Security Fest 2026 is proud to once again offer training sessions on the week of the conference.
Here you'll find necessary information about the upcoming trainings. More may be added in due time.
This information was updated 2026-02-05.
A 3-day training from Monday-Wednesday May 25-27, 2026.
Modern IT systems are increasingly complex, making full-stack expertise more essential than ever. That's why diving into full-stack pentesting is crucial—you will gain the skills needed to master modern attack vectors and implement effective defensive countermeasures.
For each attack, vulnerability and technique presented in this training, there is a lab exercise to help you develop your skills step by step. What's more, when the training is over, you can take the complete lab environment home to hack again at your own pace.
I found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I'll share my experience with you.
After completing this training, you will have learned about:
Students will be handed in a VMware image with a specially prepared lab environment to play with all attacks, vulnerabilities and techniques presented in this training. When the training is over, students can take the complete lab environment home (after signing a non-disclosure agreement) to hack again at their own pace.
Special Bonus
The ticket price includes FREE access to my 6 video courses:
Recommendations are available on my LinkedIn profile. They can also be found on the Silesia Security Lab website – testimonials by training participants from companies such as Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips, government sector, ...
To get the most of this training intermediate knowledge of web application security is needed. Students should have experience in using a proxy, such as Burp Suite Proxy or Zed Attack Proxy (ZAP), to analyze or modify the traffic.
Students will need a laptop with 64-bit operating system, at least 8 GB RAM, 35 GB free hard drive space, administrative access, ability to turn off AV/firewall and VMware Player/Fusion installed (64-bit version). Prior to the training, make sure there are no problems with running x86_64 VMs.
Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Dawid Czagan has found security bugs in Apple, Google, Mozilla, Microsoft and many others. Due to the severity of many bugs, he received numerous awards for his findings.
Dawid Czagan shares his offensive security experience in his hands-on trainings. He delivered trainings at key industry conferences such as DEF CON (Las Vegas), OWASP Global AppSec USA (Washington), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), NorthSec (Montreal), HITB+CyberWeek (Abu Dhabi) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector (recommendations are available on Dawid Czagan's LinkedIn profile). They can also be found on the Silesia Security Lab website.
Dawid Czagan is the founder and CEO at Silesia Security Lab. To find out about the latest in his work, you are invited to subscribe to his newsletter and follow him on Twitter (@dawidczagan), YouTube (@dawidczagan), and LinkedIn (https://www.linkedin.com/in/dawid-czagan-85ba3666/).
We're honoured to have some amazing renowned speakers from all over the world, in two great conference days! Learn. Inspire. Connect.
The Security Fest conference is held in Gothenburg, on the west coast of Sweden, in the beginning of summer: a perfect time to visit Sweden!
There's plenty of time to meet and talk to the speakers and the other conference attendees! There's a awesome party on Thursday evening!
Security Fest is held in Elite Park Avenue Hotel in Gothenburg.
