EventProgram: {content: "The FIRST Technical Colloquium (TC) event is restricted to FIRST members only and will be held in April 12-16, 2007.

\nThe Doha TC marks the inaugural FIRST event in the Middle East region. The Doha TC will offer a wide range of presentations on topics in Information Security. Topic areas include Identity Theft, Privacy, Standards, Compliance (technical or legal), Cyber Crime, Law Enforcement, Incident Response, Damage Mitigation & Recovery, Vulnerabilities, Risk and Threat Assessment, and relevant Case Studies.

\nProgram details on the FIRST TC itself are available for FIRST members only, directly through the Members only website, which you can access using your certificate.

\nPlease note: the program schedule is not in its final version, adjustments still can occur.

", event: '49', hidedates: '2007-04-13' }

Thursday, April 12th

Local Q-CERT event (April 12th) – open to FIRST members
09:00 – 12:00

Managing Organizational Information Security

Q-CERT

Friday, April 13th

Hands-on Classes (April 13th) – FIRST members only
08:15 – 09:30

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT – RedIRIS)

 MY

Capturing malware with Nepenthes

Adli Abdul Wahid (APNIC, MY); Mahmud Ab Rahman (MyCERT – CyberSecurity Malaysia, MY)

 NL

Network Forensics with netflowtools

Werner Schram (SURFnet-CERT); Wil Biemoit (SURFnet-CERT, NL)

 US

Writing Good Security Advisories: A Hands-On Guide to Delivering Bad News in the Best Possible Way

James N. Duncan (BB&T Corporation, US)

09:30 – 10:00

Coffee break

10:00 – 12:00

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT – RedIRIS)

 MY

Capturing malware with Nepenthes

Adli Abdul Wahid (APNIC, MY); Mahmud Ab Rahman (MyCERT – CyberSecurity Malaysia, MY)

 NL

Network Forensics with netflowtools

Werner Schram (SURFnet-CERT); Wil Biemoit (SURFnet-CERT, NL)

 US

Writing Good Security Advisories: A Hands-On Guide to Delivering Bad News in the Best Possible Way

James N. Duncan (BB&T Corporation, US)

12:00 – 13:00

Lunch

13:00 – 15:00

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT – RedIRIS)

 NL

Network Forensics with netflowtools

Werner Schram (SURFnet-CERT); Wil Biemoit (SURFnet-CERT, NL)

 US

Writing Good Security Advisories: A Hands-On Guide to Delivering Bad News in the Best Possible Way

James N. Duncan (BB&T Corporation, US)

15:00 – 15:30

Coffee break

15:30 – 16:30

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT – RedIRIS)

 NL

Network Forensics with netflowtools

Werner Schram (SURFnet-CERT); Wil Biemoit (SURFnet-CERT, NL)

 US

Writing Good Security Advisories: A Hands-On Guide to Delivering Bad News in the Best Possible Way

James N. Duncan (BB&T Corporation, US)

Saturday, April 14th

FIRST TC Plenary Session (April 14-15th)
08:15 – 08:30

FIRST TC Opening announcements

08:30 – 09:30
 AU

Haxdoor case study

Robert Lowe (AusCERT, AU)

09:30 – 10:00

Coffee break

10:00 – 11:00
 NZ

Phishing - A Global Issue in Need of a Global Approach

Arjen de Landgraaf (Co-Logic Security, Ltd, NZ)

11:00 – 12:00

System Investigation on Incident Response at NTT-CERT

Hirohisa Yamagami (NTT-CERT)

12:00 – 13:00

Lunch

13:00 – 14:00

A Study on Multilayer Combined Wide Area Monitoring

Hitachi Incident Response Team (HIRT)

14:00 – 15:00

Security Measures for the FIFA WC2006 in Germany ... from physical security to DDoS defending

Peter Quick (Telekom-CERT – Deutsche Telekom)

15:00 – 15:30

Coffee break

Sunday, April 15th

FIRST TC Plenary Session (April 14-15th)
08:15 – 08:30

FIRST TC Opening announcements

08:30 – 09:30
 US

Cyber Forensics ­ Emerging Trends in Live System Memory Acquisition an Analysis

Matthew Geiger (CERT/CC – Carnegie Mellon University, US); Rich Nolan (CERT/CC, US)

09:30 – 10:00

Coffee break

10:00 – 11:00

State of Cyber Security in the Gulf Region

11:00 – 12:00

Gulf Region Panel

12:00 – 13:00

Lunch

13:00 – 14:00
 QA

ISO 27001 Standard

Bill Wilson, Farrukh Ahmad (Q-CERT, QA)

14:00 – 15:00
 BR NL KR

HoneyPot Networks ­ National Case Studies from Brazil, Netherlands and Korea : Panel Discussion

Cristine Hoepers, Klaus Stedding-Jessen (CERT.br - Brazilian Internet Steering Committee, BR); Dave Woutersen (GovCERT.NL, NL); Woo-Han kim (KrCERT/CC, KR)

15:00 – 15:30

Coffee break

15:30 – 16:30
 BR

HoneyPot Networks

Cristine Hoepers, Klaus Stedding-Jessen (CERT.br - Brazilian Internet Steering Committee, BR)

Monday, April 16th

Regional workshop (April 16th) – open to FIRST members
08:15 – 08:30

Regional Greeting

08:30 – 09:30
 SI MY US

National & Regional CSIRTs

Gorazd Bozic (SI-CERT – TF-CSIRT chair, SI); Husin Jazri (APCERT, MY); Robin Ruefle (CERT/CC – Carnegie Mellon University, US)

09:30 – 10:30
 AU

Overview of AusCERT

Robert Lowe (AusCERT, AU)

10:30 – 11:00

Coffee break

11:00 – 12:00
 US

Network Situational Awareness

Roman Danilyw (CERT/CC, US)

12:00 – 13:00
 US

An Overview of Encryption

Sven Dietrich (CERT/CC, US)