INFOSEK 2007 - Nova Gorica
22. - 23. 11. 2007
Read the past conference participants opinions.

All themes of security presented in one day on the same place. Also very good and careful selected lecturers.

Andrej Feldin, Cetis d.d.



  • ICT Forensics Investigation on IPv6 Attacks, Mane Piperevski, Piperevski&Associates
    Vendors security features don’t cover IPv6 attacks detection and prevention in big way. We must know how to manually identify and investigate this type of attacks. In short we will cover basic methods that are very helpful in forensic investigation on IPv6 attacks.
  • Practical Packet Analysis, Saša (Sasha) Kranjac,  Microsoft Certified Trainer | Certified EC-Council Instructor
    Packet analysis can be helpful in many cases, not just to troubleshoot network problems. Security professionals can make the most of listening to network communications to analyse, troubleshoot, optimise and secure applications, services, databases, servers and other network-attached resources.
    This session will give the attendees an introduction and an insight of packet analysis and packet analysers in effectively utilising packet analysis tools for resolving security-related problems Information Technology professionals encounter in their daily work routine.
    The session will give you an overview of how packet analysers work, what tools to use to perform packet inspection and see some of the features the tools have to use them as an indispensable everyday security tool.
  • IT Audit of Information Systems by using a combination of ISO 27001:2013 standard and ITIL framework, Anel Tanović, Atia Consulting, ATIA Ltd Sarajevo 
    During this topic I will describe an importance of implementation of Information Security Management Systems by using ISO 27001:2013 standard and implementation of IT Service Management Systems by using ITIL framework and their usage in IT audit of information systems in all companies.  
  • Mobile Malware: a new way to stimulate its malicious behavior, Chengyu Zheng, Politecnico di Milano
    Several tools for application tracing exist. These tools can be used to analyze potentially malicious or untrusted programs. In this setting, it is important to prevent that the target program determines whether it is being traced or not. This is typically achieved by minimizing the code of the introspection routines and any artifact or side effect that the program can leverage. Indeed, the most recent approaches consist of lightly instrumented operating systems or thin hypervisors running directly on bare metal.
    Following this research trend, we developed a bare-metal ARM-based tracing platform able to reconstruct the stream of system call invocations along with the respective un-marshalled arguments. To achieve this, we leveraged the availability of on-chip debugging interfaces of modern ARM systems, which are accessible via JTAG. More precisely, we developed OpenST, an open-source prototype tracer that allowed us to analyze the performance overhead and to assess the transparency with respect to evasive, real-world malicious programs.
    Our tests show that OpenST’s greater transparency comes at the price of a steep performance penalty, but gives the ability to the security expert to analyze samples, which, otherwise would require manual inspection.
  • Experience with IoT in a Smart City, Harald R. Raetzsch, CEO, IoT40 Systems AG
    Villach, the second largest city of the province of Carinthia in Austria has decided to use Internet of Things technology to address security requirements in an unusual and definitely more holistic and innovative way compared to many other municipality and towns.
    The decision of Villach’s City Government to address security requirements with new technology powered by IoT40’s cognitive connector Caberra offers several advantages, starting with multi sensor security implementations. The solution combines existing security infrastructure with video following the “connect – detect – act” paradigm with additional sensory input from various sources. Extension can be accomplished easily and step-by-step to integrate the management of critical assets (e.g. medical supplies, machinery), control and manage supply systems (e.g. water, electricity) and public services. The system can monitor and manage specific infrastructure usually not associated with IoT, like elevators or support for disabled citizens,  extensions to monitor areas like snow/ice winter roadside and manage associated services.
  • Combining IoT and Video Analysis for Major European Railroad Operators, Harald R. Raetzsch, CEO, IoT40 Systems AG
    The Industrial Internet of Things has a lot to offer, when it comes to security applications. IoT is about connecting to sensors and other sources of information, determining a status and adequate, timely and hopefully intelligent (counter-) reaction. Video is a widely used instrument in security but usually associated with control rooms, where employees watch monitors in order to detect and react upon irregularities. After all, observing something and reacting upon visual information is one of the best-developed human capabilities.
    IoT40 Systems AG has seamlessly integrated both technologies years ago and was able to experience pros and cons of such integrated security solutions in different application areas. The system has already proven to address several critical aspects. The rule based and fully automated response to security incidents triggered by image understanding and consequently triggered action works reliably and can be adapted or even be self-adapting to achieve a level of oversight and endurance that human operators have difficulties to deliver. There is no programming required to interpret and act upon visual analysis and image understanding. Customers can choose any level of automation and decide when and how human operators are involved, e.g. to meet compliance or legal requirements. 
    We will discuss multi sensory IoT systems in general, the important role of video management and analysis and share the experience obtained by using this technology for customers in public transport, specifically European railroad companies.  
  • Being mean to MEAN: attacking NoSQL applications, Bojan Ždrnja, Infigo IS d.o.o.
    In last couple of years, the MEAN stack (MongoDB, Express.js, Angular.js and Node.js) became the stack of choice for many web application developers. The main reason for this popularity is the fact that the stack supports both client and server side programs written in JavaScript, allowing easy development.
    The core database used by the MEAN stack, MongoDB, is a NoSQL database program that uses JSON-like documents with dynamic schemas allowing huge flexibility.
    Although NoSQL databases are not vulnerable to standard SQL injection attacks, they can be exploited with various injection vulnerabilities depending on creation of queries which can even include user-defined JavaScript functions.
    This presentation will demonstrate how MEAN applications can be exploited through NoSQL injection in order to retrieve data from the database and do even more.
  • Cybersecurity law compliance – Czech Republic situation, Jan Mikulecky, NAKIT
    Národní agentura pro komunikační a informační technologie, s. p. (hereinafter "NAKIT") is a state enterprise acting as a service organization for the Ministry of Interior of the Czech Republic. NAKIT operates critical, significant and important information and communication infrastructure in state ownership, provides services for Czech e-Government and delivers ICT and security projects with national impact. NAKIT operates the Security Operation Center for the Ministry of Interior that exercises control and management of the national critical information and communication systems, including activities focused on cybersecurity law compliance. The Czech Republic is one of a few countries having special law to control cybersecurity in state systems. How is the situation after one year the law was approved? How does Czech Republic deal with this law?
  • Darktrace – introducing the automated network cyberdefense based on machine learning and advanced mathematics, Mateusz Flak, Darktrace, Si.mobil d.d.
    Darktrace, the enterprise network immune system developed by leading mathematicians and ex-government intelligence specialists has arrived to Slovenia. The Darktrace Enterprise Immune System technology detects and responds to previously unidentified threats, powered by machine learning and mathematics developed by specialists from the University of Cambridge. Without using rules or signatures, Darktrace is uniquely capable of understanding the ‘pattern of life’ of every device, user and network within an organization, and defends against evolving threats that bypass all other systems. Some of the world’s largest corporations rely on Darktrace’s self-learning technology in sectors including energy and utilities, financial services, telecommunications, healthcare, manufacturing, retail and transportation. Darktrace is headquartered in Cambridge, UK and San Francisco, with global offices including New York, Auckland, London, Milan, Mumbai, Paris, Singapore, Sydney, Tokyo, Toronto and Washington D.C.
  • Moving target defense - (SCIT) self cleansing intrusion tolerance in practice, Zsolt Nemeth, Camphora Consulting
    Reliable organizations have a constant presence on the internet. The static nature of the online server makes it an easy target to exploit. At SCIT Labs, we believe that your reliability should not compromise your security or reputation.
    SCIT works like a digital vaccine. You need SCIT for the same reason a child needs the flu vaccine. If a child gets infected at school but has been vaccinated, then intensity of the flu is reduced and the recovery is much faster.
    SCIT reduces Cyber Risk. Existing Cyber Security products focus on eliminating vulnerabilities. SCIT focuses on Consequence Management. SCIT integrates seamlessly with existing security approaches to make hackers lives’ more difficult.
    SCIT simplifies Operations. Security and functionality upgrades lead to frequent patches. Servers equipped with SCIT accept hot patches, and no server reboots are required for application patches. SCIT also eliminates memory leaks.
  • Digital tourism – security of personal and financial data, Branislav Miletić, Horwath HTL, Beograd
    Rapid development and constantly increasing level of sophistication of digital technology brought its wide integration in every aspect of economic and social life. These (so called) disruptive innovations radically change existing and create new markets, with fundamental change in business processes. Tourism is influenced with an intensive use of modern technologies throughout the entire value chain. New actors emerge, business models are being reshaped using data-driven solutions, which, ultimately, changes consumers’ behaviour. Digitalisation has transformed the way tourism business is conceived and managed. It is important to understand the trends to identify and exploit the opportunities for ICT sector in the entire life cycle of tourism service delivery. Given the sensitivity of processes and exchange of loads of data during all phases of travel, there is an increased user concern for the security of their personal and financial data. 
  • Cyber Security Awareness of Critical Infrastructures in North East of Italy - Scenario and Guidelines for self-assessment, Luca Moroni, Via Virtuosa
    Critical Infrastructures (IC) are essential elements in our economic and social life. Cyber incidents in such organizations could create a “domino effect”. This must be an important concern in a National Cyber Security Policy. ISACA Venice published a research that aims to identify the level of cyber safety perception and management, helpful not only for official IC but also for companies that belong to these sectors. The Research also suggests a Self-Assessment, the first step to gain the necessary awareness of the risks and to start adequate protection initiative. Moreover, the Study analyzes the results of a survey about level awareness and reaction in case of Cyber attack in different critical sectors.
  • App-Ray and mobile application security, Zsolt Nemeth, Camphora Consulting
    Every mobile app has the potential to steal or leak sensitive and private company information. Risky app behaviors, hidden actions, and malicious malware code can all conspire to exfiltrate valuable information from employee mobile devices.Mr Nemeth will provide a glimpse into the most advanced app risk analysis technologies available for assessing and reporting the risks.
  • GDPR and NIS directive: What Organisations should be doing to prepare?, Danny Gagnon, Risk Management Executive Advisor at IBM
  • New Cloud Era Security, Saša (Sasha) Kranjac,  Microsoft Certified Trainer | Certified EC-Council Instructor
  • The business moving to the cloud is happening and is inevitable. Are you ready to work and exist in the cloud? 
  • Business tools and approach to the business itself is already with one foot in the cloud. The classic on-premises-only work is slowly fading away, shifting merely part of the responsibility to the cloud provider. 
  • The secure future of your business is in your hands – it is your responsibility. 
  • This presentation will give the attendees knowledge how to protect emails, files, applications, devices in latest Microsoft cloud-enabled business environment. You will learn how to leverage the latest security technologies to protect your company data, regardless where the data stays – on corporate or on employees’ devices. 
  • Windows 10, Office 365, Azure, Intune, Enterprise Mobility Suite are packed full of security features and capabilities that you will learn how, where and when to use. This fast-paced, feature-full presentation will fill you with the latest security knowledge and empower you to be prepared and know how to future-proof your company. 
  • Risk Management - Request or a prerequisite for information security, Zdenko Adelsberger, Blufield
    Topics is about different approaches and methodology to risk management in information security. One approach is: the standard requires risk assessment, and the second approach is: business requires risk assessment. In this context, I would give a brief empirical methodological approach to risk management of information security and its integration in the overall safety performance of the company.
  • Case Study: Cyberattacks you will face sooner or later, Jiri Knapek, Flowmon Networks
  • Discover how Botnet, Malware, Phishing or a DDoS can seriously damage your business. See how they've evolved over the years and most importantly how we can easily fight them. This presentation will show you, step by step, how a real live malware exfiltrates business critical information from a company network and how it can be stopped.


  • The Highest Risk of the Cloud? Getting Out, Jan Mikulecky, NAKIT
    Národní agentura pro komunikační a informační technologie, s. p. (hereinafter "NAKIT") is a state enterprise acting as a service organization for the Ministry of Interior of the Czech Republic. Even if NAKIT operates sensitive national data, they decided to move to cloud. There was a wide discussion on cloud security before moving covering cloud risk evaluation. NAKIT carried out detailed risk analysis and evaluated more than 50 cloud specific risks. One of the most significant area is cloud exit. This could never happen but the organization need to be prepared. What should cloud exit strategy cover? How do cloud exit scenarios affect current cloud security settings?
  • Rethink your security strategy, Saša Jušić, INFIGO IS d.o.o.
    Fighting advanced persistent threats has become one of the major challenges for modern businesses. Although with years we have managed to increase our ability to timely detect and prevent security incidents, real life experiences show us that this works well mostly for generic or moderately sophisticated attacks. When it comes to targeted and sophisticated attacks, planned and performed by advanced and highly motivated attackers, our capabilities are quite weak. In most cases this is related to the fact that we are not responsive enough in adopting our defensive strategy to modern cyber threat landscape.
    The presentation will give a short overview of current trends in information security as well as overview of key security challenges we need to address in the near future if we want to efficiently fight advanced persistent threats. We will give you some practical advices on how to build your defense strategy in order to be more efficient in fighting cyber threats.
  • The importance of branding for IT managers, Branka Novčić, Faculty of Organizational Sciences, University of Belgrade 
    Many say that branding is the most important aspect of any business and that success of the business relies on the power of the brand story. As everything is moving on digital, traditional marketing landscape is changing dramatically and IT brands are gaining more power than ever before. The proof of IT brands power can be found on Interbrand global list were five out of ten most valued brands are IT companies. Apple, Google, IBM and Amazon are running over Coca-Cola in the race for the brand throne and represent some of the best examples what powerful brands bring to the company. In fact Apple’s brand value for 2016 is assessed to be over $170 billion and Apple will probably become fist trillion dollar brand in the history. So brands are not a myth, and they are not intangible and uncatchable as many think. Also brands are becoming necessity for all IT companies, and branding manager need to consider branding as a strategic tool of the future. But there are still some questions … So what is branding and how could it be done? 
  • Cyber Risk Insurance - Scenario and Evaluation, Luca Moroni, Via Virtuosa
    Too many incidents related to "ransomware" in North East of Itally. Companies needs to understand how to protect themselves and ensure continued access to the digital data. The damage of a cyber incidents exceed the threshold of US $ 25mil. Safe rating of Intangible Assets of a company need enhancement of the cyber risks insurance market. But a weak competence require clarification on this topic. The research intent was to identify the real risks and digital vulnerabilities in companies. We have done an evaluation of typical insurance products on IT risk and  we have made a CIO/CISO Survey. The final scope was a guideline for approacing the problem of outsourcing Cyber Risk Protection.
  • Preventing Breaches is possible, Wojciech Golebiowski, Palo Alto Networks
    Preventing Cybersecurity Breaches is possible…
    …The solution is not to make it impossible… is to make it ”expensive”
  • A guide to eliminate downtime of critical services, Jiri Knapek, Flowmon Networks
  • There are thousands of events that may strike your business critical services and cause massive customer, revenue and reputation loses. Many choose to invest all their attention to prevention. What happens if the prevention fails? As it always sooner or later does. Advanced Network and Application performance monitoring can help you to eliminate casualties with early warning, analysis and response.