Program Overview

Training registration is at no cost. Lunch and two coffee breaks are included.

See also the Co-located Meetings (Invite Only)

Monday, February 5th

TF-CSIRT meeting & FIRST Regional Symposium Europe
08:00 – 09:00

Registration for Closed Session

09:00 – 12:00

CLOSED TF-CSIRT Meeting ( TI accredited / certified teams only & TI Associates)

12:00 – 13:00

Lunch

13:00 – 13:30

Welcoming Remarks & TI Updates (OPEN SESSION)

13:30 – 14:00

Internet Governance and FIRST initiatives

Maarten Van Horenbeeck

14:00 – 14:30

SANReN Cyber Security Challenge

Roderick Mooi and Schalk Peach, SANReN CSIRT

14:30 – 15:00

Mentoring Framework for CSIRT Capacity Building

Tracy A. Bills (CERT/CC, Software Engineering Institute)

15:00 – 15:30

Break

15:30 – 15:50

Reference Incident Taxonomy for CSIRTs

Rossella Mattioli and Yonas Leguesse, ENISA

15:50 – 16:20

The GDPR and your SIEM, should you worry?

Freddy Dezeure, former Head of CERT-EU, Board Member EclecticIQ, Advisor SpyCloud, Intel471, Phantom Cyber

16:20 – 16:40

GDPR processes at RIPE NCC

Mirjam Kuehne

16:40 – 17:00

EU Cybercrime Centre Update and Case Studies

Mr Alvaro Azofra and Ms Sara Marcolla, European Cybercrime Centre (EC3) at Europol

17:00 – 17:15

Closing Remarks

Tuesday, February 6th

TF-CSIRT meeting & FIRST Regional Symposium Europe
09:00 – 09:15

Opening Remarks

Thomas Schreck, FIRST Chair

09:15 – 10:00

Changing face of products and incident response

Gaus Rajnovic, Panasonic PSIRT

10:00 – 10:30

Hak5 Field Kit: Use cases within CERT/CSIRT activities

Michael Hamm, CIRCL

10:30 – 11:00

Break

11:00 – 11:30

Optimising Open Source IDS for high capacity networks

Jose Vila and Javier García Hernández, CSIRT-CV / S2 Grupo CERT

11:30 – 12:00

CERT@VDE - The cybersecurity platform for industrial small and medium-sized enterprises (SME)

Andreas Harner, Head of CERT@VDE, VDE e.V.

12:00 – 13:00

Lunch

13:00 – 13:20

FIRST Board Updates

13:20 – 13:45

Behind the scenes at Shadowserver: highlights and recent activities

Piotr Kijewski, Shadowserver

13:45 – 14:15

ScanMan - Transforming Vulnerability Scan Data into Vulnerability Scan Knowledge

Schalk Peach, SANReN

14:15 – 15:00

Scans: managing risk and cost

Patrick Green, University of St. Andrews

15:00 – 15:30

Break

15:30 – 16:00

Enhancing open source vulnerability scanners: from a single box to hardened multinode scan clusters

Peter Kleinert, Binconf CDC

16:00 – 17:00

Lightning Talks

17:00 – 17:15

Closing Remarks

Wednesday, February 7th

Training Room 1
Kohlbrand F
Training Room 2
Galeria 1
Training Room 3
Galeria 2
Training Room 4
Suderelbe
08:30 – 09:00

Training Registration

09:00 – 10:30

IPv6 Security

Frank Herberg, SWITCH-CERT

FIRST Fusion Course

Paweł Pawliński, CERT Polska

Forensics

Jaap van Ginkel, University of Amsterdam

Open Source Intelligence

Kazimieras Sadauskas, NRDCS

10:30 – 10:45

Coffee-Break

10:45 – 12:00

IPv6 Security

Frank Herberg, SWITCH-CERT

FIRST Fusion Course

Paweł Pawliński, CERT Polska

Forensics

Jaap van Ginkel, University of Amsterdam

Open Source Intelligence

Kazimieras Sadauskas, NRDCS

12:00 – 13:00

Lunch

13:00 – 15:30

FIRST Fusion Course

Paweł Pawliński, CERT Polska

Forensics

Jaap van Ginkel, University of Amsterdam

Open Source Intelligence

Kazimieras Sadauskas, NRDCS

15:30 – 15:45

Coffee-Break

15:45 – 16:45

FIRST Fusion Course

Paweł Pawliński, CERT Polska

Forensics

Jaap van Ginkel, University of Amsterdam

Open Source Intelligence

Kazimieras Sadauskas, NRDCS

17:00 – 18:00

Train the Trainers