AUScert 2007 May 21, 2007 to May 25, 2007, Gold Coast, Australia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
RFID - social impacts and implications Dan Klein It is no secret that we are at the dawn of the digital age - ...
APWG Technology and Policy Priorities Peter Cassidy The APWG has come to occupy many roles in the global contest with electronic crime: ...
Avoid getting sued - can it be done? Kay Lam-beattie No doubt IT security issues are keeping you awake at night, which is why you're ...
Cyber attacks directed against critical infrastructure control systems Marcus Sachs Since its inception over 35 years ago as an experimental computer network, the Internet grew ...
Establishment of the CyberSecurity Malaysia Husin Bin Jazri Malaysia has created a trusted model which combines the strength of government, private sector and ...
The Cyber Risk of Untrustworthy Software from the Globalization of Information Technology Andy Purdy The Cyber Risk of Untrustworthy Software from the Globalization of Information Technology Globalization drives companies ...
Digital Forensics- Emerging Trends Raja Othman The rise in incidents and white collar crimes has led to greater needs for investigations ...
Vulnerability Type Distributions in CVE Bob Martin For the past 5 years, CVE has been tracking the types of errors that lead ...
ISO 27001 Certification Process Tammy Clark Georgia State University is one of the first universities in the world to embrace the ...
Security Return on Investment - A Case Study Jodie Siganto One of the biggest challenges for Information Security Managers is demonstrating the value, particularly in ...
The incident response standardization and risk assessment process Sean Catlett In the changing world of security risk management, some practices are shifting focus to provide ...
An introduction to CobiT® Version 4.0 as a security management tool Rupert Dodds The presentation will seek to inform the audience on the objectives and structure of CobiT ...
Know thy Enemy: deconstructing a multi-billion message spam attack & the criminals behind it Patrick Peterson Know thy enemy Sun Tzu. This presentation dissects the enemy's attack and supporting command and ...
The Cyber Criminal Economy Stas Filshtinskiy Cyber attacks and security breaches cost billions of dollars in direct losses, downtime, stolen identities ...
Large Scale Flow Collection and Analysis Mike Newton While a campus-wide departmental firewall deployment will soon change campus traffic patterns, currently Stanford's network ...
SpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam Cristine Hoepers This presentation will introduce the SpamPots Project, which main objective is to collect data about ...
Brave New World: Combined Public-Private Sector Disaster Response Exercises Jeff Wright Companies routinely conduct business continuity exercises and tests in order to ensure critical business functions ...
Security certification into salaries Prof Cory Schou No abstract provided for this presentation yet. Please check again later.
Closing Address Richard Thieme Building a Platform for the Future: Life on the Other Side of the Looking-glass In ...
Everything you know about desktop security is wrong, or: How I Learned to Stop Worrying and Love the Virtual Machine Ivan Krstic Hundreds of new security vulnerabilities are discovered every month. IDC estimates that more than 75% ...
The International State of Information Security. The wins, the losses and the work that needs to be done Howard A. Schmidt As we continue the foray into a total digital society, many of the information security ...
Web 2.0 - Securing the Brave New World Mary Ann Davidson The advent of Web 2.0 represents the mainstreaming of collaborative computing. The old fortified, bastion ...
A DELEGATE-ONLY CLOSED SESSION - NO MEDIA PERMITTED Mark Grantz At the specific request of the U.S. Secret Service, no media will be permitted to ...
Mitigating Phishing by a New ID-based Chameleon Hash without Key Exposure Qiong Ren Chameleon signatures were introduced by Krawczyk and Rabin to provide a non-transferable signature scheme. However, ...
A Secure Billing Architecture for 4G Wireless Networks Jared Ring Fourth Generation (4G) wireless networks allow ubiquitous pervasive data and voice connections for mobile users. ...
Substantiating Security Threats Using Different Views of Wireless Network Traces Elankayer Sithirasenan Huge amounts of network traces can be collected from today's busy computer networks for various ...
Securely Depolying IEEE 802.11 WLANs David Ross In wireless LANs, the robust security network, or RSN, as defined in the IEEE wireless ...
Event-based Computer Profiling for the Forensic Reconstruction of Computer Activity Andrew Marrington In cases where an investigator has no prior knowledge of a computer system to be ...
Using Event Attribute Name-Value Pairs for Summarizing Log Data Zieb Rana Security loggers such as network intrusion detection sensors and operating system audit recorders typically produce ...
Network Incident Response Richard Bejtlich Network Incident Response Part 1: Network Forensics You're responding to an intrusion and collecting network-based ...
Malware Reverse Engineering Andrew Collins , Mark Titley , Sarah Tueno Unknowingly placing malicious code into your ICT environment can pose a significant security risk. This ...
ISO 27001 Certification Process - Business Tutorial Tammy University This informative session will discuss how to develop a risk management based Information Security management ...
Incident Response using PyFlag - the Forensic and Log Analysis GUI Michael Cohen FLAG (Forensic and Log Analysis GUI) is an advanced open source forensic tool for the ...
An Introduction To The Sleuth Kit and File System Forensic Analysis Brian Carrier This tutorial will be on the basics of The Sleuth Kit (TSK) and Autopsy Forensic ...
Building a modern LDAP-based security framework Andrea Barisani Workshop: Building a modern LDAP-based security framework Duration: 3.5 hours Description The audience will be ...
Database security David Litchfield , Ron Brandis , Wade Alcorn NGSSoftware will present a tutorial for experts in Database and Web Application Security. The content ...
Hands-on' Infrastructure penetration testing Ty Miller , Chris Gatford Pure Hacking: The Tutorial, Infrastructure Penetration Testing The Pure Hacking Tutorial is a highlights package ...
Acquisition and Analysis of Large Scale Network Data John Mchugh , Ron Mcleod Introduction: Detecting malicious activity in network traffic is greatly complicated by the large amounts of ...
A Practical Guide to Authentication for Strategists and Policy Makers - Business Tutorial Stephen Wilson This interactive and practical workshop aims to help strategists, policy makers and regulators make best ...
Toxbot Takedown and Provider Paranoia: A reflection on modern ISP incident response. Scott Mcintyre In October 2005 XS4ALL Internet, GovCERT.nl, and the Dutch High Tech Crime Center co-operated in ...
Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools Joanna Rutkowska Many people believe that using a hardware based acquisition method, like e.g. a PCI card ...
Infrastructure and Applications for Large-scale DNS statistics collection Keith Mitchell The Internet's Domain Name System (DNS) is increasingly implicated both as a target and in ...
Forensic Dissection of an Oracle Attack David Litchfield This talk will start out with a demonstration of an attack against a fully-patched Oracle ...
The SANS Internet Storm Center: A Collaborative Network Security Community Johannes Ullrich The SANS Internet Storm Center (ISC) is the trusted source to refer to for advice ...
Advances in Data Recovery and Carving Brian Carrier The obvious way to hide an attack is to delete the evidence of it. While ...
10 yrs of rootkits Nelson Murilo Rootkits are a collection of tools developed to detect hidden intruders after gaining administrator access. ...
Log-based intrusion detection using OSSEC Daniel Cid This presentation will provide a highly technical overview on how to implement security log analysis ...
Evolution of a Security Event Management System Andrew Collins , Mark Titley , Sarah Tueno Over the past 4 years both Andrew Collins and Mark Titley have designed, developed and ...
The Nature Behaviour and Impact of Recreational Traffic Ron Mcleod This talk will focus on the application of the SiLK Tools to the discovery of ...
Advanced Features of Botnets Aaron Hackworth This presentation will cover malicious code features and techniques used by attackers to create, manage ...
White is the new black: How to implement sysadmin-friendly and user-friendly whitelisting of web sites, and why this is essential to mitigate compromise and data exfiltration. Greg Castle With today's array of browser exploits, malicious web content, and large scale data exfiltration over ...
Lessons in Open Source Security: the tale of a 0-day incident, security threats in OSS projects and paranoid practices that can save your day. Andrea Barisani The presentation will feature all the modern security practices that are really effective in saving ...
The Secure Development Life-Cycle, where are today's development projects going wrong? Daniel Cuthbert The adoption of a Secure Development Lifecycle by Microsoft has changed the way traditional development ...
VoIP: Attacks & Countermeasures in the Corporate World Jason Edelstein Voice over IP (VoIP) is one of the most significant emerging trends in telecommunications. It ...
The Self-Defeating Network Richard Bejtlich Many product vendors claim to have the answer to your security problems. It's been over ...
Network Awareness and Network Security John Mchugh Routine acquisition and aggregation of network data offers an opportunity to understand some of the ...
The Top 10 ways to Protect your Critical Systems Haf Saba Achieving comprehensive security protection has become more difficult over the past decade with new forms ...
Eclipse Project Higgins and Identity 2.0 Anthony Nadalin Almost all on-line activities - sending emails, filing tax declarations, managing bank accounts, buying goods, ...
Gaining an advantage on modern "Hackers" Peter Woollacott IT security has come a long way in a relatively short space of time, but ...
Stop Managing Security. Start Managing Risk Michael Sentonas As a security IT professional, what is your role in ensuring your organisation is in ...
Ask Microsoft George Stathakopoulos , Peter Watson Got a question on Microsoft security? This session is your chance to ask the Microsoft ...
CSI:SIM - Enhance Your Security Information Management with Forensic Analysis Jason Mical As network and system complexity increases, cyber attacks, in parallel, are becoming more sophisticated and ...
Inside the petrie dish - an up close look at modern malware Patrick Peterson This presentation will show how financial profit drives development and deployment of spyware and crimeware. ...
Is UTM a UFO? Identifying UTM in enterprise Stephen Macdonald Although its popularity is growing, there's still no consensus about what UTM should encompass. For ...
Ips-Secured Networks: 360° Network Security & Control James Collinge TippingPoint, the world's leader in in-line network intrusion prevention systems, is introducing its new Network ...
The Rise of the Selfish Bot: How Spam and Target Attacks are Becoming the New Attack Vehicle Mark Sunner The 'selfish bot' is the next stage in the evolution of spam. Towards the end ...
The Past, Future & Evolution of IPS Steve ( Hellnbak ) Manzuik This talk will cover the history of Intrusion Detection on both the host and network ...
Wireless - The Weakest Link in Enterprise Security Kiran Deshpande Organisations are installing WLAN (Wireless Local Area Networks) infrastructure for employee convenience and flexibility. However, ...
Certificate Validation Solutions- Past, Present, Future / Content Management for Email and Web Jim Wyre Certificate Validation Solutions- Past, Present, Future This presentation will be an introductory to intermediate level ...
Virtualisation's Impact on Enterprise Security Steve Reddock Virtualisation alone does not equal security. As virtualisation is rapidly deployed worldwide, it is critical ...
Patch & Vulnerability Management Solution - Core of a Comprehensive Security Strategy Andrew Clarke Organisations worldwide are increasingly taking a more formal, rigorous and defensible approach to business management ...
10 Security Questions You Need to Ask Jeff Paine No-one disputes that security risks are growing in volume and complexity. With a continuing fall ...
Making Source Code Analysis Part of the Security Review Process Roger Thornton How do you know if your software applications are secure? Manual audits cover only a ...
Homeland Security Partnerships with the Private Sector John Lindquist This presentation will cover the current structure for partnership between the US Department of Homeland ...
The Keys to Building an Investigative Infrastructure Darren O'loughlin Many organisations face ever-increasing issues associated with insider threats, targeted attacks, protection of intellectual property, ...
Protecting customer information on the web with PCI-DSS Phil Montgomery One in two merchants in Australia is not aware of their obligations to protect their ...
An Architectural Approach to Security Colin Bradley With dissolving perimeters, a relentless drive towards converged infrastructures and employees demanding more services with ...
Web 2.0 Gateway Security: A paradim shift in enterprise security Eric Krieger A look at how the new Web threats are affecting the way you should view ...
Unifying Networking and Security Freddy Mangum In the past couple of years, we have seen the rise of Unified Threat Management ...
Exploits, rootkits, bootkits, fruitkits! Paul Ducklin If you listen to some security companies, you'll hear that we've never had it so ...
Enterprise Threat Management (ETM): Bringing Security Together Through Intelligence David Thomason The days of "see a threat, buy a box" are gone. In this presentation, David ...
Developing Tactical Intelligence Vincent Weafer Traditionally online malicious activity is associated with viruses, worms, trojans, zombies, hacking, and denial of ...
Evolving Threat Landscape, Building a Layered E-mail Security Defence Richard Cullen Dr Richard Cullen is a well respected expert and trusted advisor in the security industry. ...
Advanced Browser Attacks Wade Alcorn Wade Alcorn will explore the rapidly emerging arena of Web browser based attacks. The presentation ...
How PCI DSS is changing the security industry and what it means to you? Andy Solterbeck The PCI DSS is a multifaceted security standard for enhancing payment account data security. This ...
Security in the "Any Era" Daniel Zatz Welcome to the Any Era, where millions of users interact via laptops, PDAs and cell ...
Making Security a business enabler- not a cost centre Michael Livingstone Securing your organisation and its assets is no longer about building a higher or wider ...
Secure and Optimized Multi-Protocol Application Delivery Andy Purdy As enterprises evolve their IT infrastructure there is a trend towards consolidating applications and services ...
A Proactive Roadmap To Fight Today And Tomorrow's Threats Maros Mozola Nowadays there are more than 10 000 new pieces of malware created every day. Traditional ...
Threat Management: A New Frontier David Rand There are two main channels cyber criminals are targeting today - the Web and Email. ...
Information Security Governance - the Nuts and Bolts Jo Stewart-rattray This presentation looks at what constitutes information security governance and how it fits into the ...