Program Overview

FIRST/TF-CSIRT Technical Colloquium (TC) 2012. The event will be held from 30 January until 1 February 2012 at the Aula Magna del Rettorato in Rome, Italy. This is a joint event of FIRST and TF-CSIRT hosted by TERENA, GARR-CERT and Roma Tre University.

Call for Speakers

FIRST is also looking for speakers that would like to present during FIRST/TF-CSIRT Seminar and for the FIRST Hands-On Classes. This is a GREAT opportunity to give something back to FIRST, and some suggested topics are as follows:

For your submission, please provide the following information:

For the Hands-On day, we are looking for presenters to lead a demonstration or a hands-on exercise. Each instructor is expected to prepare their own material and to bring their own equipment and attendees are expected to bring their own laptop computers and power converters/adaptors. Instructors should expect to work with groups up to 30 students. The duration of each demo or exercise should be 2-3 hours, so that it can be run once in the morning and once in the afternoon. Please advise whether you need any additional equipment or facilities.

If you're interested in speaking or instructing a Plenary Session or Hands-on class, please get in contact with me ( and Jacomo Piccolini ( ). We're hoping to have a draft program in place by December, so please get in touch with us ASAP.

Monday, 30 January

TF-CSIRT Meeting
09:00 – 12:30

Trusted Introducer Meeting - TI-accredited CSIRTs and TI Review Board

Auditorium, Aula Magna del Rettorato

12:30 – 13:30


13:30 – 17:00

35th TF-CSIRT meeting

Auditorium, Aula Magna del Rettorato

17:00 – 17:30

Coffee break

17:30 – 18:30

TI Review Board

Auditorium, Aula Magna del Rettorato

20:00 – 22:00

Tuesday, 31 January

09:00 – 09:10


Kenneth van Wyk, FIRST & Lionel Ferette, TF-CSIRT Auditorium, Aula Magna del Rettorato

09:10 – 09:40

Remediation Efforts, Private-Private-Public Relationships, and the Working Group Model

Eric Ziegast, ISC

09:40 – 10:10

The OWASP Top 10 Mobile Security Risks

Kenneth R. van Wyk (KRvW Associates, LLC, US)

10:10 – 10:30

Dealing with the whole country: creating a National CSIRT

Baiba Kaskina (CERT NIC.LV, LV)

10:30 – 11:00

Coffee break

11:00 – 11:30

INTERPOL Cybercrime Initiatives

Vincent Danjean (INTERPOL)

11:30 – 12:00

Tackling hideous crimes on the hidden web

Eileen Monsma (Dutch National High Tech Crime Unit)

12:00 – 12:15

OAS Cyber Security Roundtable

Mirek Maj

12:15 – 13:15


13:15 – 14:00

The DigiNotar incident and aftermath: avoiding SSL-mageddon

Aart Jochem (GOVCERT.NL)

14:00 – 14:30

Titan: a grid facility incident

Leif Nixon (European Grid Infrastructure); Margrete Raaum (UiO-CERT)

14:30 – 15:00

The WOW Effect: how Microsoft's WOW64 technology unintentionally fools IT Security analysts

Christian Wojner (, AT)

15:00 – 15:30

Coffee break

15:30 – 16:00

Countering Anti-Phishing Countermeasures

Vincent Hinderer (CERT-LEXSI, FR)

16:00 – 16:20

Malicious Domain Manager

Michal Prokop (CSIRT.CZ, CZ)

16:20 – 16:30

Analysing and mapping the ZeuS P2P+DGA variant network

Tomasz Bukowski (CERT Polska)

Wednesday, 1 February

09:00 – 12:30

FIRST Hands-On Class 1: Introduction into YARA, the malware classification tool

Andreas Schuster (Deutsche Telekom AG, DE)

FIRST Hands-On Class 2: iOS app security hands-on

Ken Van Wyk (KRvW Associates, LLC)

RTIR BoF: Discussion about future development of RTIR software

Sala Tesi, Aula Magna del Rettorato

TRANSITS Trainers' Workshop

Sala 1, GARR Offices

12:30 – 13:30


13:30 – 17:00

FIRST Hands-On Class 3

To be confirmedAuditorium, Aula Magna del Rettorato


FIRST Hands-On Class 4: Introduction into YARA, the malware classification tool - repeat of Class 1

Andreas Schuster (Deutsche Telekom AG, DE)

TRANSITS Trainers' Workshop

Sala 1, GARR Offices