The FIRST Symposium event is restricted to FIRST members only and will be held in Jan 25-27, 2010.
Nevertheless, since this will be a joint event with TF-CSIRT - the European CSIRT regional initiative- there will be some sessions restricted to TF-CSIRT members only and others open to both communities.
The FIRST Symposium is held in conjunction with the 29th TF-CSIRT meeting. This year's event is hosted and co-sponsored by DFN-CERT.
Please note:
There will be a GÉANT meeting held Sunday, January 24, 2010 at the Hotel Grand Elysée, Hamburg. Participation in this meeting is by invitation only.
Please contact us at info@geant.net for more information.
Sponsored by PRESENSE
EWNI 2010 will be held Wednesday, January 27, 2010 at the Hotel Grand Elysée in Hamburg. The goal of this workshop is twofold: Evaluate the current state of the art of EWS and explore both related and future research areas. On an organizational level the workshop is intended to stimulate collaborative efforts.
For more information on EWNI 2010, contact ewni2010@pre-secure.de. If you would like to register for this workshop, please click on http://www.pre-sense.de/ewni2010.
GEANT Meeting (Invitation only)
TF-CSIRT Meeting
TF-CSIRT/FIRST Symposium
FIRST Symposium Hands On Classes
EWNI 2010
TF-CSIRT Meeting | |
---|---|
13:30 – 13:35 | BE Welcome, introductions and apologies Lionel Ferette (Belnet CERT, BE) |
13:40 – 14:00 | CZ Martin Peterka (CZ.NIC, CZ) |
14:00 – 14:15 | CZ CESNET CERT presentation Andrea Kropacova (CESNET, CZ) |
14:15 – 14:30 | LU Pascal Steichen (CIRCL, LU) |
14:30 – 15:00 | DE Delivering services in a user-focused way Marcus Pattloch (DFN-CERT, DE) |
15:00 – 15:30 | Coffee Break |
15:30 – 16:00 | DNS community efforts to enable Security Stability and Resiliency Greg Rattray (ICANN, Multinational organisation) |
16:00 – 16:30 | Daniel Kouril (Masaryk University) |
16:30 – 16:40 | Don Stikvoort (Open CSIRT Foundation) |
16:40 – 17:00 | Maurizio Molina (DANTE, Multinational organisation) |
17:30 – 18:30 | TI Review Board Meeting (Review board members only) |
19:30 – 20:30 |
TF-CSIRT/FIRST Symposium | |
---|---|
09:00 – 09:15 | Welcoming remarks |
09:15 – 10:00 | GB Social Networking Risks and the Underground Economy Ian Cook (Corbels Security Services Ltd., GB) |
10:00 – 10:30 | PL Detecting and Analyzing Malicious PDF Files Pawel Jacewicz (NASK/CERT Polska, PL) |
10:30 – 10:45 | Coffee Break |
10:45 – 11:15 | AT Building a CSIRT in an ITIL Driven Organization Christian Proschinger (Raiffeisen Informatik, GmbH, AT) |
11:15 – 12:00 | AT Mass Malware Analysis: A Do-It-Yourself Kit Christian Wojner (CERT.at, AT) |
12:00 – 13:00 | Lunch |
13:00 – 13:30 | JP MWS2009: Anti-Malware Engineering Workshop 2009 Masato Terada (IPA, JP) |
13:30 – 14:15 | Understanding the Insider Threat Greg Longo (CERT - Software Engineering Institute, CMU) |
14:15 – 14:45 | GB Incident Response in a Collegiate University David Ford (OxCERT – Oxford University Computing Services, GB) |
14:45 – 15:15 | BR Jacomo Piccolini (ESR/RNP, BR) |
15:15 – 15:30 | Coffee Break |
15:30 – 17:00 | John Snyder (TD Bank Financial Group) |
17:00 – 17:15 | Closing Remarks |
FIRST Symposium Hands On Classes | EWNI 2010 | |
---|---|---|
09:00 – 10:30 | FI Abuse Helper toolkit for CERT and Abuse teams ** Hillar Aarelaid (CERT-EE); Jani Kenttälä, Joachim Viide, Mika Seppänen, Sebastian Turpeinen (Clarified Networks); Juhani Eronen (CERT-FI, FI) US Exploring Cyber Attacks Greg Longo (CERT - Software Engineering Institute, CMU); Robert Floodeen (CERT/CC, US) US OWASP Top-10 web application weaknesses *** Kenneth R. van Wyk (KRvW Associates, LLC, US) | |
10:00 – 17:00 | EWNI 2010 * | |
10:30 – 11:00 | Networking Break | |
11:00 – 12:30 | FI Abuse Helper toolkit for CERT and Abuse teams ** Hillar Aarelaid (CERT-EE); Jani Kenttälä, Joachim Viide, Mika Seppänen, Sebastian Turpeinen (Clarified Networks); Juhani Eronen (CERT-FI, FI) US Exploring Cyber Attacks Greg Longo (CERT - Software Engineering Institute, CMU); Robert Floodeen (CERT/CC, US) US OWASP Top-10 web application weaknesses *** Kenneth R. van Wyk (KRvW Associates, LLC, US) | |
12:30 – 14:00 | Lunch | |
14:00 – 15:30 | FI Abuse Helper toolkit for CERT and Abuse teams ** Hillar Aarelaid (CERT-EE); Jani Kenttälä, Joachim Viide, Mika Seppänen, Sebastian Turpeinen (Clarified Networks); Juhani Eronen (CERT-FI, FI) US Exploring Cyber Attacks Greg Longo (CERT - Software Engineering Institute, CMU); Robert Floodeen (CERT/CC, US) US OWASP Top-10 web application weaknesses *** Kenneth R. van Wyk (KRvW Associates, LLC, US) | |
15:30 – 16:00 | Networking Break | |
16:00 – 17:30 | FI Abuse Helper toolkit for CERT and Abuse teams ** Hillar Aarelaid (CERT-EE); Jani Kenttälä, Joachim Viide, Mika Seppänen, Sebastian Turpeinen (Clarified Networks); Juhani Eronen (CERT-FI, FI) US Exploring Cyber Attacks Greg Longo (CERT - Software Engineering Institute, CMU); Robert Floodeen (CERT/CC, US) US OWASP Top-10 web application weaknesses *** Kenneth R. van Wyk (KRvW Associates, LLC, US) |
Christian Proschinger (Raiffeisen Informatik, GmbH, AT)
January 26, 2010 10:45-11:15
proschinger-christian-slides.pdf
MD5: 8e7c4ccf87f2496b3ba3b23514ce23cc
Format: application/pdf
Last Update: June 7th, 2024
Size: 1.01 Mb
Martin Peterka (CZ.NIC, CZ)
January 25, 2010 13:40-14:00
Marcus Pattloch (DE)
January 25, 2010 14:30-15:00
Pawel Jacewicz (NASK/CERT Polska, PL)
January 26, 2010 10:00-10:30
MD5: bc5b5e55dfe316eb93a61112bdc442b7
Format: application/pdf
Last Update: June 7th, 2024
Size: 3.82 Mb
Greg Rattray (ICANN, Multinational organisation)
January 25, 2010 15:30-16:00
Jacomo Piccolini (ESR/RNP, BR)
Jacomo Piccolini has an Engineer degree in Industrial Engineering at Universidade Federal de São Carlos - UFSCar, with two post-graduation, one obtained on the Computer Science Institute and other on the Economics Institute of Universidade de Campinas – Unicamp. He is GCIA, GIAC Certified Intrusion Analyst and GCFA, GIAC Certified Forensics Analyst, working as a senior security analyst at the Brazilian Research and Academic Network CSIRT (CAIS). With 9 years of experience in the security field his is the lead instructor of CAIS/RNP and hands-on coordinator for FIRST Technical Colloquiums. He is currently fighting the misuse of RNP backbone infrastructure by hackers.
January 26, 2010 14:45-15:15
Maurizio Molina (DANTE, Multinational organisation)
January 25, 2010 16:40-17:00
Daniel Kouril (Masaryk University)
January 25, 2010 16:00-16:30
David Ford (Oxford University Computing Services, GB)
January 26, 2010 14:15-14:45
IncidentResponseCollegiate.pdf
MD5: 494fe6fb310d0a27e4d1769b85262da4
Format: application/pdf
Last Update: June 7th, 2024
Size: 981.52 Kb
Christian Wojner (AT)
January 26, 2010 11:15-12:00
mass_malware_analysis__a_do-it-yourself_kit.pdf
MD5: b8c8fca5029bb182ee98e10e2208b3ee
Format: application/pdf
Last Update: June 7th, 2024
Size: 1.09 Mb
Masato Terada (IPA, JP)
Masato Terada received M.E. in Information and Image Sciences from University of Chiba, Japan, in 1986. From 1986 to 1995, he was a researcher at the Network Systems Research Dept., Systems Development Lab., Hitachi. Since 1996, he has been Senior Researcher at the Security Systems Research Dept., Systems Development Lab., Hitachi. Since 2002, he had been studying at Graduate School of Science and Technology, Keio University and received Ph.D in 2005. Since 2004, he has been with the Hitachi Incident Response Team. Also, he is a visiting researcher at Security Center, Information - Technology Promotion Agency, Japan (ipa.go.jp), and JVN associate staff at JPCERT/CC (jpcert.or.jp), as well.
January 26, 2010 13:00-13:30
Kenneth R. van Wyk (KRvW Associates, LLC, US)
Kenneth R. van Wyk is an internationally recognized information security expert and author of the recent O'Reilly and Associates books, Incident Response and Secure Coding, as well as a monthly columnist for on-line security portal, eSecurityPlanet (http://www.eSecurityPlanet.com) and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute. Ken is a CERT® Certified Computer Security Incident Handler and provides consulting and training services through his company, KRvW Associates, LLC, (http://www.KRvW.com).
Ken has nearly 20 years as an IT Security practitioner in the Academic, Military, and Commercial sectors. He has held senior and executive technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), in addition to the U.S. Department of Defense and Carnegie Mellon and Lehigh Universities.
Ken also served a two-year elected position as a member of the Steering Committee, and a one-year elected position as the Chairman of the Steering Committee, for the Forum of Incident Response and Security Teams (FIRST) organization. At the Software Engineering Institute of Carnegie Mellon University, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds an engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented papers and speeches for CSI, ISF, USENIX, FIRST, and others.
January 27, 2010 09:00-10:30, January 27, 2010 11:00-12:30, January 27, 2010 14:00-15:30, January 27, 2010 16:00-17:30
Pascal Steichen (CIRCL, LU)
January 25, 2010 14:15-14:30
Ian CookIan Cook (GB)
January 26, 2010 09:15-10:00
John Snyder (TD Bank Financial Group)
January 26, 2010 15:30-17:00
MD5: aa7c4bd6675448ee914ce9faa713272d
Format: application/pdf
Last Update: June 7th, 2024
Size: 3.25 Mb
Don StikvoortDon Stikvoort (Open CSIRT Foundation)
Don Stikvoort is founder of the companies “S-CURE” and “Cross Your Limits”. S-CURE offers senior consultancy in the area of cyber security – specialising in CSIRT matters. Cross Your Limits coaches and trains in the human area. Based in Europe, Don’s client base is global.
After his MSc degree in Physics, he became Infantry platoon commander in the Dutch Army. In 1988 he joined the Dutch national research network SURFnet. In that capacity he was among the pioneers who together created the European Internet since November 1989. He recognised “security” as a future concern in 1991, and was chair of the 2nd CSIRT in Europe (now SURFcert) from 1992-8, and FIRST member since 1992. Today Don is a FIRST Liaison Member.
Together with Klaus-Peter Kossakowski he initiated and built the closer cooperation of European CSIRTs starting in 1993 – this led to the emergence of TF-CSIRT in 2000. In 1998 he finished the "Handbook for Computer Security Incident Response Teams (CSIRTs)" together with Kossakowski and Moira J. West-Brown of CERT/CC. He was active in the IETF and RIPE (co-creator of the IRT-object). Don chaired the Program Committee for the 1999 FIRST conference in Brisbane, Australia, and kick-started the international FIRST Secretariat in the same year. From 2001-2011 his company ran TF-CSIRT’s Trusted Introducer service. He wrote and taught several training modules for the CSIRT community.
In 1998 Don started his first company. A first assignment was to build the network connecting over 10,000 schools in The Netherlands. Many CSIRTs were created with his help and guidance, among which the Dutch national team (NCSC-NL). Second opinions, audits and maturity assessments in this field have become a specialty – and in that capacity Don developed SIM3 in 2008, the maturity model for CSIRTs which is used worldwide today for maturity assessments and certifications. SIM3 has is now under the wings of the “Open CSIRT Foundation” (OCF). Don was one of the founders in 2016 and now chairs its board.
Starting in 1999, Don was certified in NLP, Time Line Therapy®, Coaching and Hypnotherapy, and brought that under the wing of “Cross Your Limits”, which portfolio is life & executive coaching, and training courses in what Don likes to call “human arts”. He also trains communicators, presenters and trainers, including many in the CSIRT field.
Don thrives as motivational and keynote speaker. He enjoys to share his views on how the various worlds of politics, economics, psychology and daily life, but also cyber security, all intertwine and relate – and how deeper understanding and a better ability to express ourselves, increase our ability to bring good change to self as well as the world around us. He has discussed such topics all over the world, from Rome to the Australian Outback. His goal is to challenge his audience to think out-of-the-box, and motivate them to be the difference that makes the difference, along the lines of the old African proverb:
“If you think you’re too small to make a difference, try sleeping in a closed room with a mosquito”.
January 25, 2010 16:30-16:40