< Back to ISS World Programs
AGENDA : JUNE 3-5, 2025
ISS World Europe is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Crime Investigation, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
Track 6: Mobile Signal Intercept Training and Product Presentations
Track 7: Electronic Surveillance Training and Product Presentations
Track 8: 5G Lawful Intercept, Tracking and Forensics Product Training
Plus Special Training Seminars lead by Law Enforcement Officers and Ph.D. Scientists
ISS World Europe 2025 Agenda at a Glance
Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists
20 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(7 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(1 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)
Tuesday, 3 June 2025
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-15:05(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice
The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
Seminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G, 5G and 6G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception.
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA to 6G: What’s it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the transition to 5G stand alone. (Full description below Track 9)
Seminar #5
10:35-11:25Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesSeminar #6
11:30-12:20Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThursday, 5 June 2025
Seminar #7
08:30-09:10Lawful Interception - What, Why, When, Who and how to, and solutions.
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceSeminar #8
09:15-10:00Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State PoliceSeminar #9
11:45-12:30(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
Welcoming Remarks and Top Ten Challenges
Wednesday, 4 June 2025
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Tuesday, 3 June 2025
9:10-18:15Wednesday, 4 June 2025
9:10-18:15
Thursday, 5 June 2025
8:30-15:00
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 3 June 2025
11:30-12:20
Accelerate Forensic Voice Analysis with Advanced Speaker Recognition Solution
Presented by Phonexia14:45-15:05
Transforming Criminal Investigations with CSP Network Insights: Efficiency, Security, and Real-Time Precision
This session delves into the newly launched Cross Location Analysis and IMSI Location Comparison, with updates on fast and secure IP searches and the integration of real-time and historical data for unparalleled insights. Discover how leveraging multi-source network data from CDRs, passive probes and more empowers CSPs to deliver enriched and secure results with efficiency, seamlessly transferring insights to law enforcement agencies.
Presented by Subtonomy15:25-16:05 Session B
Digital Crime Scene Essentials: Cybercrime Tools, Crypto Analysis, and Forensic Infrastructur
Focused exploration of cybercrime investigations, cryptocurrency analysis tools, advanced forensic software, and specialized hardware solutions for lab and field use.
Presented by mh-service GmbH16:10-17:00 Session B
Remove unwanted data (e.g. video, encrypted traffic, etc.) at n x 100 Gbps using an ultra-compact server
Presented by Napatech
Wednesday, 4 June 2025
13:45-14:30
Effortlessly Detecting Persons and Topics of Interest in Audio
Presented by Phonexia15:00-15:40 Session A
Interception Challenges on VoLTE Network for LEA's
The presentation on "Interception Challenges on VoLTE Networks for LEAs" promises to unravel the intricate landscape of lawful interception in Voice over LTE (VoLTE) networks. This session dives into the specific challenges faced by Law Enforcement Agencies (LEAs) in ensuring secure and effective interception within the VoLTE framework. The audience can expect a detailed exploration of methodologies, standards, and innovative solutions designed to address the unique complexities of VoLTE networks, providing valuable insights into the evolving landscape of surveillance technologies for LEAs. The session covers a range of critical topics, including Lawful Interception Methodologies, Mobile Network Topology, Interception on GSM/UMTS Network, Challenges & Solutions on IMS Network, and Next Generation Monitoring Center. Attendees will gain insights into the methodologies and standards governing lawful interception, the complexities of mobile network structures, challenges faced in intercepting GSM/UMTS networks, and innovative solutions for navigating the IMS landscape. The presentation also highlights the advanced capabilities of the Next Generation Monitoring Center, offering a glimpse into the future of interception technologies. The audience can anticipate a detailed and informative session providing a deep understanding of the subject matter and the cutting-edge solutions presented by InterProbe.
Serkan Altınışık, Vice Chairman of the Board, InterProbe15:00-15:40 Session B
Analyzing Social Networks
BREVIS and OSINT Plugin for i2 Analyst Notebook. Analyze Social Networks – Twitter, Facebook, Linkedin, YouTube, VK, Instagram, TikTok, Telegram, WhatsApp and Pipl.
Presented by MKCVI15:00-15:40 Session C
Assessing Threats: Intelligence in Pre-War and Active Conflict Zones
Presented by Rayzone Group15:45-16:25 Session A
How to Detect Fake News
This talk will delve into the challenges posed by digital manipulation techniques. This informative session highlights crucial detection methods needed to identify and mitigate the impact of bots, fake news, and deep fakes in shaping public perception. Gain insight into the detailed overview of the evolving landscape of digital deception, emphasizing its implications on the integrity of information in today's interconnected world.
Presented by CyabraThursday, 5 June 2025
9:15-10:00 Session A
Thou shalt wirelessly intercept your neighbor: Leveraging WiFi and Bluetooth in operative
In this talk, we shall discuss various security mechanisms used in WiFi and Bluetooth networks and how to abuse them to obtain mission-critical intel. Apart from explaining all principles, we will demonstrate them (hopefully live) on our tactical device! Starting with an access point and client scans, we will continue with client targetted jamming and total Denial-of-Service of the whole network that may even result in authentication handshake capture. This handshake contains information to recover the WiFi password to access the targeted network. Once inside the network, we will show essential hacking tools to conduct IP-level reconnaissance. But we will not limit ourselves to WiFi and demonstrate how Bluetooth can be leveraged to notify you about a person's presence or exploit various IoT devices.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology9:15-10:00 Session B
Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
In today’s digital landscape, push tokens serve as unique device identifiers that can play a crucial role in criminal investigations. This presentation will provide an overview of what push tokens are, how they are generated, and how law enforcement can leverage them to link suspects to devices, track online activity, and uncover crucial evidence. Attendees will learn legal processes for obtaining push token data, how to request records from Apple, Google, and app providers, and real-world case studies where push token analysis led to investigative breakthroughs. Additionally, we will cover privacy limitations, encryption challenges, applications for lawful interception, and alternative technical investigative techniques.
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police11:00-11:40 Session A
From Academia to Industry: Dealing with Cryptography in Real Life
It is a common thought that cryptography is so theoretical to understand, and so technical to defeat, that it can’t be done without enormous effort and technical prowess only found in State Agencies. That is not completely true. In fact, there are many cryptographic problems developers and investigators routinely encounter that they think are insurmountable, but are not. Instead, with a systematic cryptographic approach, these issues can be overcome with modest effort and cost-effective tools. There is a need to use mechanisms that include algorithms, protocols and primitives in accordance with international standards such as ISO and FIPS, with a well-planned development, comprehensive testing and validation process. On the other hand, the strong analysis mechanism to obtain the decryption key is important for investigators. Forensics, reverse engineering, binary analysis, as well as the use of cryptanalysis attacks with AI-based dictionaries or rainbow tables are also used. For these reasons, tools that can operate all these mechanisms systematically that can manage them from a single point make it easier for investigators to deal with real-life use cases.
Özge Acar Küçük, Cryptography Managing Director, InterProbe11:00-11:40 Session C
Chinese Open Source Intelligence Collection Techniques
The common narrative is that researching online in a foreign language requires a native speaker - when none are available, teams often rely completely on AI to tackle this.
We demonstrate that researching online in Chinese using I-Intelligence's methodology yields fast and accurate results when adopting an investigative mindset and mastering the basics.
Skip Schiphorst, OSINT language course instructor and coordinator, i-intelligence GmbH11:00-11:40 Session B
Understanding the Implications of Online Social Media and OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police11:45-12:30 Session A
Trending Topics in Cryptocurrency Forensics
Bitcoin, Ethereum and other cryptocurrencies are becoming mainstream for financial interactions and standard tools when conducting cybercrime such as scams, frauds, ransomware, darknet markets, sextortion, etc. LEAs also adapted to a new situation, and many investigators are already familiar with cryptocurrency basics and how to trace transactions on publicly available blockchain explorers. This session aims to extend the knowledge of participants about more advanced topics such as: a) address clustering techniques and their applicability to various cryptocurrencies; b) monitoring of cryptocurrency networks and their peers with the help of network intelligence; c) geolocating cryptocurrency transaction with IP address or originator; d) overcoming obfuscation of transactions entering and leaving mixers; e) correlating activities on darkweb with blockchain events. Each subtopic will be thoroughly explained, including currently existing methods and tools for addressing associated challenges.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology
11:45-12:30 Session C
Using Arabic Script Languages for Online Target Discovery
The amount of content being uploaded in languages using an Arabic alphabet keeps growing at a very fast pace. Being able to tackle online content using this alphabet is essential for any organization’s decision-making process. This introduction will show some of the techniques that will help you find the content that you're looking for using an Arabic alphabet without prior knowledge of this language.
Paolo Walcher, Arabic OSINT Instructor, i-intelligence GmbH
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
08:30-09:20 Session A
ESG and Munich Innovation Labs presents a Crowd-sourced Information Platform (CIP)
ThevCrowd-sourced Information Platform (CIP) enhances real-time situational awareness by integrating data from various sources such as social media, webcams, drones, and other sensors with ground-truth information provided by field operatives. This platform is valuable for both territorial defense and civil applications, emphasizing privacy-by-design principles at its core. Furthermore, by incorporating Large Language AI capabilities, CIP efficiently extracts geoinformation at scale.
Presented by ESG
9:25-10:15
Cost Effective Network Monitoring in a world of data overload
As internet traffic doubles every two years and with data rates moving from 100G to 400G to 800G and beyond, how do you design a network monitoring system to cost effectively access all this data? Come hear about how an Optical Circuit Switch working in conjunction with packet brokers and analysis tools can provide cost effective solutions that can address large numbers of fibers.
Presented by Huber+Suhner10:35-11:25 Session A
Discover the cutting-edge, all-phone compatible, cost-effective and successful agent.
Presented by Movia10:35-11:25 Session B
From Electronic Surveillance to Encrypted Communication analysis challenges, solved with integrated, AI enhanced Cyber Intelligence solutions.
A structured case-study
Presented by AREA10:35-11:25 Session C
Decoding the Digital World: A look into Encrypted networks!
Presented by Datafusion Sytems
11:30-12:20
Safeguard Your Sea with DarkWave: Shedding Light on Dark Ships
Presented by Rayzone Group13:20-14:10 Session A
Leveraging Mobility Data for Actionable Insights and Crime Prevention
Presented by Rayzone Group13:20-14:10 Session B
FUSION – The single investigation platform
Presented by ATIS13:20-14:10 Session C
How to Find Crime and Terror Ghosts with Digital Intelligence
Presented by Cognyte13:20-14:10 Session D
Turning Insights into Action: Leveraging Data Dark and Risk Intelligence Databases
Presented by CHAPSVISION14:15-15:05 Session A
Enhancing Real-time Intelligence from Seized Devices with Tactical Location Analytics
During missions, field agents confiscate devices with crucial location data and valuable, timely intelligence insights – but if they can't analyze it in the field, opportunities are wasted. Tactical location solutions that require no internet, operate on a laptop, and offer drag-and-drop ingestion help transform seized data into real-time, actionable intelligence.
Presented by SS814:15-15:05 Session B
AI Counter-Terrorism Platform for Effective Law Enforcement
Presented by Vehere15:25-16:05 Session A
Fast, Reliable, AI powered Object Detection, Data Recovery & Analyses of video files, RAIDs & other digital media carriers.
VIDEO ANALYST + H-VIDEO - new from HTSC Germany.
Daniel Schwarz & Jamie Clarke, HTSC-Germany
15:25-16:05 Session B
Modernizing Digital Investigations: Automation and Data Enrichment for Efficient and Effective Case Resolution
In this session, you'll discover how leading investigation units are adopting a modern approach to digital investigations with automation and data enrichment. Learn how to tackle the challenges of managing large data volumes and drive faster and more efficient case resolutions.
Meirav Gingold, Product Owner, Cellebrite15:25-16:05 Session C
Introducing Octostar: the Generative AI / APP-based Operating System for all-int, all-data Investigations
Presented by Octostar15:25-16:05 Session D
Password Cracking on FPGA Infrastructure
Presented by SciEngines15:25-16:05 Session E
From Data Deluge to Discovery: Leveraging AI to Accelerate Investigations
Lawful intercept and data fusion can provide tremendous investigative potential, but unlocking their full value requires advanced tools. This session explores the rising role AI can play in uncovering hidden patterns and anomalies within your data. Discover how AI can accelerate investigations and improve resourcing, while maintaining compliance with new regulations, like the EU AI Act. The session concludes with a live demo showcasing how AI enrichments extract context-rich insights faster.
Sean Thibert (Product Manager, AI Solutions), JSI15:25-16:05 Session F
Live Face Recognition: 'Protecting People from Harm' – The Essex Police Story
Presented by Corsight16:10-17:00 Session B
AI-powered Metadata Analysis: Unearthing the Secrets Hidden in Digital Footprints
Mitesh Vageriya, CEO, PertSol16:10-17:00 Session C
Solving the challenges of Data-Fusion and Validation: Communication Data, live Lawful Interception data, Mobile Forensics extraction and more in a single AI enhanced platform.
Use cases and demonstration.
Presented by AREA16:10-17:00 Session D
Orca Connect: connecting your intelligence gathering systems to fibre and satellite signals.
Presented by VASTech
Wednesday, 4 June 2025
09:10-10:00 Session A
Crypto Intelligence: Disrupted
New Technologies to Combat Crypto Crime
Presented by NSO Group09:10-10:00 Session B
Digital Crime Scene Essentials: Cybercrime Tools, Crypto Analysis, and Forensic Infrastructur
Focused exploration of cybercrime investigations, cryptocurrency analysis tools, advanced forensic software, and specialized hardware solutions for lab and field use.
Presented by mh-service GmbH09:10-10:00 Session C
Forensic content derived metadata with powerful AI enhanced Data Fusion and Analysis unleashes the intelligence hidden in the encrypted communications.
Use cases and demonstration.
Presented by AREA
13:00-13:40 Session A
Drones and UAVs Redefining Tactical Intelligence.
Presented by Ateros13:00-13:40 Session B
Kick Start Your Investigations with AI
As an analyst, have you ever spent too much valuable time formatting data ready to import and then, having a huge volume of data, quite literally not knowing how to start the investigation? New features in i2 are here to help. A mix of data formats? No problem – we’ll import it all without you to needing to move columns or run a Search and Replace. And once your data is in, we’ll intelligently look at the context and pre-load the most appropriate charts. Want to get a head start in your investigations? Head over to this talk.
Adrian Barfield, Brand Technical Specialist, i2 Group13:45-14:30 Session B
Spyder Space: Revolutionize Your Investigative Processes with our cutting-edge solution! Harnessing Data from Mobile Sources, We Optimize, Analyze, and Craft Powerful Insights!
Presented by Movia13:45-14:30 Session C
AI powered monitoring centre of the future
Live demo of how AI and ML is speeding up intelligence assessment cover DPI, voice and image processing.
Jez Nelmes, Product Manager, BAE Systems Digital Intelligence13:45-14:30 Session D
Enhance Mission Planning and Operational Analytics
Presented by Cognyte13:45-14:30 Session E
Global Geo-monitoring and profiling over LTE / 5G / Satellite and eSIM
VP Sales and Marketing, GeoGence
15:00-15:40 Session A
The Impact of AI on End-to-End Lawful Intelligence: Opportunities and Challenges
Investigators need efficient tools to help extract critical intelligence from vast databases. AI technologies like video and voice analytics, facial recognition, and automatic number plate readers are revolutionizing lawful intelligence, but introduce challenges. We must harness the transformative potential of these platforms while remaining vigilant for bias and misleading conclusions.
Presented by SS815:00-15:40 Session B
New MOBILedit ULTRA: From the Latest Smartwatch Forensics to Powerful Phone Unlocking
Learn how to investigate smartwatches—a fast-growing and often overlooked source of crucial digital evidence. From health and location data to activity logs, smartwatches can reveal key insights that other devices simply don’t provide.
Discover how MOBILedit, the only forensic tool focused on smartwatch data extraction, is helping investigators uncover vital information in real cases.
See how this capability is now part of the all-new MOBILedit Forensic ULTRA—an all-in-one solution for forensic labs, combining smartwatch, phone, and cloud data analysis, now empowered with powerful unlocking and security bypassing features.
Presented by Compelson15:00-15:40 Session C
Orca Capture: process and store traffic using protocols found in modern networks
Presented by VASTech15:00-15:40 Session D
Harnessing the Power of Offline and Secure AI for Forensic Documentation
Presented by Cabolo15:00-15:40 Session E
Revel.io: Fast European Passwordless Extraction for Mobile Digital Evidence
Presented by Synacktiv15:45-16:25 Session A
How to Enhance your Investigation: AI-Driven Strategies for Analysing Encrypted Data at Scale
Mark Uldahl, CTO, XCI A/S15:45-16:25 Session B
AI empowered speech technologies: making your audio searchable
Discover our next generation AI speech processing software designed to help professional users extract critical information from large amounts of multilingual audio data. Functionalities includelanguage identification, speech transcription and keyword spotting to ease your OSINT and COMINT activities.
Jodie Lechapelain, Director, Vocapia Research15:45-16:25 Session C
Unraveling JA3 and JA4+: Global Botnet Detection via Encrypted Traffic Fingerprinting
Network security teams and government defense agencies are leveraging encrypted traffic fingerprinting techniques such as JA3/JA3S to detect C2 servers and global botnet campaigns. Learn what a JA3 fingerprint is and how it is evolving to stay ahead of threat actors. Beyond TLS, what are teams doing to fingerprint traffic encrypted via SSH and QUIC?
Mike Seidler, VP Product Management, NetQuest15:45-16:25 Session D
No trusted third-party anonymization platform: collect online and third-party data without risk of attribution
This talk will address: i/. the operational security of direct and indirect (i.e. through probes and/or third-party vendors) online data collection ; ii/. and the operational security benefits of Snowpack no trusted third party anonymization platform for osint and analysts teams
Presented by Snowpack16:30-17:15 Session A
Unveiling the invisible: enhancement and authentication techniques for image and video evidence investigations
In modern digital investigations, the truth often lies beneath the surface, waiting to be uncovered. A thorough examination is essential to reveal hidden information, whether obscured by pixel-level defects or embedded in metadata. Join us to explore how Amped Authenticate and Amped FIVE empower investigators to expose these invisible truths.
Discover cutting-edge and forensically sound techniques that enhance the visual clarity of your images and videos while verifying their integrity and authenticity. Prepare compelling presentation materials showcasing the results of your processing. Learn to harness the power of scientifically-backed analysis and enhancement tools to elevate your investigative capabilities. Don’t miss this opportunity to transform your approach to solving cases and uncovering evidence.
Presented by Amped Software
16:30-17:15 Session B
How Lawful Interception benefits from Traffic Filtering.
High bandwidth networks like fiber and eMBB (LTE / 5G) put new requirements to a Lawful Interception solution. With high throughput data streams, the costs of processing this data increases. However, not all data is relevant for an investigation, e.g., Netflix and application and OS updates carry no user data. Within this session we will discuss how Lawful Interception benefits from Traffic Filtering capabilities.
Presented by Group 200016:30-17:15 Session C
From data hell to knowledge well: turning raw internet traffic to investigative intelligence.
There is still great value in network traffic analysis stemming from Lawful Interception. However, stakeholders need to confront with complex challenges like pervasive encryption and application diversity, which hinders the ability to achieve immediate and actionable insights from data streams. This session discusses the foundations of Detecta, the brand-new data analysis platform by RCS, born to help investigators without deep technical skills to discover the big picture buried into internet traffic. A live demo will show practically the benefits of this new approach.
Presented by RCS16:30-17:15 Session D
Harnessing Generative AI to Power the Next Generation of Digital Intelligence
Generative AI is having a rapid and unprecedented impact on how insights are extracted and surfaced from varied datasets. This session explores the potential of this technology within Law Enforcement and Intelligence, in targeted use cases such as threat analysis and generating investigative leads. We will address shifting regulations and strategies to maintain compliance. The session concludes with a demonstration showcasing how the 4Sight Digital Intelligence platform uses generative AI to enhance workflows and improve team efficiency.
Sean Thibert (Product Manager, AI Solutions), JSI16:30-17:15 Session E
Data to Decision: Transforming Criminal Investigations with AI-powered Predictive Analytics
Gurjot Sandhu, CBO, PertSolThursday, 5 June 2025
08:30-09:10 Session C
Generative AI-Led Federal Case Study: Intelligent Fusion
Presented by ClearTrail
09:15-10:00 Session A
Illegal Immigration in a Global Context: Challenges and Responses
Presented by Rayzone Group09:15-10:00 Session B
Accelerate your Investigations with Multi-dimensional Multi-source Analysis
As an analyst, you will be challenged with collating information from a variety of different data sources, often in many different formats. Come and learn how to unlock the power of streamlined data analysis and easily manage the complexity of working with diverse data sources with i2. From databases and applications, CDR and OSINT, to unstructured to semi-structured data, i2 offers a unified platform for comprehensive analysis and intelligence sharing. Join Adrian to understand how to simplify your workflow, and gain new insights with speed and precision. Adrian Barfield, Brand Technical Specialist, i2 Group09:15-10:00 Session D
Using Zero-days in Mobile Forensics for Advanced Data Extractions
Presented by Secfence09:15-10:00 Session E
Any Digital Footprint with AI-Enhanced capabilities
Presented by Prelysis11:00-11:40 Session A
Enhance your Monitoring Center with OSINT, All-Source Intelligence and Blockchain Analytics
Presented by Cognyte11:00-11:40 Session B
Using situational awareness and C2 tools to achieve faster decisions and actions during operations
Presented by Drakontas LLC11:00-11:40 Session C
Bruteforcing BFU Phones in XRY Pro
Presented by MSAB11:45-12:30 Session A
Orca Integrate and View: integrate data from many different sources to view, filter, and query the results in a single user interface
Presented by VASTech11:45-12:30 Session B
A New Perspective for Intelligence Investigations.
Presented by Bold11:45-12:30 Session C
Deep Network Visibility at International Scale Via Enriched Traffic Metadata: IPFIX for OTU4, STM64 and 100GbE Networks
National defense missions require deep signals intelligence from OTN, SDH and Ethernet networks. Learn how unsampled flow-based metadata and IPFIX can provide 100% visibility into telecommunication cables including IP addresses, layer 7 application classification and protocol-specific data from TLS, QUIC, DNS, HTTP, SIP and other traffic types.
Mike Seidler, VP Product Management, NetQuest13:00-13:40 Session A
Experience the Future of Raw IP data Analysis for Actionable Intelligence.
Never miss intelligence from WhatsApp, FaceTime and other encrypted calls made by the targets you are investigating and get their behavior on a timeline. Discover Simplicity and Power - No technical expertise required.
Presented by ClearTrail with Mark Bentley, UK Police13:00-13:40 Session B
Fast, Reliable, AI powered Object Detection, Data Recovery & Analyses of video files, RAIDs & other digital media carriers.
VIDEO ANALYST + H-VIDEO - new from HTSC Germany.
Daniel Schwarz & Jamie Clarke, HTSC-Germany
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.
Tuesday, 3 June 2025
08:30-09:20 Session A
The ultimate AI-driven Intelligence to monitor and extract meaningful information from Social Media and Traditional Media like TV and Radio to improve national security. A live demo.
Presented by IPS08:30-09:20 Session B
Possibilities of AI-powered Mass Data Fusion.
Boosting efficiency through automated analysis functions for mass data analytics – SCOPE live Demo
Presented by INNOSYSTEC08:30-09:20 Session C
Link analysis on maps - new techniques for combining intelligence data with geospatial context for analysts and investigators
Dan Williams, Chief Product Officer, Cambridge Intelligence09:25-10:15 Session A
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS09:25-10:15 Session B
Real Intelligence - Revolutionizing Investigative techniques
Presented by Datafusion Sytems
09:25-10:15 Session C
The Italian Way: Advanced AI Surveillance in Action Against Organized Crime—See How It Works
Presented by SIO10:35-11:25 Session A
Brain: One Platform to Monitor, Analyze, and Predict
React faster. Decide smarter. Operate with precision.
Based on fast real-time access to face recognition and biometric tracking, deep analysis of social networks and telecom traffic, predictive modeling and intelligent search, Brain is indispensable for urgent and important decisions at the national security level.
Presented by MATISON10:35-11:25 Session B
From Digital Chaos to Clarity: Unifying all Evidence Layers for Faster, Smarter Case Resolution
Investigations today generate massive digital evidence —from devices, forensics, social media, financials, and OSINT.
PLX, a comprehensive evidence analysis platform, brings all investigation layers together in a single, intuitive view so teams can move fast and stay focused.
With real-time integrations, support for 1,000+ formats, and advanced visualizations, PLX helps surface hidden connections, patterns, and leads.
Powered by CoAnalyst GenAI assistant for judiciary data, natural language search accelerates the path to impactful insights.
From complexity to clarity, the mission outcome you need is now just a few clicks away.
Presented by Penlink13:20-14:10 Session A
From Data to Knowledge – the Power of Mass Data Fusion
All-source mass data analysis for actionable intelligence – SCOPE live Demo
Presented by INNOSYSTEC13:20-14:10 Session B
Give a hand to your Investigator: A Synthetic Analyst.
The Synthetic Analyst is the advanced approach that reduces the time of the Investigation life cycle.
An integrated network of Large Language Models, Knowledge Models, Decision Models and Knowledge Graph.
Presented by RCS14:15-15:05 Session A
The State of Deepfake Detection in 2025: How Cyber Criminals and Nation-State Adversaries Are Exploiting AI and How to Detect Them
In 2024, the sophistication and accessibility of deepfake technology have escalated, posing significant threats to national security, intelligence operations, and law enforcement efforts. This talk will highlight the geographical hotspots of deepfake activities, the advanced techniques utilized by adversaries, and their typical targets, including high-stakes political events, military conflicts, but also financial crime online such as scams and frauds. Attendees will learn about the latest advancements in deepfake detection, with a focus on Sensity AI's state-of-the-art solutions that integrate advanced AI and deep learning technologies.
Presented by Sensity AI14:15-14:40 Session B
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling.
Presented by IPS14:15-15:05 Session C
Revolutionizing OSINT for LEA with Advanced AI Analytics
Presented by Prelysis14:15-15:05 Session D
Empowering Law Enforcement with ShadowTrak – The Passive Phone Locator
A tactical passive homing device capable of pinpointing any phone's location from 1 km down to 1 meter across all technologies, including 5G NSA/SA.
Presented by Boura Cyber14:15-15:05 Session E
How Blackfusion Bridges the Physical-Digital Divide in Human Intelligence Operations
The traditional boundaries between cyber intelligence, OSINT, and human intelligence are rapidly dissolving in today's interconnected world. This presentation explores how modern intelligence operations require a new paradigm where digital engagement and traditional source operations are part of a continuous spectrum rather than separate disciplines. We'll demonstrate how Blackfusion's fusion architecture enables this convergence by creating a unified intelligence environment where physical and digital intelligence operations inform and enhance each other. Beyond tactical advantages, we'll discuss the strategic implications of this approach for organizational structure, operational doctrine, and the future evolution of intelligence tradecraft in an era where the distinction between online and offline reality continues to blur.
Presented by Blackscore14:40-15:05 Session B
Maritime Threats Prediction, Detection and Monitoring with Revolutionary Fusion Intelligence Platform. A real use-case.
Presented by IPS
15:25-16:05 Session B
Unlocking Hidden Truths: How AI-Powered Audio, Video & GPS are Transforming Investigations—Don’t Get Left Behind
Presented by SIO16:10-17:00 Session A
GenAI Co-Pilots: An Investigator's Best Friend
Presented by Cognyte
Wednesday, 4 June 2025
9:10-10:00 Session B
Introducing VIA: Media Intelligence Powered by CoAnalyst Generative AI
This session unveils VIA, a groundbreaking media intelligence solution that redefines how analysts extract insights from visual content.
Built on the CoAnalyst framework, VIA leverages Generative AI to unlock significantly deeper layers of intelligence from images and videos.
It empowers thorough analysis and contextualization of media derived from OSINT, evidentiary data, and digital forensics - through a powerful, intuitive interface.
Attendees will explore this cutting-edge GenAI platform and discover how to integrate and adapt it to supercharge their digital intelligence capabilities.
Presented by Penlink9:10-10:00 Session C
Revolutionizing Data Analytics with AI for Law Enforcement
Presented by Rayzone Group13:00-13:40 Session A
Data Awareness - powered by Web-IQ
Online platform monitoring for Law Enforcement and National Security. Activate (alternative) social media platforms like Telegram, Weibo, TikTok, Discord, and many more with Web-IQ’s Intelligence Platform.
Presented by Web-IQ13:00-13:40 Session B
From Data to Decision: CoAnalyst and the Future of Prompt-Driven Intelligence
In this session, we explore how CoAnalyst leverages the power of generative AI and prompt-driven workflows to transform OSINT and digital forensics. Learn how the analyst's role is evolving — from data gatherer to insight navigator — empowered by intuitive AI tools that accelerate decision-making, enhance investigative depth, and redefine what digital intelligence can achieve.
Presented by Penlink13:00-13:40 Session C
Intellectus IA Ecosystem: Built for the Intelligence Mindset
Presented by TRG13:00-13:40 Session D
Beyond the Surface: CYBERMEDIA for Cyberspace Monitoring, Engagement & Investigations Covering Social Media, Web, Deep Web, Dark Web, and Social Network Groups.
Presented by Euler Data Solutions13:00-13:40 Session E
Connecting the Dots: Using Data Analytics and Network Mapping to Disrupt Transnational Crime
Presented by Moody's13:45-14:30 Session A
The Power of many – boost collaboration, gain insights fast for actionable intelligence.
Breaking Data Silos and discover the possibilities of collaborative processes in mass data analytics. Live Demo.
Presented by INNOSYSTEC13:45-14:30 Session B
Unveiling the Future of Intelligence Gathering
Presented by Prelysis13:45-14:30 Session C
Digital Convergence: Unveiling Hidden Networks Through Blackfusion's Integration of Geolocation, Social Media Intelligence, and Cross-Platform Identifiers
Traditional intelligence approaches often miss critical connections hidden across fragmented digital identities and physical movements. This session reveals how Blackfusion's advanced correlation engine integrates facial recognition, geolocation data, and social media intelligence to expose previously invisible networks. Through real-world examples, we'll demonstrate how our platform automatically resolves identities across platforms using multi-modal biometric matching, maps behavioral patterns, and visualizes complex relationships between online and offline activities. Discover how leading agencies are leveraging these capabilities to accelerate investigations and generate actionable intelligence from seemingly disconnected data points that bridge the gap between faces captured in surveillance footage and digital footprints across multiple platforms.
Presented by Blackscore15:00-15:40 Session A
LightSabre: Ultra-Portable Fibre Optics Links Interception and Monitoring System
LightSabre is an advanced, ultra-portable system designed for intercepting and monitoring fibre optics links, including OTN, SDH, and Ethernet. Engineered for intelligence operations, LightSabre ensures seamless, real-time data capture and analysis with unmatched precision. Its compact design and powerful capabilities make it the ideal tool for covert surveillance and network security, providing unparalleled insight into critical communications.
Presented by ClearTrail15:45-16:25 Session B
From Data Overload to Intelligence Advantage: How AI is Reshaping OSINT Exploitation
Presented by CHAPSVISION16:30-17:15 Session A
Leveraging OSINT 0-days to investigate a person of interest
Sylvain HAJRI, Epieos
Thursday, 5 June 2025
08:30-09:10 Session A
Cross Domain protecting Collection and Surveillance data in classified GOVERNMENT Networks
Arbit provides certified and accredited CDS to Central Government Agencies, Intelligence, Armed Forces and Police throughout Scandinavia, Baltics, and Europe. Arbit’s services focus on protecting CONFIDENTIALITY data and systems from cyber and inside threats. This is relevant Government as it enhances national security.
Presented by Arbit09:15-10:00 Session A
FIMI threats: how to analyse cognitive warfare through AI threat-modelling using OSINT
Presented by Future Space
09:15-10:00 Session B
Beyond Boundaries: Mastering Drone Threat Mitigation with Multi-Sensor Integration
A practical guide on how to make drone detection and mitigation easier, faster, and safer with the optimal use of resources. Using various scenarios, participants will be taken through the process of countering drone threats and discover how they can detect, identify, mitigate, and neutralize drone threats.
Presented by Boura Cyber09:15-10:00 Session C
Unlocking Insights: OSINT Solutions for Intelligence and Strategic Decision-Making
In an era defined by information overload, the ability to monitor and analyze traditional and digital media in real-time, is critical for intelligence and strategic decision-making. DataScouting’s OSINT solutions empower organizations to uncover actionable insights by seamlessly integrating data from diverse sources, including TV, radio, podcasts, online platforms and social media. By leveraging the transformative capabilities of generative AI, these solutions go beyond simple data aggregation to provide deep contextual analysis, pattern recognition and predictive insights. This presentation explores how the synergy of comprehensive media monitoring and generative AI not only enhances situational awareness but also drives informed, proactive strategies in rapidly evolving environments.
Stavros Vologiannidis, Founder, Business Development, DataScouting
Rami El Sabeh, OSINT Consultant, DataScouting09:15-10:00 Session D
From Data to Action: Harnessing AI for Real-Time Cyber Intelligence to Strengthen National Security
Presented by SIO
11:00-11:40 Session A
OSINT & Media Monitoring with Intelion
In this session we will show how Intelion can be used to monitor the international public OSINT news space (broadcast and Internet), find specific keywords as well as the current sentiment regarding certain news topics. We will also show its alarm, summary, report and automated workflow functionalities.
Presented by ISID11:45-12:30 Session A
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
(THIS SEMINAR IS RESTRICTED TO LEA, MILITARY, AND GOVERNMENT ATTENDEES. PHOTOS AND VIDEO RECORDING ARE PROHIBITED).
Now I’ve shown you how to hide, let us go and start covertly searching and gathering online intelligence with the best tools available.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 3 June 2025
08:30-09:20
Real-life C-UAS: Acing the UAS Public Safety Threat Challenge with Innovation & Collaboration
Presented by Sentrycs09:25-10:15
Harnessing Cyber Threat Intelligence for Advanced National Security and Law Enforcement Strategies
This session explores how cutting-edge cyber threat intelligence can enhance national security and law enforcement efforts. We’ll examine how intelligence sourced directly from the cybercrime underground can support criminal investigations, help secure critical infrastructure, and strengthen national cyber resilience. Attendees will gain practical insights into leveraging CTI for proactive threat mitigation and smarter enforcement strategies.
Christian Bungeroth, KELA10:35-11:25
From Translation to Strategic Insight: Advanced On-Premise NMT with Generative LPs for Government Data Sovereignty
In this session, we'll delve into how advanced on-premise Neural Machine Translation, enhanced by Generative Language Processing, serves not just to translate but to provide strategic insights for government entities. We'll discuss the importance of data sovereignty, how these technologies can be securely implemented, and the real-world implications for policy, communication, and strategic planning within government operations.
Claudiu Stiube, Principal Solutions Consultant, Language Weaver, RWS11:30-12:20
How to identify the identity of the threat actors from hidden channels
Presented by S2W15:25-16:05
Quantum-Safe Communications in Hostile Environments
Niko Keskitalo, Bittium16:10-17:00 Session A
CDRs of WhatsApp, Signal, Telegram, and other encrypted VoIP messaging applications
Presented by ClearTrail16:10-17:00 Session B
From Data to Actionable Intelligence: Harnessing Business Activity Intelligence (BizINT) to Power Threat Detection
Presented by Moody's
Wednesday, 4 June 2025
13:45-14:30 Session A
ARGOS: Is my phone infected?
Presented by TopSolution15:00-15:40
Redefining National Cyber Defense: From Current Threat to AI-Powered Investigations
Join KELA for an in-depth session exploring the evolving cybercrime ecosystem through the lens of our most recent intelligence reports. We’ll unpack key insights from the KELA’s 2025 Cyber Threat Landscape and dive into findings from The Infostealer Epidemic report, highlighting real-world examples, threat actor tactics, and emerging trends that matter to defenders today. The session will wrap with the introduction of the 1st AI-Driven Digital Cyber Analysts—our new AI-powered cyber warriors built to make elite threat intelligence accessible to any organization. You’ll get a first look at how these virtual analysts work in an interactive demo designed to show how your team can act faster, smarter, and with deeper context.
Lin Levy, Ben Kapon, KELA15:45-16:25
Combine DPI-based Traffic Visibility with Threat Detection Capabilities to Raise the Performance of Government Security Operations
Discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to raise the performance of government-run Security Operations Centers (SOCs). Find out how advanced DPI-based traffic visibility combines traffic identification with machine learning and SDK-based threat detection capabilities to provide superior network protection, even when traffic is encrypted.
Nicolas Duteil, Senior Technical Account Manager, DPI & Traffic Intelligence, Enea SoftwareThursday, 5 June 2025
11:00-11:40
Early warning threat detection solution based on mobile, IOT Devices and IPs profiling networks
VP Sales and Marketing, GeoGence13:00-13:40 Session B
Secure and Adaptable AI for Mission Critical Applications
Presented by Zetta Critical AI
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
09:25-10:15
Crypto Investigations Simplified: From Blockchain to Real-World Insights
Presented by TRG11:30-12:20 Session A
Emptying the Arsenal: Outsmarting the OpSec of a Dark Web Vendor Selling “Cybercrime Toolkits”
Discover how CACI's DarkBlue Intelligence Suite, implementing CluesAI, was used to deanonymize a ransomware group selling remote control, DDoS, and credential extraction tools. Join Cory Everington, Head of CACI’s DarkBlue, and Lead Analyst Connor Watson as they demonstrate the methodology used to unmask this dark web cybercrime toolkit vendor.
Presented by CACI11:30-12:20 Session B
Beyond Breaches: Leveraging Compromised Credentials in OSINT and DarkINT Investigations
This session explores how breached records and other datasets with compromised PII gathered from the Deep and Dark Web can significantly enhance corporate and law enforcement investigations. We will begin by exploring the various types of breached datasets from hacked databases and combolists to stealer logs and scrapes. We will then provide insights into where these datasets can be located and highlight the critical information that can be extracted from them. Finally, we will demonstrate the practical application of compromised records in a live investigation in which we track down one of the FBI’s Ten Most Wanted individuals.
Matteo Tomasini, Founder & CTO at District 4 Labs13:20-14:10 Session A
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
Presented by DarkOWL FZE14:15-15:05
Defeating the Tor Dark Web: The Latest Updates, Evidence Collection, Countermeasures, and Investigation Techniques
This talk will bring you up to date on the latest challenges and issues related to defeating Tor, the dark web network of choice for many criminals, and the latest techniques and best practices available to law enforcement for defeating Tor operators and unmasking IPs.
Presented by Searchlight CyberWednesday, 4 June 2025
15:00-15:40
Tracking the Lazarus Group using Breadcrumbs, Live demo
The Lazarus group, a hacking group funded by North Korea, have laundered $200M from 25 cryptocurrency hacks.
Lorne Lantz, CEO of Breadcrumbs, and author of Mastering Blockchain will demonstrate the power of Breadcrumbs by tracking the Lazarus group's activities.
He will also highlight some of the unique features and services Breadcrumbs offers.
Presented by Breadcrumbs16:30-17:15
Unmasking Criminals Operating on the Dark Web
This talk will provide practical guidance on how law enforcement agencies can investigate criminals on the dark web with recaptured data, build profiles of these high-risk criminal actors, and identify the actors behind the aliases. Including guidance on dark web market seizure techniques: evidence collection, unmasking users, and harvesting data.
Presented by Searchlight Cyber
Thursday, 5 June 2025
13:00-13:40
From Dark Web Information to Nicknames, Phone Numbers and Emails to Real People
A former elite intelligence officer and NATO intelligence pieces how seemingly small names of information on the web can lead to real police cases. Showcasing real-world examples covering the dark web, breached credentials, social media, public records and sanctions lists that have prompted multiple police investigations.
Petr Vancl Hochberger, Head of Marketing and Business Development, TOVEK
Track 6: Mobile Signal Intercept Product Training and Presentations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
8:30-9:20
Understanding Mobile 2G, 3G, 4G and 5G NSA Infrastructure, Intercept and Cryptography
Dr. Jerry Lucas, President, TeleStrategies9:25-10:15
A Deep Dive into Mobile Exploitation - A Full Chain Overview
Presented by Secfence
10:35-11:25
Detecting, Locating and Intercepting GSO & NGSO transmitters
Presented by Kratos11:30-12:20 Session A
Evolutions and revolutions in satellite interception technology
The latest innovations in satellite communication, particularly VHTS satellite networks and LEO/MEO constellations, are challenges to satellite intelligence organizations. These new satellite infrastructures require novel approaches to satellite interception. Rohde & Schwarz offers solutions to address these new satellite communication scenarios.
Presented by Rohde & Schwarz11:30-12:20 Session B
Measurement instruments for Wi-Fi, Bluetooth – SmartTags, and Cellular
Presented by SEA GmbH13:20-14:10 Session A
Innovation in VISINT Coverage & Investigative Intelligence
Explore how next-generation visual collection and analytics tools like NightHawk are transforming surveillance into a real-time, investigation-ready asset, enabling agencies to detect faster, investigate smarter, and act with precision.
Presented by Interionet16:10-17:00
Securing Your Mobile World from Surveillance Threats. A deep dive into unmasking and countering IMSI Catchers with Cutting-Edge solutions
Presented by NeoSoft
Wednesday, 4 June 2025
9:10-9:30
Best Practices & Latest Innovations for Field Missions
Presented by Cognyte9:30-10:00
Dark Skies: Unlocking the Hidden Intelligence Potential in Satellite Communications
Presented by Cognyte13:45-14:30
Uncover Hidden Threats with EO Spectre: Tactical RF Counter-Surveillance & SIGINT Technology
Presented by EO Security
Track 7: Electronic Surveillance Training and Product Presentations
This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Wednesday, 4 June 2025
13:00-13:40
Harnessing AI in Police Investigations: A Focus on Audio, Video, and GPS
Presented by SIO13:45-14:30 Session A
From proven GPS tracking system to integrated Mobile mission control
Presented by ProximaIT13:45-14:30 Session B
Cutting edge, AI Based De-Noiser from Squarehead Technology
Presented by Squarehead Technology15:00-15:40 Session A
Mastering Data Empowering Intelligence
Presented by Elbit15:45-16:25 Session A
QuipoEVO: new features and new use case for Cy4Gate Decision Intelligence Platform
Introducing QuipoEVO, the latest innovation from Cy4Gate, designed specifically for Law Enforcement Agencies (LEAs) to enhance decision intelligence capabilities. In the fast-paced world of law enforcement, staying ahead of criminals and ensuring public safety requires advanced tools and technologies. QuipoEVO combines cutting-edge artificial intelligence and machine learning to provide LEAs with a comprehensive Decision Intelligence Platform tailored to their unique needs.
QuipoEVO offers a range of powerful new features that revolutionize data analysis and decision-making in the LEA domain. Real-time data integration and analysis capabilities enable LEAs to gather and process vast amounts of data from multiple sources, including structured and unstructured data. By leveraging advanced analytics and algorithms, QuipoEVO provides actionable insights and helps LEAs identify patterns, detect trends, and make informed decisions to combat crime effectively.
Presented by CY4GATE S.p.A.15:45-16:25 Session B
Electronic Surveillance solutions to investigate in the field and operate form a unified, AI enabled, centralized Cyber Intelligence platform.
Use cases and demonstration.
Presented by AREA15:45-16:25 Session C
How to ensure the security of mobile communication? Use radio forensics to monitor and secure mobile networks in 5G SA technology
This presentation will explain the technical aspects of detecting rogue networks using the parameters of a Base Transceiver Station (BTS). We'll discuss how these parameters can be harnessed to protect against eavesdropping and digital wiretapping, making it an essential tool for anyone interested in the security of mobile networks.
Rafał Wołczyk, Presales Engineer, Vespereye16:30-17:15 Session A
Evolving Capabilities – Training and Equipping Special Forces
Oli Smith, Providence
Track 8: 5G Lawful Interception Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 3 June 2025
9:25-10:15
Understanding 5G Stand Alone NFV, Edge Computing and Network Slicing
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies
13:20-14:10
Performing successful missions on 5G SA with or without network operator assistance
Presented by Octasic15:25-16:05
Keep using your IMSI Catchers and Direction Finders in the 5G SA Era
With the introduction of 5G SA, the 3GPP decided to improve subscribers’ privacy by designing an encrypted protocol architecture that protects against the use of IMSI catchers. These design choices resulted in the need for a “future proof” and solid solution in order for law enforcement to correlate temporary identifiers collected over the air interface and match them to permanent identifiers and to track suspects using their direction-finding tools and capabilities.
Presented by Group 200016:10-17:00
On the way to Online Catching on 5G SA
5G SA Online catching or identiifer asscociation changes the setup of active mobile phone monitoring solutions after nearly 30 years dramatically. To keep the operational concept and sustain the usage of these solutions for 5G SA agencies, operators, LI users, regulators, CSPs and manufactorers have to join to together to shape the future of 5G catching. Our presentation will give an overview about the concepts, architectures and the process of standardization as well what call for action every agency has."
Presented by Rohde & Schwarz
Wednesday, 4 June 2025
09:10-10:00 Session B
Survival of IMSI-catchers in 5G Networks
Presented by Utimaco13:00-13:40 Session A
POLIIICE 5G standalone end to end LI live demo.
POLIIICE will offer, research, validate and demonstrate array of innovative LI measures at cloud & network level as well as at edge device level that together will enable LEAs to efficiently overcome the new age challenges and enable high throughput of its LI
Chris Young, Product Manager, BAE Systems Digital Intelligence13:00-13:40 Session B
Lawful Interception of IMS/VoLTE Roaming (S8HR)
Presented by Utimaco15:45-16:25
Performing successful missions on 5G SA with or without network operator assistance
Presented by Octasic16:30-17:15
Optimized solution for COMINT in today’s and tomorrow’s 5G networks
New 2G/3G/4G/5G platform by EXFO for catching and DF purposes and complete solution for 5G SA ID resolution
Presented by EXFOThursday, 5 June 2025
08:30-09:00
Centralized 5G ready Cyber-intelligence AI enabled Monitoring Centre to support the challenges of Lawful Interception and Electronic Surveillance.
Use cases and demonstration.
Presented by AREA
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 3 June 2025
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-15:05(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice
The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
How it works, for us. Why it works, for us. How data traffic leaves a permanent trace. How and why everything that was on the internet, is still there. Identifying the structural data and exploits, that will take you to your suspect. Tracking and evaluating data. MAC tracking. If you’ve ever said “it’s been deleted” or “its no longer there”, this seminar is for you. Let me prove you wrong.
09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
What data is available. How to harvest and analyse it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft. Data collection and interrogation, significance, and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them (where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities. TCP/IP and header value and analysis
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed. You and your target are being tracked by multi organisations that you done even know exist. Lets identify them and interrogate their data bases.
11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web), TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications, and ways to coax offenders out of the system.
13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game? Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
"Just google it" is great for tickets, tyres, holidays and opening hours. But as an investigator, we can do better, and safer. Using most main stream search engines and browsers come with certain risks. This session aims to change that. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. Tools that the target can’t see . Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how to fast track you to the data you need, and cut away the chaff. PART 2 on the final day with free tools to download and keepSeminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G, 5G and 6G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;
Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.
Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.
Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.
4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.
5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off
SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA to 6G: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the trasition to 5G standalone.
In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:
- 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
- 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
- 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
- 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?
Seminar #5
10:35-11:25Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesSeminar #6
11:30-12:20Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThursday, 5 June 2025
Seminar #7
08:30-09:10Lawful Interception - What, Why, When, Who and how to, and solutions.
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceSeminar #8
09:15-10:00Push Tokens in Criminal Investigations: Tracing Digital Footprints & Uncovering Evidence
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State PoliceIn today’s digital landscape, push tokens serve as unique device identifiers that can play a crucial role in criminal investigations. This presentation will provide an overview of what push tokens are, how they are generated, and how law enforcement can leverage them to link suspects to devices, track online activity, and uncover crucial evidence. Attendees will learn legal processes for obtaining push token data, how to request records from Apple, Google, and app providers, and real-world case studies where push token analysis led to investigative breakthroughs. Additionally, we will cover privacy limitations, encryption challenges, applications for lawful interception, and alternative technical investigative techniques.
Seminar #9
11:45-12:30(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)
Open Source Tools, Part 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceA must see presentation of the best and most dynamic tools available to the investigator- and they’re all free. A download link will be provided during this session with 100 tools to take away