04-13, 12:55–13:25 (Europe/Ljubljana), FRI
The experiences of some recent cyber attacks in our country have shown that cybercriminals can be infltrated in networks for a very long time before we detect them. Most often, we detect them when it's already too late – when they have already exposed our data and/or when it is encrypted and they demand high ransom. Through the talk, we will look at how we can establish an environment for simulating attacks and how, we can use SIEM, to find the indicators that suggest activities that can be attributed to cybercriminals.
He began his professional career as a software developer and system administrator. Over the last decade, he has been involved in the implementations of SIEM solutions and activities to enhance cybersecurity. He has participated in several international exercises in the field of cyber defense and is also a holder of the CISSP certification. He is employed at Our Space Appliances, where he is team lead for the information security solutions department.