FIRST Global Initiatives

Message from the Chair; Conference Roundup; Special Interest Groups; Weekend Training; Training on DNS Prevention, Detection, Disruption and Defense; Diversity and Inclusion; New Board Member Introduction; M3AAWG 58 Meeting; 36th Annual FIRST Conference to take place June 9-14, 2024 in Fukuoka, Japan; New Members; Standards; Communications; Upcoming Events.

October 21, 2020 – following a global consultation, the Forum of Incident Response and Security Teams (FIRST) is launching new ethics guidelines for incident response and security teams today on Global Ethics Day. ethicsfIRST provides guidance for cybersecurity professionals on how to conduct themselves professionally and ethically during incidents. Inspired by Earth Day, Global Ethics Day provides an opportunity for organizations to explore the meaning of ethics in international affairs

Bringing together Security and Incident Response teams from around the globe.

FIRST launched its FIRST Post, a quarterly newsletter with updates from the FIRST community. Learn more about our Edinburgh conference, our new Executive Director, Chris Gibson, and several key initiatives such as the Product Security Incident Response Team (PSIRT) framework and policy outreach.

The 2019 event calendar has been updated. We have several events with open registration so please update your calendars and register today!

Would you like to find a way to give back to FIRST and the incident response community? Sign-up on our first-trainers list to be notified of opportunities to travel the world and share your expertise. FIRST will provide the materials and travel if you provide your time and knowledge. Contact for more details.

Volunteers at FIRST initiative enables contributors to share their past experience with FIRST community and also receive a certificate of participation in the program.

Recently we've seen several examples of likely state-sponsored security incidents of which the appropriateness was later strongly debated. Incidents such as states impacting commercial enterprises during cyber attacks; purported sabotage of critical infrastructure, and attacks on civilian activists have all, to a greater or lesser degree, led to concerns being raised by both civilian watchdog groups, academics, technologists and governments.

A global and trusted network of Computer Security Incident Response Teams (CSIRTs) can help spread the message within their respective countries and can be used to a great effect to combat dispersed sources of attacks.

The Forum of Incident Response and Security Teams (FIRST) is the oldest forum of such kind and was founded in 1989 with exactly that goal – to establish communication channels between CSIRTs that can be used to share best practices and, during incidents, to exchange information about attacks and coordinate response.

The event offers conferences, keynote presentations and activities designed to maximize network opportunities and information exchanges on information security and incident response.

The leading association of incident response and security teams released a new version of its CSIRT Services Framework. This is a formal list of services a Computer Security Incident Response Team (CSIRT) may consider implementing to address the needs of their constituency.

The FIRST Board of Directors recognizes and shares the concerns of members and event attendees about recent changes in US immigration policy. We believe global participation is a prerequisite to developing strong and successful responses to internet security issues.

The comment period for the "Guidelines and Practices for Multi-Party Vulnerability Coordination", published by the Vulnerability Coordination SIG, was extended to February 28th, 2017. FIRST invites anyone with an interest in this area to review the current draft, available from, and provide comments for consideration.

The Forum of Incident Response and Security Teams (FIRST), a recognized global leader in incident response has successfully finished its 28th Annual Conference, which takes place this June (12th – 18th) in Seoul, South Korea. Co-hosted by the MSIP (Ministry of Science, ICT and Future Planning), KISA (Korea Internet Security Agency) and KrCERT/CC, the conference was held at Conrad Seoul.

Join the interview in progress! This week’s podcast features Jason Jones, Senior Security Researcher for Arbor Networks’ ASERT team. Jason talks a little bit about his current research at Arbor that focuses on issues in South Korea as well as his upcoming presentation at FIRST 2016, “Tasty Malware Analysis with T.A.C.O.: Bringing Cuckoo Metadata into IDA Pro.” Jason presents on Monday, June 13th at 17:00.

FIRST has formed the Red Teaming SIG. Interested participants who are part of an existing Red Team or in the process of forming one should send a request to be added to the mail list to

The 2015 Fellowship Program participants at the Annual FIRST Conference in Berlin, Germany, meeting with Fellowship program coordinator Adli Wahid, outgoing Chairman Maarten Van Horenbeeck and incoming Chair Margrete Raaum, as well as Directors Mike Murray and Gaus Rajnovic.

FIRST welcomes back Microsoft to the 2014 conference sponsorship team! Microsoft has been a strong supporter of FIRST and a sponsor since 2005.

FIRST announces the launch of the FIRST Fellowship Program, which will enable information security incident response teams from the world’s least developed countries (LDCs) to become part of the global incident response community.

The CEP has released the dates and locations of their next 6 upcoming events. The CEP will hold its Annual 2 day Global Risk Summit at Gleneagles, Scotland this May 5-7, 2010. Four 1 day events will be held throughout the remainder of the year in the UK and the USA. For more event details and information about CEP, please visit

This is a great opportunity to participate and be a part of the conference, please send your suggestions to Peter Allor at The theme winner will receive a complimentary registration to the 2011 conference. Suggestions are due by March 31st and the winner will be announced in April. And mark your calendars for attending the conference. The dates are June 12 to 17, 2011!

FIRST and CERT/CC announce the 2009 Security Best Practices Contest. FIRST and the CERT/CC are jointly hosting the contest in conjunction with FIRST's 21st annual conference in Kyoto, Japan. The goal of the contest is to share best practices that have been developed to prevent and mitigate cyber attacks/risk in diverse environments and cultures. This contest is open to public; submitters do not have to be members of FIRST. For more information see the Best Practice Contest page on FIRST website ( or email

The CEP Global Risk Summit will be held in London on 7 & 8 May 2009 at the London Marriott Hotel, County Hall. The Summit will feature executive participants who will debate trends and anticipate the major risks that will impact international business over the next 12 months.

Debate the challenges of transnational ethics and safety and learn how to transform yourself technically, politically, legally and efficiently into a truly global force for Internet security at the 20th Annual FIRST Conference in Vancouver, Canada.

SIG members took forward projects like whitelisting known-good large mailservers, and the concept of feedback-loops. The workshop, well-attended by an enthusiastic number of members, also initiated steps towards a new relationship with the APWG.

By defining measures for effectiveness, identifying appropriate performance metrics, and determining appropriate approaches for evaluating systems, this metrics SIG aims to improve CSIRT incident management practices within the FIRST community.

Seville Spain – June 20, 2007: Millions of computer users worldwide will enjoy more secure virtual experiences and transactions with the advent today of CVSSv2 – the latest version of the Common Vulnerability Scoring System.

A new SIG is being established to bring together interested members in the FIRST community to discuss and identify approaches for evaluating CSIRTs and incident management practices within FIRST.

Matta, who joins the FIRST Sponsorship Team this year, will participate at the Vendor Booths and Beer 'n Gear, along with other sponsors. There are still sponsorship opportunities available, please visit the Conference Sponsorship web page.

Several sites provide easy ways to get CVSS scores. The major ones are listed on the SIG website.

The four newest SIGs (Abuse Handling, Artifact Analysis, Law Enforcement/CSIRT Cooperation and Network Monitoring) and the FIRST SIG framework establish new channels for discussion on security.

Plenary Sessions, Security Workshop and FIRST/TRANSITS Course program are available on FIRST website. The TC will be held in October 7-12th in Rio de Janeiro, Brazil.

FIRST community has identified 4 new SIGs: Abuse Handling SIG, Artifact Analysis SIG, Law Enforcement/CSIRT Cooperation SIG and Network Monitoring SIG. More information are available in Global Initiatives

Private Lives and Corporate Risk - have a glimpse on what's coming next year in Seville, Spain. Call for papers and Sponsorship opportunities are available at the conference website.