Program Overview

The FIRST Technical Colloquium (TC) event is restricted to FIRST members only and will be held in Oct 11-12, 2006.

Nevertheless, since this will be a joint event with other CSIRT initiatives in the region, there will be two additional events adjacent to the TC in order to achieve non-FIRST-members as well. These two events are the FIRST/TRANSITS Course (Oct 7-8) and the Latin American Security Workshop (Oct 9-10).

Saturday, 7 October

FIRST/TRANSITS course
08:30 – 09:30

Introduction

09:00 – 10:40

Module 1: Organizational Issues

10:40 – 11:00

Coffee break

11:00 – 12:30

Module 1: Organizational Issues (continued)

12:30 – 14:00

Lunch

14:00 – 15:40

Module 2: Operational Issues

15:40 – 16:00

Coffee break

16:00 – 17:00

Module 2: Operational Issues (continued)

17:00 – 18:00

Module 3: Legal Issues

Sunday, 8 October

FIRST/TRANSITS course
09:00 – 10:40

Module 4: Technical Issues

10:40 – 11:00

Coffee break

11:00 – 12:30

Module 4: Technical Issues

12:30 – 14:00

Lunch

14:00 – 15:40

Module 4: Technical Issues (continued)

15:40 – 16:00

Coffee break

17:00 – 18:00

Module 5: Vulnerabilities and Advisories

Monday, 9 October

Security Workshop / 2nd Colaris
09:00 – 09:30
 BR

Open Session

Nelson Simões (Brazilian Academic and Research Network, BR); Liliana Solha (FIRST.Org, BR)

09:30 – 10:00
 GB

FIRST: Improving Security Together

Chris Gibson (FIRST.Org, GB)

10:00 – 10:20

Coffee-break

10:20 – 11:00
 BR

Cybercrimes and the Brazilian Law

Omar Kaminski (CAIS/RNP, BR)

11:00 – 12:00
 US

Keynote Speaker: An APWG Perspective on the Phishing Battle

Patrick Cain (Anti-Phishing Working Group, US)

12:00 – 12:20

Argentina's Government Strategies on the use of Mandatory Information Security Policies

Rodolfo Baader (ArCERT — Argentine Government)

12:20 – 13:50

Lunch

13:50 – 14:30

Internet Security in Brazil: Studies and Initiatives

Marcelo H. P. C. Chaves (CERT.br — The Brazilian Internet Steering Committee)

14:30 – 15:00
 BR

CTIR: Brazilian Government CSIRT

André Caricatti (Brazilian Government, BR)

15:00 – 15:40

Security Challenges in Academic Networks

Francisco. (Paco) Monserrat (IRIS-CERT — RedIRIS); Guilherme Vênere (CAIS/RNP — Brazilian Academic and Research Network)

15:40 – 16:00

Coffee break

16:00 – 18:00
 GB BR US DE

Panel: A Security Incident seen under Different Perspectives

Chris Gibson (Citigroup CIRT, GB); Jacomo Piccolini (ESR/RNP, BR); Omar Kaminski (CAIS/RNP, BR); Patrick Cain (Anti-Phishing Working Group, US); Paul Laudanski (CastleCops, US); Till Dörges (PRE-CERT — PRESECURE Consulting GmbH, DE)

Tuesday, 10 October

Security Workshop / 2nd Colaris
09:00 – 09:30
 BR

Internet Storm Center: New Challenges

Pedro Bueno (SANS Institute, BR)

09:30 – 10:30
 PL

Keynote Speaker: Stealth Malware - Can Good Guys Win?

Joanna Rutkowska (COSEINC, PL)

10:30 – 10:50

Coffee-break

10:50 – 11:20

Forensic Challenge III

Francisco. (Paco) Monserrat (IRIS-CERT — RedIRIS)

11:20 – 12:00
 US

Cyber Security - Real World Threats

Ewerton Vieira (Arbor Networks, US)

12:00 – 12:40
 US

Wireless @ DefCon

Luiz Eduardo dos Santos (Aruba Networks, US)

12:40 – 14:00

Lunch

14:00 – 14:50
 PE

Security Policies in LA : Which is the Focus of the Regional Strategies?

Erick Iriarte Ahon (LacTld, PE)

14:50 – 15:50
 US

Keynote Speaker: Forensic Discovery

Dr. Wietse Z. Venema (IBM, US)

15:50 – 16:10

Coffee-break

16:10 – 16:50
 BR

Cracking-down Phishing Infrastructure in Brazil

Sérgio Luís Fava (Brazilian Federal Police, BR)

16:50 – 17:40
 US

Keynote Speaker: Phishing Incident Reporting and Termination

Paul Laudanski (CastleCops, US)

17:40 – 18:00

Closing remarks

Wednesday, 11 October

Technical Colloquium – Plenary Sessions
08:30 – 09:00

Registration

09:00 – 09:10

Open FIRST TC Day Chair

09:10 – 09:50

PHP attacks and exploitation in Brazil

Ivo Carvalho Peixinho (CAIS/RNP — Brazilian Academic and Research Network)

09:50 – 10:20

Malware Collection and Analysis in Argentina

Rodolfo Baader (ArCERT — Argentine Government)

10:20 – 10:40

Coffee break

10:40 – 11:20
 US

FIRST and APWG working together

Patrick Cain (Anti-Phishing Working Group, US)

11:20 – 11:50
 US

Auditing and Protecting Wireless Networks

Jason Falciola (IBM, US)

11:50 – 13:00
 JP

Subverting Vista Kernel for Fun and Profit (Invited Speaker)

Tomohiko Yamakawa (NTT DATA, JP)

13:00 – 14:30

Lunch

14:00 – 14:30
 DE

Early Warning Systems and Politics' Quest for the Silver Bullet

Till Dörges (PRE-CERT — PRESECURE Consulting GmbH, DE)

14:30 – 15:00

FIRST SC Update

SC Members (FIRST.Org)

15:00 – 16:30

Work in Progress Session

Various FIRST Members

16:30 – 16:50

Coffee Break

16:50 – 17:30
 BR

Brazilian Underground Hacker Activities

Jacomo Piccolini (ESR/RNP, BR)

Thursday, 12 October

Technical Colloquium – Hands-On Class
08:30 – 12:00

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT — RedIRIS)

 US

CVSS trainning

Gavin Reid (Cisco Systems); Mike Scheck (Cisco PSIRT, US)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

 SE

Solaris Auditing

Martin Englund (Sun — Sun Microsystems, SE)

12:00 – 13:30

Lunch

13:30 – 17:00

Botnet Malware Analysis

Francisco. (Paco) Monserrat (IRIS-CERT — RedIRIS)

 US

CVSS trainning

Gavin Reid (Cisco Systems); Mike Scheck (Cisco PSIRT, US)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

 SE

Solaris Auditing

Martin Englund (Sun — Sun Microsystems, SE)