Program Overview

Balkan Cybersecurity Days 2023

Tuesday, May 16th

Room 1 PlenaryRoom 2 Plenary
08:30 – 09:00

Registration and welcoming coffee

09:00 – 09:45

Welcome and opening

Mr. Jeton Akiku, Director, (Agency for Electronic Communications); Mr. Mark Downes, Deputy Director (DCAF); Dr Serge Droz, Vice Chair (FIRST); Ms. Slavica Grkovska (Deputy President of the Government for Good Governance policies); Mr. Azir Aliu (Minister for Information Society and Administration); Mr Andrew Brand, Head of Programmes (British Embassy Skopje)

09:45 – 11:00
 GB

Panel: Best Practices in Cyber Threat Information Exchange

Chris Gibson, Executive Director (FIRST Executive Director – FIRST, GB); Nadica Josifovski (State Advisor for Information Systems and Technologies, Ministry of Information Society and Administ); Maja Lakušić, , Cyber Security Promotion Advisor (SRB-CERT, Serbia); Michael Hamm (Operator and Analyst at Computer Incident Response Center Luxembourg); Paweł Pawliński, Principal Specialist (CERT.PL, Poland (online)); Franziska Klopfer, Principal Programme Manager (Europe and Central Asia Division, DCAF)

11:00 – 11:30

Coffee Break

11:30 – 12:30

Deep Learning for Predictive Alerting and Cyber-attach Mitigation

Arbnor Imeri (SENSE Cyber Research Centre)

 MK

DDoS Attacks: How Small Networks can Defend - Practical Case of Protecting a Faculty/University from DDoS

Vladislav Bidikov (Faculty of Computer Science and Engeneering, MK)

12:30 – 13:30

Lunch

13:30 – 14:30

Incident Handling and Security Technologies for Defending Against Cyber Attacks on industrial IoT

Atdhe Buja, Blent Kurtalani (ICT Academy CERT, Kos)

 MK

Python for Effective Cybersecurity: Extracting, Analyzing, and Automating Threat Detection with YARA and Open- Source Tools

Tino Apostolovski ((CPP Services)); Valentin Lekov (CPP Services, MK)

14:30 – 15:30
 SI

GrapheneOS security

Matej Kovačič (SI)

 MK

Privacy-enhancing Technologies - Where Privacy and Cybersecurity Intersect

Mickov Saso (ASEE MKD, MK)

15:30 – 15:45

Coffee Break

15:45 – 16:45
 MK

Process of Destroying Phishing Sites

Kristijan Angelovski (CPP, MK)

 IT

Cyber Intelligence and Cyber Terrorism in Medical field

Emanuela Dyrmishi (IT)

16:45 – 17:30

Closing of the Conference

17:30 – 19:30
20:00 – 22:30

Wednesday, May 17th

Training Track 1 – Security Operation Center Training 1/2Training Track 2 - Introduction to Penetration Testing 1/2Training Track 3 - Forensics Training
09:00 – 10:30

SESSION I: Introduction to SOC operations

Blaze Grashovski (Infosoft) and Aleksandar Acev

SESSION I: Introduction to Hacking

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION I: File System Forensics

Michael Hamm, Operator and Analyst at Computer Incident Response Center Luxembourg

10:30 – 11:00

Coffee Break

11:00 – 12:30

SESSION II : Designing the Next-Gen SOC

Blaze Grashovski (Infosoft) and Aleksandar Acev

SESSION Il: Using Kali Linux

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION Il: File System Forensics - continuation

Michael Hamm, Operator and Analyst at Computer Incident Response Center Luxembourg

12:30 – 13:30

Lunch

13:30 – 14:45

SESSION III : Designing the Next-Gen SOC-continuing

Blaze Grashovski (Infosoft) and Aleksandar Acev

SESSION III : Passive Information Gathering

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION III : Windows Forensics and Memory Analysis

Michael Hamm, Operator and Analyst at Computer Incident Response Center Luxembourg

14:45 – 15:00

Break

15:00 – 16:00

SESSION IV: Building the Next-Gen SOC

Blaze Grashovski (Infosoft) and Aleksandar Acev

SESSION IV : Active Information Gathering

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION IV : Windows Forensics and Memory Analysis - continuation

Michael Hamm, Operator and Analyst at Computer Incident Response Center Luxembourg

Thursday, May 18th

Training Track 1 – Security Operation Center Training 2/2Training Track 2 - Introduction to Penetration Testing 2/2Training Track 3 – Intro to Jupyter and Data science for incident responders
09:00 – 10:30

SESSION I: Operating the Next-Gen SOC (Team Roles and Best practices for SOC operations)

Blaze Grashovski (Infosoft) and Filip Simeonov (CPP)

SESSION I: Web Application Exploitation

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION I

Dr Serge Droz, Vice Chair (FIRST)

10:30 – 11:00

Coffee Break

11:00 – 12:30

SESSION II : Operating the Next-Gen SOC (Incident Response Planning and Execution)

Blaze Grashovski (Infosoft) and Filip Simeonov (CPP)

SESSION II: Privilege Escalation

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

SESSION II

Dr Serge Droz, Vice Chair (FIRST)

12:30 – 13:30

Lunch

13:30 – 14:45

SESSION III : Measuring SOC Effectiveness

Blaze Grashovski (Infosoft) and Filip Simeonov (CPP)

SESSION III : Know your tools

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)

14:45 – 15:00

Break

15:00 – 16:00

SESSION IV : Case Studies of Successful Next-gen SOC Operations

Blaze Grashovski (Infosoft) and Filip Simeonov (CPP)

SESSION IV : Attacking Active Directory

Renato Venzin (Oneconsult) and Tobias Pohl (Oneconsult)