Program Overview

Thursday, 18 February

Track 1 (Room 110)Track 2 (Room 120)
08:00 – 08:30

Check In (Coffee, OJ, Muffins, Pastry, Fruit)

08:45 – 09:00

Welcome

09:00 – 10:00

Riding the Storm with The Weather Company

Ivan Milman

10:00 – 10:15

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

10:15 – 11:00

Behind the Curtain: Insider Insights into PC Industry Security

Bill Jaeger

Embargoing the Open: Challenges for temporary secrecy in open-source

Fábio Olivé, Christopher "CRob" Robinson

11:00 – 11:15

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

11:15 – 12:00

Hardware Security Considerations and Challenges

Stephen Trimberger

Working with vulnerability researchers - the Cisco PSIRT experience

Dario Ciccarone

12:00 – 13:00

Lunch (sandwich deli buffet with either salad or chips, and soda or water)

13:00 – 13:45

Incident Response - an Industrial Control System Manufacturer's Perspective

Tobias Limmer

Working with vulnerability researchers - the Cisco PSIRT experience

Dario Ciccarone

13:45 – 14:00

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

14:00 – 14:45

Weaknesses v. Vulnerabilities: Shifting the Focus to Improve Product Security

Jim Duncan

The C.I.A. Always Asks for Authorization

Nikola Vouk

14:45 – 15:00

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

15:00 – 16:00

IBM Secure SDLC: Engineering Software and Cloud Services with Security in Mind

Jim Whitmore

Daily Life of a PSIRT Engineer

Bin "Sinbad" Zhou

16:00 – 16:15

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

16:15 – 18:00

Birds of a Feather Session (Open to all PSIRT Teams) Moderated by Lisa Bradley

18:00 – 20:00

Friday, 19 February

Track 1 (Room 110)Track 2 (Room 120)
08:30 – 09:00

Check In (Coffee, OJ, Muffins, Pastry, Fruit)

09:00 – 10:00
 US

Update on the FIRST CSIRT Services Framework - How we can adapt it for PSIRTs

Peter G. Allor (IBM Internet Security Systems, US)

10:00 – 10:15

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

10:15 – 11:00

Application Security at the Speed of DevOps

Tony Rice

 US

Pushing your CSIRT to its limits with tabletop drills

Kenneth R. van Wyk (KRvW Associates, LLC, US)

11:00 – 11:15

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

11:15 – 12:00

Application Security Awareness: Building an Effective and Entertaining Security Training Program

Chris Romeo

Open Source Security – What Security Testing Tools Miss

Mike Pittenger

12:00 – 13:00

Lunch (sandwich deli buffet with either salad or chips, and soda or water)

13:00 – 13:45

Harmonizing Coordinated Vulnerability Disclosure Policy Efforts

Art Manion

Tales from the Cisco PSIRT Crypt: Case Studies of the Evolution of PSIRTs & Today’s Threats

Dario Ciccarone

13:45 – 14:00

Break: Q&A, Meet People, Move to Next Talk (Coffee will be available)

14:00 – 14:45

Issues, lessons learned through the eyes of JPCERT/CC on the vulnerability handling framework in Japan

Masaki Kubo (JPCERT), Takayuki Uchiyama (JPCERT)

Rapid Product Security Incident Response Using a Workflow Based Solution

Rod Henderson, Diane Mickelson

14:45 – 15:00

CLOSED