June 22-27, 2008
Hyatt Regency Vancouver
British Columbia, Canada
Registration
Ice Breaker Reception
Tutorials
SIG Meetings
Tutorials
SIG Meetings
Beer & Gear
Pre-AGM
Conference Opening
Breakout Sessions
SIG Meetings
Geek Zones
Sponsors' Luncheon
General Session
Breakout Sessions
Geek Zones
SIG Meetings
Annual General Meeting (AGM)
General Session
Breakout Sessions
Geek Zones
SIG Meetings
Conference Closing
| 14:00 – 18:00 | Registration |
| 19:00 – 21:00 | Added Attraction Ice Breaker Reception |
| 08:30 – 10:50 | Tutorial MSFT Defend the Flag - Day 1 |  Tutorial System, Network and Security Log Analysis for Incident Response Anton Chuvakin |  Geek Zone Detecting Intrusions - The latest forensics tools and techniques to identify Windows malware infections Pär Österberg Medina | Special Interest Group CVSS SIG Gavin Reid |
| 10:50 – 11:10 | Morning tea break | |||
| 11:10 – 12:30 | MSFT Defend the Flag - Day 1 (continued) | System, Network and Security Log Analysis for Incident Response (continued) | Detecting Intrusions - The latest forensics tools and techniques to identify Windows malware infections (continued) |  Vendor SIG Bruce Monroe (Intel, US), Damir (Gaus) Rajnovic (Cisco PSIRT – Cisco Systems Co., UK) |
| 12:30 – 14:00 | Lunch break | |||
| 14:00 – 15:20 | MSFT Defend the Flag - Day 1 (continued) | System, Network and Security Log Analysis for Incident Response (continued) | Detecting Intrusions - The latest forensics tools and techniques to identify Windows malware infections (continued) | Vendor SIG (continued) |
| 15:20 – 15:40 | Afternoon tea break | |||
| 15:40 – 17:00 | MSFT Defend the Flag - Day 1 (continued) | System, Network and Security Log Analysis for Incident Response (continued) | Detecting Intrusions - The latest forensics tools and techniques to identify Windows malware infections (continued) | Vendor SIG (continued) |
| Tutorial I - Regency AB | Tutorial II - Regency C | Geek zone I - Plaza AB | SIG - Plaza C | |
|---|---|---|---|---|
| 08:30 – 10:50 | Tutorial MSFT Defend the Flag - Day 2 |  Special Interest Group FIRST Law Enforcement/CSIRT Cooperation SIG (LECC-SIG) – Related G8: HI-Tech Crimes Workshop Yurie Ito (JPCERT/CC, JP) | Tutorial Creating and Managing Computer Security Incident Response Teams(CSIRTs) Georgia Killcrece |  Tutorial Techies Can Communicate Too ! David Pybus |
| 10:50 – 11:10 | Morning tea break | |||
| 11:10 – 12:30 | MSFT Defend the Flag - Day 2 (continued) | FIRST Law Enforcement/CSIRT Cooperation SIG (LECC-SIG) – Related G8: HI-Tech Crimes Workshop (continued) | Creating and Managing Computer Security Incident Response Teams(CSIRTs) (continued) | Techies Can Communicate Too ! (continued) |
| 12:30 – 14:00 | Lunch break | |||
| 14:00 – 15:20 | MSFT Defend the Flag - Day 2 (continued) | Tutorial The life cycle of infections and a botnet Richard Perlotto | Creating and Managing Computer Security Incident Response Teams(CSIRTs) (continued) | Special Interest Group Network Monitoring SIG - Monitoring and Detection of Fast-Flux Service Networks Carol Overes |
| 15:20 – 15:40 | Afternoon tea break | |||
| 15:40 – 16:30 | MSFT Defend the Flag - Day 2 (continued) | The life cycle of infections and a botnet (continued) | Creating and Managing Computer Security Incident Response Teams(CSIRTs) (continued) | Network Monitoring SIG - Large-scale Monitoring of Fast-Flux Service Networks Carol Overes |
| 16:30 – 18:00 | Added Attraction Bear n' Gear | |||
| 18:00 – 19:00 | Side event Pre AGM | |||
| Tutorial I - Regency AB | Tutorial II - Regency C | Tutorial III - Plaza AB | Tutorial IV - Plaza C | |
|---|---|---|---|---|
| 08:30 – 09:00 | Opening Remarks Derrick Scholl (FIRST Chair, US) | ||||
| 09:00 – 09:45 | Enabling End-to-End Trust Scott Charney | ||||
| 09:50 – 10:20 | The State of Internet Phishing and Fraud and Useful Means to Combat It Foy Shiver | Safety and Security of Networked LANs in Aircraft Eric Fleischman |  A Collaborative Approach to Anti-Spam Chia-Mei Chen | Geek Zone Malcode Analysis Techniques for Incident Handlers Russ McRee | Geek Zone Applied Security Visualization Raffael Marty |
| 10:20 – 10:50 | The State of Internet Phishing and Fraud and Useful Means to Combat It (continued) | Safety and Security of Networked LANs in Aircraft (continued) |  Semantic Potential of Existing Security Advisory Standards Stefan Fenz (Secure Business Austria, AT) | Malcode Analysis Techniques for Incident Handlers (continued) | Applied Security Visualization (continued) |
| 10:50 – 11:10 | Morning tea break | ||||
| 11:10 – 11:40 | International Privacy & Security Compliance — Navigating the Maze Steven Ringelberg |  Malicious Websites on the Chinese Web: Overview and Case Study Dr Minghua Wang |  Geek Zone Responding to Security Incidents: Are Security Tools Everything You Need? Rodrigo Werlinger | Practical RFID hacking without soldering irons (or Patent Attorneys) Adam Laurie | Applied Security Visualization (continued) |
| 11:40 – 12:10 | International Privacy & Security Compliance — Navigating the Maze (continued) |  Push-Email in the Enterprise. Is it BlackBerry, WindowsMobile or Symbian? Dr. Heiko Patzlaff |  Tunisia’s experience in building an information sharing and analysis center Haythem EL MIR | Practical RFID hacking without soldering irons (or Patent Attorneys) (continued) | Applied Security Visualization (continued) |
| 12:10 – 12:50 | Emerging Economies: The Vulnerability Market Terri Forslof | Panel Dutch Banking Panel: An overview and panel discussion about the cooperation between banks and the CSIRT community in light of phishing and other recent threats | CERTification: Assessing CSIRT Maturity Klaus-Peter Kossakowski |  Tales from the dark. Diary of a compromised Windows Vista Jacomo Piccolini | Applied Security Visualization (continued) |
| 12:50 – 14:10 | Lunch break | ||||
| 14:10 – 14:50 |  The Dark Future of Desktop Security and How to Stop It Ivan Krstić | ||||
| 14:50 – 15:40 | Malware Without Borders - Multi-Party Response Jeff Williams | SCADA Security – Who Is Really In Control of Our Control Systems? Peter G. Allor | Special Interest Group Abuse Handling SIG Martijn van der Heide (KPN-CERT – Chairman KPN-CERT, NL) | Event Correlation for Early Warning Systems Till Dörges | Incident Handling around the world in 80 ms. (Well not really that fast) Greg Bassett |
| 15:40 – 16:00 | Afternoon tea break | ||||
| 16:00 – 17:00 | Intellectual Property Loss in the Global Marketplace Christopher Burgess | Has Pakistan stolen your traffic lately? – Threats to Internet Routing and Global Connectivity Earl Zmijewski | Abuse Handling SIG (continued) | The Most Important Thing: How Mozilla Does Security and What You Can Steal Johnathan Nightingale | Incident Handling around the world in 80 ms. (Well not really that fast) (continued) |
| 19:00 – 23:00 | Social event Conference Banquet Pan Pacific Hotel Crystal Pavilion (Waterfront Road & Howe Street at Canada Place) | ||||
| Breakout I - Regency CDEF | Breakout II - Regency AB | Breakout III / SIG - Plaza A | Geek zone I / Breakout III - Georgia B | Geek Zone II / Geek Zone I - Georgia A | |
|---|---|---|---|---|---|
| 08:30 – 09:00 | Opening Remarks | ||||
| 09:00 – 10:00 | The Enterprise’s Role in Protecting Critical Infrastructures John Stewart | ||||
| 10:00 – 10:50 | Computer Forensics for Managers and IT Administrators What you need to know Chris van Breda | Incident Management Mission Diagnostic(IMMD) Method Georgia Killcrece |  FMC (Fixed Mobile Convergence) - What About Security Franck Veysset | Geek Zone Inside a BBB Malware Scheme - Mapping and Dissecting Attacker Infrastructure Michael La Pilla | Geek Zone The future of hacking: Blended attacks using social engineering Peter Wood |
| 10:50 – 11:10 | Morning tea break | ||||
| 11:10 – 11:40 | Industry Briefing – An Exercise in Vendor Coordination Peter G. Allor | Safely Sharing Data Between CSIRTs for Collaborative Security: The SCRUB* Anonymization Tool Infrastructure William Yurcik | Matrix, a Distributed Honeynet and its Applications Yonglin Zhou | Virtualization Technology A Manifold Arms Race Michael H. Warfield | The future of hacking: Blended attacks using social engineering (continued) |
| 11:40 – 12:10 | Industry Briefing – An Exercise in Vendor Coordination (continued) | GridCERT Services - Modification of traditional and additional new CERT Services for Grids Antonio Liu (PRESECURE, DE) |  Spotspam - Tackling Spam at New Frontiers Przemyslaw Jaroszewski | Virtualization Technology A Manifold Arms Race (continued) | The future of hacking: Blended attacks using social engineering (continued) |
| 12:10 – 12:50 | Who’s watching the watch dogs? Security Audits for network infrastructure security enforcement devices Kowsik Guruswamy | The HoneySpider Network: Fighting client-side threats Rogier J.L. Spoor |  National spam monitoring network Juan Díez González | About the Security Pros and Cons of Server Virtualization Dr. Martin Wimmer | Tracking and Detecting Trojan Command and Control Servers Ryan Olson |
| 12:50 – 14:10 | Lunch break | ||||
| 14:10 – 14:50 | Insecurity J. D. Frazer | ||||
| 14:50 – 15:20 | The Easiest Score on the Internet - PII and corporate secrets for the taking on P2P file sharing networks. Chris Gormley | Automating Vulnerability Management in a Heterogeneous Enterprise Jeff Boerio | Barriers to CSIRTS cooperation with other CSIRTS and The CLOSER Project Emin Akhundov, Krzysztof Silicki | Bot Herder Case Studies Richard Perlotto | Trends in the Internet Underground / Cyber Kadogos Christopher Abad |
| 15:20 – 15:40 | The Easiest Score on the Internet - PII and corporate secrets for the taking on P2P file sharing networks. (continued) | Automating Vulnerability Management in a Heterogeneous Enterprise (continued) | Barriers to CSIRTS cooperation with other CSIRTS and The CLOSER Project (continued) | Bot Herder Case Studies (continued) | Trends in the Internet Underground / Cyber Kadogos (continued) |
| 15:40 – 17:50 | Side event Annual General Meeting (AGM) * Limited to FIRST team members and their invited guests, subject to approval by the Steering Committee | ||||
| Breakout I - Regency CDEF | Breakout II - Georgia B | Breakout III / SIG - Plaza A | Geek zone I - Regency AB | Geek zone II - Georgia A | |
|---|---|---|---|---|---|
| 08:30 – 08:50 | Opening Remarks | ||||
| 08:50 – 09:30 | Internet Law Update 2008 William Cook | ||||
| 09:30 – 10:20 | Public and Private Collaboration for Improved National Cyber Security Peter G. Allor | Cyber Fraud Trends Ralph Thomas (VERISIGN iDefense, US) |  Putting private and government CERT’s to the test Stephen Frei (ETH Zurich, CH) | Geek Zone Security Testing: Moving Beyond the Penetration Test Kenneth R. van Wyk | Geek Zone Building a no frills malware lab: How to construct a relatively inexpensive, yet effective, malware analysis lab for CIRTs Andre Cormier, Robert Pitcher (CCIRC, CA) |
| 10:20 – 10:40 | Morning tea break | ||||
| 10:40 – 11:30 |  Securing Wiki-Style Technology in the Global Enterprise: The Competing Tensions of Privacy Law and Distributed Collaboration Steven Michalove | Security Breaches: To Disclose or not to Disclose Gib Sorebo | Special Interest Group CSIRT Metrics SIG Georgia Killcrece | Identifying network scanning tools Kenneth R. van Wyk | Building a no frills malware lab: How to construct a relatively inexpensive, yet effective, malware analysis lab for CIRTs (continued) |
| 11:30 – 12:20 | Models and Experiences for National and International Information Sharing Andrea Rigoni | Security and Education – Bringing it all Together Frank Wintle | CSIRT Metrics SIG (continued) | Beyond a sensor: Towards the Globalization of SURFids Wim Biemolt (SURFnet, NL) | Building a no frills malware lab: How to construct a relatively inexpensive, yet effective, malware analysis lab for CIRTs (continued) |
| 12:20 – 12:50 | Managing Security & Privacy Incidents in the Health Care Environment Bobby Singh |  Efforts to Secure Electronic Financial Transactions JinWook Choi | CSIRT Metrics SIG (continued) | Phishing without URL, when miscreants go malware Atanai Sousa Ticianelli | Building a no frills malware lab: How to construct a relatively inexpensive, yet effective, malware analysis lab for CIRTs (continued) |
| 12:50 – 14:10 | Lunch break | ||||
| 14:10 – 14:30 | Closing Remarks Derrick Scholl (FIRST Chair, US) | ||||
| Breakout I - Regency CDEF | Breakout II - Regency AB | Breakout III / SIG - Plaza A | Geek zone I - Georgia B | Geek zone II - Georgia A | |
|---|---|---|---|---|---|
Diamond Sponsor
Platinum Best Practices
Platinum / Geek Lounge
Gold
Network
Podcast
Polo Shirt
T-Shirt
Folder
Lanyard/Badge
Beer 'n Gear Sponsor
![[abstract]](/_/img/abstract.png "[abstract]")
![[biography]](/_/img/bio.png "[biography]")