Program Overview
The Joint FIRST TC will be held in conjunction with the 41st TF-CSIRT meeting on 10-12 February 2014 in Zürich, Switzerland at the Volkshaus, Stauffacherstrasse 60, 8004 Zürich.
Registration for the event is now open, with a charge of 100 euros per attendee for the meeting. Registration for workshops and other meetings will be available shortly.
Please note: the program schedule is not in its final version, adjustments will occur.
Hands On
Hands on course on Wednesday Feb 12th. There will be an Entry Level YARA course in the am and Advanced YARA continued in the afternoon.
Instructors:
Andreas Schuster and Victor Alvarez - Deutsche Telekom
YARA tutorial class
Entry-level class in the morning and advanced topics in the afternoon
- Classifying binaries
- Parsing an executable file format
- Matching on assembler and high-level language constructs
- Writing fast end efficient rules
Students cab either attend both classes or one the one that matches their skills and interests.
Monday, February 10th
| Event |
|---|
| 09:30 – 13:00 | TF-CSIRT SC Meeting (Invitation Only) Volkshaus |
| 14:00 – 17:00 | 41st TF-CSIRT meeting (Invitation Only) Volkshaus |
| 19:00 – 22:00 | Social Events TBD |
Tuesday, February 11th
| Event |
|---|
| 09:30 – 10:30 | FIRST Welcome and Organizational Update Derrick Scholl, FIRST Steering Committee |
| 10:30 – 11:00 | BetterCrypto.org Aaron Kaplan, CERT.at |
| 11:00 – 11:30 | Break |
| 11:30 – 12:00 | The Risk/IT-Security Database Arjen de Landgraaf |
| 12:00 – 13:00 | Lunch |
| 17:00 – 19:00 | Hosted Social Event Open Systems |
Wednesday, February 12th
| Event Session A | Event Session B |
|---|
| 09:00 – 13:00 | FIRST Hands-On Class / Other Meetings SWITCH Offices | FIRST Hands-On Class / Other Meetings SWITCH Offices |
| 14:15 – 17:45 | FIRST Hands-On Class / Other Meetings SWITCH Offices | FIRST Hands-On Class / Other Meetings SWITCH Offices |
BetterCrypto.org
Aaron Kaplan, CERT.at
This whitepaper arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security specialists saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.
Initiated by Aaron Kaplan (CERT.at) and Adi Kriegisch (VRVis), a group of specialists, cryptographers and sysadmins from CERTs, academia and the private sector joined forces to write such a concise, short guide. This project aims at creating a simple, copy & paste-able HOWTO for secure crypto settings of the most common services (webservers, mail, ssh, etc.). It is completely open sourced, every step in the creation of this guide is public, discussed on a public mailing list and any changes to the text are documented in a publicly readable version control system.
February 11, 2014 10:30-11:00
The Risk/IT-Security Database
Arjen de Landgraaf
The Risk/IT-Security database now counts well over 722,000 items on IT-Security, User Awareness, Industry Risks. Participants will be given an overview of the IT-Security and Risk Source and be provided with free access to the full database content for their research purposes.
February 11, 2014 11:30-12:00
