Additional Programming


Sunday, June 16th

FIRST Training

FIRST is offering training courses on Sunday, 16 June. They require an additional registration, free of charge to the conference participants in the link below:

Register to FIRST Training

Sunday, 16 June

Menteith
Level -1
Lowther
Level -1
Kilsyth
Level 0
Tinto
Level 0
09:00 – 10:30
 LU

Forensics Challenge Workshop (Full-Day)

Michael Hamm (CIRCL, LU)

 CH

IPv6 Security (Half-Day, Morning)

Frank Herberg (SWITCH-CERT, CH)

 US

Train the Trainer: DDoS Mitigation (Half-Day, Morning)

Krassimir Tzvetanov (US)

SIM3 for CSIRT Maturity Assessment (Full-Day)

Olivier Caleff, Miroslaw Maj, Don Stikvoort (OpenCSIRT Foundation)

10:30 – 10:45

Break

10:45 – 13:00
 LU

Forensics Challenge Workshop (Full-Day)

Michael Hamm (CIRCL, LU)

 CH

IPv6 Security (Half-Day, Morning)

Frank Herberg (SWITCH-CERT, CH)

 US

Train the Trainer: DDoS Mitigation (Half-Day, Morning)

Krassimir Tzvetanov (US)

SIM3 for CSIRT Maturity Assessment (Full-Day)

Olivier Caleff, Miroslaw Maj, Don Stikvoort (OpenCSIRT Foundation)

13:00 – 14:00

Lunch Break -- Lunch Not Provided

14:00 – 15:30
 LU

Forensics Challenge Workshop (Full-Day)

Michael Hamm (CIRCL, LU)

 CH

Train the Trainer: IPv6 Security (Half-Day, Afternoon)

Frank Herberg (SWITCH-CERT, CH)

 US

DDoS Mitigation (Half-Day, Afternoon)

Krassimir Tzvetanov (US)

SIM3 for CSIRT Maturity Assessment (Full-Day)

Olivier Caleff, Miroslaw Maj, Don Stikvoort (OpenCSIRT Foundation)

15:30 – 15:45

Break

15:45 – 18:00
 LU

Forensics Challenge Workshop (Full-Day)

Michael Hamm (CIRCL, LU)

 CH

Train the Trainer: IPv6 Security (Half-Day, Afternoon)

Frank Herberg (SWITCH-CERT, CH)

 US

DDoS Mitigation (Half-Day, Afternoon)

Krassimir Tzvetanov (US)

SIM3 for CSIRT Maturity Assessment (Full-Day)

Olivier Caleff, Miroslaw Maj, Don Stikvoort (OpenCSIRT Foundation)

GFCE Meeting: Taskforce on Cyber Incident Management

The Global Forum on Cyber Expertise is a global forum on cyber capacity building. This is a meeting of the Taskforce on Cyber Incident Management within the GFCE, which focuses on: (1) collecting incident management capacity building good practices and publishing them, (2) being a broker between GFCE members on capacity building requests, and (3) develop a global capacity measurement standard under leadership of Don Stikvoort, with consulting support from TNO, the Dutch government research organization and ENISA.

This meeting will take place on Sunday, 16 June in the Sidlaw room from 9am-3pm and participation is by invitation only. Inquiries should be directed to maarten@first.org and nynke.stegink@thegfce.org.

Date/Time Location
Sunday 16th, 09:00 – 15:00 Sidlaw

FIRST & AWS 2019 Security Jam!

Join us for an afternoon of fun challenges with an IR twist. We will provide the beat and the incident response scenarios where you can learn new skills and practice current ones against a set of simulated security incidents. Can you identify what caused the blues? What would you do differently? How can you architect multiple AWS services to prevent it from happening again? How do you automate the incident response? Take part in our jam to find out!

As the challenges develop, you will take the initial infrastructure, and challenge by challenge, improve it into a resilient and secure deployment. Use your knowledge of AWS services and information security to perform incident response in the cloud and forensic analysis to find out whodunit! We will have a number of experienced AWS experts in the room that will be available to discuss ideas, provide guidance and in general help your team get through any roadblocks that pop up. New to AWS? New to security? Come and join us! Our activities are structured to accommodate AWS users of all levels. We have AWS experts, plus guided exercises, that will ramp up your security knowledge. We will form team on the spot, provide 10 challenges to tackle. You score the points by solving and get some cool swag for all participants and a special prize for the winning team!

Date/Time Location
Sunday 16th, 14:00 – 19:00 Pentland Auditorium

Monday–Friday, June 17th–21st

Birds of a Feather (BoFs)

Bird of a Feather Sessions, activities primarily focus on meetings which take place at the conference based on the interest of a number of members. They are not necessarily intended to lead to year round work.

BoF sessions are scheduled to take place during before conference sessions begin (8-9am) or following the final session of the day. We will have an up-to-date-schedule and bulletin board near the registration desk onsite. Attendees are welcome to request a BoF in advance by emailing first-sec@first.org and please include:

BoFs are informal or interactive discussions (not conference presentations) and marketing/product presentations are strictly prohibited. BoFs are assigned on a first come, first served basis and room assignment space is limited. A Schedule of BoFs will be posted once confirmed.

Wednesday, June 19th

PGP Key Signing

Get your PGP Key signed to increase trust!

Date/Time Location
Wednesday, June 19th 10:45 – 11:15 PStrathblane Hall
Thursday, June 20th At AGM in the back of the room

Alexander Jaeger (FIRST)

Why?

PGP is one of the foundations of the security community, and to rely on PGP there needs to be trust in the PGP keys. The trust is made by signatures and validation of identity. FIRST facilitates this community effort by hosting PGP Key signing events.

We will have at least two PGP Key signing events – listen to the opening remarks or a remark at registration desk for changes in regards time/date.

In the past we did not sign team keys and we do not plan to change that.

Preparation before the conference

For those who haven’t participated in the past years it will go like to following:

Hint: Please do not upload your key an hour before the key signing, as I might be printing out the keyring a few hours earlier.

Friday–Saturday, June 21st–22nd

NatCSIRT Meeting 2019

14th Annual Technical Meeting for CSIRTs with National Responsibility

Is your organization responsible for protecting the security of nations, economies, and critical infrastructures? If so, attend NatCSIRT 2019 to discuss with your peers the unique challenges you face every day. You will drive discussions that focus on current issues, tools, and methods relevant to the National CSIRT community. This year's meeting is co-located with the 31st Annual FIRST Conference in Edinburgh. This meeting is by invitation only and more details can be found at http://www.cert.org/natcsirt/.