FIRST Blog 2026

CERT Ghana has been creating a network of sector CERTs in significant areas and has created strong bonds in the process.

This year we held our first Swiss Technical Colloquium - Peak Incident Response - as part of the Geneva Cyber Week (GCW). So, why another TC? The GCW is an annual global platform to advance international cooperation and resilience in cyberspace. This sounds a bit like it could describe just about any FIRST event. But the GCW mostly caters to policy folks, diplomats, and members of civil society, including some of our trusted partners such as DCAF and the HD Centre.

Ten years ago, a group of cybersecurity professionals gathered in Munich with a simple but ambitious idea: create a trusted space where threat intelligence experts from different sectors could actually talk to each other, collaborate openly, and tackle emerging challenges together.

What happens when you gather hundreds of vulnerability management professionals in the Arizona sunshine for a week of collaboration, workshops, debates, and margaritas? VulnCon 2026: and this year's event was bigger, bolder, and more collaborative than ever.

A reef is a great metaphor for cybersecurity. It protects an ecosystem, allows good things through, keeping bad things out. But it also takes a long time to build. We talked to Bahamas CIRT ahead of the official launch of their Cyber Reef.

Malicious open source packages and software vulnerabilities may look alike on the surface, but they demand entirely different response playbooks. Treating a malicious npm or PyPI package like a CVE leaves critical questions unanswered: what did it execute, where did it phone home, and what campaign is it part of? Purpose-built malicious package intelligence infrastructure is needed to answer those questions.

The cybersecurity industry has been facing multiple parallel challenges in recent years. The pace at which cybercrime evolves is hard to match, but gatherings like FIRST provide a unique opportunity for the community to convene, reflect, and move forward together.

The 2026 FIRST Technical Colloquium in Bangalore brought together a group of security professionals and students for two days of practical learning, technical discussion, and community building on Cisco's campus on February 10-11, 2026. The event created space for attendees to exchange ideas, share lessons learned, and strengthen connections across the incident response community.

The 2026 FIRST Regional Symposium for Central Asia brought the global cybersecurity community to Tashkent, Uzbekistan over February 26-27, 2026, marking an exciting milestone for the organization. Hosted by UZCERT and INHA University in Tashkent, it was the very first regional symposium organized by the Forum of Incident Response and Security Teams (FIRST) in Central Asia, and it did not disappoint.