|
Conference
Program
|
|
Sunday
|
|
14h00-18h00
: On-site Registration
|
|
19h00-21h00:
Ice Breaker Welcome Reception
|
|
Monday
|
|
7h00-18h00
: On-site Registration
|
9h00-12h30
: Tutorial
Byron
Collie
(Wells Fargo Services Company)
Legal
and Operational Issues affecting Evidence Preservation and Recovery in
Intrusion Cases
|
9h00-12h30
: Tutorial
Robin
M. Ruefle
(CERT/CC)
Creating
a Computer Security Incident Response Team
|
|
12h30-14h00
: Lunch Break
|
14h00-17h30:
Tutorial
Byron
Collie
(Wells Fargo Services Company)
Legal
and Operational Issues affecting Evidence Preservation and Recovery in
Intrusion Cases
|
14h00-17h30:
Tutorial
Robin
M. Ruefle
(CERT/CC)
Creating
a Computer Security Incident Response Team
|
|
Tuesday
|
|
7h00-18h00
: On-site Registration
|
9h00-12h30:
Tutorial
Christine
M. Orshesky
(IFsec)
Investigating
Malware Incidents
|
9h00-12h30:
Tutorial
Douglas
W. Barbin
and
Rob Hanson
(Guardent)
Incident
Management and Forensics in the 21rst Century
|
9h00-12h30:
Tutorial
Dan
Garrett
(Emerging Technologies Group)
Recovering
Malicious User Activity
|
|
12h30-14h00
: Lunch Break
|
14h00-16h00:
Tutorial
Christine
M. Orshesky
(IFsec)
Investigating
Malware Incidents
|
14h00-16h00:
Tutorial
Elizabeth
Siemers
(Guardent)
NOSC's:
The Good, The Bad & The Ugly
|
14h00-16h00:
Tutorial
Dan
Garrett
(Emerging Technologies Group)
Recovering
Malicious User Activity
|
|
16h00-16h30
: Break
|
16h30-17h30
: Hot Topics Session
HTS
Coordinator : Hervé Schauer (Hervé Schauer Consultants)
|
17h45-20h00
: BOF Sessions
BoF
Coordinator : Gordon Steele (Para-Protect)
|
|
Wednesday
|
|
7h00-18h00
: On-site Registration
|
9h00-9h20:
Opening Remarks
Steering
Committee Chair + Program Chair + Logistic Chair
|
9h20-10h30:
Keynote Address
-
Henri Serres: Central Directorate of Information
Systems Security (SGDN/DCSSI)
-
Danny de Temmerman : European Commission –
DG Information Society
|
|
10h30-11h00
: Break
|
11h00-12h30
: CSIRT Operations Session
Session Chair: Andrew Cormack, JANET-CERT
-
Jimmy
Arvidsson (Telia), Incident Organization and Security Incident Handling
-
Marko
Laakso (University of Oulu), Introducing constructive vulnerability
disclosures
-
David
Bratzer (Zero-Knowledge Systems), Experience with Abuse Management in
Privacy-Enhancing Systems
|
|
12h30-14h00
: Lunch Break
|
14h00-15h30
: DoS Session
Session Chair: Kevin Houle, CERT/CC
-
David
Harmelin (Dante), DoS attacks on transit networks
-
Rob
Thomas, What NOT To Do During a DdoS Attack
|
|
15h00-15h30
: Break
|
15h30-17h:
CSIRT Cooperation Session
Session Chair: Jacques Schuurman, CERT-NL
-
Gorazd
Bozic (SI-CERT), Collaboration of European Computer Security and Incident
Response Teams
-
Don
Stikvoort (Stelvio), The Trusted Introducer Service
-
Teams
Update Panel, Klaus-Peter Kossakowski
|
|
19h-2h
: Conference Dinner
|
|
Thursday
|
|
7h00-18h00
: On-site Registration
|
9h00-10h30
: Pro-Active CSIRT tools Session
Session Chair: Claudia Natanson, BTCERTCC
-
HyunWoo
Lee (CERTCC-KR), Experiences with National Wide Scan Detect Systems
-
Philippe
Bourcier (CyberAbuse), The CyberAbuse Project
-
Mark
McPherson (AusCERT), Automated incident report processing and cross
correlation of probe and scan information
|
|
10h30-11h00
: Break
|
11h00-12h30:
Panel Discussion
The
CSIRT model in the real world
Panel
Chair: Klaus-Peter Kossakowski
Members
of the panel:
-
Thierry
Van der Pyl (European Commission)
-
Jorgen
Bo Madsen
-
Andrew
Cormack (JANET-CERT)
-
Kathy
Fithen (PricewaterhouseCoopers)
-
Mark
McPherson (AusCERT)
|
|
12h30-14h00
: Lunch Break
|
14h00-15h00
: Intrusion Detection Session
Session Chair: Hironobu Suzuki, JPCERT/CC
-
Takefumi
Onabuta (Japanese IT Promotion Agency), A Protection Mechanism for an
Intrusion Detection System Based on Mandatory Access Control
-
James
J. Yuill (North Carolina State University), Intrusion-Detection for
Incident-Response, using a military battlefield-intelligence process
|
|
15h00-15h30
: Break
|
15h30-18h:
Annual General Meeting
Attendance and participation at the
FIRST Steering Committee and General Meetings is limited to FIRST team
members and their invited guests, subject to approval by the Steering Committee.
Information about the Annual General
Meeting is available on the AGM page.
|
|
Friday
|
|
7h00-15h45
: On-site Registration
|
9h-9h45:
Keynote Speech
Isabelle
Tisserand (XP Conseil), Human factor in firm security policy
|
9h45-10h45:
Secure Practices Session
Session Chair: Stephen Hansen, Stanford
University
-
Anne
Bennett (Concordia University), Securing web-based applications with
hole-in-the-chroot
-
Franck
Veysset (Intranode), OS Fingerprinting
|
|
10h45-11h15
: Break
|
11h15-12h30
:"Ask the experts" panel
Moderator:
Roger Safian (Northwestern University)
|
|
12h30-14h00
: Lunch Break
|
14h00-15h30:
Post-Mortem Analysis session
Session Chair: Don Stikvoort, Stelvio
-
Philippe
Bourgeois (CERT-IST), Over disk analysis hurdles
-
Wietse
Venema (IBM), Indestructible Information
|
15h30-15h45
: Closing Remarks
Steering
Committee Chair + Program Chair + Logistic Chair
|
