Amsterdam 2015 FIRST Technical Colloquium

Local Host & Sponsor:


Amsterdam 2015 FIRST Technical Colloquium

Amsterdam (NL), 5 – 6 May, 2015

Registration closed

The tentative schedule will be:

  • May 4th (Monday)


  • May 5th (Tuesday)


  • May 6th (Wednesday)


    Social Event Sponsored by Lancope

FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the operation of incident response and security teams.

For you that are new in FIRST or never have attended a TC&S, the colloquium typically provides one whole day of plenary sessions for informal discussions and presentations on topics of FIRST membership interest, or that are more sensitive in nature and related to the day-to-day work of participants.

The FIRST colloquia are typically hosted by members and since 2005 are being organized in a regional basis - the current regions being Latin-America, North-America, Europe and Asia-Pacific. For each region the goal is to organize one TC per year - either standing on its own, or jointly with regional CSIRT initiatives.


  • There is no cost to attend the TC
  • Coffee and tea will be provided by the host.
  • Lunch is not included. Attendees will have access to a cafeteria onsite during the lunch break.
  • In observance of Liberation Day (Tuesday, May 5th), the Cisco campus will be minimally staffed. As a result, the cafeteria will not be operating as it has in years past. Attendees are advised to get breakfast before arriving at the Cisco campus. Lunch will be catered by the Cisco CSIRT.
  • Guest wireless access will be provided to attendees
  • Wireless registration instructions will be provided onsite.
  • Registration is open to members and non-members.
  • Questions to

Call for Speakers

The FIRST Amsterdam Technical Colloquium (TC) 2015 will be hosted by Cisco Systems in Amsterdam, Netherlands. The event will be a plenary style conference held on the 5th and 6th of May 2015, with optional, free training sessions on May 4th.

FIRST is looking for speakers that would like to present at this Technical Colloquium. This is a GREAT opportunity to give something back to FIRST and the industry, while practicing your speaking skills and sharing your hard work.

Any novel ideas, techniques, case studies, or research related to incident and threat response are welcome. Some suggested topics are as follows:

  • Threat actor techniques
  • Creative incident response techniques
  • Indicators of compromise and how detect/mitigate
  • Data analytics for security
  • Criminal underground
  • Denial-of-service attacks and countermeasures
  • Hardware security/embedded systems security
  • Network and OS security
  • Digital forensics
  • Human-computer interaction, security, and privacy
  • Intrusion and anomaly detection and prevention
  • Malicious code analysis, anti-virus evasion, etc.
  • Security architecture

For your submission, please provide the following information:

  • Title
  • Brief Summary (Abstract)
  • Presenter's Name, Affiliation, and short biography
  • Estimated Time (45 mins + 10 for questions is typical)

Proposal submissions end date: Feb 13th, 2015.

If you're interested in speaking, please contact us at We are hoping to have the program on the event website by February 2015, so please get in touch with us ASAP. Feel free to reach out with any questions.

Memory Forensics for Incident Responders

Monnapa KA has graciously offered to provide free training on memory analysis for Amsterdam TC attendees. That training will be offered on Monday, May 4 at the Cisco campus.

Memory forensics is an investigative technique used in malware analysis, reverse engineering, digital forensics and incident response. With adversaries becoming more sophisticated and carrying out advanced attacks targeting critical infrastructures, Data Centers, private and public organizations, detecting, responding to, and investigating such intrusions are critical for information security professionals. Memory Forensics has become a must-have skill for fighting advanced malware, targeted attacks and security breaches. This training touches on the topic of malware, Windows internals, and techniques to perform malware and Rootkit investigations of real world memory samples using open source advanced memory forensics framework (Volatility). The training also teaches how to incorporate memory forensics into malware analysis and sandbox technology.

The training provides practical guidance and attendees should walk away with the following skills:

  • Understanding how malware and Windows internals work
  • Ability to acquire a memory image from suspect/infected systems
  • Use memory forensics to improve digital investigations
  • Perform investigative steps for detecting stealth and advanced malware
  • Use memory forensics in malware analysis and sandbox technology
  • Use open source advanced memory forensics framework (Volatility)

Monnappa KA is based out of Bangalore, India. He works with Cisco Systems as Information Security Investigator focusing on threat intelligence and investigation of advanced cyber attacks. His fields of interest include malware analysis, reverse engineering, memory forensics and threat intelligence. He is an active speaker in the Bangalore security community meetings and has presented on various topics which include "Memory Forensics", "Advanced Malware Analysis", "Rootkit Analysis", and "Sandbox Analysis". He has authored various articles related to "Malware Analysis" and "Memory Forensics" in the Hakin9 and eForensics magazines.

Social Reception

Wednesday there will be a Social Hour for TC attendees from 4:30-5:30pm sponsored by Lancope.


The event will be held at the Cisco Campus, located at:

Haarlerbergpark, Haarlerbergweg 13-19
1101 CH Amsterdam
Phone: +31 (0)20 357 1000
Amsterdam 2015 FIRST Technical Colloquium

Click on the map to see it enlarged on Google Maps.

Amsterdam 2014 FIRST Technical Colloquium