AUScert 2008 May 19, 2008 to May 23, 2008, Gold Coast, Australia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
We Need Assurance! Brian Snow When will we be secure? Nobody knows for sure – but it cannot happen before ...
The Convention on Cybercrime - meeting a global challenge Alexander Seger Cybercrime is the most transnational of all crimes, thus requiring a global response, including national ...
When Policies Collide: Security, privacy and 'ID-overload Elisabeth Wentworth In the war against online crime and internet facilitated terrorism, Governments are working against time ...
The ISO 27001:2005 Journey at Dubai Aluminium Company Limited Ahmad Almulla This presentation will talk about the need for implementing ISMS and certification of ISO 27001. ...
AusCERT Home Computer Users Security Survey 2008 Kathryn Kerr The content of this segment of the program will be announced during the AusCERT2008 conference ...
IPS for Real - Surviving active Intrusion Prevention in a mission-critical network Walter Muller Many enterprise organisations have deployed IDS, some have purchased IPS, but few seem to have ...
Recent developments in the field of High tech Crime with an emphasis to phishing and case studies Andre Dornbusch Presentation Title: Recent developments in the field of High tech Crime with an emphasis to ...
The future of Botnets Steve Santorelli Botnets used to be relatively simple. Their control mechanism was based on Internet Relay Chat ...
Trends in Internet based Fraud: Nigeria's EFCC Perspective Ibrahim Lamorde Ibrahim Lamorde is an Assistant Commissioner of Police who works with the Economic and Financial ...
Cyber Crime within the Russian Federation Kimberly Zenz The Russian Federation has long been a major source of cyber criminal activity. While financially-motivated ...
Biometrics - are they ready for use in Banking and Payments? Colin Whittaker Biometrics in many pundits minds are rapidly becoming the silver bullet for all authentication requirements. ...
Government as a privacy-protective Identity Provider: the New Zealand case Vikram Kumar Abstract: The New Zealand Government is developing a service that allows people to verify their ...
The ALRC's review of privacy law and practice David Weisbrot The Australian Law Reform Commission is in the final stages of a major review of ...
Microsoft SCPcert announcement Zot O'connor This will be the world wide announcement of a new Microsoft program 'SCPcert' in which ...
Flow Visualization in an Operational Environment Lee Rock This presentation will review the use of various visualization technologies in use by US-CERT in ...
Broad lessons from the Computer Network Vulnerability Assessment program AND Cyber Storm II - an international cyber security exercise. David Campbell , Jordana Siegel , Steven Stroud Broad lessons from the Computer Network Vulnerability Assessment Program: The Computer Network Vulnerability Assessment (CNVA) ...
Standing Behind Technical Promises Alana Maurushat The information security landscape is shifting from self-regulation and legal complacency to one of regulation ...
Geekonomics: The Real Cost of Insecure Software David Rice Software is becoming the foundation of civilization; yet few, if any industries composing national infrastructures ...
Web 2.0 INsecurity Benjamin Mosse , Nikola Mijatovic Many service providers have offered their business through web applications. Web services have developed through ...
Using F.E.D.S. - The Forensic Examiner's Database Scalpel Dave Litchfield FEDS is a breach investigation tool designed to expedite the discovery of evidence after a ...
Computer Forensics and Electronic Discovery: Lessons learnt from the largest and most complex investigations in Australia Ajoy Ghosh Synopsis: The workshop is in two parts: (i) computer forensics and (ii) electronic discovery. Part ...
Enterprise Resilience through Business Continuity Planning [Business Tutorial] Guy Peterson , Mr Grover Business continuity planning is the process of developing advance arrangements and procedures that enable an ...
Microsoft Defend the Flag Scott Stender , Andreas Junestam Defend The Flag (DTF) is a unique two day hands-on training course, delivered by experts ...
"Hands On" Wireless Service Auditing with Open Source tools Neal Wise This tutorial will equip attendees with an understanding of conventional wireless technologies (802.11a/b/g/n, Bluetooth), their ...
Building a Walled Garden - Abuse and Incident Handling Tooling for Network Managers Scott Mcintyre The tooling involved with active incident handling and abuse mitigation requires tools and procedures not ...
Pure hacking: The Tutorial Ty Miller , Chris Gatford Pure Hacking: The Tutorial is a highlights package from existing course offerings that provide intensive, ...
Defence against the dark arts; repelling the wily hacker Bill Cheswick In this tutorial we will examine the issues of securing a small site of Unix-style ...
Vunerabilities, Exposures, Attacks and the Enterprise [Business Tutorial] Bob Martin , Steve Christey Not all of the newest, coolest security issues involve Web 2.0. In 2007 alone, approximately ...
Enabling End-to-End Trust Scott Charney The growing trend toward malicious attacks on the computer systems used by consumers, businesses and ...
Cisco Strategic Security Approach John N. Stewart Threats to the enterprise have trended away from simply assaulting vulnerabilities in the perimeter to ...
Implementing Multi-factor Authentication for Internet Banking - or Why 2FA is only two small steps in the right direction David Leach David will review some of the key experiences and lessons from implementing 2FA in a ...
Who's Device is it anyway? Paul Dorey Companies still believe that they own the end to end digital environment used by their ...
Rethinking Passwords Bill Cheswick Passwords and PINs are used everywhere these days. The engineers who design our security systems ...
Streetwise Leadership Rob Redenbach Streetwise Leadership blends hard facts and personal experience (plus a healthy measure of good humour) ...
Privacy, the Law and Information Security Brian Snow , Peter Gutmann , Dan Klein , Adam Spencer , Alana Maurushat , David Rice , Vikram Kumar , Ajoy Ghosh , Seamus Byrne , Colin Maurushat , Graham Ingram This panel session will take the form of a series of short debates (around 7 ...
Security Challenges in Grid Environments James J. Barlow Security within an organization can often be a challenging task. There are usually multiple levels ...
Security Lessons Learned from setting-up a Grid-CERT Klaus Moller Grid Computing has often been heralded as the next logical step after the World Wide ...
How least privilege models, like UAC and su, will not defeat malware Roger A. Grimes Least privilege models inconvenience users and developers, while not diminishing malicious hacking and malware over ...
The Operational Methodology and Process of Malware Collection and Analysis Richard Perlotto Established in 2004, The Shadowserver Foundation gathers intelligence on the darker side of the internet. ...
Evolution of Kernel-Mode Malware Kimmo Kasslin A few years ago kernel malware were simple pieces of code whose purpose was to ...
Beyond bot-herders: Protecting against targeted attacks Paul Chamberlain So you've got patching and anti-virus under control, you've got a good firewall and you've ...
Trusted Computing and its status in in the real-world marketplace. Ronald Perez A presentation detailing the basic features of Trusted Computing and the various activities and initiatives ...
The Software Security Landscape - Making Security Measurable Bob Christey p>The security and integrity of information systems has become a critical issue within most types ...
Introducing F.E.D.S - The Forensic Examiner's Database Scalpel Dave Litchfield FEDS is a breach investigation tool designed to expedite the discovery of evidence after a ...
Things That Make Us Dumb: Why Security User Interfaces lead to Insecure User Actions Peter Gutmann Donald Norman's book "Things That Make Us Smart" (a follow-on to his classic "The Design ...
What have you done for us lately? What your ISP can, and should do in the fight against internet abuse Scott Mcintyre You're working hard on defending your network, and your ISP is just your link to ...
“Infrastructure Security and Internet Incident Response” Danny Mcpherson This session will provide a discussion of the Infrastructure Security Survey results, to include details ...
Phishing and Pharming (and the Future) Sid Stamm Stealing identity by means of Phishing or Pharming is a growing threat, and we are ...
V-Next Honeyclients : Evolving Revolvers - Discover them before they discover you Stephan Chenette A lot has changed since honeyclients were first used for mining the web for malicious ...
Malware Without Borders: A Regional Look at Microsoft's Malware Telemetry Covering the APAC Region Ziv Mador As malware and potentially unwanted software are becoming motivated more and more by financial gain, ...
Security As If Your Life Depended On It (because it might!) Dan Klein If my computer crashes, it's not the end of the world - it just seems ...
Adventures in Disclosure: A Look at the Legal Exploit Sales Market Charles Miller This talk will focus on the topic of vulnerability disclosure from the perspective of a ...
Identity Monitoring – Know What They Did Last Night Colby Derodeff When protecting your business regardless of your vertical it is important to not only look ...
Making a security professionals life easier! Andrew Kelly , Guy Lupo One of the major pains for the modern security professional is compliance. It has to ...
Identity Validation and Ad-hoc File Transfer Hari Nair Identity Validation: The Tumbleweed Validation Authority suite of Identity Management products has been deployed across ...
Fear, Uncertainty and the Digital Armageddon Morgan Marquis-boire We now live in an age where attacks on critical infrastructure can cause real world ...
Components of the Digital Investigation Challenge Trey Tramonte , John Fatten When your teams have to deal with data theft, fraud, sexual harassment, Sarbanes-Oxley, unfair dismissal ...
Targeted Attacks: An Evolution Mark Sunner Towards the end of 2007, MessageLabs saw a dramatic shift in the profile of targeted ...
Network Security Consolidation with Fortinet Anthony James As an IT professional concerned with network security, you are confronted by a constantly-evolving array ...
An Executive Approach to Security Timothy Dole Today IT and business executives are struggling to understand how to better leverage their security ...
Using Reputation to Beat Next-Gen Malware Mike Bessey Iframes and cross-site scripting can lead users to objects that aren't caught by signature or ...
The Perfect Storm! - Security Today Adam Biviano Threats to your information assets have recently taken a turn for the worst. No longer ...
Fraud, Privilege and the Insider Threat Rick Logan Are you being told you have too many domain administrators? Would you like to be ...
Security in SOA - Improving Identity Propagation for Web Services Paul Winters , Michael Tuton SOA is all about reusable components and integration with existing and new systems, in particular ...
Next Generation VPN – Beyond Simple Remote Access Bryan Nairn Find out about the Next Generation VPN starting with a brief history, current status through ...
The Path to Data Protection Alan Chan Like most organisations, you suspect you have a problem with data loss but you’re wondering ...
Enabling Safe User Access to Web 2.0 Applications Grant Murphy One of the most prevalent security concerns for corporate IT managers is their end users’ ...
Hacking In Australia: Prevention Is Better Than Cure Ken Low Threat Landscape Update & Evolution Cyber-Hacks today: ANZ, Asia Pacific, Globally Key areas of concern ...
Enterprise Encryption and Key Management Andy Solterbeck , Derek Tumulak The continuous reports of data leakage arouse a lot of attention from banking, finance and ...
Unraveling the Mystery of Common Criteria Evaluation Lachlan Turner Common Criteria evaluation of products can open up coveted government markets to vendors of IT ...
SAML2: Privacy and security Tim Redhead Nowadays, corporations and government agencies are wary of sharing data with their partners.The common thinking ...
Data Protection: A Boardroom Issue Michael Sentonas There are hundreds of high profile theft cases plus reported losses every day of portable ...
Social Engineering - Building the Human Firewall Jo Stewart-rattray It is extraordinary to find how easy it is to gain enough information to be ...
Demonstration of the top threats against endpoint devices Frederik Borjesson Companies are facing spiralling pressures to protect all types of business data. Almost all businesses ...
In 18 Seconds what can you save your company... Avi Chesla The rapid development of Internet applications has brought with it new challenges. In a world ...
User Education In The Fight Against Cybercrime Craig Johnston Computer crime - that is exactly what viruses, Trojans, and other social engineering attacks are ...
Wade Alcorn explores the security interrogation technique- Fuzzing Wade Alcorn The fuzzing technique has resulted in a significant percentage of vulnerabilities discovered by the security ...
Customer Security Disasters with Web 2.0: Open Season for Attackers Wayne Neich For a number of years, the Web was a relatively one-dimensional experience characterized by the ...
Trusted Identities Tammy Green The foundation of computer security is identity. Given a trusted identity, you can reason about ...
The business leaders approach to Climate Change and Greening IT Mark Winter Climate change is real and it's happening right now. The good news is that there ...
Symantec Vision and Strategy for IT Governance and Enterprise Security Robert Pregnell Perimeter defences are no longer sufficient as cyber criminals attack vulnerable devices to access corporate ...
Unified Protection & Control: How does Lumension Security Secure the Endpoint? Andrew Clarke N/A
The New Security Mandate: Protecting the "Infinite Perimeter" Glenn Hurn As sophisticated crime organisations continue to identify and compromise the 'weak links' in enterprise business ...
The Importance of a Security Risk Management Lifecycle Gopala Maurer Gopala will introduce the main steps of adopting a security risk management lifecycle and will ...
Security as a Service Carl Terrantroy Service-Oriented Security (SOS) will enable organisations to simplify and centralise critical security processes including authentication, ...
Providing SSL security without compromising privacy Nathaniel Wieriks Today, CIOs find themselves walking a fine line between network security and user privacy. In ...
Making peace with the IPS Monster Doug Hurd In the absence of context, IPS is an extremely event rich technology that can overwhelm ...
Don't get <IFRAME>d for Cybercrime Paul Ducklin Come to this talk -- and though it's a demo, it's not a product demo ...
Reducing risk in an Internet World: Microsoft Security Features that matter to you! Jeff Alexander , Rocky Heckman In this increasingly connected world, organisations and individuals are under mounting pressure to protect their ...