Meet the lecturers

With more than 30 years of experience, Alessandro Vannini is currently working toward his 54th technical certification in the cybersecurity field. Over the past five years, he has traveled across Europe more than 90 times to support incident response and ransomware remediation efforts in organizations with annual revenues of up to €570 million.

He is the administrator of Italy’s largest hacking community, with over 12,800 members, and the country’s first e-learning instructor in cybersecurity, having educated nearly 75,000 students across 54 hacking courses. His work focuses on solving complex security problems, supporting organizations, and preventing cyber attacks, or identifying threat actors before they can strike.

He is also an active speaker at national and international events.

Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field. Mr. Holden researches minds and techniques of cyber criminals and helps our society to build better defenses against cyber-attacks.

Andrea Bodei is a Senior Executive, Ethical Hacker, Teacher, AI Developer, Research Scientist, Forensic Analyst, and OSINT Analyst. He has extensive knowledge of intelligence and investigative principles and methods, including OSINT, cyber warfare, cyber terrorism, cyber conflicts, cyber attacks, cybersecurity, and cybercrime.

Andrei Cotaie is a Principal Security Engineer at UiPath, specializing in Security Operations, Incident Response, and AI-driven automation. Before joining UiPath, Andrei spent over seven years at Adobe’s Security Coordination Center, where he led initiatives in threat intelligence, incident response, and security engineering.

Over the past several years, Andrei has focused his research on applying artificial intelligence and machine learning to cybersecurity, developing full-stack Security AI ecosystems designed to enhance detection, response, and automation capabilities. His work bridges the gap between operational security and AI innovation, leveraging data-driven models to anticipate and counter unconventional attack techniques.

An advocate for intelligent automation, Andrei continues to explore how AI can redefine modern security operations—turning complex challenges into scalable, self-learning systems.

Andrej Tomšič is a state supervisory authority for personal data protection and Deputy Information Commissioner, primarily working in the areas of personal data security, data retention in electronic communications, biometrics, and direct marketing. He holds a Master’s degree in Information Management Sciences and has completed training and passed the examination for Lead Auditor under the ISO/IEC 27001:2005 standard.

Bob van der Staak is a Ethical hacker and red teamer at the Dutch Railways. Sharing knowledge is his passion, and with his background in software development and technical informatics, he implements code to assist with his daily assessments. From web penetration testing to malware development and cloud technologies, he is eager to learn and share his expertise.

Cristian Miron is a Security Engineer currently working for UiPath. His career in IT started 13 years ago and for the past 9 he focused his attention to Security. He is passionate about automation ever since he realised that he can work more efficiently if his tasks are scripted: from handling data sets in phishing campaigns to closing alerts which don’t need human interaction and reviewing alerts that have been closed by an engineer, everything should be done with a robot.

Danijel Grah has over ten years of experience in cybersecurity. He began his career as a consultant before transitioning into research and later joined NIL (part of Conscia Group) as a Cyber Security Analyst in the Security Operations Center (SOC)/MDR. He eventually returned to Offensive Security and now serves as a Technical Lead. Danijel brings extensive expertise in penetration testing, security hardening, programming, consulting, and the development of cyber defense systems. He has published and presented research at various international information security conferences and has confirmed his knowledge and experience with industry certificates, such as GRID and GCFR.

Diogo is a seasoned cybersecurity professional and passionate researcher. He got curious about breaking things at a young age when he saw his first blue screen of death. That childhood curiosity evolved into a drive to understand how systems really work —all sparked by one simple question: “How can this be broken?”
Today, Diogo works as an Information Security Engineer at SEG Automotive, responsible for security operations and incident response. When he’s not fixing or breaking things, he’s somewhere surrounded by nature.

Domen Hribar is the Deputy Head of Information Security for the Petrol Group, where he is responsible for regulatory and internal policy compliance as well as information security risk management. He is involved in the implementation of international standards and regulations and leads projects aimed at strengthening cyber resilience and fostering a strong security culture within the organization.

Gregor Spagnolo is the owner of SSRD d.o.o., a company focused on secure software development lifecycle (SSDLC) practices and the training of software developers. He is a Certified Ethical Hacker (CEH) with over ten years of experience and expertise in application design and implementation as well as cybersecurity. His security work includes security assessments, penetration testing, source code analysis, secure coding practices, and security incident data mining.

Hamza Zaheer is a senior security tester and researcher specializing in authentication security, VAPT, mobile application and web application exploitation. His work focuses on real-world attack simulation, token security, and identifying critical flaws in high-risk systems such as financial platforms and identity providers.

He has reported severe vulnerabilities to organizations worldwide and has acknowledgments from multiple international companies. Hamza has led and conducted numerous in-depth audits uncovering IDOR, XSS, token misbinding, and multi-domain authentication weaknesses. His research combines hands-on exploitation with deep technical analysis to demonstrate how small validation gaps can lead to complete platform compromise.

Bash Bunny is a cybersecurity specialist with extensive experience in penetration testing, red team operations, and OSINT investigations. With a focus on threat intelligence and dark web research, they have conducted numerous investigations involving hidden service deanonymization. Their work spans both offensive security research and defensive architecture, helping organizations understand and mitigate anonymity-based threats. Active in the infosec community through technical writing and tool development, they maintain expertise across Linux systems engineering, network security, and advanced investigation techniques.

Jaka Bochl works in the IT Security department of the Petrol Group, where he is responsible for the implementation, management, and oversight of tools and processes to ensure information security. His responsibilities include monitoring compliance with internal policies and regulatory requirements, risk management, implementing security policies, and ensuring the protection of information systems against threats.

Kateryna Ovechenko is a seasoned product management professional with strong previous experience in cybersecurity, combining strong strategic vision with deep technical knowledge. She has a proven track record in building and leading cross-functional teams, managing product lifecycles, and driving innovation in both FinTech and Energy sectors with cybersecurity in mind. At HBM.ai, Kateryna held the role of Product Strategist, where she works closely with startups to shape product visions and build scalable MVPs. She was part of Certified Ethical Hacker Steering Committee and has recently joined Certified Offensive AI Security Professional Steering Committee.

Dr. Maksim Iavich holds a Ph.D. in Mathematics and is a Professor of Computer Science, Head of the Computer Science Department at Caucasus University, and Director of the university’s Cyber Security Center. He is also CEO and President of the Scientific Cyber Security Association SCSA and a Corresponding Member of the National Academy of Science, recognized for his contributions to cryptography and cybersecurity. In 2025, he worked as a post-quantum cryptographer at the University of Michigan.

An active member of the global cybersecurity community, he has delivered keynote talks at major international conferences such as DeepSec, DefCamp. His research spans cybersecurity, cryptography, AI, machine learning, and post-quantum security, and he is the author of numerous scientific publications.

Marko Hölbl is an Associate Professor at the Faculty of Electrical Engineering and Computer Science (FERI), University of Maribor, and serves as Vice-Dean for Research. His work focuses on cybersecurity and information security, privacy, and cryptography, and he teaches courses in information security and digital forensics at UM FERI. He also teaches at the Faculty of Criminal Justice and Security, University of Maribor.

As a researcher, he has been a visiting scholar at the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology and at INSA Centre Val de Loire. He serves as Secretary General of CEPIS LSI and EAEEIE, Vice President of the Slovenian Society INFORMATIKA, and is a member of expert bodies at ECSO, SRIP GoDigital, the Chamber of Commerce and Industry of Slovenia, and the Government of the Republic of Slovenia. He has participated in numerous international projects, including AKADIMOS (Digital Europe), the ESA PQC Key Management project, H2020 CyberSec4Europe, and several Erasmus+ projects.

Mateo Hanžek is a professional pen tester at INFIGO IS. Finished Master’s degree in Information Security and Digital Forensics at Zagreb University of Applied Sciences. Holder of BSCP, OSWE, CARTP certifications and around 15 CVEs. Interested in all areas of web security, especially client-side security and cross-site attacks.

Matthias Luft is a seasoned information security leader. After 20 years in security, he is still excited about a broad range of topics (from hypervisors via containers/clouds to security leadership) and has had the privilege to present on them around the globe. Currently he works on container and cloud security engineering. Outside of work, he enjoys the outdoors, martial arts, and spending time with dogs.

Paul Coggin is a recognized cybersecurity expert at nou Systems, Inc., specializing in solving complex problems at the convergence of space, digital energy, telecommunications, cyber-physics, and cybersecurity. His expertise spans space systems, service provider networks, ICS/SCADA infrastructures, and digital energy. With extensive experience in network architecture, vulnerability analysis, and penetration testing, Paul has led security assessments for critical infrastructure across various sectors, including aerospace, energy, service provider, financial and tactical networks.

A frequent speaker and instructor at international conferences, he shares insights on advanced cybersecurity topics. Paul holds multiple advanced degrees: BS in Mathematics/Computer Science, MS in Space Systems, MS in Systems Management, MS in Information Assurance and Security, and MS in Computer Information Systems, along with numerous industry-recognized certifications.

Rutger Flohil began his career as a .NET developer, building a solid base in software development before switching gears to focus on cybersecurity. After gaining valuable experience in the Security Operations Center (SOC) of the Dutch TLD, he moved on to his current role as a Red Teamer at Dutch Railways (NS). Rutger enjoys the creative side of security, especially when it comes to writing offensive scripts in Python. Always curious and eager to learn, he’s passionate about discovering new techniques and fresh perspectives to tackle security challenges.

Sozon Leventopoulos is a cybersecurity and cyber defense expert with over 30 years of experience spanning the Hellenic Armed Forces, NATO, the EU, the private sector, and academia. A retired Army officer, his work focuses on cyber defense, information security, air defense operations, and ICT system integration. He holds a Master’s degree in Cybersecurity and Critical Infrastructure Protection from AUEB and is currently pursuing a PhD at AUEB’s InfoSec Laboratory. His research covers hybrid threats, cognitive warfare, and critical infrastructure protection. He also teaches penetration testing, consults for public and defense organizations, speaks at international conferences, and holds certifications including CISSP, CASP+, C|CISO, and CEH.

Tamás Bőhm leads product security and oversees penetration testing operations for a major automotive supplier. In parallel, he works as a freelance ethical hacker and trainer.

For the past seven years, he has been actively engaged in offensive security, helping organizations identify and remediate vulnerabilities before they can be exploited by malicious actors.

With over 20 years in the IT industry, Tudor is a Certified Ethical Hacker and Microsoft MVP who loves everything about technology. He is a regular face at local and regional events, where he combines his deep industry experience with a genuine passion for sharing knowledge.

Tudor specializes in Cybersecurity Strategy, IT governance, and risk management. He focuses on helping companies cut through the noise to build effective strategies and secure their operations. After hundreds of talks and training sessions, his goal remains the same: to give IT professionals the practical insights they need to navigate the ever-changing tech landscape.