working together we create a collaboration platform: we design collaboration tools and methodology, set legal guidelines and policies. Most importantly: Together we create a trusted community. The outcome is focused on helping Dutch organizations speed up their response to incidents, or prevent them altogether. The program represents an important step toward a structural, joint approach to tackling cyber threats in the Netherlands by sharing data about (imminent) threats and cyber incidents.