13th and 14th February, 2026
Kaapelitehdas, Helsinki Finland
One Request to Kill Them All: Amplification, Data Landmines, and Parser Killers
Patrik Jokela
What if it only takes one request to bring down an entire system?
Not a botnet, not gigabits of traffic, just a single well-crafted HTTP request. This talk shares real stories of application-level Denial of Service bugs discovered in the wild: inputs that exploded into massive backend work, hidden data landmines that detonated on retrieval, and parsers that choked on the unexpected.
Each case is drawn from real-world impact, not theory. Showing how small details can topple big applications.
You will leave with actual technical knowledge from well explained war stories and a practical details of defenses you can apply to your own systems.
For far too long "DoS" has meant only a request flooding. It’s time to broaden that view, because the most dangerous DoS may be hiding in plain sight.
Not a botnet, not gigabits of traffic, just a single well-crafted HTTP request. This talk shares real stories of application-level Denial of Service bugs discovered in the wild: inputs that exploded into massive backend work, hidden data landmines that detonated on retrieval, and parsers that choked on the unexpected.
Each case is drawn from real-world impact, not theory. Showing how small details can topple big applications.
You will leave with actual technical knowledge from well explained war stories and a practical details of defenses you can apply to your own systems.
For far too long "DoS" has meant only a request flooding. It’s time to broaden that view, because the most dangerous DoS may be hiding in plain sight.
Patrik Jokela
With over half a decade in the art of exploitation, Patrik's cybersecurity prowess is well-established. His research focus spans from cutting-edge malware development, to comprehensive IT and Web3 bug bounty hunting, uncovering numerous critical vulnerabilities and securing a CVE. As a constant learner, he approaches every day as an opportunity to acquire new knowledge and push the boundaries of cybersecurity. In 2024, he was recognized as the top hacker on HackerOne in Finland.
