Facilities — Renaissance Harborplace
Registration — Fifth floor foyer
Sunday 14:00–18:00
Monday–Wednesday 07:30–17:00
Thursday–Friday 08:00–14:00
Terminal room — Homeland room
Monday – Wednesday 08:00–17:00
Friday 08:00–14:00
Continental breakfast — Fifth floor foyer
Monday – Friday 08:00–09:00
Lunch — Baltimore ballroom
Monday – Friday 12:30–14:00
Overview
Registration
Program Committee Meeting
Welcome Icebreaker Reception
Business/Management Track
Technical Track
Business/Management Track
Technical Track
Business/Management Track
Technical Track
Business/Management Track
Technical Track
Business/Management Track
Technical Track
June 25th (Sunday) | |
|---|---|
| 14:00 – 18:00 | Registration |
| 16:00 – 17:00 | Program Committee Meeting |
| 19:00 – 21:00 | Welcome Icebreaker Reception |
| June 26th (Monday) | ||
|---|---|---|
| Business/Management Track | Technical Track | |
| 07:30 – 17:00 | Registration | |
| 08:00 – 09:00 | Continental Breakfast | |
| 09:00 – 09:10 | The Day Ahead | The Day Ahead |
| 09:10 – 10:30 |  Exploring the Next Level of Cyber Attacks: Methodologies and Demonstration of Web Application Hacks Matt Fisher | Robert Seacord |
| 10:30 – 11:00 | Coffee break | |
| 11:00 – 12:30 | Exploring the Next Level of Cyber Attacks: Methodologies and Demonstration of Web Application Hacks (continued) Matt Fisher | Secure Coding in C and C++ (continued) Robert Seacord |
| 12:30 – 14:00 | Lunch | |
| 14:00 – 15:30 | Audrey Dorofee | Design Your Network to Aid Forensic Investigation Robert Sisk |
| 15:30 – 16:00 | Coffee break | |
| 16:00 – 17:30 | Evaluating CSIRT Operations (continued) Audrey Dorofee | Design Your Network to Aid Forensic Investigation (continued) Robert Sisk |
| 18:00 – 19:00 | Pre AGM Discussions (FIRST members only) | |
(SPI Dynamics, US)| June 27th (Tuesday) | ||
|---|---|---|
| Business/Management Track | Technical Track | |
| 07:30 – 17:00 | Registration | |
| 08:00 – 09:00 | Continental Breakfast | |
| 09:00 – 09:10 | The Day Ahead | The Day Ahead |
| 09:10 – 10:30 | Log Data Analysis for Incident Response Anton Chuvakin | Next Steps in Bridging the Gap Gary McGraw (Cigital, Inc., US), Kenneth van Wyk |
| 10:30 – 11:00 | Coffee break | |
| 11:00 – 12:30 | Log Data Analysis for Incident Response (continued) Anton Chuvakin | Next Steps in Bridging the Gap (continued) Gary McGraw (Cigital, Inc., US), Kenneth van Wyk |
| 12:30 – 14:00 | Lunch | |
| 14:00 – 15:30 |  IT Security Teams and Outsourced Managed Security Services - working together Nicholas Fischbach (COLT Telecom), Chris van Breda |  Honeypot Technology: Principles and Applications Franck Veysset |
| 15:30 – 16:00 | Coffee break | |
| 16:00 – 17:30 | IT Security Teams and Outsourced Managed Security Services - working together (continued) Nicholas Fischbach (COLT Telecom), Chris van Breda | Honeypot Technology: Principles and Applications (continued) Franck Veysset |
| 19:00 – 21:00 | Birds of a Feather Sessions | |
| June 28th (Wednesday) | ||
|---|---|---|
| Business/Management Track | Technical Track | |
| 07:30 – 17:30 | Registration | |
| 08:00 – 09:00 | Continental Breakfast | |
| 09:00 – 09:10 | Welcome and Conference opening | |
| 09:10 – 09:50 | Keynote: Computer Security Incident Response - Past, Present, Future Richard Pethia | |
| 09:50 – 10:30 | Sharing Sensitive Information without Compromising Data Peter Allor | |
| 10:30 – 11:00 | Coffee break | |
| 11:00 – 12:00 | CERT's Virtual Training Environment: A New Model for Security and Compliance Training James Wrubel | |
| 12:00 – 12:30 |  If You Don't Know What You Don't Know Arjen de Landgraaf | |
| 12:30 – 14:00 | Lunch | |
| 14:00 – 14:30 |  Risk Analysis Methodology for New IT Service Jun Heo | Reliably Determining the Outcome of Computer Network Attacks Barry Mullins, David Chaboya |
| 14:30 – 15:00 |  The Impact of Honeynets for CSIRTs Jan Kohlrausch |  Automated Extraction of Threat Signatures from Network Flows Piotr Kijewski |
| 15:00 – 15:30 |  A Strategy for Inexpensive Automated Containment of Infected or Vulnerable Systems Steven Sim Kok Leong |  Behavioral Study of Bot Obedience using Causal Relationship Analysis Lari Huttunem, Pekka Pietikäinen |
| 15:30 – 16:00 | Coffee break | |
| 16:00 – 16:30 | Maximizing the Benefits of Intrusion Prevention Systems: Effective Deployment Strategies Calvin Miller, Charles Iheagwara, Farrukh Awan |  A Distributed Intrusion Detection System Based on Passive Sensors Rogier Spoor |
| 16:30 – 17:00 | Designing and Developing an Application for Incident Response Teams Kees Leune |  Netflow Tools NfSen and NFDUMP Peter Haag |
| 17:00 – 17:30 |  Threats of P2P File Sharing Software - a Japanese Situation About "Winny" Keisuke Kamata | Proactive Security Monitoring in a Policy Managed Network Till Dörges |
| 19:00 – 23:00 | Evening at the Aquarium - Sponsored by E-Secure-IT | |
| June 29th (Thursday) | ||
|---|---|---|
| Business/Management Track | Technical Track | |
| 07:30 – 17:00 | Registration | |
| 08:00 – 09:00 | Continental breakfast | |
| 09:00 – 09:10 | The Day Ahead | |
| 09:10 – 09:50 | Keynote: Building Effective Relationships between CSIRTs and Law Enforcement Brian Nagel | |
| 09:50 – 10:30 | Rob Thomas | |
| 10:30 – 11:00 | Coffee break | |
| 11:00 – 11:45 |  A Year's Evolution on Attacks Against Online Banking Customers Matthew Pemble | |
| 11:45 – 12:30 | Botnets as Vehicle for Online Crime Aaron Hackworth | |
| 12:30 – 14:00 | Lunch | |
| 14:00 – 14:30 | CarmentiS - a German Early Warning Information System - Challenges and Approaches Jürgen Sander | Building and Deploying Billy Goat: a Worm-Detection System Diego Zamboni, James Riordan |
| 14:30 – 15:00 | Counter-Forensic Tools: Analysis and Data Recovery Matthew Geiger (CERT/CC – Carnegie Mellon University, US) | RAPIER - A 1st Responders Info Collection Tool Joseph Schwendt |
| 15:00 – 15:30 | Coffee Break | |
| 15:30 – 17:30 | FIRST Annual General Meeting | |
| June 30th (Friday) | ||
|---|---|---|
| Business/Management Track | Technical Track | |
| 07:30 – 17:00 | Registration | |
| 08:00 – 09:00 | Continental Breakfast | |
| 09:00 – 09:10 | The Day Ahead | |
| 09:10 – 09:50 | Keynote: Fixing Internet Security by Hacking the Business Climate Bruce Schneier | |
| 09:50 – 10:30 | The Survivability and Information Assurance (SIA) Curriculum Lawrence Rogers | |
| 10:30 – 11:00 | Coffee break | |
| 11:00 – 11:45 | Legal Representatives - CERT Panel Discussion Chris Painter | |
| 11:45 – 12:30 | VisFlowConnect-IP : A Link-Based Visualization of NetFlows for Security Monitoring William Yurcik | |
| 12:30 – 14:00 | Lunch | |
| 14:00 – 14:30 |  Effectiveness of Proactive CSIRT Services Johannes Wiik, Jose Gonzalez (Agder University, NO), Klaus-Peter Kossakowski |  Worm Poisoning Technology and Application Cui Xiang |
| 14:30 – 15:00 | Proposal of RSS Extension for Security Information Exchange Masato Terada | A Framework for Effective Alert Visualization Jon Ramsey, Uday Banerjee |
| 15:00 – 15:30 | The Network-Centric Incident Response and Forensics Imperative Richard Bejtlich |  Time signatures to Detect Multiheaded Stealthy Attack Tools Jacomo Piccolini (CAIS/RNP – Brazilian Research Network, BR) Time Signatures to Detect Multi-headed Stealthy Attack Tools Fabien Pouget |
| 15:30 – 16:00 | Closing | |
Please note: the program schedule is not in its final version, adjustments still can occur.
