Bit Sentinel, a Romanian cybersecurity company specializing in offensive security and cyber defense readiness, served as the technical organizer of the Capture the Flag (CTF) exercise at Resilient Trident 2026, the trilateral cybersecurity exercise uniting Romania, the Republic of Moldova, and Ukraine under the Cyber Alliance for Regional Resilience. Coordinated by Romania’s DNSC together with Ukraine’s NCSCC and Moldova’s ASC. The exercise brought together more than 40 public and private organizations for panels, live-fire drills, tabletop exercises, and a hands-on CTF powered by Bit Sentinel’s CyberEDU cyber range platform – featuring 19 advanced challenges across machine learning security, digital forensics, web exploitation, and reverse engineering, designed to turn high-level regional cooperation into real operational capability.
At Bit Sentinel, we believe that true cybersecurity readiness is built through collaboration, trust, and continuous practice in realistic environments.
As a cybersecurity company specializing in offensive security, training, and cyber defense readiness, our mission is to help organizations and institutions develop not just knowledge, but real-world capability. This is why participating in initiatives like the Resilient Trident exercise is deeply aligned with our purpose.
Resilient Trident is not just an event, it is the operational expression of the Cyber Alliance for Regional Resilience – a trilateral framework created by a memorandum of understanding between Romania’s DNSC, Ukraine’s NCSCC and Moldova’s ASC in February 2026 to consolidate cyber resilience across the region. The 2026 edition brought together more than 40 public and private organizations for high‑level panels, specialised technical sessions, live‑fire drills, tabletop exercises and a Capture‑the‑Flag exercise. Beyond the variety of formats, its mission is to strengthen cooperation and trust: participants worked side‑by‑side to share expertise and develop joint capabilities, recognising that cyber defence is no longer a purely national responsibility. Regional leaders have highlighted that Resilient Trident demonstrates how collective action allows us to anticipate, deter and respond to hybrid threats and sends a clear message that our strength lies in unity, freedom and democratic values.
For us at Bit Sentinel, being invited to manage the Capture the Flag exercise is both an honour and a responsibility. It signals the trust placed in our offensive‑security expertise and our commitment to help build the region’s cyber posture and it highlights that the exercise relied on our CyberEDU cyber range platform to deliver its hands-on components. By contributing to Resilient Trident, we stand shoulder‑to‑shoulder with national authorities and partners to prove that Romania, Moldova and Ukraine can operate as one cyber community – a community prepared to defend its shared digital space against the threats of today and tomorrow.
More than a technical exercise, it is a strategic effort to build a resilient regional cybersecurity ecosystem.
From strategy to practice
Large-scale cybersecurity exercises often focus on coordination, policies, and response frameworks. These are essential. But resilience is ultimately measured by how well people can act under pressure, make decisions quickly, and collaborate effectively in real situations.
Our contribution to Resilient Trident was designed with exactly this in mind.
Through our involvement, we aimed to support the broader mission of the exercise: translating high-level cooperation into operational capability. The focus was not just on testing systems, but on enabling people from different countries and backgrounds to work together, think critically, and respond to complex scenarios.
Exercise structure
The CTF featured 19 carefully designed exercises, combining both on-premises and online participation across the three participating countries:
- 🇷🇴 Romania: 13 players on-premises
- 🇲🇩 Republic of Moldova: 6 players on-premises
- 🇺🇦 Ukraine: 3 players on-premises, with additional participants joining online
This hybrid setup enabled broader inclusion while maintaining the intensity of an in-person environment.
The challenges covered a diverse and modern set of domains:
- Machine Learning Security & Steganography
- Digital Forensics & Threat Hunting
- Web Exploitation (based on latest CVEs)
- Reverse Engineering
What made this exercise stand out was the depth and realism of the scenarios, many of which mirrored real-world attack chains and investigation workflows:
- Tracing a full compromise chain from a phishing download to credential theft and system takeover
- Investigating covert data exfiltration through disguised network traffic
- Performing deep analysis of malicious PDFs with hidden embedded artifacts
- Identifying and dissecting a Remote Access Trojan (RAT) using threat intelligence and open-source tooling
- Conducting network forensic analysis with Wireshark, uncovering attacker tools, credentials, and transferred files
On the offensive side, participants tackled cutting-edge exploitation scenarios:
- Exploiting a WebAssembly sandbox escape (CVE-2026-25905) to break isolation and manipulate backend logic
- Leveraging stored XSS via file upload to hijack administrator sessions
- Abusing insecure postMessage implementations to take over privileged workflows
Advanced reverse engineering and ML-focused challenges pushed participants even further:
- Reconstructing a spearphishing attack lifecycle by reversing a Go malware sample and correlating forensic artifacts
- Extracting hidden data from a PyTorch model by analyzing neural network weights
- Recovering a hidden image from a Variational Autoencoder (VAE) to decode a QR-based flag
Each challenge required not just technical knowledge, but analytical thinking, persistence, and the ability to connect multiple layers of information – exactly the skills needed in real-world cybersecurity operations.
Why this exercise matters
In today’s threat landscape, cyber incidents do not respect timelines or borders. Attacks are increasingly sophisticated, fast-moving, and often coordinated across regions. This makes international collaboration not just beneficial – but necessary.
Resilient Trident highlighted several key aspects that are critical for the future of cybersecurity in the region:
- Cross-border collaboration
Bringing together professionals from Romania, Moldova, and Ukraine helps build relationships that are essential during real incidents. - Shared understanding of threats
Participants gain exposure to different perspectives, methodologies, and approaches to cyber defense. - Operational readiness
Exercises like this move beyond theory and help validate how prepared teams truly are. - Trust building
Working together in high-pressure scenarios fosters trust – an essential component in coordinated response efforts.
For us, being part of this initiative meant contributing to something larger than a single event: the long-term resilience of the region.
Creating meaningful engagement
A key element of our involvement was enabling an environment where participants could actively engage, collaborate, and learn by doing.
Rather than focusing purely on technical complexity, the emphasis was on:
- Encouraging teamwork and communication
- Promoting problem-solving under pressure
- Creating scenarios that reflect real-world challenges
- Allowing participants to learn from each other
- Offering a strong and reliable infrastructure for such an exercise
The hybrid nature of the exercise – bringing together both on-site and remote participants – also reinforced an important reality: modern cybersecurity operations are inherently distributed.
Impact beyond the exercise
The true value of Resilient Trident goes far beyond scores, rankings, or individual performance.
What we observed – and what matters most – was:
- High levels of engagement and motivation
- Active knowledge exchange between countries
- Stronger professional connections across the region
- Increased confidence in handling real-world scenarios
These outcomes contribute directly to a more prepared and resilient cybersecurity community.
As Andrei Avadanei, CEO of Bit Sentinel, highlighted:
“Exercises like this redefine how organizations prepare for cyber threats.
It’s not about ticking boxes – it’s about building real reflexes, collaboration, and trust. What we saw here is exactly the kind of capability Europe needs more of.”
Looking ahead
Resilience is not a one-time achievement – it is a continuous process. Running a CTF in a multinational exercise comes with unique challenges – and opportunities:
- Balance is key: challenges must be accessible yet non-trivial
- Infrastructure reliability is critical: downtime kills momentum and engagement
- Clear communication enhances experience: instructions and support matter as much as content
- Realism drives value: participants engage more when scenarios feel authentic
The success of the first-day Jeopardy CTF demonstrated the value of integrating technical competitions into large-scale cybersecurity exercises. It’s not just about testing systems – it’s about testing real skills, collaboration, and decision-making under pressure.
At Bit Sentinel, we are proud to support efforts that bring together people, knowledge, and action. We believe that the future of cybersecurity lies in strong partnerships and shared responsibility.
About Bit Sentinel
Bit Sentinel is a Romanian cybersecurity company focused on helping organizations protect their business against evolving cyber threats through a combination of offensive and defensive capabilities.
Founded with a strong offensive security mindset, Bit Sentinel delivers services such as penetration testing, incident response, managed security services, code review, and cybersecurity consultancy, tailored to each organization’s specific risk profile.
Through its Security Operations Center (BSS-CERT), the company provides continuous monitoring, threat detection, and response capabilities, combining technical expertise with real-world attacker perspective to strengthen organizational resilience.
Beyond services, Bit Sentinel actively contributes to the cybersecurity ecosystem through training, awareness programs, and hands-on exercises, helping teams not only identify vulnerabilities but also understand, prioritize, and remediate them effectively.
By bridging offensive security expertise with practical defense strategies, Bit Sentinel supports organizations in building long-term resilience – turning cybersecurity from a compliance requirement into a core business capability.
About Resilient Trident
The “Resilient Trident” exercise was organized under the umbrella of DNSC, alongside the NCSCC and ASC, with the support of the European Union Advisory Mission for Civilian Security Sector Reform in Ukraine (EUAM Ukraine), the European Union Partnership Mission in the Republic of Moldova (EUPM Moldova), the Romanian Intelligence Service (SRI) through the National Cyberint Centre (CNC), Bit Sentinel, the Euro-Atlantic Resilience Centre (E-ARC) and the National University of Political Studies and Public Administration (SNSPA).