Home / Cybersecurity Summer BootCamp / Sbc2021 / Programme
Subscribe to <none>


#CyberSBC2021 - The schedule is in CEST-Spain format.

  12 de julio

  • 16:00 - Opening
    • Carme Artigas. Secretary of State for Digitization and Artificial Intelligence.
    • Alison August Treppel. Executive Secretary of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States.
  • 16:15 - Keynote. Cybersecurity regulatory framework in Europe
    • Florian Pennings. MICROSOFT, EU Government Affairs Director – Cybersecurity.
    • Technology has changed the nature of what it takes to defend a nation and its interests. A comprehensive and multistakeholder approach through renewed strategies, legislation, global cooperation, and shared values is needed to improve the security posture of organizations across the European ecosystem and further strengthen the EU’s role as a leader on cybersecurity. Transparency and partnership are foundational to this effort, cybersecurity resilience is dependent on factors that go beyond industries, sectors, and countries. The recent SolarWinds cyberattack on the tech sector’s supply chain was yet another reminder. Today, too many cyberattack victims keep information to themselves. We will not solve this problem through silence. We need more open sharing of information and analysis. It is imperative that we encourage and sometimes even require improved transparency, including by digital infrastructure providers. EU cybersecurity policy consists of multiple layers intended to ensure stronger cybersecurity for EU citizens and industry. The current European Commission has put forward multiple proposals to ensure up-to-date and robust cybersecurity policy in the EU. This session will provide an update of the relevant policy files and its opportunities for public private cooperation.
  • 16:45 - Discussion panel. Regulatory and legal frameworks in LATAM.
    • Isaac Morales. General Coordinator of Multidimensional Security in the Ministry of Foreign Affairs of Mexico.
    • Katherina Canales. CSIRT Operational Director in the Government of Chile.
    • Roberto Lamaitre. Coordinator CSIRT-CR.
    • Aura Cifuentes. Director of Digital Government of MINTIC
    • Moderator: Cesar Moliné. Coordinator Coordinator of GFCE working groups.
  • 17:30 - Supply chain attack - Solarwinds 
    • Mr. Jay Gazlay, Branch Chief of Vulnerability Disclosure, The Cybersecurity and Infrastructure Security Agency (CISA).

  22 de julio

  • 16:00 - Discussion panel. International CERTs.
    • Marcos Gómez. Deputy Director INCIBE-CERT Services
    • Javier Candau. Head of the Department of Cybersecurity at the National Cryptological Center (Spain).
    • Gabriela Ratti. Director-General for Cybersecurity and Information Protection, Ministry of Information Technology and Communications, Paraguay
    • Silvia Batista. Head of the CSIRT of Panama.
    • Moderator: Diego Subero (OEA).
  • 16:45 - Cryptocurrencies for Cybercrime activities.
    • Heriberto Cadena.  
  • 17:15 - Keynote. The North American vision of the challenges of cybersecurity in companies and cybercrime
    • Corey Nachreiner. CTO WatchGuard.
    • Friday July 2nd, just before a long U.S. Holiday weekend, at least 30 MSPs were hit with ransomware that infected their infrastructure and many of their customers (over 1500 companies so far). The attack exploited unpatched vulnerabilities in the Kaseya VSA product, and leveraged the remote monitoring and management solution to help spread the ransomware. As massive as this attack was, it was not that first time North American businesses had suffered a targeted attack through an industry “supply chain.” Both supply chain attacks and targeted ransomware have become the most concerning cyberattack trends in North America during the past year. In this keynote, Corey Nachreiner, CSO of WatchGuard and a twenty year plus information security veteran, discusses these two trends from the North American perspective, illustrating how previous attacks from 2018 and 2019 developed into today’s common attack trends. During the talk, you will learn: 
      • Technical detail about the largest mass ransomware attack seen so far
      • Historical detail about similar attacks from 2018 and 2019 that started the trend
      • How attackers exploit Living-off-the-Land and Fileless Malware techniques to evade security controls
      • Most importantly, defense tips and security strategies that will both help you prevent the latest attack techniques and survive cyber incidents when they happen. 
  • 17:45 - Closing ceremony
    • Nadia Calviño. First Vice President and Minister of Economic Affairs and Digital Transformation.
    • Ambassador Josué Fiallo, Vice President of the Inter-American Committee against Terrorism (CICTE). Permanent Representative of the Dominican Republic to the Organization of American States (OAS).

Programa de talleres 2021

Monday, 19 July, 2021


  • Speaker: Alfonso Muñoz Muñoz
  • Topic: forensic analysis.
  • Content of the workshop:
    • Brief overview of the limitation of cryptography in system attacks and cybercrime.
    • Steganography. Definition of concepts and classification of techniques.
    • Steganography in multimedia content. Concealment and detection.
    • Network steganography and covert channels in system breaches.
    • Steganography and malware. Stegomalware and polyglots.
  • Speaker: Ruth Sala Ordoñez
  • Topic: Technological research and case law
  • Content of the workshop: The ease of access to the Internet has fostered the growing use of the Internet as a facilitating instrument of searches by investigators for any data that helps to find out the crime and the identity of the criminals. The workshop places special emphasis on all the roles that admit the use of the supposed identity for the investigation, the suspicions derived from obtaining the evidences of the virtual environment and its possible qualification as legal or illegal. 
    • Results of the previous questionnaire.
    • Normative, legal and doctrinal study of the undercover agent and the undercover online agent. 
      • Principles of action, limits to its activity, probative value of the results obtained with its activity.
    • The intelligence report obtained in open sources OSINT. 
      • Concept and fundamentals.
      • The subject responsible for the OSINT intelligence report (Judicial Police Agent; the individual investigator; the expert).
      • The supposed identity: consequences of the incorporation into the judicial process of the evidence obtained under the presumed identity. 
      • The probative value of the OSINT report.
  • Speaker: Lorenzo Martínez Rodríguez
  • Topic: Digital Forensics and Incident Response (DFIR).
  • Content of the workshop:
    • Security incidents.
    • Live response vs. post-mortem.
    • Types of forensic artefacts: user, system and file system.
    • Triage with Wintriage!
    • Artifact analysis in Windows: Registry, Trash, Navigation and MFT.

Wednesday, 14 July, 2021


  • Speakers: Iván Portillo Morales and Gonzalo Espinosa Lázaro
  • Topic: cyber threat intelligence.
  • Content of the workshop:
    • The threat to be addressed (Hacktivism).
    • Development of the case study:
      • Phase 1: Direction and Planning.
      • Phase 2: Procurement.
      • Phase 3: Analysis and Elaboration.
      • Phase 4: Dissemination
    • Conclusions and summing up.
  • Speaker: Juan Antonio Velasco Gómez
  • Temática: Intelligence in police investigations.
  • Content of the workshop:
    • Introduction to the workshop.
    • Case study development. 
      • Steering and planning phase.
      • Procurement phase.
      • Preparation phase.
      • Dissemination phase.
    • Conclusions.
  • speaker: Estevenson Solano
  • Topic: Cybersecurity gobernance
  • Content of the workshop:
    • Governance, Risk and Compliance (GRC)
    • Controls Management
    • Laboratory 1
    • Regulations, Standards and Frameworks
    • Organisational Security Policies
    • Laboratory 2
    • Privacy and Sensitive Data
    • Integrative Laboratory 

Wednesday, 21 July, 2021


  • Speaker: Javier Marcos de Prado
  • Topic: Digital Forensics and Incident Response (DFIR).
  • Content of the workshop:
    • Introduction to the need to deploy detection infrastructure, in both corporate and production environments, using practical examples. 
    • List of the steps necessary for the automation and deployment of osquery as an agent within a distributed and scalable network.
    • Showcase of the centralised server or TLS endpoint (osctrl), and the configuration and use of its different components for threat detection, incident response and fleet management.
  • Speaker: Ricardo J. Rodríguez
  • Topic: Digital Forensics and Incident Response (DFIR).
  • Content of the workshop:
    • Introduction (memory forensics, process forensics, malware, incident response).
    • Preliminary concepts (structure of a process on Windows and Linux).
    • Phases of malware analysis vs. phases of forensic analysis.
    • Collecting information of interest through Volatility.
    • Detecting indicators of compromise.
    • Development of own analysis tools.
    • Design of evidence analysis workflows.
  • Speaker: Beatriz Saura Alberdi
  • Topic: Technological research and case law
  • Content of the workshop:
    • Corporate internal investigations; regulations and case law.
    • Forensic analysis of computer devices to obtain evidence.
    • Recording compliance evidence in a blockchain system.

Tuesday, 13 July, 2021


  • Speaker: Carlos Loureiro Montero
  • Topic: intelligence in police investigations
  • Content of the workshop:
    • What is Police Intelligence?
    • Applications and areas of police intelligence.
    • Police Intelligence and new technologies.
    • Brief overview of use cases of Machine Learning in Police Intelligence.
    • What is Knime?
    • Brief introduction to the platform.
    • Step-by-step use of Knime for predicting terrorist actions.
    • Example if practice in use
  • Speaker: Eloy Velasco Núñez
  • Topic: International law applicable to cyberspace.
  • Content of the workshop:
    • Regulatory scope of cybersecurity in the European Union: present and future.
    • Practical compliance: criminal prevention and avoidance or reduction of risks in the use of technology. Mr. Eloy Velasco. High Court judge.
    • Technological enterprise and technologized enterprise: towards a horizon of normality post-COVID-19.
  • Speaker: Carlos Seisdedos
  • Topic: Open Source INTelligence (OSINT).
  • Content of the workshop:
    • Intelligence.
    • Securing the working environment.
    • Website research.
    • Investigation of natural persons.
    • Investigation of legal persons.
    • Gathering information on social networks.
    • Social network analysis.
    • Presentation of results.
    • Final online test.

Tuesday, 20 July, 2021


  • Speaker: Carlos Cilleruelo
  • Topic: cryptocurrencies and bank fraud.
  • Content of the workshop:
    • Context of the use of cryptocurrencies. Not everything is Bitcoin, explaining that there are multiple types, each with its own characteristics. 
    • What crimes are associated with cryptocurrencies? What cryptocurrencies are used in crime?
    • Use of cryptocurrencies in dark markets. Operation of markets for the sale of drugs or weapons on darknets. 
    • Ransomware and its combination of cryptocurrencies. 
    • Tax evasion using cryptocurrencies. Use of ATMs to launder cryptocurrencies. 
    • Other types of laundering using online gambling platforms or debit cards.
    • Where are cryptocurrencies stored? Introduction to forensic analysis of wallets and communication exchanges. 
    • Cryptocurrency analysis tools. What tools are there to analyse cryptocurrency transactions? 
    • Crime analysis using Graphsense (Practical part of the workshop).
    • Current and future issues in the analysis of cryptocurrencies centred on anonymity.  
  • Speaker: Isaac Francisco Pérez Pérez
  • Topic: Cryptocurrencies in cybercrime
  • Content of the workshop:
    • General concepts. 
      • Concept of cryptocurrency. 
      • Underlying technology. Blockchain. Cybersecurity in transactions. 
      • The legal approach cryptocurrency (legislation and case law).
      • The anonymity and value of cryptocurrency as a lure in cybercrime.
    • Cryptocurrencies as a target of cybercrime.
      • The role of cryptocurrency in crime. Object of desire.
      • Major crimes related to cryptocurrencies.
      • New offences related to cryptocurrencies. Amendments to the law.
      • New regulation of cryptocurrency platforms.
    • Practical approach.
      • Real cases investigated in the Audiencia Nacional.
      • Cryptocurrency transactions. Tracking.
      • Crime prevention.
    • Questions from the floor. 
  • Speaker: Pablo San Emeterio
  • Topic: security advisories and vulnerability identification.
  • Content of the workshop:
    • Introduction X86 Architecture.
    • Introduction disassemblies.
    • Searching for vulnerabilities in the code.
    • Vulnerability verification.
    • Exploitation of the vulnerability.
    • Bypassing protections.

Thursday, 15 July, 2021


  • Speaker: Jose Luis Navarro Adam
  • Topic: security advisories and vulnerability identification
  • Index:
    • Description of the workshop and objective to be achieved
    • Deployment of the infrastructure and segmentation of perimeter zones on virtual machines
    • Perimeter Firewall configuration 
    • Deployment and configuration of the SIEM server
    • Installation and configuration of the detection and response scripts 
    • Wargames
    • Questions
  • Speaker: Yago Fernández Hansen
  • Topic: Digital Forensics and Incident Response (DFIR).
  • Content of the workshop:
    • Presentation of the workshop. Summary of contents.
    • Downloading of the forensic tool by attendees
    • Introduction to the actual incident. Credit card theft on a website.
    • Premises for action
    • Planning
    • Obtaining information on infrastructure
    • Hands-on lab
    • Conclusions, AOCB
  • Speaker: Pablo Ballarin Usieto
  • Topic: Risk management in adopting emerging technologies
  • Content of the workshop:
    • Introduction
    • Cybersecurity risks in emerging technologies
      • Concepts
      • Particularities of IOT/IA architectures and their vulnerabilities
      • Attack vectors and types of attacks on AI/IOT platforms
      • Theoretical risk analysis of an IA/IOT platform
      • Baseline for securitisation of an IA/IOT platform
      • Real-life example of a risk analysis of a Brain-Computer Interface product.
      • Class exercises: identifying risks in given scenarios and defining protection baselines.
    • Ethical risks in emerging technologies
      • Ethical principles in emerging technologies
      • User and societal impact
      • Applications that do not follow these principles
      • What is trusted AI?
      • Example guidelines: EU Ethical Design Guidance, Montreal Ethical AI Declaration, Beijing AI Principles
      • Aligning AI with ethical principles
      • Real-life example of an assessment of the ethical principles of an AI
      • Exercises: Identifying issues in given scenarios, and finding possible approaches to solutions