Upload
alemayehu-tilahun
View
3
Download
2
Embed Size (px)
DESCRIPTION
FIRST2015 Conference Program
Citation preview
CONFERENCE PROGRAMOverview
June 13th, SaturdayPre-Conference
June 14th, SundayPre-Conference
June 15th, MondayPotsdam IPotsdam IIIBellevueCharlottenburgOther Meetings
June 16th, TuesdayPotsdam IPotsdam IIIBellevueCharlottenburgOther Meetings
June 17th, WednesdayPotsdam IPotsdam IIIBellevueCharlottenburgOther Meetings
June 18th, ThursdayPotsdam IPotsdam IIIBellevueCharlottenburgOther Meetings
June 19th, FridayPotsdam IPotsdam IIIBellevueOther Meetings
June 13th, SaturdayPRE-CONFERENCE
10:00 17:00 FIRST Education & Training Committee Meeting - Check
June 14th, SundayPRE-CONFERENCE
09:00 16:30 Train the Trainers - RookDon STIKVOORT (Avalon Coaching & NLP), Lauri PALKMETS (ENISA)
09:00 17:00 FIRST Training - CheckFIRST Education Summit III (Invite Only) - Bellevue
15:00 16:00 Session Chair Volunteers Meeting - Knight
17:00 18:00 Ambassador Program Training - Rook
18:30 19:00 Newbie Reception - Pavillon
19:00 21:00 Ice Breaker Reception - Pavillon
1
June 15th, MondayPOTSDAM I POTSDAM III BELLEVUE CHARLOTTENBURG OTHER MEETINGS
09:15 09:30 Conference Opening - Potsdam I
09:30 10:00 Keynote Presentation - Potsdam ICornelia ROGALL-GROTHE (German State Secretary & Federal Government Commissioner for Information Technology)
10:00 10:30 Morning Networking Break - Conservatory / Potsdam Foyer
10:30 11:00 Behind the Scenes this Week at FIRST - Potsdam I
11:00 12:00 Adventures inFighting CybercrimeMr. Piotr KIJEWSKI(CERT Polska/NASK)
A Proposal forCybersecurityMetrics ThroughCyber GreenYurie ITO (JPCERT), Mr.Wes YOUNG (CSIRTGadgets)
Building instantlyexploitableprotection foryourself and yourpartners againsttargeted cyberthreats using MISPMr. Andras IKLODY(NATOCommunications andInformation Agency)
CVSS - BoF - Chess
12:00 13:00 Lunch - LA Caf & Pavillon
13:00 14:00 The Crack inKrakenBOTMr. Peter KRUSE (CSISSecurity Group A/S)
I'm Sorry to InformYou...Mr. Eireann LEVERETT(Cambridge Centre forRisk Studies), Dr.Marie MOE (SINTEFICT)
3J4E - JIGSAW,JUMPSTART,JUNCTURE: ThreeWays to Enhance Cyber-Exercise-ExperienceMr. Stefan RITTER(National IT-SituationCentre and CERT-Bund, German FederalOffice for InformationSecurity BSI)
BetterCrypto.orgWorkshop and Hands-on TrainingMr. David DURVAUX(BetterCrypto.org), Mr.Aaron ZAUNER (Azet),Mr. L. Aaron KAPLAN(CERT.at)
14:00 14:30 So You Want aThreat Intelligence*Function (*But WereAfraid to Ask)Mr. Gavin REID(Lancope)
Working Towards theTokyo 2020 Olympics- Situation in 2015Ms. Mariko MIYA (CDI-CIRT (Cyber DefenseInstitute, Inc.) - Japan)
Everyday Etiquette:Responding toUncoordinatedDisclosuresMs. Laura RABA (US-CERT)
BetterCrypto.orgWorkshop and Hands-on Training (cont.)
Vendor - SIG - Chess
14:30 15:00 Afternoon Networking Break - Conservatory / Potsdam Foyer
14:30 15:00 Vendor - SIG (cont.)
15:00 16:00 Threat InformationSharing;Perspectives,Strategies, andThreat ScenariosMr. Timothy GRANCE(NIST), THOMASMILLAR (US-CERT), Mr.Pawel PAWLINSKI(CERT Polska / NASK),Mr. Luc DANDURAND(ITU), Sarah BROWN(Fox-IT)
Malware in YourPipes: The State ofSCADA MalwareMr. Kyle WILHOIT(Trend Micro)
Collecting, Analyzingand Responding toEnterprise Scale DNSEventsMr. Bill HORNE(Hewlett-Packard)
BetterCrypto.orgWorkshop and Hands-on Training (cont.)
Vendor - SIG (cont.)
16:00 17:00 Barriers andPathways toImproving theEffectiveness ofCybersecurityInformation SharingAmong the Publicand Private SectorsLaura FLETCHER(George MasonUniversity), Kristin M.REPCHICK (GeorgeMason University),Julie STEINKE (GeorgeMason University)
FIRST Update:Financial & BusinessReview
Incident ResponseProgramming with RMr. Eric ZIELINSKI(Nationwide)
Vendor - SIG (cont.)
17:00 17:30 Lightning Talk FIRST Update:Financial & BusinessReview (cont.)
17:30 18:00 Lightning Talk (cont.) 2
June 16th, TuesdayPOTSDAM I POTSDAM III BELLEVUE CHARLOTTENBURG OTHER MEETINGS
08:45 09:00 Opening Remarks - Potsdam I
09:00 09:45 Keynote Presentation: Securing our Future - Potsdam IMikko HYPPONEN (F-Secure)
09:45 10:15 Morning Networking Break - Conservatory / Potsdam Foyer
10:15 11:15 Fact Tables - A CaseStudy in ReducingReactive IntrusionTime-to-Know by95%Mr. Jeff BOERIO (IntelCorp.)
SecAdmin -Mitigating APTs Tools for theAdministratorMr. David JONES(Cisco)
Quality OverQuantityCuttingThrough CyberthreatIntelligence NoiseMr. Rod RASMUSSEN(IID)
CSIRT Info SharingWorkshopShari LAWRENCEPFLEEGER (I3P-Dartmouth-GMU-NL-SE (various CSIRTS))
11:15 11:45 Prepare YourCybersecurity Teamfor SwiftContainment PostIncidentMr. MichaelHARRINGTON (FidelisCybersecuritySolutions)
A Day in the Life of aCyber IntelligenceProfessionalMs. KatherineGAGNON (World BankGroup)
Seven Years in MWS:Experiences of theCommunity BasedData Sharing for Anti-Malware Research inJapanDr. Masato TERADA(Hitachi IncidentResponse Team),Yoichi SHINODA(JAIST), MitsuhiroHATADA (NTTCommunicationsCorporation)
CSIRT Info SharingWorkshop (cont.)
11:45 12:45 Lunch - LA Caf & Pavillon
12:45 13:15 Overview of SouthKorea TargetMalwaresMrs. Dongeun LEE(KRCERT/CC, KISA)
When BusinessProcess and IncidentResponse Collide:The Fine-Tuning ofthe IR ProgramMs. Reneaue RAILTON(Duke Medicine)
Ce1sus: AContribution to anImproved CyberThreat IntelligenceHandlingMr. Jean-Paul WEBER(GovCERT.lu)
Hands-on NetworkForensicsMr. Erik HJELMVIK (FMCERT)
Network Monitoring -SIG - Chess
13:15 14:15 The CybercrimeEvolution in Brazil:An Inside View ofRecent Threats andthe Strategic Role ofThreat IntelligenceMr. Ricardo ULISSES(Tempest SecurityIntelligence), Mr. AldoALBUQUERQUE(Tempest SecurityIntelligence)
Security Operations:Moving to aNarrative-DrivenModelMr. Joshua GOLDFARB(FireEye)
Case Study: CreatingSituationalAwareness in aModern World.Mr. Michael MEIJERINK(NCSC-NL)
Hands-on NetworkForensics (cont.)
Network Monitoring -SIG (cont.) - Chess
14:15 14:45 Afternoon Networking Break - Conservatory / Potsdam Foyer
14:45 15:45 Enabling Innovationin Cyber SecurityMr. Michael GORDON(Lockheed Martin)
Technology, Trust,and Connecting theDotsMr. George JOHNSON(NC4), Mr. WayneBOLINE (DIB ISAC(DSIE)), DeniseANDERSON (FS-ISAC)
Bring Your OwnInternet Of Things(BYO-IoT)Mr. Jake KOUNS (RiskBased Security), Mr.Carsten EIRAM (RiskBased Security)
Hands-on NetworkForensics (cont.)
VRDX - SIG - Check
15:45 16:45 DSMS: AutomatingDecision Support andMonitoring Workflowfor IncidentResponseMr. Chris HORSLEY(CSIRT Foundry), Mr.SC LEUNG (HKCERT)
CrisisCommunication forIncident ResponseMr. Scott ROBERTS(GitHub)
Cyber SecurityChallenges in theFinancial Sector:Internal and ExternalThreatsMs. Rosa XochitlSARABIA BAUTISTA(Mnemo-CERT)
Hands-on NetworkForensics (cont.)
VRDX - SIG (cont.)
17:00 18:00 Energy - SIG - Chess
17:00 19:00 Vendor Showcase Reception - Conservatory / Potsdam Foyer
3
June 17th, WednesdayPOTSDAM I POTSDAM III BELLEVUE CHARLOTTENBURG OTHER MEETINGS
08:45 09:00 Opening Remarks - Potsdam I
09:00 10:00 Keynote Presentation: Europols European Cybercrime Centre punching above its weight - Potsdam IPhilipp AMANN (European Cybercrime Centre, Europol)
10:00 10:30 Morning Networking Break - Conservatory / Potsdam Foyer
10:30 11:30 Passive Detectionand ReconnaissanceTechniques to Find,Track and AttributeVulnerable "Devices"Mr. AlexandreDULAUNOY (CIRCL -Computer IncidentResponse CenterLuxembourg), Mr.Eireann LEVERETT(Cambridge Centre forRisk Studies)
TBA FIRST Update:Education & Training
CVSS v3 Hands-onTrainingMr. Seth HANFORD(TIAA-CREF)
Metrics - SIG - Check
11:30 12:30 National CyberProtection throughFacilitation. RealCases by CERT-UAMr. Nikolay KOVAL(CERT-UA)
Traffic Light Protocol(TLP) - BoFTom MILLAR (US-CERT)
Sustainable CSIRTS -SIGMr. Jamie LORD(CERT/CC), Tracy BILLS(CERT/CC), WassieGOUSHE (CERT/CC),Bill JONES (CERT/CC)
CVSS v3 Hands-onTraining (cont.)
Metrics - SIG (cont.)
12:30 13:30 Lunch - LA Caf & Pavillon
13:30 14:30 The Future ofInformationExchange PolicyMr. Paul MCKITRICK(Microsoft), Ms. MerikeKAEO (IID)
Data-Driven ThreatIntelligence: UsefulMethods andMeasurements forHandling IndicatorsMr. Alexandre PINTO(Niddel), Mr.Alexandre SIEIRA(Niddel)
Sinfonier: StormBuilder for SecurityIntelligenceMr. Fran GOMEZ(Telefonica), Mr.Leonardo AMOR(Telefonica)
Hands-on PenTesting iOS AppsMr. Kenneth VAN WYK(KRvW Associates, LLC)
Policy - BoF - ChessMr. Don STIKVOORT
14:30 15:00 Afternoon Networking Break - Conservatory / Potsdam Foyer
15:00 16:00 Theory and Practiceof Cyber Threat-IntelligenceManagement UsingSTIX and CybOXDr. Bernd GROBAUER(Siemens)
The Needle in theHaystackMr. Jasper BONGERTZ(Airbus Defence andSpace CyberSecurityGmbH)
How We Saved theDeath Star andImpressed DarthVaderMr. Matthew VALITES(Cisco CSIRT), Mr. JeffBOLLINGER (CiscoCSIRT)
Hands-on Pen TestingiOS Apps (cont.)
CSIRT Maturity Kit -BoF - ChessMr. Don STIKVOORT
16:00 17:00 Validating andImproving ThreatIntelligenceIndicatorsMr. Douglas WILSON(FireEye)
Malware AnalysisCase Study &ExperimentalEvaluation on theApplicability of LiveForensics forIndustrial ControlSystemsMr. Yuji KUBO (CFC),Mr. Kensuke TAMURA(CFC)
Machine Learning forCyber SecurityIntelligenceMr. Edwin TUMP(NCSC-NL)
Hands-on Pen TestingiOS Apps (cont.)
FIRST MembershipInformation Session -Check
17:00 18:00 Lightning Talks
18:30 19:15 Reception at the Postbahnhof
19:15 22:00 Banquet at the Postbahnhof
4
June 18th, ThursdayPOTSDAM I POTSDAM III BELLEVUE CHARLOTTENBURG OTHER MEETINGS
09:00 09:15 Opening Remarks - Potsdam I
09:15 10:00 Keynote Presentation: Collaborative Security - Reflections about Security and the Open Internet - Potsdam IOlaf KOLKMAN (Internet Society)
10:00 10:30 Morning Networking Break - Conservatory / Potsdam Foyer
10:30 11:00 Evaluating theEffectiveness ofFuzzy HashingTechniques inIdentifyingProvenance of APTBinariesMs. Bhavna SOMAN(Intel Corporation)
Protecting Privacythrough IncidentResponseMr. Andrew CORMACK(Jisc)
Building CommunityPlaybooks forMalware EradicationMr. Christian SEIFERT(Microsoft)
VulnerabilityCoordination - SIG
CERT Directory API -BoF - Chess
11:00 11:30 Recent Trends ofAndroid MaliciousApps: Detection AndIncident Response inSouth KoreaMr. Inseung YANG(KrCERT/CC), Ms.Jihwon SONG(KrCERT/CC)
Defining andMeasuring CapabilityMaturity for SecurityMonitoring PracticesMr. Eric SZATMARY(Dell SecureWorks)
Building CommunityPlaybooks for MalwareEradication (cont.)
VulnerabilityCoordination - SIG(cont.)
CERT Directory API -BoF (cont.)
11:30 12:00 A Study on theCategorization ofWebshellMr. Jae Chun LEE(KISA, KrCert/CC), Mr.Jinwan PARK(KrCERT/CC)
ENISA ThreatLandscape: Currentand Emerging ThreatAssessmentDr. Louis MARINOS(ENISA)
A Cognitive Study toDiscover How ExpertIncident RespondersThinkMr. Sam J. PERL (CMUSEI CERT/CC)
VulnerabilityCoordination - SIG(cont.)
12:00 13:00 Lunch - LA Caf & Pavillon
13:00 14:00 VRDX-SIG: GlobalVulnerabilityIdentificationMr. Art MANION (CMUSEI CERT/CC), Mr.Takayuki UCHIYAMA(JPCERT/CC), Dr.Masato TERADA(Hitachi IncidentResponse Team)
Effective TeamLeadership andProcessImprovement ForNetwork SecurityOperatorsMr. Jeremy SPARKS(United States AirForce)
Global StandardsUnification - How EUNIS Platform, NISTand IETF Standardsare BreakingBarriers forInformation Sharingand AutomatedActionMs. Merike KAEO (IID)
Whos worked onCSIRT andCybersecurityCapacityDevelopment inAfrica? - BoF - CheckMr. Jamie LORD(CERT/CC), Tracy BILLS(CERT/CC), WassieGOUSHE (CERT/CC),Bill JONES (CERT/CC)
14:00 15:00 Il Buono, il Brutto, ilCattivo: Tales fromIndustryMr. Rich BARGER(ThreatConnect Inc.),Mr. Andre LUDWIG(Novetta Solutions)
Unifying IncidentResponse Teams ViaMultilateral CyberExercise forMitigating CrossBorder Incidents:Malaysia CERT CaseStudyMrs. Sharifah RoziahMOHD KASSIM(MyCERT,CyberSecurityMalaysia)
A Funny ThingHappened on theWay to OASIS: FromSpecifications toStandardsTom MILLAR (US-CERT)
IPv6 Security Hands-onMr. Frank HERBERG(SWITCH-CERT)
Whos worked onCSIRT andCybersecurity CapacityDevelopment inAfrica? - BoF (cont.)~Ending 14:30~
15:00 15:30 Afternoon Networking Break - Conservatory / Potsdam Foyer
15:30 17:30 AGM (Members Only) -Potsdam I
IPv6 Security Hands-on (cont.)
5
PLATINUM SPONSOR
NETWORK SPONSOR
GOLD SPONSOR
LOCAL HOST DIAMOND SPONSOR
BANQUET SPONSOR
27th ANNUAL FIRST CONFERENCE BERLIN 14-19 JUNE 2015
June 19th, FridayPOTSDAM I POTSDAM III BELLEVUE OTHER MEETINGS
08:45 09:00 Opening Remarks - Potsdam I
09:00 10:00 Keynote Presentation: Thecybercrime techniques,tactics and procedures(TTP) have evolvedtowards the mobile appsworld - Potsdam IMr. Chema ALONSO(Telefonica/Eleven Paths)
Internet Architecture Board(IAB) and Internet Society(ISOC) workshop onCoordinating AttackResponse at Internet Scale(CARIS)
10:00 10:15 Morning Networking Break - Conservatory / Potsdam Foyer
10:00 10:15 IAB and ISOC Workshop(cont.)
10:15 11:15 Building CERT Team andResponding Incidents inthe Large EnergyCompany.Mr. Miroslaw MAJ(Cybersecurity Foundation)
Implementation ofMachine Learning Methodsfor Improving DetectionAccuracy on IntrusionDetection System (IDS)Mr. Bisyron MASDUKI (Id-SIRTII), Mr. MuhammadSALAHUDDIEN (Id-SIRTII)
Streamlined IncidentResponse from a ForensicPerspectiveMatthew ROHRING (U.S.Department of HomelandSecurity / U.S. ComputerEmergency Readiness Team)
IAB and ISOC Workshop(cont.)
11:15 11:45 Sector Based CyberSecurity Drills - LessonsLearntMr. Malagoda PathiranageDILEEPA LATHSARA(TechCERT)
Keeping Eyes on MaliciousWebsites - ChkDefaceAgainst Fraudulent SitesMr. Hiroshi KOBAYASHI(JPCERT/CC), TakayukiUCHIYAMA (JPCERT)
Discovering Patterns ofActivity in UnstructuredIncident Reports at LargeScaleDr. Bronwyn WOODS (CERTProgram, SEI, CMU),THOMAS MILLAR (US-CERT),Mr. Sam J. PERL (CERT CC)
IAB and ISOC Workshop(cont.)
12:00 13:00 Closing Remarks - Potsdam I
12:00 13:00 IAB and ISOC Workshop(cont.)
13:00 14:00 Lunch - LA Caf & Pavillon
13:00 14:00 IAB and ISOC Workshop(cont.)
14:00 18:00 IAB and ISOC Workshop(cont.)
Powered by TCPDF (www.tcpdf.org)
Thu, 04 Jun 2015 12:00:24 +0000
Conference ProgramJune 13th, SaturdayJune 14th, SundayJune 15th, MondayJune 16th, TuesdayJune 17th, WednesdayJune 18th, ThursdayJune 19th, Friday