Program Overview
FIRST/TF-CSIRT Technical Colloquium (TC) 2012. The event will be held from 30 January until 1 February 2012 at the Aula Magna del Rettorato in Rome, Italy. This is a joint event of FIRST and TF-CSIRT hosted by TERENA, GARR-CERT and Roma Tre University.
Call for Speakers
FIRST is also looking for speakers that would like to present during FIRST/TF-CSIRT Seminar and for the FIRST Hands-On Classes. This is a GREAT opportunity to give something back to FIRST, and some suggested topics are as follows:
- Lessons learned, case studies, etc.
- Threat updates - statistics of malware and such
- Attack tools and trends
- Incident response tools and trends and security technologies
For your submission, please provide the following information:
- Title
- Brief Summary (Abstract)
- Presenter's Name and Affiliation
- Estimated Time
For the Hands-On day, we are looking for presenters to lead a demonstration or a hands-on exercise. Each instructor is expected to prepare their own material and to bring their own equipment and attendees are expected to bring their own laptop computers and power converters/adaptors. Instructors should expect to work with groups up to 30 students. The duration of each demo or exercise should be 2-3 hours, so that it can be run once in the morning and once in the afternoon. Please advise whether you need any additional equipment or facilities.
If you're interested in speaking or instructing a Plenary Session or Hands-on class, please get in contact with me (ken@krvw.com) and Jacomo Piccolini (jacomo@cymru.com ). We're hoping to have a draft program in place by December, so please get in touch with us ASAP.
Monday, January 30th
| TF-CSIRT Meeting |
|---|
| 09:00 – 12:30 | Trusted Introducer Meeting - TI-accredited CSIRTs and TI Review Board Auditorium, Aula Magna del Rettorato |
| 12:30 – 13:30 | Lunch |
| 13:30 – 17:00 | 35th TF-CSIRT meeting Auditorium, Aula Magna del Rettorato |
| 17:00 – 17:30 | Coffee break |
| 17:30 – 18:30 | TI Review Board Auditorium, Aula Magna del Rettorato |
| 20:00 – 22:00 | Social Event |
Tuesday, January 31st
| FIRST/TF-CSIRT Seminar |
|---|
| 09:00 – 09:10 | Introduction Kenneth van Wyk, FIRST & Lionel Ferette, TF-CSIRT
Auditorium, Aula Magna del Rettorato |
| 09:10 – 09:40 | Remediation Efforts, Private-Private-Public Relationships, and the Working Group Model Eric Ziegast, ISC |
| 09:40 – 10:10 | US The OWASP Top 10 Mobile Security Risks Kenneth R. van Wyk (KRvW Associates, LLC, US) |
| 10:10 – 10:30 | LV Dealing with the whole country: creating a National CSIRT Baiba Kaskina (CERT NIC.LV, LV) |
| 10:30 – 11:00 | Coffee break |
| 11:00 – 11:30 | INTERPOL Cybercrime Initiatives Vincent Danjean (INTERPOL) |
| 11:30 – 12:00 | Tackling hideous crimes on the hidden web Eileen Monsma (Dutch National High Tech Crime Unit) |
| 12:00 – 12:15 | OAS Cyber Security Roundtable Mirek Maj |
| 12:15 – 13:15 | Lunch |
| 13:15 – 14:00 | The DigiNotar incident and aftermath: avoiding SSL-mageddon Aart Jochem (GOVCERT.NL) |
| 14:00 – 14:30 | NO Titan: a grid facility incident Leif Nixon (European Grid Infrastructure); Margrete Raaum (KraftCERT, NO) |
| 14:30 – 15:00 | AT The WOW Effect: how Microsoft's WOW64 technology unintentionally fools IT Security analysts Christian Wojner (CERT.at, AT) |
| 15:00 – 15:30 | Coffee break |
| 15:30 – 16:00 | FR Countering Anti-Phishing Countermeasures Vincent Hinderer (CERT-LEXSI, FR) |
| 16:00 – 16:20 | CZ Malicious Domain Manager Michal Prokop (CSIRT.CZ, CZ) |
| 16:20 – 16:30 | Analysing and mapping the ZeuS P2P+DGA variant network Tomasz Bukowski (CERT Polska) |
Wednesday, February 1st
| FIRST Hands-On Classes | TRANSITS/RTIR |
|---|
| 09:00 – 12:30 | DE FIRST Hands-On Class 1: Introduction into YARA, the malware classification tool Andreas Schuster (Deutsche Telekom AG, DE); Auditorium, Aula Magna del Rettorato FIRST Hands-On Class 2: iOS app security hands-on Ken Van Wyk (KRvW Associates, LLC); Sala del Consiglio, Aula Magna del Rettorato | RTIR BoF: Discussion about future development of RTIR software Sala Tesi, Aula Magna del Rettorato TRANSITS Trainers' Workshop Sala 1, GARR Offices |
| 12:30 – 13:30 | Lunch |
| 13:30 – 17:00 | FIRST Hands-On Class 3 To be confirmed DE FIRST Hands-On Class 4: Introduction into YARA, the malware classification tool - repeat of Class 1 Andreas Schuster (Deutsche Telekom AG, DE); Sala del Consiglio, Aula Magna del Rettorato | TRANSITS Trainers' Workshop Sala 1, GARR Offices |
- DE
FIRST Hands-On Class 1: Introduction into YARA, the malware classification tool
Andreas Schuster (Deutsche Telekom AG, DE), Auditorium, Aula Magna del Rettorato
An Ubuntu-based training environment will be provided. Participants are expected to provide their own laptop, with at least 1 GB RAM free for applications, 10 GB free disk space, and the latest version of VMware (either Workstation, Player, or Fusion) installed. The virtual machine image will be available for download from http://r.forens.is/yaravm starting January 30, 2011
February 1, 2012 09:00-12:30
FIRST Hands-On Class 2: iOS app security hands-on
Ken Van Wyk (KRvW Associates, LLC), Sala del Consiglio, Aula Magna del Rettorato
Ken is a CERT® Certified Computer Security Incident Handler, as well as an internationally recognized information security expert and author of the popular O'Reilly and Associates books, Incident Response and Secure Coding: Principles and Practices, as well as a monthly columnist for Computerworld. Among his numerous professional roles, Ken is a Visiting Scientist at the Software Engineering Institute at Carnegie Mellon University, where he is a course instructor and consultant to the CERT® Coordination Center.
Ken has previously held senior information security technologist roles at Tekmark's Technology Risk Management practice, Para-Protect Services, Inc., and Science Applications International Corporation (SAIC). Ken was also the Operations Chief for the U.S. Defense Information Systems Agency's DoD-CERT incident response team, as well as a founding employee of the CERT® Coordination Center at Carnegie Mellon University's Software Engineering Institute.
Ken has previously served as the Chairman and as a member of the Steering Committee for the Forum of Incident Response and Security Teams (FIRST), a non-profit professional organization supporting the incident response community. He currently sits on their Steering Committee and Board of Directors. He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, including S3, CSI, ISF, and others FIRST.
February 1, 2012 09:00-12:30
- DE
FIRST Hands-On Class 4: Introduction into YARA, the malware classification tool - repeat of Class 1
Andreas Schuster (Deutsche Telekom AG, DE), Sala del Consiglio, Aula Magna del Rettorato
An Ubuntu-based training environment will be provided. Participants are expected to provide their own laptop, with at least 1 GB RAM free for applications, 10 GB free disk space, and the latest version of VMware (either Workstation, Player, or Fusion) installed. The virtual machine image will be available for download from http://r.forens.is/yaravm starting January 30, 2011
February 1, 2012 13:30-17:00
- US
The OWASP Top 10 Mobile Security Risks
Kenneth R. van Wyk (KRvW Associates, LLC, US)
Kenneth R. van Wyk is an internationally recognized information security expert and author of the recent O'Reilly and Associates books, Incident Response and Secure Coding, as well as a monthly columnist for on-line security portal, eSecurityPlanet (http://www.eSecurityPlanet.com) and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute. Ken is
a CERT® Certified Computer Security Incident Handler and provides consulting and training services through his company, KRvW Associates, LLC, (http://www.KRvW.com).
Ken has nearly 20 years as an IT Security practitioner in the Academic, Military, and Commercial sectors. He has held senior and executive technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), in addition to the U.S. Department of Defense and Carnegie Mellon and Lehigh Universities.
Ken also served a two-year elected position as a member of the Steering Committee, and a one-year elected position as the Chairman of the Steering Committee, for the Forum of Incident Response and Security Teams (FIRST) organization. At the Software Engineering Institute of Carnegie Mellon University, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds an engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented papers and speeches for CSI, ISF, USENIX, FIRST, and others.
January 31, 2012 09:40-10:10
mannino-zusman-lanier.pdf
MD5: 40dc7ed1fd3fa98291c1c91527e1b736
Format: application/pdf
Last Update: June 7th, 2024
Size: 2.08 Mb
- NO
Titan: a grid facility incident
Leif Nixon (European Grid Infrastructure), Margrete Raaum (KraftCERT, NO)
Leif Nixon heads the Incident Response Task Force of the European Grid Infrastructure, a distributed computing infrastructure spanning more than 300 resource centres in approximately 58 countries. He was probably crazy to take this job on.
He is also serving as security officer for the National Supercomputer Centre at Linköping University, the Swedish National Infrastructure for Computing and the Nordic Data Grid Facility, among other bodies.
Actually, his number of different hats is so great that he finds it difficult to keep his e-mail signature within the bounds of RFC 1849.
Leif Nixon heads the Incident Response Task Force of the European Grid Infrastructure, a distributed computing infrastructure spanning more than 300 resource centres in approximately 58 countries. He was probably crazy to take this job on.
He is also serving as security officer for the National Supercomputer Centre at Linköping University, the Swedish National Infrastructure for Computing and the Nordic Data Grid Facility, among other bodies.
Actually, his number of different hats is so great that he finds it difficult to keep his e-mail signature within the bounds of RFC 1849.
Margrete Raaum is CEO for KraftCERT, the Norwegian CERT for energy, water&waste water and industrial control system industry. She has a background from IC design, computer networking and information security. She has woken with information security since 1998; for the ISP community, in academia, the Norwegian Security Authority, NorCERT and the grid- and transmission system operator. She was on the board of directors of FIRST (The Forum for Incident Response and Security Teams) for 8 years, serving as a chairman for 2 of these.
January 31, 2012 14:00-14:30
