FIRST Annual Conference 2008

The Cisco CSIRT team provided the network connectivity for the 20th annual FIRST conference in Vancouver, BC Canada in June 2008.

Thu, 25 Sep 2008 21:49:00 +0000

The Cisco CSIRT team provided the network connectivity for the 20th annual FIRST conference in Vancouver, BC Canada in June 2008. Through the deployment of their "mobile monitoring rack", the CSIRT built and managed a secure and fast conference network. Many security technologies were put in place to protect the attendees from malicious websites and malware throughout the span of the event resulting in hundreds of blocked connections to "bad" sites and banner ads as well as protection from Internet attacks towards the conference network.

That's All Folks : A Last Post from FIRST 2008

Mon, 14 Jul 2008 00:00:00 +0000

Well that's your lot for now, podcast and blog wise. I'll occasionally be checking in and perhaps if the guys at ITProportal let me, even publish a few more rants and podcasts here.

Recovery when disaster strikes

Thu, 10 Jul 2008 00:00:00 +0000

In this year’s 2008 FIRST conference, keynote speaker, Microsoft's George Stathakpolous showed us some statistics which indicated that Japan had the least amount of malware infections in the world by a huge order of magnitude. In addition Japan is a country that has had to cope with a large amount of natural disasters and yet they are still one of the most feared economies in the world. 

Japan Cert technical director discusses FIRST 2009

Thu, 10 Jul 2008 00:00:00 +0000

In this short podcast, FIRST steering committee member and Director of Technical Operations for Japan Cert, Yurie Ito gives us the inside information on the 2009 FIRST Conference in Kyoto.

FIRST Program Chair: Podcast

Wed, 09 Jul 2008 00:00:00 +0000

Whilst working at the FIRST 2008 Conference, I got to share an office with the 2008 and 2009 program chairs, who would share with me some pretty interesting and useful aspects of how members can influence the FIRST security conference program structure.  So I couldn't resist having a podcast with them. 

In this podcast 2008 and 2009 FIRST Program Chairs, Reneaue Raulton and Mick Creane share their thoughts on the conference programs and how you can incluence the direction of the program as well as win a prize for coming up with a great theme for a conference.

Security vs Civil Liberties

Tue, 08 Jul 2008 00:00:00 +0000

There are some who would want to remove the anoymity of the internet to help protect against cyber crime.  This is in itself a noble idea but as security people we should be ever mindful that we are here to enable people.  I think the following really expresses the opposing view.

Establishing End to End Trust Summary

Tue, 08 Jul 2008 00:00:00 +0000

This is my last blog on Microsoft's End to End Trust vision.  It looks at a different way of viewing security and summarises my thoughts after the disucssions I had with keynote speakers, Microsoft's George Stathakopolous, Ivan Krsti? and Cisco's John Stewart.  Do go to the links for Microsoft and add your comments, good or bad.

CVSS-SIG successful working meeting during the 20th annual FIRST conference

Mon, 07 Jul 2008 18:43:00 +0000

The Common Vulnerability Scoring System Special Interest Group (CVSS- SIG) had a very busy and successful working meeting during the 20th annual FIRST conference in Vancouver. We covered many of the CVSS use cases post v2 deployment - namely PCI and S-CAP - thanks for all the great participation.

Microsoft Trusted Stack: The Software Stack

Mon, 07 Jul 2008 00:00:00 +0000

In this blog we look a the difficulties of software trust which is the third component of the Microsoft Trust Stack. 

Trust in People

Trust in Data

Trust in Software

Trust in O/S

Trust in Hardware

 

Internationality of FIRST Podcast

Mon, 07 Jul 2008 00:00:00 +0000

As we've mentioned over and over again, FIRST is a truly international conference aimed at enabling delegates worldwide to network and swap stories and tips to better defend their environments and systems.   In this podcast, Uri, a delegate from Estonia, talks about why he enjoys being at FIRST over other conferences.

Microsoft Trusted Stack: Hardware and O/S

Mon, 07 Jul 2008 00:00:00 +0000

In this blog we look a the difficulties of hardware and O/S trust which are the forth and fifth elements of the Microsoft Trust Stack.  

Chairing FIRST

Fri, 04 Jul 2008 00:00:00 +0000

What is it like being a Chairman and a Vice Chair.  Long time steering committee member, Kennneth R Van Wyk has given his time to work in several of these positions. In this short podcast he tells us what they do and why they are important to the smooth running of the FIRST organisation.

Can We Ever Trust People?

Fri, 04 Jul 2008 00:00:00 +0000

Can we ever trust any kind of identity module?  What if everyone had a chip to identify them and this chip was required to logon to a computer, network or the internet?  Would this be failsafe?  We think not.  Here's why.

Trusted Stack Issues

Fri, 04 Jul 2008 00:00:00 +0000

Ben begins a series on perceived issues with the Microsoft Trusted Stack model

Can We Really Trust Data?

Fri, 04 Jul 2008 00:00:00 +0000

Continuing a series of blogs on the Microsoft Trusted Stack model, Ben Chai looks at whether we can ever really trust data.

Microsoft and FIRST Security Podcast

Thu, 03 Jul 2008 00:00:00 +0000

In this three minute podcast, Ben Chai finds out why George Stathakopolous, general manager of security at Microsoft enjoys being at FIRST.

First Conference Liaison

Thu, 03 Jul 2008 00:00:00 +0000

In this podcast, Peter Allor of IBM tells Ben Chai what it’s like being the FIRST 2008 Conference Liaison and the importance of this role for the FIRST membership.

The Trusted Stack

Thu, 03 Jul 2008 00:00:00 +0000

What is the trusted stack and how can it help improve your overal security posture?

Beyond SD3

Wed, 02 Jul 2008 00:00:00 +0000

Back in 2001, Microsoft's security strategy was originally the 3Ds

  • Secure by Design
  • Secure by Default and
  • Secure in Deployment

Since then they have had evolved this strategy to cope with the modern day threat landscape.

End to End Trust? The Next Security Era?

Wed, 02 Jul 2008 00:00:00 +0000

End to End Trust - a new framework for secure business transactions.  What is it and how does it work?  This blog is based on George Stathakopolous, general manager of security engineering and communications at Microsoft Keynotes talk at FIRST 2008.

Podcast : The Dark Future of the Desktop

Mon, 30 Jun 2008 00:00:00 +0000

Ivan Krstic, the second keynote speaker, at the FIRST 2008 conference talks about how each component within a system from the CPU, motherboard, graphics card, coolant system up to the hard disk and network card could be hacked or have malware inserted.

Focused Malware Podcast

Mon, 30 Jun 2008 00:00:00 +0000

Malware has mushroomed and evolved.  No longer is malware an attack all problem.  It has become focused on countries and industries

Blended Attacks using Social Engineering Podcast

Mon, 30 Jun 2008 00:00:00 +0000

In this podcast, Peter Wood of First Base and Raffael Marty of Splunk discuss the key points from Peter’s talk at the FIRST 2008 conference on how many attacks are a combination of technological and social engineering and the lack of defences to a combined attack

Who Control's Your Control Systems Podcast

Mon, 30 Jun 2008 00:00:00 +0000

Many countries can be instantly crippled if one of their national infrastructural services is taken down, be it water, electricity, transport or many other different critical services

Security = Collaboration

Mon, 30 Jun 2008 00:00:00 +0000

One recurring theme from this year’s set of talks was that no matter whether speakers agreed or disagreed with each other about the problems or solutions, each of them called for greater collaboration on how the industry is going to tackle the problem of cyber crime

Applied Security Visualisation Podcast

Mon, 30 Jun 2008 00:00:00 +0000

A picture can save reading a thousand lines of a security log file. Raffael Marty of Splunk discusses his book and talk on Applied Security Visualisation with Peter Wood of First Base

Spend Your Security Budget Differently

Mon, 30 Jun 2008 00:00:00 +0000

The point being made here was that fifteen years ago, we had several security issues such as:-
•    Employees forgetting their passwords
•    The odd virus getting through
•    Employees accidentally accessing inappropriate websites and downloading malware

Defend The Flag Podcast

Mon, 30 Jun 2008 00:00:00 +0000

A new two day event at the FIRST 2008 conference was a training event entitled Defend the Flag. This seminar is all about helping security professionals to become more adept at protecting corporate assets from both a theoretical and a practical perspective

Security, Out Source or DIY: The Podcast

Sun, 29 Jun 2008 00:00:00 +0000

Let’s face it. Corporate security is a pain. Managing and updating firewalls, access control lists, encryption, confidentiality, and other components in multi-layered defence system can be overwhelming

Where are You in the Security Ecosystems Podcast

Sun, 29 Jun 2008 00:00:00 +0000

In this podcast, Stephen Adegbite and Zot O’Connor from Microsoft examine the various security eco-systems in companies operate today and how these eco-systems can strengthen their defence systems by better communication and co-operation

The Blacklist Alternative

Sun, 29 Jun 2008 00:00:00 +0000

As we have seen from previous blogs, blacklists are becoming more and more ineffective against an ever increasing malware and increasingly innovative criminal minds

Patching Is Not Effective As A First-Line Of Defence

Sun, 29 Jun 2008 00:00:00 +0000

The problems of patching are enormous.  Let’s say a vendor discovers a vulnerability in their software and releases a patch to prevent a potential exploit. So why don’t we all rush to patch our servers

IT Security Affects Critical Infrastructure

Sat, 28 Jun 2008 00:00:00 +0000

Who would want to be a podcaster!  Unfortunately I lost my Podcast with John Stewart Vice President and Chief Security Officer for Cisco who gave the keynote talk on Critical Infrastructure Security

Best Practices Contest 2008: Protect

Fri, 27 Jun 2008 23:11:00 +0000

CERT/CC and FIRST jointly held the first-ever international competition honoring best practices and advances in safeguarding the security of computer systems and networks. The 2008 contest focused on: prevention and mitigation, under the banner "Protect". The winner best practice papers are available for download.

End To End Trust Blog

Fri, 27 Jun 2008 00:00:00 +0000

End to End Trust and collaboration is one methodology for defeating the global multinational, multivendor attacks that have begun to appear.

Moving Beyond Penetration Testing Blog

Fri, 27 Jun 2008 00:00:00 +0000

Over the last few years more and more companies have grown used to the concept of penetration testing to help detect security holes in their applications, networks and operating systems.

The Evolution of BotNets Blog

Fri, 27 Jun 2008 00:00:00 +0000

Botnets have been known to be a significant threat to corporations and governments alike. Many companies have only just been able to create adequate defences by co-operating with the Computer Emergency Response Teams.  However the botnet evolution has grown to be far more deadly.

FIRST, CERT Coordination Centre launch free 'net protection

Thu, 26 Jun 2008 00:00:00 +0000

New methods that organisations and individuals can adopt for free to protect themselves from malicious internet attacks were unveiled today at the 20th annual conference of first, the forum of internet response and security teams.

Best Practices to Protect Against Social Engineering

Thu, 26 Jun 2008 00:00:00 +0000

The winner of the FIRST Best Practices competition was from members of the Taiwanese CERT team, Pei-Wen Liu, Jia-Chyi Wu, Pei-Ching Liu. Between them they produced a 13 page document on how to best protect against social engineering attacks in email form.

The Dark Future of Your Desktop

Wed, 25 Jun 2008 00:00:00 +0000

I just attended a seminar with the Harvard educated and chief security architect of the one laptop per child initiative. Wow was that presentation scary.  Ivan Krstic the second keynote speaker delivered a real wake up call of a presentation on the weaknesses of today's operating system and hardware. 

You've Been Hacked: Lessons to be learnt

Wed, 25 Jun 2008 00:00:00 +0000

Well actually it was me.  Just before coming to FIRST, I was backing up different parts of my computer and so created some shares and opened up my guest account so that I didn’t have to bother about user names and passwords

First Moves To Bring Cyber Crime Fighters Together

Tue, 24 Jun 2008 00:00:00 +0000

A new initiative to ease tensions between law enforcers and internet security experts was launched here today at the 20th annual conference of FIRST, the Forum of Incident Response and Security Teams.

Chinese PC hijack explosion

Tue, 24 Jun 2008 00:00:00 +0000

The number of innocent individuals in China whose personal computers were hijacked by criminals rose by a staggering 2125 per cent between 2006 and 2007, delegates were told here today at the 20th annual conference of FIRST, the Forum of Incident Response and Security Teams.

FIRST Education

Tue, 24 Jun 2008 00:00:00 +0000

Every year prior to the actual FIRST conference is a one and a half day FIRST Education event.  This can take the form of training or discussion on various educational topics

Security in Control Systems

Tue, 24 Jun 2008 00:00:00 +0000

Many of us, myself included, tend to be quite insular in the way in which we view security. By insular I mean that we tend to focus predominantly on our company security and our home security which in our positions is the right thing to do

This Year's FIRST Goodies

Tue, 24 Jun 2008 00:00:00 +0000

This year’s goodie bag itself was for me the most exciting of all the components; black folder, pen, USB stick for notes, some great T-shorts from the sponsors and the bag itself. Why is the bag so exciting?

Defend The Flag A New Concept in Security

Tue, 24 Jun 2008 00:00:00 +0000

Something new at FIRST is a two day session analysing how well you can protect your systems. The sponsors of this two day session are Microsoft and one of their partners ISEC

FIRST 2008 in Vancouver

Mon, 23 Jun 2008 00:00:00 +0000

This year’s annual FIRST conference is set in Vancouver, Canada. As cities go, many people have told me that it is in the top five cities that people would like to emigrate to

World's Top 'Net Crime Fighters Meet In Vancouver

Mon, 23 Jun 2008 00:00:00 +0000

More than 400 of the world's top internet crime fighters are in Vancouver this week for the 20th annual conference of FIRST, the Forum of Incident Response and Security Teams.

FIRST Networking

Mon, 23 Jun 2008 00:00:00 +0000

Over and over again, I hear this phrase from delegates at FIRST. I met XYZ at one of the FIRST conferences and they’ve really helped me out with XYZ problem

BT returns as a member of the FIRST Sponsorship Team this year

Fri, 25 Apr 2008 16:32:00 +0000

A sponsor and loyal supporter since 1999, British Telecom returns as a member of the FIRST Sponsorship Team this year. Helping FIRST to celebrate 20 years of conferences, BT is back as the Diamond Sponsor in Vancouver. BT supports Tom Mullen as a member of the FIRST Steering Committee and Mick Creane as the 2009 Conference Program Chair. FIRST gratefully acknowledges BT for its support over the years.

CERT/CC Joins the FIRST Conference Sponsorship Team as a Platinum Best Practices Sponsor

Sun, 24 Feb 2008 23:00:00 +0000

The CERT(R) Coordination Center, the world's first computer security incident response team, is celebrating its 20th anniversary in 2008. While the CERT/CC continues to respond to major security incidents and analyze software vulnerabilities and malicious code, it has evolved in response to the changing internet environment. The CERT/CC is now part of the larger CERT Program, which takes a comprehensive approach to resisting and limiting the impact of network attacks. FIRST gratefully acknowledges the support of CERT/CC and all of its sponsors.