Workshop

Train the Trainers Workshop

(Members only)

Workshop

Train the Trainers Workshop

(Members only)

Program Committee Meeting

Tutorial

Creating and Managing CSIRTs

Robin Ruefle (CERT/CC, US), Georgia Killcrece (CERT/CC – Carnegie Mellon University, US)

Tutorial

Understanding & Analyzing Botnets

Jeff Nathan , Jose Nazario (Arbor Networks, US)

Geek Zone

Forensic Discovery

Dr. Wietse Z. Venema (IBM Research – GSAL, US)

Special Interest Group

Law Enforcement / CSIRT Cooperation SIG

Chris Painter (Department of Justice, US), Yurie Ito (JPCERT, JP), Matthew Pemble (Vizuri Limited, UK)

UNIX/C Programming traps and pitfalls

Dr. Wietse Z. Venema (IBM Research – GSAL, US)

Internet Infrastructure Vendors (Vendor SIG)

Gaus . (Cisco Systems, US)

Tutorial

Creating, Managing and Using a Malware Lab

Grant Deffenbaugh , Lisa Sittlerl , Nick Ianelli (CERT/CC, US)

Tutorial

System, Network and Security Log Analysis for Incident Response

Anton Chuvakin (LogLogic, Inc., US)

Tutorial

Do it yourself: The latest in forensic tools and techniques to examine Microsoft Windows

Andreas Schuster (Deutsche Telekom AG, Group Security, DE), Pär Österberg (Swedish IT Incident Centre, Sitic, SE)

Added Attraction

Corporate Executive Programme (CEP)

Special Interest Group

Common Vulnerability Scoring System (CVSS-SIG)

Gavin Reid (Cisco Systems, US)

IT-ISAC Tech SIG

Peter G. Allor (ISS – Internet Security Systems, US)

SIG Meetings

Conference opening

Keynote Speaker

Lord Toby Harris of Haringey (House of Lords, UK)

Provider Practicalities and Paranoia: Modern ISP incident response

Scott McIntyre (KPN-CERT, NL)

Taming Packets: The Network Expect Framework for Building Network Tools

Eloy Paris (Cisco PSIRT, US)

Why Protection against Viruses, Bots, and Worms is so hard – Malware seen as Mobile Agents

Till Dörges (PRE-CERT – PRESECURE Consulting GmbH, DE)

Using Intelligence to Forecast Risk and Allocate Resources: It's Not Hocus-Pocus Anymore

Peter G. Allor (ISS – Internet Security Systems, US)

Day Opening

Targeted attacks (spear phishing): A demonstration and analysis of a former Office 0-day vulnerability

Robert Hensing (MSCERT – Microsoft, US)

Software Security: Integrating Security Tools Into a Secure Software Development Process

Forensics for Managers – Presenting and understanding forensics from the MBA point of view

Mr. Ryan Washington (Crucial Security, US)

Geek Zone

I know what you (and your company) did last summer...

Roelof Temmingh (Paterva, ZA)

Geek Zone

Botnet: Creation, usage, detection and eradication

Guilherme Vênere, Jacomo Piccolini (CAIS/RNP – Brazilian Academic and Research Network, BR), Francisco Monserrat (IRIS-CERT – RedIRIS, ES)

Special Interest Group

SIG Meetings

The Security needs of the State versus the rights of the individual

Bob Ayers (Chatham House, UK)

Flaws and frauds in the evaluation of IDS/IPS technologies

Stefano Zanero (Politecnico di Milano T.U. & Secure Network S.r.l., IT)

NUS IT Security Landscape

Fong Lian Yong (National University of Singapore, SG)

Privacy matters in directories

Javier Masa, Jose Alfonso Accino (University of Malaga, ES), Victoriano Giralt (University of Málaga, ES)

Abuse Handling (AH-SIG)

Martijn van der Heide (KPN-CERT – Chairman KPN-CERT, NL)

The Benefits of FIRST: How to sell FIRST to your Upper Management

Ray Stanton (BT, UK)

Side event

Annual General Meeting (AGM)

* Limited to FIRST team members, FIRST liaison members and their invited guests, subject to approval by the Steering Committee

Opening

Building a scalable, accurate, actionable Incident Response system

Dr. Ken Baylor (CISSP CISM, VP & CISO Symantec, US)

Electronic Forensics: a Casefor First responders

Dr. Henry B. Wolfe (University of Otago, NZ)

Technical Evolution of Cybercrime

Rolf Schulz (GNS-Cert, DE)

Geek Zone

Tools and techniques to automate the discovery of zero day vulnerabilities

Joe Moore , Mark Rowe (Pentest, UK)

Geek Zone

Espionage – Reality or Myth? A Demonstration of Bugging Equipment

Emma Shaw (Esoteric Ltd, UK)

Special Interest Group

SIG Meetings

SafeSOA: Managing Privacy & Risk In The Global Service Oriented Environment

Hart Rossman (SAIC, US)

Handling Less-Than-Zero-Day Attack – A Case Study

Ma Huijuan (National University of Singapore, SG)

Setting up a Grid-CERT – Experiences of an academic CSIRT

Klaus Möeller (DFN-CERT, DE)

An Internet Threat Evaluation Method based on Access Graph of Malicious Packets

Masaki Ishiguro , Hironobu Suzuki (Mitsubishi Research Institute, Inc., JP)

First Team Members Update Panel

Francisco. (Paco) Monserrat (IRIS-CERT – RedIRIS, ES)

WiMAX: Security Analysis and Experience Return

Laurent Butti (France Telecom Orange, FR)

Developing a trusted partnership to prepare a framework for the collection of information security data

Carsten Casper (ENISA, GR)

Experiences with Building, Deploying and Running remote-controlled easily installable Network Sensors

Dr. Bernd Grobauer (Siemens-CERT, DE)

Malware distribution trough software piracy: a case study

Jacomo Piccolini (CAIS/RNP – Brazilian Academic and Research Network, BR)

Provider practicalities and paranoia: Modern ISP incident response – the tooling of incident response at a ISP

Scott McIntyre (KPN-CERT, NL)

Identity theft in the corporate environment – demonstration and hands-on

Peter Wood (First Base Technologies, UK)

Artifact Analysis (AA-SIG)

Kevin Houle (CERT Coordination Center, US)

Managing Privacy in Network Operations: Learning from the Law

Andrew Cormack

Setting up a governmental CERT: The CCN-CERT case study

Carlos Abad (Spanish National Cryptologic Center (CCN), ES)

Tunisia's experience in establishing the first public CSIRT in Africa, as a case example for developing countries, and some guidelines and schemes for International cooperation

Nabil Sahli (CERT-TCC, National Agency for Computer Security, TN)

Conference closing note