First 2017 June 11, 2017 to June 16, 2017, san juan, puerto rico

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
::1 THE OFFICIAL HOME FOR IPV6 ATTACKS Marco Figueroa , Josh Porter , Ronald Eddings Since the exhaustion of public IPv4 address space, the deployment of IPv6 is accelerating at ...
A LOOK INTO THE LONG TALE OF CYBER THREATS Eyal Paz , Gadi Naveh Use of the phrase “the long tail” theory in business as "the notion of looking ...
ACTIVE DIRECTORY : HOW TO CHANGE A WEAK POINT INTO A LEVERAGE FOR SECURITY MONITORING Vincent Le Toux Vincent Le Toux is the "incident prevention, detection, response manager" at the corporate level of ...
ADVANCED INCIDENT DETECTION AND THREAT HUNTING USING SYSMON (AND SPLUNK) Tom Ueltschi Enterprises and organizations of all sizes are struggling to prevent and detect all malware attacks ...
AIL FRAMEWORK - ANALYSIS INFORMATION LEAK FRAMEWORK Steve Clement , Alexandre Dulaunoy Steve Clement is a security researcher at CIRCL. He is also active in the hackerspace ...
APT LOG ANALYSIS - TRACKING ATTACK TOOLS BY AUDIT POLICY AND SYSMON - Shusei Tomonaga Typical network intrusion in APT is followed by lateral movement. For effective incident response, investigation ...
ARE WEST AFRICAN CYBERCRIMINALS ON SAFARI IN YOUR NETWORK? David Sancho While cybersecurity professionals have focused mostly on protecting their organizations against the better-known Russian and ...
BEST PRACTICES FOR BUILDING A LARGE SCALE SENSOR NETWORK Juhani ( Jussi ) Eronen Network security monitoring is an essential part of securing any modern systems. While commercial and ...
BEYOND MATCHING: APPLYING DATA SCIENCE TECHNIQUES TO IOC-BASED DETECTION Alex Pinto There is no doubt that indicators of compromise (IOCs) are here to stay. However, even ...
BLACKHOLE NETWORKS - AN UNDERESTIMATED SOURCE FOR INFORMATION LEAKS Alexandre Dulaunoy Common approaches for measuring attacks are honeypots and blackhole networks. Honeypots on one side are ...
BUILDING A HIGH PERFORMING CYBER SECURITY TEAM ON THE CHEAP Christopher Payne The demand for cyber security professionals has not kept pace with the sophistication and velocity ...
BUILDING A PRODUCT SECURITY TEAM – THE GOOD, THE BAD AND THE UGLY - LESSONS FROM THE FIELD Peter Morin Peter holds numerous security-related designations including the CISSP, CISA, CGEIT, CRISC, and GCFA Ensuring that ...
BUILDING A THREAT HUNTING FRAMEWORK FOR THE ENTERPRISE Joseph Ten Eyck The raw truth is that our adversaries continually change, grow, and modify their TTPs and ...
CANARIES IN A COAL MINE… Peter Morin Peter is a frequent speaker on the subject of critical infrastructure protection, risk management, penetration ...
CHANGE IS THE ONLY CONSTANT: THE PROGRESSION OF DETECTION AND RESPONSE AT GOOGLE Fatima Rivera Fatima is a Senior Security Engineer at Google and has been a member of the ...
COLLABORATIVE INFORMATION SHARING MODEL FOR MALWARE THREAT ANALYSIS Aswami Ariffin In a threat landscape that is evolving rapidly and unpredictably, we recognize that many organizations ...
COMMUNICATING RISK: A COMPARATIVE APPROACH TO VULNERABILITY REMEDIATION Mark-david Mclaughlin Often, security teams do not have responsibility to remediate the vulnerabilities they discover and they ...
COUNTERING INNOVATIVE SANDBOX EVASION TECHNIQUES USED BY MALWARE Carsten Willems , Frederic Besler Automated behavior-based malware analysis is the core function of security solutions defined as “network sandboxing”. ...
CSIRT UNDER ATTACK Riccardo Tani Riccardo’s prior experience includes leading the McAfee Global SOC in Ireland and USA, CSIRT Manager ...
CYBER TERRORIST ACTIVITY: THE NEW WAY TO CAUSE CHAOS Kyle Wilhoit Previous to his work at Trend Micro, and he was at Fireeye hunting badness and ...
DEEP LEARNING FOR INCIDENT RESPONSE: PREDICTING AND VISUALIZING CYBER ATTACKS USING OPEN DATA, SOCIAL MEDIA AND GIS Anne Connell The wealth of information provided by the continuous streams of data has paved the way ...
DEFENSIVE EVASION: HOW APT ADVERSARIES BYPASS SECURITY CONTROLS Aaron Shelmire Counter Threat Unit researcher Phil Burdette showcases the top 5 ways targeted threat actors dodge, ...
DIGITAL SUPPLY CHAIN: THE EXPOSED FLANK IN 2017 Martin Mckeay With over fifteen years of experience in the security space and five years of direct ...
DISMANTLING THE AVALANCHE BOTNET Kaspar Clos Right on the spot for FIRST 2017's submission deadline, after more than four years of ...
DISRUPTING IOT WORMS IN FINLAND (2016 EDITION) Markus Lintula This talk presents an inside look of a national CERT team during a widespread IoT ...
DNS IS NOT BORING! USING DNS TO EXPOSE AND THWART ATTACKS Rod Rasmussen While almost every major organization in the world is being continuously attacked over the Internet ...
EMBODIED VULNERABILITIES: COMPROMISING MEDICAL IMPLANTS Eireann Leverett , Marie Moe This talk will be about medical device security and privacy, in particular for connected medical ...
EXPERIENCES AND LESSONS LEARNED FROM A SIEMENS-WIDE SECURITY PATCH MANAGEMENT SERVICE FOR PRODUCTS Manuel Ifland In software development, using third-party open-source as well as proprietary software components has become the ...
EXPERIENCES IN THREAT DATA PROCESSING AND ANALYSIS USING OPEN SOURCE SOFTWARE Morton Swimmer In this presentation, we show how we, the FTR Team in Trend Micro, Inc., processes ...
FINDING AN INTRUDER IN A 10TB HAYSTACK: THE BENEFITS OF SIMILARITY SEARCHING Thomas "halvar" Dullien A surprising number of technical questions during a larger intrusion cleanup can be phrased as ...
FROM BULLET JOURNAL TO LESSONS LEARNED: HOW TO MANAGE COORDINATION AND COOPERATION DEVELOPMENT IN AD-HOC WORKING ENVIRONMENT? Jarna Hartikainen In a CERT function and situation awareness cases come and go quickly. Fast reactions and ...
GOING UNDETECTED: HOW CYBERCRIMINALS, HACKTIVISTS, AND NATION STATES MISUSE DIGITAL CERTIFICATES Kevin Bocek Recently, Mr. Bocek led the investigation on Secretary Hillary Clinton’s email server and previously he ...
HAJIME & THE MAINLINE DHT Kevin O'sullivan Currently a BTCERT Investigator, I have a keen interest in web application security and the ...
HANDLING AN INCIDENT IN CERT-EU Emilien Le Jamtel CERT-EU is the Computer Emergency Response Team (CERT-EU) for the EU institutions, agencies and bodies. ...
HEY, YOU HAVE A PROBLEM: ON THE FEASIBILITY OF LARGE-SCALE WEB VULNERABILITY NOTIFICATION Ben Stock , Christian Rossow We systematically examine the feasibility and efficacy of large-scale notification campaigns. For this, we comprehensively ...
HIRT LOCKER 2.0 - NEXT GENERATION HUNTING Christopher Butera The cyber threat landscape is continuously changing. Attackers develop new tactics, techniques, and procedures (TTPs) ...
HOW TO BECOME A MATURE CSIRT IN 3 STEPS Don Stikvoort , Mirosław Maj We have seen almost 30 years of CSIRT history now. From the very beginning, teams ...
HOW TO RUIN YOUR WEEKEND (AND BUSINESS) IN FEW SIMPLE STEPS Przemek Jaroszewski The talk is an anonymized story of a real incident investigated by CERT Polska. On ...
HUNTING FOR THREATS IN ACADEMIC NETWORKS Fyodor Yarochkin , Vladimir borisovich Kropotov In this presentation we will share our experience with analysing a year of academic network ...
IMPLEMENTING A COUNTRY-WIDE SENSOR INFRASTRUCTURE FOR PROACTIVE DETECTION OF MALICIOUS ACTIVITY Edilson Lima , Rildo Souza Driven by the need for a greater autonomy in detecting malicious activity at Brazilian academic ...
IMPROVING NETWORK INTRUSION DETECTION WITH TRAFFIC DENOISE Miroslav Stampar IT Security Advisor - Expert at Croatian Government's CERT, part of the Information Systems Security ...
IMPROVING USEFUL DATA EXTRACTION FROM CYBERSECURITY INCIDENT REPORTS Samuel Perl , Matthew Sisk One of the central services of Computer Security Incident Response Teams (CSIRTs) and Security Operation ...
IOCANNON: BLASTING BACK ON ATTACKERS WITH ECONOMICS -OR- HOW DO WE IMPROVE THE POWER OF IOCS? Eireann Leverett , Marion Marschalek Marion is dangerous. Eireann is pretty. So, pretty. IoCs (Indicators of Compromise) are a state-of-the-art ...
KEYNOTE: 18 YEARS OLD, IT'S TIME TO BECOME MATURE Martijn De Hamer Coming of age is something that you should never do alone. It’s the task of ...
KEYNOTE: A DECADE OF LESSONS IN INCIDENT RESPONSE Darren Bilby This talk will discuss the key lessons learned in incident response at Google over the ...
KEYNOTE: CYBERSECURITY AND THE AGE OF PRIVATEERING Florian Egloff N/A
KEYNOTE: POST-QUANTUM CRYPTOGRAPHY Brian Lamacchia In an August 2015 announcement, the Information Assurance Directorate of the US National Security Agency ...
LEAN GAINS - SMALL TEAM EFFECTIVENESS Ben May Small teams who want to look at ways to deliver effective threat detection and response ...
MALICIOUS PROXY AUTO-CONFIGS: HARVESTING CREDENTIALS FROM WEB FORMS MADE EASY Jaromir Horejsi , Jan Sirmer Most media attention is given to imminent and visible threats, like ransomware. Other threats remain ...
MANAGERIAL STRATEGIES FOR IMPROVING THE SOCIAL MATURITY OF CYBERSECURITY INCIDENT RESPONSE TEAMS AND MULTITEAM SYSTEMS: A WORKSHOP Daniel Shore , Stephen Zaccaro CSIRT social maturity reflects how well members of a cybersecurity team collaborate and coordinate together ...
MARVIN: AUTOMATED INCIDENT HANDLING AT DFN-CERT Jan Kohlrausch , Eugene Brin We introduce Marvin (Malicious Activity Refining, Validating, and Integrating), a framework that efficiently automates the ...
MEASURING SIMILARITY BETWEEN CYBER SECURITY INCIDENT REPORTS Samuel Perl , Zachary Kurtz Most security incident teams work in close real-time communication with each other to ensure that ...
MEDICAL DEVICE SECURITY: A SUCKING CHEST WOUND THAT NEEDS EMERGENCY MEDICINE Denise Anderson Modern Medicine has evolved dramatically in the last five years enabled by new technologies and ...
MOVING LIKE A SPOOK THROUGH WALLS OR BEING JUST A SHADOW FOR APT DETECTORS Fabio Assolini , Dmitry Bestuzhev Since 2006, Fabio has been a voluntary member of the security community Linha Defensiva (Defensive ...
NON-FORMAL - EVERYTHING OUT OF NORMAL Svetlana Amberga Svetlana Amberga is working in CERT.LV Latvia, Riga, as Public Relations Team Manager. Previos experience ...
OSS SECURITY: THAT’S REAL MATURE OF YOU! Jake Kouns , Christine Gadsby Jake Kouns is the CISO for Risk Based Security that provides vulnerabilities and data breach ...
OZON: RUNNING A GAP BRIDGING CYBERCRISIS EXERCISE Remon Klein Tank Remon Klein Tank (CEH/CISSP) is cyber security specialist at Wageningen University and Research and one ...
PANEL TOPIC FRIEND OR FOE? NAMED FLAWS, THE IMPACT TO YOUR PRODUCTS AND YOUR CUSTOMERS Art Manion , Amy Rose , Beverly Finch , Lisa Bradley Dr. Lisa Bradley is currently the Technical Program Manager for NVIDIA’s Product Security Incident Response ...
PANEL TOPIC: INCIDENT RESPONSE PROVIDERS: CASEWORK TRENDS Robert Floodeen , Brian Klenke , Eric Szatmary Brian Klenke is the Vice President of Services for Morphick. In this role, he leads ...
PANEL TOPIC: ISSUES SURROUNDING INTERNET OF THINGS (IOT) SECURITY UPGRADIBILITY AND PATCHING Allan Friedman , Vic Chung , John Banghart , Kent Landfield As Director of Standards and Technology Policy at McAfee, Kent is extremely active in the ...
PANEL TOPIC: MIRAI: HOW DID WE DO? Martin Mckeay , Merike Kaeo , Chris Baker , Megat Mutalib , Yiming Gong Merike Kaeo is the CTO of Farsight Security, where she is responsible for developing the ...
PRACTICAL WORKFLOW FOR AUTOMATION AND ORCHESTRATION OF ADDRESSING CYBER. THREAT: CASE STUDY OF MIRAI BOTNET IN MALAYSIA Megat Mutalib Megat Muazzam Abdul Mutalib is Head of the Malaysia Cyber Emergency Response Team or in ...
PRIVACY INCIDENT MANAGEMENT: IT’S NOT JUST SECURITY ANY MORE Andy Bohm Andy Bohm has spent over twenty years working in Information Technology, focusing in Platforms, Network ...
PYNETSIM: A MODERN INETSIM REPLACEMENT Jason Jones Jason Jones is the Security Architect for Arbor Networks' ASERT team. His primary role involves ...
REMEDIATION BALLET: CHOREOGRAPHING YOUR TEAM TO VICTORY Matt Linton Matt Linton is a security generalist and DFIR specialist with 18 years of experience breaking, ...
REVISING THE TLP - LESSONS LEARNED Don Stikvoort Don Stikvoort is a theoretical physicist who was one of Europe's Internet pioneers since 1988. ...
RIO 2016 OLYMPIC CSIRT - CREATION, OPERATION AND LESSONS LEARNED Romulo Rocha Romulo Rocha was part of Rio 2016 Olympic Committee, being responsible for designing,building and acting ...
SDN CONTROL SYSTEM BASED ON THREAT LEVEL OF SHARED INFORMATION Takuho Mitsunaga Dr. Takuho MITSUNAGA Project Associate Professor, Graduate School of Interfaculty Initiative in Information Studies, The ...
STEEL SHARPENS STEEL: USING RED TEAMS TO MAKE BLUE TEAMS BETTER Christopher Payne Chris is a Director of Cyber Security at Target. In his role, Chris has responsibility ...
THE ARRR IN PSIRT Beverly Finch Beverly Finch is the Program Manager and Coordinator for the Lenovo PSIRT. Beverly built the ...
THE ART OF THE JEDI MIND TRICK: LEARNING EFFECTIVE COMMUNICATION SKILLS Jeff Man Jeff Man is a respected Information Security expert, adviser, and evangelist. He has over 33 ...
THE BUDDING WORLD OF CLOUD STORAGE ABUSE AND EXPLOITATION : A TECHNICAL DEEP DIVE Aditya K Sood Dr. Sood works as a Director of Security and Cloud Threat Labs at Blue Coat ...
THE INCIDENT RESPONDER AND THE HALF YEAR APT Martin Eian , Jon Røgeberg Dr. Martin Eian works as a Senior Security Analyst in mnemonic's Threat Intelligence group, and ...
THE RANSOMWARE ODYSSEY: THEIR RELEVANCE AND THEIR KRYPTONITE Marco Figueroa , Ronald Eddings , Sue Ballestero Marco Figueroa is a senior security analyst at Intel whose technical expertise includes reverse engineering ...
THEHIVE: A SCALABLE, OPEN SOURCE AND FREE INCIDENT RESPONSE PLATFORM Saâd Kadhi Saâd Kadhi, head of CERT Banque de France, has over 18 years of experience in ...
THESE AREN'T THE IR PROCESSES YOU'RE LOOKING FOR Jake Kouns Jake Kouns is the CISO for Risk Based Security that provides vulnerabilities and data breach ...
THINGS THAT MAKE YOU GO HMM: USING A SIMPLE HUNTING MATURITY MODEL TO ESTABLISH AND IMPROVE YOUR THREAT HUNTING PROGRAM David J. Bianco David has over 20 years experience in the information security field, with the last 15 ...
THINKPWN: PSIRT CASE STUDY OF A ZERO-DAY Amy Rose Amy Rose has been the Technical Project Manager for the Lenovo Product Security Incident Response ...
THREAT ONTOLOGIES FOR CYBER SECURITY ANALYTICS Martin Eian Dr. Martin Eian works as a Senior Security Analyst in mnemonic's Threat Intelligence group, and ...
TRUST NOTHING: GOOGLE'S APPROACH TO ENTERPRISE SECURITY IN FORENSIC CONTEXT Jan P. Monsch Jan is Staff Security Engineer and member of Google's Infrastructure Protection team. He previously was ...
TRYING TO KNOW YOUR OWN BACKYARD (A NATIONAL CERT PERSPECTIVE) Paweł Pawliński Paweł Pawliński is a principal specialist at CERT.PL, leading the Analytical Projects Team, within Research ...
UPDATE ON PSIRT/CSIRT SERVICES FRAMEWORK Peter Allor Peter Allor is the Executive Cyber Security Strategist for IBM Security. He is instrumental in ...
WANNACRY: WHAT CAN WE DO BETTER? Paul A. Vixie , Saâd Kadhi Coming soon. WannaCry infected less than 300'000 hosts world wide, but did so in a ...
WATCHEVALUATEENRICHPUNCH (WEEP): A POOR MAN’S SELF-DEFENCE HOST MONITOR. Konrads Smelkovs , Adrian Sanabria Konrads Smelkovs is a senior manager in KPMG UK and specialises in technical end of ...
WEB AS ONGOING THREAT VECTOR: CASE STUDIES FROM EUROPE AND ASIA PACIFIC Fyodor Yarochkin , Vladimir borisovich Kropotov Fyodor is a researcher with TrendMicro Taiwan as well as a Ph.D. candidate at EE, ...
WHAT METRICS SHOULD A CSIRT COLLECT TO MEASURE SUCCESS (OR WHAT QUESTIONS SHOULD WE BE ASKING AND HOW DO WE GET THE ANSWERS?) Robin Ruefle Robin Ruefle is the team lead for the CSIRT Development and Training (CDT) team within ...
WHEN PHONE NETWORKS GO DOWN - WHO YOU GONNA CALL? Mikko Karikytö Mikko Karikytö is the Head of Ericsson PSIRT, product security professional and a global force ...
WINDOWS CREDENTIALS, ATTACKS, AND MITIGATION TECHNIQUES Chad Tilbury Chad Tilbury has been responding to computer intrusions and conducting forensic investigations since 1998. As ...
YOU DON'T NEED A BETTER CAR, YOU NEED TO LEARN HOW TO DRIVE: ON THE IMPORTANCE OF CYBER-DEFENSE LINE AUTOMATION. Enrico Lovat , Florian Hartmann , Philipp Lowack Enrico Lovat recveived his PhD from the Technical Univerity Munich. In 2016 he started at ...