2012 Symposium - São Paulo

Draft Program

Please note: the program schedule is not in its final version, adjustments still can occur.

Download the event program

Overview

March 27th (Tuesday)
Symposium Plenary
March 28th (Wednesday)
Symposium Plenary
March 29th (Thursday)
Hands On Training
March 30th (Friday)
Hands On Training

March 27th (Tuesday)

	Symposium Plenary
09:00 – 09:15	Welcome and Opening Remarks Cristine Hoepers (CERT.br - Brazilian Internet Steering Committee, BR) , Chris Gibson (Citigroup CIRT, GB)
09:15 – 10:00	What is FIRST Steve Adegbite (Lockheed Martin)
10:00 – 10:45	CSIRT Assistance Program Jacomo Piccolini (Team Cymru, BR)
10:45 – 11:00	Networking & Coffee Break
11:00 – 12:00	Security incidents overview in Brazilian academic networks Atanaí Ticianelli (CAIS/RNP, BR)
12:00 – 13:00	TF-CSIRT, The European CERT Cooperation Platform Gorazd Bozic (SI-CERT)
13:00 – 14:30	Lunch
14:30 – 15:30	[SQL\|FTP\|Cache] Malicious data Injection in drive-by downloads David Berrueta (Telefonica, ES)
15:30 – 15:45	Networking & Coffee Break
15:45 – 16:30	How to Communicate with your Government (Lessons from Japan) Suguru Yamaguchi (JPCERT/CC, JP)
16:30 – 17:00	Team Updates (10 mins each)
17:00 – 17:00	The OWASP Top 10 Mobile Security Risks Ken Van Wyk (KRvW Associates, LLC)

March 28th (Wednesday)

	Symposium Plenary
09:00 – 09:15	Welcome and Opening Remarks Ken Van Wyk (KRvW Associates, LLC)
09:15 – 10:00	Case Study on Recent Incidents Nelson Murilo (Diretor de Seguranca, Pangeia Informática, BR)
10:00 – 10:45	Botnet Take-Downs Maarten Van Horenbeeck (Microsoft Corporation)
10:45 – 11:00	Networking & Coffee Break
11:00 – 12:00	Brazilian Federal Police Cybercrime Unit: Challenges and Perspectives Ivo Peixinho (Brazilian Federal Police, BR) , Carlos Eduardo Sobral (Brazilian Federal Police, BR) , Flávio da Silva (Brazilian Federal Police, BR)
12:00 – 13:00	Evaluating Your CSIRT Operations Robin Ruefle (CERT/CC — Carnegie Mellon University, US)
13:00 – 14:30	Lunch
14:30 – 15:30	Phishing and Trojan Banking cases affecting Brazil Cristine Hoepers (CERT.br - Brazilian Internet Steering Committee, BR)
15:30 – 15:45	Networking & Coffee Break
15:45 – 16:45	CVSS Seth Hanford (Cisco)

March 29th (Thursday)

	Hands On Training
09:00 – 12:30	iOS Ken Van Wyk (KRvW Associates, LLC) Malware analysis with OllyDBG Guilherme Vênere (McAfee)
12:30 – 13:30	Lunch
13:30 – 17:00	Network Forensic for CSIRTs James Pichardo (InfoSec Consultant at Ministry of Finance, DO) YARA Andreas Schuster (Deutsche Telekom AG, DE)

Hands On Training

09:00 – 12:30

iOS

Ken Van Wyk (KRvW Associates, LLC)

Malware analysis with OllyDBG

Guilherme Vênere (McAfee)

12:30 – 13:30

Lunch

13:30 – 17:00

Network Forensic for CSIRTs

James Pichardo (InfoSec Consultant at Ministry of Finance, DO)

YARA

Andreas Schuster (Deutsche Telekom AG, DE)

March 30th (Friday)

	Hands On Training
09:00 – 12:30	Network Forensic for CSIRTs James Pichardo (InfoSec Consultant at Ministry of Finance, DO) VoIP Security André Ricardo Landim (CAIS/RNP) , Frederico R. C. Costa (CAIS/RNP — Information Security Coordinator at CAIS/RNP, BR)
12:30 – 13:30	Lunch
13:30 – 17:00	Wifi Class (Portuguese only) Nelson Murilo (Diretor de Seguranca, Pangeia Informática, BR) Volatility Andreas Schuster (Deutsche Telekom AG, DE)

Hands On Training

09:00 – 12:30

Network Forensic for CSIRTs

James Pichardo (InfoSec Consultant at Ministry of Finance, DO)

VoIP Security

André Ricardo Landim (CAIS/RNP) , Frederico R. C. Costa (CAIS/RNP — Information Security Coordinator at CAIS/RNP, BR)

12:30 – 13:30

Lunch

13:30 – 17:00

Wifi Class (Portuguese only)

Nelson Murilo (Diretor de Seguranca, Pangeia Informática, BR)

Volatility

Andreas Schuster (Deutsche Telekom AG, DE)

1st Brazilian CSIRTs Forum – 26 March (co-located event hosted by CERT.br)

Please see http://www.cert.br/forum2012/en/ for event and registration details.

FIRST is looking for speakers that would like to present on the FIRST Symposium Plenary Days and for the FIRST Hands-On Classes. We are particularly interested in the following topics:

Botnets (specifically initiatives to disinfect users)
User Awareness
Lessons learned, case studies, etc.
Threat updates - statistics of malware and such
Attack tools and trends
Incident response tools and trends and security technologies

For your submission, please provide the following information:

Title
Type of presentation (Plenary or demo/hands on exercise)
Brief Summary (Abstract)
Presenter's Name and Affiliation
Estimated Time

If you're interested in speaking or instructing a Plenary Session or Hands-on class, please get in contact with me (ken@krvw.com) and Jacomo Piccolini (jacomo@cymru.com).

2012 Symposium - São Paulo

Diamond & Internet Sponsor

Gold Sponsors

In-kind Sponsor

Hands On Organization