< Back to ISS World Programs
AGENDA : JUNE 3-5, 2025
ISS World Europe is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Crime Investigation, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
Track 6: Mobile Signal Intercept Training and Product Presentations
Track 7: Electronic Surveillance Training and Product Presentations
Track 8: 5G Lawful Intercept, Tracking and Forensics Product Training
Plus Special Training Seminars lead by Law Enforcement Officers and Ph.D. Scientists
ISS World Europe 2026 Agenda at a Glance to be Updated:
February 2026
Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists
20 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(7 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(1 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)
Tuesday, 3 June 2025
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-15:05(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice
The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
Seminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G, 5G and 6G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception.
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA to 6G: What’s it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the transition to 5G stand alone. (Full description below Track 9)
Seminar #5
10:35-11:25Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesSeminar #6
11:30-12:20Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThursday, 5 June 2025
Seminar #7
08:30-09:10Lawful Interception - What, Why, When, Who and how to, and solutions.
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceSeminar #8
09:15-10:00Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State PoliceSeminar #9
11:45-12:30(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
Welcoming Remarks and Top Ten Challenges
Wednesday, 4 June 2025
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Tuesday, 3 June 2025
10:00-18:15Wednesday, 4 June 2025
10:00-18:15
Thursday, 5 June 2025
10:00-14:00
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 3 June 2025
13:20-14:10
Cost Effective Network Monitoring in a world of data overload
As internet traffic doubles every two years and with data rates moving from 100G to 400G to 800G and beyond, how do you design a network monitoring system to cost effectively access all this data? Come hear about how an Optical Circuit Switch working in conjunction with packet brokers and analysis tools can provide cost effective solutions that can address large numbers of fibers.
Presented by Huber+Suhner14:15-15:05
Transforming Criminal Investigations with CSP Network Insights: Efficiency, Security, and Real-Time Precision
This session delves into the newly launched Cross Location Analysis and IMSI Location Comparison, with updates on fast and secure IP searches and the integration of real-time and historical data for unparalleled insights. Discover how leveraging multi-source network data from CDRs, passive probes and more empowers CSPs to deliver enriched and secure results with efficiency, seamlessly transferring insights to law enforcement agencies.
Presented by Subtonomy15:25-16:05 Session B
Digital Crime Scene Essentials: Cybercrime Tools, Crypto Analysis, and Forensic Infrastructur
Focused exploration of cybercrime investigations, cryptocurrency analysis tools, advanced forensic software, and specialized hardware solutions for lab and field use.
Presented by mh-service GmbH16:10-17:00 Session B
Remove unwanted data (e.g. video, encrypted traffic, etc.) at n x 100 Gbps using an ultra-compact server
Presented by Napatech
Wednesday, 4 June 2025
13:45-14:30
Accelerate Forensic Voice Analysis with Advanced Speaker Recognition Solution
Join us to explore our advanced voice analysis solution for forensic experts and investigators. Discover its rapid, precise capabilities enabled by deep neural networks, which will enhance your forensic analysis.
Iva Konečná, Phonexia15:00-15:40 Session B
Analyzing Social Networks
BREVIS and OSINT Plugin for i2 Analyst Notebook. Analyze Social Networks – Twitter, Facebook, Linkedin, YouTube, VK, Instagram, TikTok, Telegram, WhatsApp and Pipl.
Presented by MKCVI15:00-15:40 Session C
Assessing Threats: Intelligence in Pre-War and Active Conflict Zones
Presented by Rayzone Group15:00-15:40 Session D
The Hidden War: Fighting Influence Operations
This talk will delve into the online threat landscape and the evolving challenges posed by adversarial foreign influence in countries like Philippines, Romania, India, and more. This informative session highlights crucial methods required to identify and mitigate the impact of bot networks, GenAI content, deepfakes, and other tactics used for coordinated attacks. Learn about the forces manipulating the information environment (IE), and understand how to defend against influence operations, gain operational security and actionable intelligence, and enhance decision superiority.
Presented by Cyabra
Thursday, 5 June 2025
9:15-10:00 Session A
Thou shalt wirelessly intercept your neighbor: Leveraging WiFi and Bluetooth in operative
In this talk, we shall discuss various security mechanisms used in WiFi and Bluetooth networks and how to abuse them to obtain mission-critical intel. Apart from explaining all principles, we will demonstrate them (hopefully live) on our tactical device! Starting with an access point and client scans, we will continue with client targetted jamming and total Denial-of-Service of the whole network that may even result in authentication handshake capture. This handshake contains information to recover the WiFi password to access the targeted network. Once inside the network, we will show essential hacking tools to conduct IP-level reconnaissance. But we will not limit ourselves to WiFi and demonstrate how Bluetooth can be leveraged to notify you about a person's presence or exploit various IoT devices.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology9:15-10:00 Session B
Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
In today’s digital landscape, push tokens serve as unique device identifiers that can play a crucial role in criminal investigations. This presentation will provide an overview of what push tokens are, how they are generated, and how law enforcement can leverage them to link suspects to devices, track online activity, and uncover crucial evidence. Attendees will learn legal processes for obtaining push token data, how to request records from Apple, Google, and app providers, and real-world case studies where push token analysis led to investigative breakthroughs. Additionally, we will cover privacy limitations, encryption challenges, applications for lawful interception, and alternative technical investigative techniques.
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police9:15-10:00 Session C
Chinese Open Source Intelligence Collection Techniques
The common narrative is that researching online in a foreign language requires a native speaker - when none are available, teams often rely completely on AI to tackle this.
We demonstrate that researching online in Chinese using I-Intelligence's methodology yields fast and accurate results when adopting an investigative mindset and mastering the basics.
Skip Schiphorst, OSINT language course instructor and coordinator, i-intelligence GmbH11:00-11:40 Session B
Understanding the Implications of Online Social Media and OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police11:00-11:40 Session C
Using Arabic Script Languages for Online Target Discovery
The amount of content being uploaded in languages using an Arabic alphabet keeps growing at a very fast pace. Being able to tackle online content using this alphabet is essential for any organization’s decision-making process. This introduction will show some of the techniques that will help you find the content that you're looking for using an Arabic alphabet without prior knowledge of this language.
Paolo Walcher, Arabic OSINT Instructor, i-intelligence GmbH11:45-12:30 Session A
Trending Topics in Cryptocurrency Forensics
Bitcoin, Ethereum and other cryptocurrencies are becoming mainstream for financial interactions and standard tools when conducting cybercrime such as scams, frauds, ransomware, darknet markets, sextortion, etc. LEAs also adapted to a new situation, and many investigators are already familiar with cryptocurrency basics and how to trace transactions on publicly available blockchain explorers. This session aims to extend the knowledge of participants about more advanced topics such as: a) address clustering techniques and their applicability to various cryptocurrencies; b) monitoring of cryptocurrency networks and their peers with the help of network intelligence; c) geolocating cryptocurrency transaction with IP address or originator; d) overcoming obfuscation of transactions entering and leaving mixers; e) correlating activities on darkweb with blockchain events. Each subtopic will be thoroughly explained, including currently existing methods and tools for addressing associated challenges.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology
13:00-13:40
Mastering the password cracking
This session will cover the use of passwords in digital life, exploring cracking techniques such as dictionary, rule-based, brute-force, hybrid and association attacks. We'll provide benchmarks for state-of-the-art password recovery hardware and discuss their feasibility. Finally, we'll look at how leaked personal information can aid password discovery and enhance hacking efforts.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
08:30-09:20 Session A
AI integration in real-time intelligence analysis systems
Presented by Hensoldt
10:35-11:25 Session A
Decoding the Digital World: A look into Encrypted networks!
Presented by Datafusion Sytems10:35-11:25 Session B
From Electronic Surveillance to Encrypted Communication analysis challenges, solved with integrated, AI enhanced Cyber Intelligence solutions.
A structured case-study
Presented by AREA10:35-11:25 Session C
An introduction to media file structure for digital investigations
In today’s digital world, the ease of manipulating and sharing media files with emerging technologies has made it increasingly challenging to detect alterations and prove authenticity. Understanding the underlying structure of these files is essential to ensuring reliable evidence analysis.
Join Jarina Cotten as she introduces Magnet Verify and how it uncovers critical insights beyond standard metadata, providing deterministic results for efficient analysis and unparalleled reliability in legal proceedings.
Jarina Cotten, Solutions Consultant, Magnet Forensics
11:30-12:20 Session A
Safeguard Your Sea with DarkWave: Shedding Light on Dark Ships
Presented by Rayzone Group11:30-12:20 Session B
Effortlessly Detecting Persons and Topics of Interest in Audio
In this session, you will discover the latest capabilities of voice biometrics and speech recognition. Phonexia will demonstrate how its innovative technologies help Security and Defence organizations respond rapidly to a wide range of threats and how they’re already making a difference day to day. See them in action through a live partner integration used in real-world scenarios and witness their impact firsthand.
Paul Morris, Phonexia and Yannic Gayk, Innosystec13:20-14:10 Session A
Leveraging Mobility Data for Actionable Insights and Crime Prevention
Presented by Rayzone Group13:20-14:10 Session B
FUSION – The single investigation platform
Presented by ATIS13:20-14:10 Session C
Turning Insights into Action: Leveraging Dark Data and Risk Intelligence Databases
Presented by CHAPSVISION14:15-15:05 Session A
Enhancing Real-time Intelligence from Seized Devices with Tactical Location Analytics
During missions, field agents confiscate devices with crucial location data and valuable, timely intelligence insights – but if they can't analyze it in the field, opportunities are wasted. Tactical location solutions that require no internet, operate on a laptop, and offer drag-and-drop ingestion help transform seized data into real-time, actionable intelligence.
Presented by SS814:15-15:05 Session B
Subsea Cable to Signals Intelligence: Collecting and Analyzing Foreign Signals At Speed and Scale
This session reveals how Vehere transforms raw subsea network telemetry into actionable intelligence and extracts zero-day to build national cyber resilience.
Andy Oehler, VP Products, Vehere15:25-16:05 Session A
Fast, Reliable, AI powered Object Detection, Data Recovery & Analyses of video files, RAIDs & other digital media carriers.
VIDEO ANALYST + H-VIDEO - new from HTSC Germany.
Daniel Schwarz & Jamie Clarke, HTSC-Germany
15:25-16:05 Session B
Cut Through the Noise: Transforming Digital Data into Actionable Intelligence
As digital evidence grows in volume and complexity, both gaining access to critical data and making sense of it have become major challenges. This session explores how the latest innovations are helping agencies cut through the noise. Learn how agencies are surfacing key insights faster and making informed decisions that drive missions forward.
Oren Yosifon, VP Product - Saas Platform, Cellebrite15:25-16:05 Session C
Introducing Octostar: the Generative AI / APP-based Operating System for all-int, all-data Investigations
Presented by Octostar15:25-16:05 Session D
Password Cracking on FPGA Infrastructure
Presented by SciEngines15:25-16:05 Session E
How AI Drives Proactive Insight Detection in Multi-Source Investigations
AI is becoming a powerful force multiplier for investigations — especially when it can analyze evidential data alongside external intelligence in a single platform. While intercept data remains essential, investigators are increasingly expected to contextualize it with fragmented sources like financial records, mobile forensics, OSINT, public data sources and more. This session showcases how multi-layered AI cuts through data complexity — featuring Sentry, an always-on detection and triage tool that proactively surfaces critical insights as they unfold. Capabilities will be demonstrated through a real-world case study surrounding financial fraud and vehicle theft, along with an overview of the AI development principles and security measures required to support them.
Sean Thibert, Senior Product Manager, AI Solutions, JSI15:25-16:05 Session F
Live Face Recognition: 'Protecting People from Harm' – The Essex Police Story
Presented by Corsight16:10-17:00 Session A
The Big Reveal: What If Intelligence Was as Easy as Asking? It Is Now.
Presented by ClearTrail16:10-17:00 Session B
Real time DPI-Based Traffic Visibility, Analytics and Blocking
Presented by PertSol16:10-17:00 Session C
Solving the challenges of Data-Fusion and Validation: Communication Data, live Lawful Interception data, Mobile Forensics extraction and more in a single AI enhanced platform.
Use cases and demonstration.
Presented by AREA16:10-17:00 Session D
Orca Connect: make monitoring signals of interest easier using VASTech’s integrated analysis tools specifically designed for the satellite and fibre domains.
Presented by VASTech16:10-17:00 Session E
Spyder Space: Movia's Revolutionary Platform for Real-Time Decision Intelligence
Cutting-edge data fusion technology breaking through delayed analytics, powered by the innovative force of AI!
Presented by Movia
Wednesday, 4 June 2025
09:10-10:00 Session A
Crypto Intelligence: Disrupted
New Technologies to Combat Crypto Crime
Presented by NSO Group09:10-10:00 Session B
Digital Crime Scene Essentials: Cybercrime Tools, Crypto Analysis, and Forensic Infrastructur
Focused exploration of cybercrime investigations, cryptocurrency analysis tools, advanced forensic software, and specialized hardware solutions for lab and field use.
Presented by mh-service GmbH09:10-10:00 Session C
Forensic content derived metadata with powerful AI enhanced Data Fusion and Analysis unleashes the intelligence hidden in the encrypted communications.
Use cases and demonstration.
Presented by AREA
13:00-13:40 Session A
Drones and UAVs Redefining Tactical Intelligence.
Presented by Ateros13:00-13:40 Session B
Link Analysis and Beyond - The Art of the Possible with i2
Presented by i2 Group13:00-13:40 Session C
The Virtual Intel Officer: AI’s Role in Modern Investigations
Presented by Voyager Labs13:45-14:30 Session B
Spyder Space: Movia's Revolutionary Platform for Real-Time Decision Intelligence
Cutting-edge data fusion technology breaking through delayed analytics, powered by the innovative force of AI!
Presented by Movia13:45-14:30 Session C
Live Demo: Turbocharging LEA monitoring centre with GenAI
A demo of how GenAI accelerates intelligence assessment including DPI, digital forensics, and diverse digital sources
Jez Nelmes, BAE Systems Digital Intelligence13:45-14:30 Session D
Location, Location, Location – Innovative Analytical Techniques for Intelligence and Law Enforcement
Authorities often face operational scenarios in which the ability to correlate the locations and movements of criminals and bad actors can deliver critical breakthroughs. These scenarios can include uncovering the identity of a suspect driving a car spotted near a terror attack or a crime scene, or conversely, pinpointing the vehicle a known criminal is traveling in. In this session, we’ll dive into practical, real-world cases and present innovative analytical techniques for effectively solving these location-based challenges.
Presented by Cognyte13:45-14:30 Session E
Global Geo-monitoring and profiling over LTE / 5G / Satellite and eSIM
VP Sales and Marketing, GeoGence
15:00-15:40 Session B
New MOBILedit ULTRA: From the Latest Smartwatch Forensics to Powerful Phone Unlocking
Learn how to investigate smartwatches—a fast-growing and often overlooked source of crucial digital evidence. From health and location data to activity logs, smartwatches can reveal key insights that other devices simply don’t provide.
Discover how MOBILedit, the only forensic tool focused on smartwatch data extraction, is helping investigators uncover vital information in real cases.
See how this capability is now part of the all-new MOBILedit Forensic ULTRA—an all-in-one solution for forensic labs, combining smartwatch, phone, and cloud data analysis, now empowered with powerful unlocking and security bypassing features.
Presented by Compelson15:00-15:40 Session C
Orca Capture: monitor modern telephony and IP networks using VASTech’s capture units with comprehensive protocol processing.
Presented by VASTech15:00-15:40 Session D
Harnessing the Power of Offline and Secure AI for Forensic Documentation
Presented by Cabolo15:00-15:40 Session E
Revel.io: Fast European Passwordless Extraction for Mobile Digital Evidence
Presented by Synacktiv15:00-15:40 Session F
CDRs of WhatsApp, Signal, Telegram, and other encrypted VoIP messaging applications
Presented by ClearTrail15:45-16:25 Session A
The Impact of AI on End-to-End Lawful Intelligence: Opportunities and Challenges
Investigators need efficient tools to help extract critical intelligence from vast databases. AI technologies like video and voice analytics, facial recognition, and automatic number plate readers are revolutionizing lawful intelligence, but introduce challenges. We must harness the transformative potential of these platforms while remaining vigilant for bias and misleading conclusions.
Presented by SS815:45-16:25 Session B
How to Enhance your Investigation: AI-Driven Strategies for Analysing Encrypted Data at Scale
Learn how XCI’s advanced AI based analysis engine shaves time off investigations and enable non-technical investigators to perform advanced and deep forensic analysis in seconds.
Mark Uldahl, CTO, XCI A/S15:45-16:25 Session C
AI empowered speech technologies: making your audio searchable
Discover our next generation AI speech processing software designed to help professional users extract critical information from large amounts of multilingual audio data. Functionalities includelanguage identification, speech transcription and keyword spotting to ease your OSINT and COMINT activities.
Jodie Lechapelain, Director, Vocapia Research15:45-16:25 Session D
JA4+ Fingerprinting and the Cyber Threat Hunter's Toolkit: Detecting Botnets and Anomalous Activity
Government defense organizations are increasingly targeted by sophisticated cyber threats, placing critical infrastructure and national security at risk. This session will demonstrate how JA4+ fingerprinting is empowering cyber threat hunters to detect botnets and malicious behaviors concealed within encrypted traffic. Through real-world examples—including detection of state-sponsored activity like Salt Typhoon—this session is aimed at showing how JA4+ enhances visibility and faster disruption of adversary C2 infrastructure at scale.
Mike Seidler, VP Product Management, NetQuest15:45-16:25 Session E
No trusted third-party anonymization platform: collect online and third-party data without risk of attribution
This talk will address: i/. the operational security of direct and indirect (i.e. through probes and/or third-party vendors) online data collection ; ii/. and the operational security benefits of Snowpack no trusted third party anonymization platform for osint and analysts teams
Presented by Snowpack15:45-16:25 Session F
How to ensure the security of mobile communication? Use radio forensics to monitor and secure mobile networks in 5G SA technology
This presentation of the Sentinel system will showcase its capabilities in enhancing real-time situational awareness in the field of mobile communication security. Attendees will learn how Sentinel detects threats such as unauthorized BTS stations and protects mobile networks against various forms of attack. Designed for both military and governmental applications Sentinel supports secure communication management.
Rafał Wołczyk, Presales Engineer, Vespereye15:45-16:25 Session G
Inside the Network: Tracking Extremist Networks on Messaging Apps.
Presented by Terrogence16:30-17:15 Session A
Unveiling the invisible: enhancement and authentication techniques for image and video evidence investigations
In modern digital investigations, the truth often lies beneath the surface, waiting to be uncovered. A thorough examination is essential to reveal hidden information, whether obscured by pixel-level defects or embedded in metadata. Join us to explore how Amped Authenticate and Amped FIVE empower investigators to expose these invisible truths.
Discover cutting-edge and forensically sound techniques that enhance the visual clarity of your images and videos while verifying their integrity and authenticity. Prepare compelling presentation materials showcasing the results of your processing. Learn to harness the power of scientifically-backed analysis and enhancement tools to elevate your investigative capabilities. Don’t miss this opportunity to transform your approach to solving cases and uncovering evidence.
Presented by Amped Software
16:30-17:15 Session B
Cutting Through the Noise: Enhancing Lawful Interception with Intelligent IP Traffic Profiling.
High-bandwidth networks like LTE, 5G, and fiber introduce significant processing challenges for lawful interception systems. Most traffic—such as video streaming or OS updates—carries no investigative value. This session shows how IP Traffic Profiling helps isolate relevant data and reduce costs while boosting operational efficiency.
Presented by Group 200016:30-17:15 Session D
From Prompt to Breakthrough: Understanding Generative AI for High-Risk Investigations
Generative AI offers powerful new ways to interact with evidential and intelligence data — but not all GenAI is built for the demands of high-risk investigations. This technical deep dive explores how 4Sight’s investigative assistant, Iris, integrates GenAI responsibly and effectively, from its flexible, multi-agent architecture to its use of Retrieval-Augmented Generation (RAG), semantic search, and agentic workflows. Learn what’s happening behind the scenes and what’s required to deploy GenAI in a secure, fully on-premises environment. This session covers design considerations, testing and evaluation, and practical compliance with emerging AI regulations — plus a live demonstration of Iris in action.
Sean Thibert, Senior Product Manager, AI Solutions, JSI16:30-17:15 Session E
Monitoring Centre-Interception, Location & IP Metadata Analytics
Presented by PertSol16:30-17:15 Session F
Turn PCAPs and IPDRs to patterns-of-life in one click.
Join the session to download the tool.
Presented by ClearTrail with Mark Bentley, UK PoliceThursday, 5 June 2025
08:30-09:10 Session A
Future of Cyber Intelligence: how to leverage tactical equipment for accessing encrypted OTT communication
Presented by Invasys08:30-09:10 Session D
Link Analysis and Beyond - The Art of the Possible with i2
Presented by i2 Group
09:15-10:00 Session A
Illegal Immigration in a Global Context: Challenges and Responses
Presented by Rayzone Group09:15-10:00 Session B
Using Zero-days in Mobile Forensics for Advanced Data Extractions
Presented by Secfence09:15-10:00 Session E
OSINT Unleashed: Turning Digital Traces into Actionable Intelligence
Uncover how advanced OSINT transforms hidden identities and scattered digital traces into actionable intelligence.
Learn how public data reveals criminal actors, maps threat networks, and empowers security missions with real-time insights
Presented by Prelysis11:00-11:40 Session A
Enhance your Monitoring Center with OSINT, All-Source Intelligence and Blockchain Analytics
Presented by Cognyte11:00-11:40 Session B
Using situational awareness and C2 tools to achieve faster decisions and actions during operations
Presented by Drakontas LLC11:00-11:40 Session C
Bruteforcing BFU Phones in XRY Pro
Presented by MSAB11:45-12:30 Session A
Orca Integrate and View: integrate metadata from different sources to view, filter, and query the results in VASTech’s optimised single user interface.
Presented by VASTech11:45-12:30 Session B
The Art of Asking: From Fixed Frameworks to Adaptive Intelligence Analysis
Aviel Lev Astanovsky, Bold11:45-12:30 Session C
DPI-Enriched Visibility at International Scale: Unsampled Flow Metadata for 400/100GbE, OTU4, and STM64 Networks
National defense missions require deep signals intelligence from OTN, SDH and Ethernet networks. Learn how unsampled flow-based metadata with DPI insights can provide 100% visibility into telecommunication cables including IP addresses, layer 7 application classification and protocol-specific data from TLS, DNS, HTTP, SSH, SIP, STUN, SNMP and other traffic types.
Mike Seidler, VP Product Management, NetQuest13:00-13:40 Session A
Laser Innovations - Innovative Laser Applications
Presented by SIM13:00-13:40 Session B
Fast, Reliable, AI powered Object Detection, Data Recovery & Analyses of video files, RAIDs & other digital media carriers.
VIDEO ANALYST + H-VIDEO - new from HTSC Germany.
Daniel Schwarz & Jamie Clarke, HTSC-Germany
*Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise unless marked otherwise.
*Note: Sessions open to all attendees in this track will have (Open to all attendees) above their title.
Tuesday, 3 June 2025
08:30-09:20 Session A
The ultimate AI-driven Intelligence to monitor and extract meaningful information from Social Media and Traditional Media like TV and Radio to improve national security. A live demo.
Presented by IPS08:30-09:20 Session B
Possibilities of AI-powered Mass Data Fusion.
Boosting efficiency through automated analysis functions for mass data analytics – SCOPE live Demo
Presented by INNOSYSTEC08:30-09:20 Session C
(Open to all attendees)
Link analysis on maps - new techniques for combining intelligence data with geospatial context
Dan Williams, Chief Product Officer, Cambridge Intelligence09:25-10:15 Session A
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS09:25-10:15 Session B
Real Intelligence - Revolutionizing Investigative techniques
Presented by Datafusion Sytems
09:25-10:15 Session C
The Italian Way: Advanced AI Surveillance in Action Against Organized Crime—See How It Works
Presented by SIO10:35-11:25 Session A
Brain: One Platform to Monitor, Analyze, and Predict
React faster. Decide smarter. Operate with precision.
Based on fast real-time access to face recognition and biometric tracking, deep analysis of social networks and telecom traffic, predictive modeling and intelligent search, Brain is indispensable for urgent and important decisions at the national security level.
Presented by MATISON10:35-11:25 Session B
From Digital Chaos to Clarity: Unifying all Evidence Layers for Faster, Smarter Case Resolution
Investigations today generate massive digital evidence —from devices, forensics, social media, financials, and OSINT.
PLX, a comprehensive evidence analysis platform, brings all investigation layers together in a single, intuitive view so teams can move fast and stay focused.
With real-time integrations, support for 1,000+ formats, and advanced visualizations, PLX helps surface hidden connections, patterns, and leads.
Powered by CoAnalyst GenAI assistant for judiciary data, natural language search accelerates the path to impactful insights.
From complexity to clarity, the mission outcome you need is now just a few clicks away.
Presented by Penlink10:35-11:25 Session C
Airis AI for UGC Video Intelligence at Scale
Not OSINT. Not Fusion. A New Frontier: Precision User-Generated Field Intelligence at Scale.
Airis Labs introduces a breakthrough AI platform that transforms overwhelming video data into operational insights — empowering faster, smarter decisions.
Presented by Airis Labs11:30-12:20
Demonstrating Babel Street Insights for Effective Counterterrorism
This presentation will showcase how Babel Street Insights enhances counterterrorism efforts through advanced open-source intelligence (OSINT) capabilities. Attendees will learn how to utilize Babel Street's persistent search functions and multilingual support to detect extremism, dismantle terror plots, and track financial flows. By transforming diverse data sources into actionable insights, Babel Street Insights empowers analysts to pierce terrorist networks and monitor lone wolves, ensuring the safety of nations and individuals worldwide.
Pat Butler, Executive Vice President, Strategic Engagement, Babel Street13:20-14:10 Session A
From Data to Knowledge – the Power of Mass Data Fusion
All-source mass data analysis for actionable intelligence – SCOPE live Demo
Presented by INNOSYSTEC13:20-14:10 Session B
How to Find Crime and Terror Ghosts with Digital Intelligence
Presented by Cognyte14:15-15:05 Session A
(Open to all attendees)
From Detection to Evidence: Instant Deepfake Forensic Reports for Investigations and Legal Proceedings
Deepfakes are no longer just a technical curiosity, they’re a growing weapon used by cybercriminals and nation-state actors to deceive, defame, and disrupt. In this seminar, you’ll discover how fully automated deepfake detection tools can generate reliable, court-ready forensic reports in just seconds. Designed for investigators, prosecutors, and forensic analysts, this session will show real-world use cases, including how malicious actors exploit deepfakes in scams, disinformation campaigns, and identity fraud. Learn how to integrate these tools into criminal investigations, digital forensics, and courtroom workflows, ensuring you stay ahead in the fight against synthetic media manipulation.
Presented by Sensity AI14:15-14:40 Session B
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling.
Presented by IPS14:15-15:05 Session C
Decoding the Digital Footprint: How OSINT Identifies Actors and Illuminates Threat Landscapes
Uncover how advanced OSINT transforms hidden identities and scattered digital traces into actionable intelligence.
Learn how public data reveals criminal actors, maps threat networks, and empowers security missions with real-time insights
Presented by Prelysis14:15-15:05 Session D
Empowering Law Enforcement with ShadowTrak – The Passive Phone Locator
A tactical passive homing device capable of pinpointing any phone's location from 1 km down to 1 meter across all technologies, including 5G NSA/SA.
Presented by Boura Cyber14:15-15:05 Session E
How Blackfusion Bridges the Physical-Digital Divide in Human Intelligence Operations
The traditional boundaries between cyber intelligence, OSINT, and human intelligence are rapidly dissolving in today's interconnected world. This presentation explores how modern intelligence operations require a new paradigm where digital engagement and traditional source operations are part of a continuous spectrum rather than separate disciplines. We'll demonstrate how Blackfusion's fusion architecture enables this convergence by creating a unified intelligence environment where physical and digital intelligence operations inform and enhance each other. Beyond tactical advantages, we'll discuss the strategic implications of this approach for organizational structure, operational doctrine, and the future evolution of intelligence tradecraft in an era where the distinction between online and offline reality continues to blur.
Presented by Blackscore14:40-15:05 Session B
Maritime Threats Prediction, Detection and Monitoring with Revolutionary Fusion Intelligence Platform. A real use-case.
Presented by IPS
15:25-16:05 Session A
Telegram AI based content monitoring and Analysis
How to extract intelligence from millions of chaotic, unstructured inputs, in real time.
Presented by Wave Guard Technologies15:25-16:05 Session B
Unlocking Hidden Truths: How AI-Powered Audio, Video & GPS are Transforming Investigations—Don’t Get Left Behind
Presented by SIO16:10-17:00 Session A
GenAI Co-Pilots: An Investigator's Best Friend
Presented by Cognyte
Wednesday, 4 June 2025
9:10-10:00 Session A
Introducing the Future of Threat Intelligence - The Web-IQ Threat Monitoring App
Discover how Web-IQ's new Threat Monitoring App provides instant and continuous awareness of risks across individuals, events, countries, and companies. With smart visualizations and reliable open-source data, it empowers you to detect and respond to threats faster than ever.
Simon Peterson, Chief Commercial Officer, Web-IQ9:10-10:00 Session B
Introducing VIA: Media Intelligence Powered by CoAnalyst Generative AI
This session unveils VIA, a groundbreaking media intelligence solution that redefines how analysts extract insights from visual content.
Built on the CoAnalyst framework, VIA leverages Generative AI to unlock significantly deeper layers of intelligence from images and videos.
It empowers thorough analysis and contextualization of media derived from OSINT, evidentiary data, and digital forensics - through a powerful, intuitive interface.
Attendees will explore this cutting-edge GenAI platform and discover how to integrate and adapt it to supercharge their digital intelligence capabilities.
Presented by Penlink9:10-10:00 Session C
Revolutionizing Data Analytics with AI for Law Enforcement
Presented by Rayzone Group13:00-13:40 Session B
From Data to Decision: CoAnalyst and the Future of Prompt-Driven Intelligence
In this session, we explore how CoAnalyst leverages the power of generative AI and prompt-driven workflows to transform OSINT and digital forensics. Learn how the analyst's role is evolving — from data gatherer to insight navigator — empowered by intuitive AI tools that accelerate decision-making, enhance investigative depth, and redefine what digital intelligence can achieve.
Presented by Penlink13:00-13:40 Session C
AI Intellectus Ecosystem: Integrating Intelligence Systems for Operational Impact
Ivan Poczynok, Presales Manager & Nicholas Loulloudes, CTO, TRG13:00-13:40 Session D
Beyond the Surface: CYBERMEDIA for Cyberspace Monitoring, Engagement & Investigations Covering Social Media, Web, Deep Web, Dark Web, and Social Network Groups.
Presented by Euler Data Solutions13:00-13:40 Session E
Connecting the Dots: Using Data Analytics and Network Mapping to Disrupt Transnational Crime
Presented by Moody's13:00-13:40 Session F
Tracking FSB operatives with OSINT
Presented by OSINT Industries13:45-14:30 Session A
Boosting Law Enforcement by seamless integration of Voice Enrichment into SCOPE – the Analytics and Knowledge Hub
Presented by INNOSYSTEC & Phonexia13:45-14:30 Session B
From Data to Disruption: Leveraging OSINT to Expose Threats and Inform Action
See how digital footprints become mission-critical insights. This session will dive into the power of OSINT and de-anonymization to uncover hidden actors, disrupt criminal ecosystems and drive smarter decisions in security and defense operations.
Presented by Prelysis13:45-14:30 Session C
Digital Convergence: Unveiling Hidden Networks Through Blackfusion's Integration of Geolocation, Social Media Intelligence, and Cross-Platform Identifiers
Traditional intelligence approaches often miss critical connections hidden across fragmented digital identities and physical movements. This session reveals how Blackfusion's advanced correlation engine integrates facial recognition, geolocation data, and social media intelligence to expose previously invisible networks. Through real-world examples, we'll demonstrate how our platform automatically resolves identities across platforms using multi-modal biometric matching, maps behavioral patterns, and visualizes complex relationships between online and offline activities. Discover how leading agencies are leveraging these capabilities to accelerate investigations and generate actionable intelligence from seemingly disconnected data points that bridge the gap between faces captured in surveillance footage and digital footprints across multiple platforms.
Presented by Blackscore15:45-16:25 Session B
From Data Overload to Intelligence Advantage: How AI is Reshaping OSINT Exploitation
Presented by CHAPSVISION16:30-17:15 Session A
Leveraging OSINT 0-days to investigate a person of interest
When most people think of OSINT, they often associate it with basic Google searches or web scraping. However, OSINT is much more than that, it involves a diverse set of techniques that go far beyond surface-level information gathering.
One powerful but often overlooked method is reverse engineering. In this talk, we will explore how reverse engineering, alongside other advanced OSINT techniques, can be leveraged to uncover hidden information and identify criminal activities.
Sylvain HAJRI, Epieos16:30-17:15 Session B
Cognitive Fusion for National Security: A Technology-Agnostic Intelligence Ecosystem
Building upon the foundational principles of some of the pioneering digital governance and data fusion concepts, our Data Fusion Platform explores the implementation of a technology-agnostic intelligence ecosystem designed for enhanced public safety and secure data exchange. We delve into a fusion-based concept that prioritizes seamless integration across diverse intelligence disciplines, leveraging the transformative power of Artificial Intelligence and Generative AI agents to optimize military, governmental and citizen workflows. This ecosystem allows for a secure and auditable architecture underpinned augmented intelligence and machine learning algorithms, capable of connecting and harmonizing data from any sensor or technological source. Our focus is on providing a resilient, interoperable, and ethically sound intelligence framework that empowers decision-makers with actionable insights while upholding the highest standards of security and privacy.
Aniqa Aziz Karim, InterProbe
Thursday, 5 June 2025
08:30-09:10 Session A
Cross Domain protecting Collection and Surveillance data in classified GOVERNMENT Networks
Arbit provides certified and accredited CDS to Central Government Agencies, Intelligence, Armed Forces and Police throughout Scandinavia, Baltics, and Europe. Arbit’s services focus on protecting CONFIDENTIALITY data and systems from cyber and inside threats. This is relevant Government as it enhances national security.
Presented by Arbit08:30-09:10 Session C
How Advanced Search, AI + Automation Will 100x Your Investigations
Presented by Siren09:15-10:00 Session A
FIMI threats: how to analyse cognitive warfare through AI threat-modelling using OSINT
Amid the growing prevalence of cognitive attacks associated with hybrid threats and the rapid evolution of artificial intelligence, Future Space aims to examine the foundations of FIMI and how OSINT and AI-based tools can enhance the analysis and understanding of these emerging threats.
Presented by Future Space
09:15-10:00 Session B
Beyond Boundaries: Mastering Drone Threat Mitigation with Multi-Sensor Integration
A practical guide on how to make drone detection and mitigation easier, faster, and safer with the optimal use of resources. Using various scenarios, participants will be taken through the process of countering drone threats and discover how they can detect, identify, mitigate, and neutralize drone threats.
Presented by Boura Cyber09:15-10:00 Session C
Unlocking Insights: OSINT Solutions for Intelligence and Strategic Decision-Making
In an era defined by information overload, the ability to monitor and analyze traditional and digital media in real-time, is critical for intelligence and strategic decision-making. DataScouting’s OSINT solutions empower organizations to uncover actionable insights by seamlessly integrating data from diverse sources, including TV, radio, podcasts, online platforms and social media. By leveraging the transformative capabilities of generative AI, these solutions go beyond simple data aggregation to provide deep contextual analysis, pattern recognition and predictive insights. This presentation explores how the synergy of comprehensive media monitoring and generative AI not only enhances situational awareness but also drives informed, proactive strategies in rapidly evolving environments.
Stavros Vologiannidis, Founder, Business Development, DataScouting
Rami El Sabeh, OSINT Consultant, DataScouting09:15-10:00 Session D
From Data to Action: Harnessing AI for Real-Time Cyber Intelligence to Strengthen National Security
Presented by SIO09:15-10:00 Session E
Hunting with OSINT: Identify, Investigate, Monitor and Analyze
Join renowned OSINT expert and investigator Nico Dekens as he walks through a real-world OSINT investigation — from zero to insight. You'll see how to start with a single digital breadcrumb and follow it through to a detailed understanding of your target.
Presented by ShadowDragon
11:00-11:40 Session A
OSINT & Media Monitoring with Intelion
In this session we will show how Intelion can be used to monitor the international public OSINT news space (broadcast and Internet), find specific keywords as well as the current sentiment regarding certain news topics. We will also show its alarm, summary, report and automated workflow functionalities.
Presented by ISID11:45-12:30 Session A
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
(THIS SEMINAR IS RESTRICTED TO LEA, MILITARY, AND GOVERNMENT ATTENDEES. PHOTOS AND VIDEO RECORDING ARE PROHIBITED).
Now I’ve shown you how to hide, let us go and start covertly searching and gathering online intelligence with the best tools available.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police11:45-12:30
Intelligence Amplified: AI's Role in the Future of Investigations
Stuart Clarke, CEO, Blackdot Solutions13:00-13:40 Session A
From Data to Decision: A Look into Cutting-Edge OSINT Solutions
Pat Butler, Executive Vice President, Strategic Engagement, Babel Street13:00-13:40 Session B
Secure and Adaptable AI for Mission Critical Applications
Extracting actionable insight from large volumes of unstructured and multilingual data requires state-of-the-art Natural Language Processing AI that can process at speed and with the utmost security. Learn how the Zetta Engines mission-critical AI handles audio transcription, machine translation, text analytics, and object detection for Government defense, intelligence and law enforcement agencies in fully offline IT environments disconnected from the Internet. In addition, understand how the Zetta Factory no-code user-driven Machine Learning adaptation capability can securely improve the performance of AI systems using real-life production data.
Presented by Zetta Critical AI13:00-13:40 Session C
The Foreign Influence Playbook into Europe
This session delves into a case study of a key geopolitical event in Serbia to unpack how foreign actors shape digital narratives and sway public perception—sometimes fueling civil unrest. Beyond analysis, the session also explores proactive strategies that agencies can adopt to detect and counter these influence operations before they escalate.
Nitish Chandan, Maltego
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 3 June 2025
08:30-09:20
A Portable Cyber Threat Detection System that Every Cybersecurity Council Should See
Presented by ClearTrail09:25-10:15
Harnessing Cyber Threat Intelligence for Advanced National Security and Law Enforcement Strategies
This session explores how cutting-edge cyber threat intelligence can enhance national security and law enforcement efforts. We’ll examine how intelligence sourced directly from the cybercrime underground can support criminal investigations, help secure critical infrastructure, and strengthen national cyber resilience. Attendees will gain practical insights into leveraging CTI for proactive threat mitigation and smarter enforcement strategies.
Christian Bungeroth, KELA10:35-11:25
From Translation to Strategic Insight: Advanced On-Premise NMT with Generative LPs for Government Data Sovereignty
In this session, we'll delve into how advanced on-premise Neural Machine Translation, enhanced by Generative Language Processing, serves not just to translate but to provide strategic insights for government entities. We'll discuss the importance of data sovereignty, how these technologies can be securely implemented, and the real-world implications for policy, communication, and strategic planning within government operations.
Claudiu Stiube, Principal Solutions Consultant, Language Weaver, RWS11:30-12:20
How to identify the identity of the threat actors from hidden channels
Presented by S2W14:15-15:05
Cutting-Edge OPSEC Infrastructure for Secure, Scalable OSINT Investigations
Discover how to build a flexible OPSEC setup using sandboxing, VPNs, and open-source tools. Stay anonymous, secure, and scalable while conducting effective OSINT investigations.
Presented by Slinf AG15:25-16:05
Quantum-Safe Communications in Hostile Environments
Quantum technology is about to revolutionize the world, bringing immense benefits, but also new security threats.
To achieve quantum-safe communication, understanding the cryptographical risks, vulnerable information in hostile environments, and the “harvest now, decrypt later” threats to state secrets, is essential. After this session, you will know more about post-quantum cryptography and how to safeguard your communications from the threats.
Niko Keskitalo, Bittium16:10-17:00 Session B
From Data to Actionable Intelligence: Harnessing Business Activity Intelligence (BizINT) to Power Threat Detection
Presented by Moody's
Wednesday, 4 June 2025
09:10-10:00
Real-life C-UAS: Acing the UAS Public Safety Threat Challenge with Innovation & Collaboration
Quantum technology is about to revolutionize the world, bringing immense benefits, but also new security threats.
To achieve quantum-safe communication, understanding the cryptographical risks, vulnerable information in hostile environments, and the “harvest now, decrypt later” threats to state secrets, is essential. After this session, you will know more about post-quantum cryptography and how to safeguard your communications from the threats.
Presented by Sentrycs
13:00-13:40
Investigating Serial Crimes with High Accuracy Location
Presented by Polaris Wireless13:45-14:30 Session A
ARGOS: Is my phone infected?
Presented by TopSolution15:00-15:40 Session A
Redefining National Cyber Defense: From Current Threat to AI-Powered Investigations
Join KELA for an in-depth session exploring the evolving cybercrime ecosystem through the lens of our most recent intelligence reports. We’ll unpack key insights from the KELA’s 2025 Cyber Threat Landscape and dive into findings from The Infostealer Epidemic report, highlighting real-world examples, threat actor tactics, and emerging trends that matter to defenders today. The session will wrap with the introduction of the 1st AI-Driven Digital Cyber Analysts—our new AI-powered cyber warriors built to make elite threat intelligence accessible to any organization. You’ll get a first look at how these virtual analysts work in an interactive demo designed to show how your team can act faster, smarter, and with deeper context.
Lin Levy, Ben Kapon, KELA15:00-15:40 Session B
Encrypted Smart Phone Communication
Carlo Casentieri, Sales VP, Protelion15:45-16:25
Leverage DPI-Based Traffic Visibility at 100Gbps (1 Server) and App-Based Traffic Filtering to Raise the Performance of Government SOCs & Cyber Investigations
Discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to raise the performance of government-run Security Operations Centers (SOCs). Find out how this DPI-based traffic visibility can combine with SDK-based threat detection capabilities AND application-based filtering to provide superior network protection, even when traffic is encrypted.
Nicolas Duteil, Senior Technical Account Manager, DPI & Traffic Intelligence, Enea SoftwareThursday, 5 June 2025
11:00-11:40
Early warning threat detection solution based on mobile, IOT Devices and IPs profiling networks
VP Sales and Marketing, GeoGence11:45-12:30
Encrypted Smart Phone Communication
Carlo Casentieri, Sales VP, Protelion
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
09:25-10:15
Crypto Investigations: Operational Insights from the AI Intellectus Ecosystem
Martin Alcantara, Marketing Manager & Nicholas Loulloudes, CTO, TRG11:30-12:20 Session A
Emptying the Arsenal: Outsmarting the OpSec of a Dark Web Vendor Selling “Cybercrime Toolkits”
Discover how CACI's DarkBlue Intelligence Suite, implementing CluesAI, was used to deanonymize a ransomware group selling remote control, DDoS, and credential extraction tools. Join Cory Everington, Head of CACI’s DarkBlue, and Lead Analyst Connor Watson as they demonstrate the methodology used to unmask this dark web cybercrime toolkit vendor.
Presented by CACI11:30-12:20 Session B
Beyond Breaches: Leveraging Compromised Credentials in OSINT and DarkINT Investigations
This session explores how breached records and other datasets with compromised PII gathered from the Deep and Dark Web can significantly enhance corporate and law enforcement investigations. We will begin by exploring the various types of breached datasets from hacked databases and combolists to stealer logs and scrapes. We will then provide insights into where these datasets can be located and highlight the critical information that can be extracted from them. Finally, we will demonstrate the practical application of compromised records in a live investigation in which we track down one of the FBI’s Ten Most Wanted individuals.
Matteo Tomasini, Founder & CTO at District 4 Labs13:20-14:10 Session A
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
Lindsay Whyte, Regional Director, DarkOWL FZE14:15-15:05
Defeating the Tor Dark Web: The Latest Updates, Evidence Collection, Countermeasures, and Investigation Techniques
This talk will bring you up to date on the latest challenges and issues related to defeating Tor, the dark web network of choice for many criminals, and the latest techniques and best practices available to law enforcement for defeating Tor operators and unmasking IPs.
Gareth Owenson, CTO and co-founder, Searchlight CyberWednesday, 4 June 2025
15:00-15:40
3 easy steps to combat crypto crime (Live Demo)
95% of Law Enforcement do not have the ability to combat crypto crime, even though illicit funds have moved from cash to crypto. Breadcrumbs has removed the barriers so that ALL law enforcement can easily combat crypto crime in 3 simple easy steps.
Lorne Lantz, CEO of Breadcrumbs will share these steps so that by the end of the day your entire agency will be empowered to combat crypto crime effectively.
Presented by Breadcrumbs15:45-16:25
Finding the Crypto Nexus: From Election Interference to Organised Crime
Presented by Chainalysis16:30-17:15
Unmasking Criminals Operating on the Dark Web
This talk will provide practical guidance on how law enforcement agencies can investigate criminals on the dark web with recaptured data, build profiles of these high-risk criminal actors, and identify the actors behind the aliases. Including guidance on dark web market seizure techniques: evidence collection, unmasking users, and harvesting data.
Felipe Portero, VP of Global Government Sales, Searchlight Cyber
Thursday, 5 June 2025
08:30-09:10
Saved as 'Boss': How Phone Contacts Expose Your Identity
A former NATO intelligence lead demonstrates how systematically combining data from infostealers with common OSINT sources creates a powerful tool for comprehensive analysis of persons of interest. Through a practical demonstration, he shows how ordinary contact details can lead to revealing entire networks of relationships, professional affiliations, international connections, and additional context.
Integration with public registries, social media, and leaked credential databases can reveal a subject's comprehensive profile including their financial status, professional activities, and hidden connections. Beyond investigation techniques, you'll learn how infostealers can threaten your own organization's security and why you should handle your colleagues' phone numbers with caution.
Petr Vancl Hochberger, Head of Marketing and Business Development, TOVEK13:00-13:40
Finding the Crypto Nexus: From Election Interference to Organised Crime
Presented by Chainalysis
Track 6: Mobile Signal Intercept Product Training and Presentations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
8:30-9:20 Session A
Understanding Mobile 2G, 3G, 4G and 5G NSA Infrastructure, Intercept and Cryptography
Dr. Jerry Lucas, President, TeleStrategies8:30-9:20 Session B
On-the-Move Interception and Direction Finding of 60 RF Channels with a Mobile Monitoring Receiver
This presentation will introduce Novator Solutions' mobile monitoring receiver and direction finder, an out-of-the-box solution for on-the-move signal interception and direction finding of push-to-talk radio communications. Designed for rapid deployment on any vehicle platform with minimal preparation, this system enables users to quickly establish mobile monitoring capabilities in dynamic environments.
We will also highlight the role of channelizer technology in enabling the system to handle 60 simultaneous channels for monitoring, listening, and recording analogue audio communications. Additionally, the solution supports four IQ recording channels, providing comprehensive data capture for signal analysis and intelligence gathering.
Jeremy Twaits, Technical Marketing Manager, Novator Solutions AB9:25-10:15 Session B
A Deep Dive into Mobile Exploitation - A Full Chain Overview
Presented by Secfence
10:35-11:25 Session A
Detecting, Locating and Intercepting VSAT and Other GSO Terminals
Presented by Kratos11:30-12:20 Session A
Evolution in SATCOM monitoring: New near field VSAT terminal observation systems and solutions for LEO constellations
The satellite communications landscape is rapidly evolving. Two key factors contributing to this evolution are the reduction in beam size and the emergence of Low Earth Orbit (LEO) constellations.
Rohde & Schwarz offers solutions to address these new satellite communication scenarios.
Presented by Rohde & Schwarz11:30-12:20 Session B
Measurement instruments for Wi-Fi, Bluetooth – SmartTags, and Cellular
Presented by S.E.A. Science & Engineering Applications Datentechnik GmbH13:20-14:10 Session A
Smart Solution for Smart Devices
Mobile devices are intimately aware of criminals’ habits, movements, conversations, and connections. A versatile toolbox supporting multiple platforms and diverse engagement approaches enables LEAs to act discreetly, providing them a decisive advantage in time-sensitive and covert operations.
Presented by RCS13:20-14:10 Session B
Innovation in VISINT Coverage & Investigative Intelligence
Explore how next-generation visual collection and analytics tools like NightHawk are transforming surveillance into a real-time, investigation-ready asset, enabling agencies to detect faster, investigate smarter, and act with precision.
Presented by Interionet16:10-17:00
Securing Your Mobile World from Surveillance Threats. A deep dive into unmasking and countering IMSI Catchers with Cutting-Edge solutions
Presented by NeoSoft
Wednesday, 4 June 2025
9:10-9:30
Best Practices & Latest Innovations for Field Missions
Presented by Cognyte9:30-10:00
Dark Skies: Unlocking the Hidden Intelligence Potential in Satellite Communications
Presented by Cognyte13:45-14:30
Uncover Hidden Threats with EO Spectre: Tactical RF Counter-Surveillance & SIGINT Technology
Presented by EO Security15:45-16:14
AI-Driven Audio Clarity: Enhancing Speech Extraction from Noisy Tactical Recordings
RCS introduces an innovative forensic audio processing suite that leverages AI and Spatialized Deep Neural Networks to extract speech from recordings with significant background noise and interference. The demonstration will highlight key applications, including recordings from microphone arrays in open spaces and from single microphone devices or signal captures.
Presented by RCS16:30-17:15
Unlocking Hidden Targets: Harnessing Geo-Intelligence for Smarter Investigations.
Discover how new types of marketing data are revealing their full potential in investigative practices—driving a powerful shift that enables precise target identification, deeper understanding of personal networks, and dynamic, cross-border insights.
Presented by RCSThursday, 5 June 2025
11:00-11:40
Monitoring, Detecting and Locating Starlink and Other NGSO Terminals
Presented by Kratos
Track 7: Electronic Surveillance Training and Product Presentations
This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Wednesday, 4 June 2025
13:00-13:40 Session B
Innovative Audio Surveillance for Moving Targets in Large Areas
Presented by Commesh13:45-14:30 Session A
From proven GPS tracking system to integrated Mobile mission control
Presented by ProximaIT13:45-14:30 Session B
Cutting edge, AI Based De-Noiser from Squarehead Technology
Presented by Squarehead Technology15:00-15:40 Session A
Covert Drilling
Covert drilling is a deployment methodology for installing miniature surveillance equipment through solid building materials without access to the target side whilst generating a minimum of noise.
Because sometimes the target is not connected and takes all the right measures to prevent access to his house or premises.
Our complete solution enables you to install Audio and Video surveillance equipment through any building material.
With our equipment you can install video surveillance from 0,25mm for full frame video.
Presented by Caminos15:00-15:40 Session B
Mastering Data Empowering Intelligence
Presented by Elbit15:45-16:25 Session A
Electronic Surveillance solutions to investigate in the field and operate form a unified, AI enabled, centralized Cyber Intelligence platform.
Use cases and demonstration.
Presented by AREA16:30-17:15
Last-mile Positioning Redefined: Hunter Pro and Aerial Hunter
Presented by SeptierThursday, 5 June 2025
8:30-9:10 Session B
Securing the Perimeter: Fortifying Your Defenses with TSCM Against Surveillance Risks
Presented by Rubidis11:45-12:30
Introduction to two new capabilities: Low bitrate video encoder and ¨Through the Wall¨ listening device.
Vidar: the new miniature two-channel video encoder for ultra-low bandwidth streaming and event capturing. Vidar keywords; Network agnostic, no server/license requirements and web-based GUI.
Thor TWL: new transmitter to the Thor RF audio surveillance system with the ability to listen ¨Through the Wall¨. "Fast and simple to deploy, it delivers speech intelligibility through most materials and offers new capabilities for tactical intrusion teams and other law enforcement squads.
Presented by Spectronic Denmark
Track 8: 5G Lawful Interception Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
9:25-10:15
Understanding 5G Stand Alone NFV, Edge Computing and Network Slicing
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies
13:20-14:10
Enabling flexible mission sets for Tactical Edge Ops
Octasic’s compact mission-ready CSS systems are engineered to support the evolving realities of modern SIGINT. With native 5G SA capabilities these modular designs adapt seamlessly across portable, vehicular, and airborne deployments. Built for speed, stealth and precision targeting – these systems can go wherever the mission takes you.
Presented by Octasic15:25-16:05
Adapt and Advance: Enabling IMSI Catchers and Direction-Finding in 5G Standalone Networks
The 5G SA architecture encrypts identifiers, making traditional over-the-air surveillance techniques ineffective without adaptation. This session explains what is required to make IMSI catchers and direction finders work in this new environment. We also introduce architectural options for multi-CSP and multi-LEA support to enhance interoperability and future-readiness.
Presented by Group 200016:10-17:00
Applying new ways behind cellular borders
Introducing new portable monitoring solutions, 5G security measures, and validation techniques for enhanced cyber resilience in modern law enforcement and intelligence organizations.
Presented by Rohde & Schwarz
Wednesday, 4 June 2025
09:10-10:00 Session B
Survival of IMSI-catchers in 5G Networks
Utimaco´s 5G ID Associator solution supports network element vendors and operators in achieving 3GPP compliance. The latest 3GPP releases have introduced several security features that significantly improve resistance against false base stations, making the tactical IMSI catchers/stingrays unusable in 5G networks. The presentation provides a legal standardized approach to overcome this challenge.
Presented by Utimaco13:00-13:40 Session A
Unlocking Passive Location Accuracy: An LEA Goal, A Telco Reality
Explore cutting-edge passive geolocation techniques for precise targeted and bulk mobile tracking, outlining the essential operational shifts required from telcos to enable enhanced law enforcement capabilities.
Chris Young, Product Manager, BAE Systems Digital Intelligence13:00-13:40 Session B
Lawful Interception of IMS/VoLTE Roaming (S8HR)
With S8HR solution, Utimaco provides a carrier-grade and ETSI/3GPP compliant LI solution. S8HR VoLTE roaming architecture has gained momentum with mobile operators as simpler to implement and offering the fastest time to market. With all mobile traffic traversing the home network, the S8HR has introduced limitations for lawful interception of visiting roamers. Utimaco provides a carrier-grade and ETSI/3GPP compliant LI solution for IMS/VoLTE in visited networks, that comes in two flavors - active (Utimaco LMISF) and passive (S8HR AP).
Presented by Utimaco15:45-16:25
Command the spectrum from above: Modular Airborne SIGINT with AI and Native 5G SA
Octasic's CSS portfolio is equipped with native 5G SA, AI-enhanced scanning and is airborne-enabled. Designed for fixed-wing, rotary, and drone-based platforms, Octasic’s airborne systems deliver real-time intelligence at scale - surveying, identifying and geolocating faster than ever.
Presented by Octasic16:30-17:15
Optimized solution for COMINT in today’s and tomorrow’s 5G networks
New 2G/3G/4G/5G platform by EXFO for catching and DF purposes and complete solution for 5G SA ID resolution
Presented by EXFOThursday, 5 June 2025
08:30-09:00
Centralized 5G ready Cyber-intelligence AI enabled Monitoring Centre to support the challenges of Lawful Interception and Electronic Surveillance.
Use cases and demonstration.
Presented by AREA
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 3 June 2025
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-15:05(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice
The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
How it works, for us. Why it works, for us. How data traffic leaves a permanent trace. How and why everything that was on the internet, is still there. Identifying the structural data and exploits, that will take you to your suspect. Tracking and evaluating data. MAC tracking. If you’ve ever said “it’s been deleted” or “its no longer there”, this seminar is for you. Let me prove you wrong.
09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
What data is available. How to harvest and analyse it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft. Data collection and interrogation, significance, and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them (where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities. TCP/IP and header value and analysis
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed. You and your target are being tracked by multi organisations that you done even know exist. Lets identify them and interrogate their data bases.
11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web), TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications, and ways to coax offenders out of the system.
13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game? Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
"Just google it" is great for tickets, tyres, holidays and opening hours. But as an investigator, we can do better, and safer. Using most main stream search engines and browsers come with certain risks. This session aims to change that. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. Tools that the target can’t see . Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how to fast track you to the data you need, and cut away the chaff. PART 2 on the final day with free tools to download and keepSeminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G, 5G and 6G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;
Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.
Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.
Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.
4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.
5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off
SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA to 6G: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the trasition to 5G standalone.
In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:
- 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
- 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
- 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
- 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?
Seminar #5
10:35-11:25Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesSeminar #6
11:30-12:20Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThursday, 5 June 2025
Seminar #7
08:30-09:10Lawful Interception - What, Why, When, Who and how to, and solutions.
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceSeminar #8
09:15-10:00Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State PoliceIn today’s digital landscape, push tokens serve as unique device identifiers that can play a crucial role in criminal investigations. This presentation will provide an overview of what push tokens are, how they are generated, and how law enforcement can leverage them to link suspects to devices, track online activity, and uncover crucial evidence. Attendees will learn legal processes for obtaining push token data, how to request records from Apple, Google, and app providers, and real-world case studies where push token analysis led to investigative breakthroughs. Additionally, we will cover privacy limitations, encryption challenges, applications for lawful interception, and alternative technical investigative techniques.
Seminar #9
11:45-12:30(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
Open Source Tools, Part 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceA must see presentation of the best and most dynamic tools available to the investigator- and they’re all free. A download link will be provided during this session with 100 tools to take away