Current Status (March 25, 2020)
March 25, 2020 Update - The Conference will not be taking place in June, alternative plans are still being discussed. Registration is temporarily suspended as we review options. Updated information will be made available as soon as possible and communications will be emailed to registered delegates and our sponsors. Please note that the volatility of the current situation may force us to update our plans more than we wish.
At this time, the Canadian government has extended its ban on foreign nationals traveling to Canada through June 30, 2020. This makes it impossible for FIRST to hold our Annual Conference as regularly scheduled. The hotel is being extremely flexible in these challenging times and we are currently investigating if it makes sense to target new dates in the fall.
Attendees and sponsors may request full refunds of their fees (please be patient if it takes a few days) or they can be applied to the conference in the fall if it takes place or to the 2021 conference. Please contact the events office at firstname.lastname@example.org.
We continue to explore multiple possible options including virtual meetings, streaming of content, re-configuring the conference, etc.
This letter will again be updated as new information becomes available.
The single biggest value of FIRST is our community, our ability to work together on responding to incidents of any nature. COVID-19 is an incident unlike anything any of us have experienced, but we strongly believe in the community of FIRST and our shared willingness to work together for the benefit of the planet. Please be safe, continue to support each other, and act with the spectacular professionalism that makes FIRST such a wonderful organization.
FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organizations. FIRST aims to foster cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large.
Apart from the trust network that FIRST forms in the global incident response community, FIRST also provides value added services. Some of these are:
Currently FIRST has more than 500 members, spread over Africa, the Americas, Asia, Europe and Oceania.
Space for discussion in order to reflect on our collective experiences, focus on current challenges and envision strategies on how we could work together to improve security in academic environments.
Incident Detection and Response at Scale.
The SIG will seek to involve experts interested in that work and provide a community to discuss improvements in need, existing gaps and (potential) new developments.
For a global approach towards scoring metrics for vulnerabilities.
To coordinate cyber insurance actuarial and modelling work with professional incident response and digital forensic teams.
To define Threat Intelligence in the commercial space.
Understanding the international customary norms applicable for detecting and mitigating DNS abuse from the perspective of the global incident response community is critical for the open Internet’s stability, security and resiliency.
The Ethics SIG seeks to further the professionalization of the FIRST Community and improve the global understanding of SIRTs through the development of an ethical code for FIRST Members.
In ICS-SIG we bring together expertise from several sectors to create processes, best practices and incident response support recommendations and package useful open source tools for the ICS environments.
The initial goals of this SIG are to collaboratively develop an extensible framework for defining information exchange policy and a set of standard definitions for most common aspects.
The core mission is to support existing and new FIRST members to practice information sharing and acquire feedback from the members to improve the information sharing practices.
This SIG will advocate and promote the sharing of malware analysis tools and techniques to enable CSIRTs to combat and analyze malicious code.
To improve CSIRT incident management practices within the FIRST community.
Develops and maintains a standard for exchanging passive DNS information between organizations.
Drive the evolution of PSIRT practices by developing and maturing product response.
The Red Team SIG provides a forum for practitioners to discuss the state of the art for tools, technologies, processes and methodologies for red team activities and to share experiences and best practices.
Designs, develops, and conducts security challenge and competition exercises for the FIRST.org community.
The TLP SIG governs the standard definition of TLP for the benefit of the worldwide CSIRT community and its operational partners.
Develop and execute a strategy for improving vulnerability coordination globally.
Primarily chartered to research and recommend ways to identify and exchange vulnerability information across disparate vulnerability databases.