33rd Annual FIRST Conference Virtual Event

Conference Program At-A-Glance

Agenda Last Updated May 14, 2021. The agenda is currently pending additional session confirmations. Please check back frequently for the latest updates. Please keep in mind that all times are displayed in UTC - please check for your local times.

To view the main session catalog, on-demand catalog, and workshop catalog (workshop registration coming soon), please select the option from the main menu under Program. You may also access speaker bios from the catalogs.

If you wish to participate in any of the WorkAdventure activities, please submit your registration for access.

Lastly, please be sure you read the Conference Q&A so you know what to expect.

Pre-Con | Sunday, June 6

Live Schedule (UTC) WorkAdventure
21:00-22:00
Social Event: Open Networking and Explore the Conference Venue

Day 1 | Monday, June 7

Live Schedule (UTC) Breakout 1 Breakout 2 Breakout 3 WorkAdventure
12:00 - 12:15 Opening Remarks
12:15 - 13:15 Keynote Presentation: An Unauthorized Exchange - From Targeted Espionage to the Global Cyber Pandemic
Steven Adair (Volexity, Inc., US)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
13:15 - 13:30 BREAK
13:30 - 14:00 Tech / Intermediate
Practical Attack Vectors and Their Ideal Defensive Strategies for ICS & SCADA

Mars Cheng, YenTing Lee (TXOne Networks, TW)
Mgmt / Intermediate
Building PPP Resilience Through National Level Cyber Exercises

Antti Nyqvist (Technology Industries of Finland, FI), Julia Vainio (NCSC-FI, FI)
Mgmt / Beginner
A Playbook for Effective Corporate Communication After a Cyber Security Incident

Dr. Jason Nurse (University of Kent, UK)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
14:00 - 14:30 Tech / Beginner
The Rise of the Eternal Botnet

David Sancho (Trend Micro, ES)
Mgmt / Intermediate
A Supply Chain Incident of Major Influence in Israel

Chen Girat (INCD, IL)
Mgmt / Beginner
Coming Together Under a Pandemic - Case Study on the COVID-19 MISP Information Sharing Community

Andras Iklody, Alexandre Dulaunoy (CIRCL, LU)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
14:30 - 14:45 BREAK
14:45 - 15:15 Tech / Beginner
Practical ISP CSIRT Incident Handling with Network Flows, ELK Stack and Cybersecurity Intelligence Signal - NIMBUS, A Community Service from Team Cymru.

Francisco Badaro (ITS Telecomunicacoes, BR), James Shank (Team Cymru, US)
Academic / Beginner
Incident Response as a Lawyers' Service

Dr. Daniel Woods (University of Innsbruck, AT)
Mgmt / Intermediate
Between the Chair and the Keyboard: Creating Security Culture

Wolfgang Goerlich (Duo, US)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
15:15 - 15:45 Tech / Advanced
Surviving a Ransomware Attack - Lessons from the Field

Peter Morin (Grant Thornton, CA)
Mgmt/Beginner
DNS is Under Attack - the Miscreant's Offensive Playbook with a Defensive Counter

Barry Greene (Akamai, US)
Mgmt / Beginner
Don't You Know That You're Toxic? Moving Towards Positive Security Practices within your Organisation

Nicole Harris (GEANT, UK), Sigita Jurkynaite (NRD CIRT)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
16:00 Social Event: Gold Sponsor Scavenger Hunt & Sponsor Booth Crawl

Day 2 | Tuesday, June 8

Live Schedule (UTC) Breakout 1 Breakout 2 Breakout 3 WorkAdventure
12:00 - 12:30 Tech / Intermediate
Scoring Security Vulnerabilities in Medical Devices: Rubric for CVSS

Nitin Lakshmanan, Sunil Kumar S (Deep Armor, IN)
Mgmt / Intermediate
Root Cause Analysis (RCA) in Dell PSIRT

Arkadeep Kundu (Dell Technologies, IN), David Spencer (Dell Technologies, US)
Tech / Advanced
How to Apply the Machine Learning Appropriate Way for Your Security Operation

Kunihiko Yoshimura (Fujitsu, JP)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
12:30- 13:00 Tech / Beginner
Simple Method of Automatic Risks Assessment for Web Systems Considering Assets Sensitivity

Mitsuharu Sasaki (NTT, JP)
Mgmt / Beginner
The CAIS/RNP Experience in Brazilian General Data Protection Law (LGPD) Compliance

Cleberson Silva (RNP - Rede Nacionial de Pesquisa e Ensino, BR)
Tech / Intermediate
CGN - Carrier Grade NAT - Carrier Grade Problems

Simon Kenin (Independent Consultant, IL)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
13:00 - 13:15 BREAK
13:15 - 14:15 Keynote TBA Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
14:15 - 14:30 BREAK
14:30 - 15:00 Tech / Intermediate / PRE
Breaking the Chain of Trust

Alex Bazhaniuk, Jesse Michael, Mickey Shkatov (Eclypsium, US)
Tech / Advanced
Panel: Towards Real World Cyber Risk

Eireann Leverett (Airbus, UK), Matilda Rhode (Airbus, UK), Sasha Romanovsky (RAND, US), Jay Jacobs (Cyentia, US), Luca Allodi (Eindhoven University of Technology, NL)
Tech / Intermediate
Improving Internet Wide Scanning with Dynamic Scanning

Alexandre Dulaunoy (CIRCL, LU)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag
15:00 - 15:30 Tech / Intermediate / PRE
From RATs to Extorting Multibillion Companies: The Evolution of a Modern Ransomware Group

Fernando Merces (Trend Micro, BR)
Tech / Advanced
Panel: Towards Real World Cyber Risk (continued)
Mgmt / Intermediate
From 2017 to 2021: Integration of an Operational Situation Awareness Team to a CSIRT - The Need for Specific Mssions When Scaling-up.

Lena Elemento, Esther Lyonnet (ANSSI - CERT-FR, FR)
Speaker Q&A, Networking, Exhibitor Hall, Capture the Flag

Day 3 | Wednesday, June 9

Live Schedule (UTC) Breakout 1 Breakout 2 Breakout 3 WorkAdventure
12:00 - 12:30 Tech / Intermediate
Attacking Bluetooth LE Design and Implementation in Mobile + Wearables Ecosystems

Sumanth Naropanth, Rahul U (Deep Armor, IN)
Mgmt / Intermediate
Step 0 for a Multi-party Vulnerability Coordination is Yet Another Multi-party Vulnerability Coordination

Umair Bukhari (Ericisson, FI)
Mgmt / Intermediate
Considerations in CSIRT Activities in the Risk of Infection with New Real Viruses

Seiichi Komura (NTT Advanced Technology, JP)
Speaker Q&A, Networking, Exhibitor Hall
12:30 - 13:00 Tech / Intermediate
Attack Defense Graph analysis for supporting SOC and CSIRT operations

Frank Fransen (TNO, NL), Erik Ringdahl (foreseeti, SW)
Mgmt / Advanced
Connecting the Dots in a Cyber Pandemic Era

Dana Toren (INCD, IL)
Tech / Beginner
Conduct Threat Briefing to gain CISO support & Security Operations Team vigilance

Angela Wu (VMware, SG)
Speaker Q&A, Networking, Exhibitor Hall
13:00 - 13:15 BREAK
13:15 - 13:45 Tech / Intermediate
CSAF 2.0 - A new start to automate advisories

Thomas Schmidt (CERT Bund, DE)
Mgmt / Intermediate
Influence Operations

Krassimir Tzvetanov (Purdue University, US)
Tech / Intermediate
From a hospital into the Realm of Hades

Alberto Magallon Sabado, Juan Gonzalez (ybersecurity Agency of Catalonia, ES)
Speaker Q&A, Networking, Exhibitor Hall
13:45 - 14:15 Tech / Intermediate
Defense Through Invisibility: Zero Trust Security for the Enterprise

Jason Garbis (Individual Contributor, US)**
Mgmt/Beginner
Story Telling Through Reports

James Potter, Raja Jasper (Huntington Bank, US)
Tech / Intermediate
Dispatch: Crisis Management Automation for the Entire Organization

Marc Vilanova, Kevin Glisson (Netflix, US)
Speaker Q&A, Networking, Exhibitor Hall
14:15 - 14:30 BREAK
14:30 - 15:30 Keynote TBA Speaker Q&A, Networking, Exhibitor Hall
15:45 - 16:30 Closing Remarks
16:30-17:00 Closing Social Event - Last Day for Networking and Exhibitor Hall

Post-Con, Member-Only | Thursday, June 10

Live Schedule (UTC) Member-Only Access
13:00
FIRST Annual General Meeting

Post-Con, CTF Participants | Friday, June 11

Live Schedule (UTC) CTF Participants and General Interest
TBD
SecLounge Capture the Flag Closing Remarks and Awards Presentation