AUScert 2010 May 17, 2010 to May 20, 2010, Gold Coast, Australia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Farewell speech Auscert A short farewell to delegates, and wrap-up of the program.
Welcome speech Auscert A short welcome to the conference, and overview of the program.
Applied Security Visualization Raffael Marty Over the past years, security organizations have collected more and more data and log files ...
Cryptography is hard Daniel Grzelak , Paul Theraault Even the most experienced mathematicians, cryptographers, and developers get it wrong. So what hope does ...
Capture the Flag Tim Rosenberg Welcome to White Wolf Security's Capture the Flag (CTF) event. Players register as individuals. (You ...
Professional Vulnerability Research and Analysis Chris Spencer This presentation will take an inside look at how day to day vulnerability analysis and ...
Tor and censorship: lessons learned Roger Dingledine Tor is a free-software anonymizing network that helps people around the world use the Internet ...
BlackEnergy 2 Revealed Joe Stewart BlackEnergy is a popular DDoS trojan written by "Cr4sh", a member of the Russian hacking ...
The Torpig Trojan: Lessons Learned From Five Years In The Trenches Jason Milletary 2010 will mark the 5th year of operation of a mysterious group of criminals overseeing ...
Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications Michael Sutton As the line between desktop and web applications becomes increasingly blurry in a web 2.0 ...
Suricata and the Open Information Security Foundation(OISF) Matt Jonkman The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This ...
The Role and Function of Social Networks in the Russian Malware Community Max Kilger A great deal of research has focused on the malicious software and attack tools generated ...
Training Your Pigs to Dance on a Shoestring - How to Run a Security Awareness Programme Richard Beach The presentation is split into three parts: 1. A short amount of time will be ...
Lock Picking - class instance 1 Deviant Ollam Physical security is an oft-overlooked component of data and system security in the technology world. ...
Lock Picking - class instance 2 Deviant Ollam Repeat of this morning's class. Physical security is an oft-overlooked component of data and system ...
An Historical Look at Cloud Computing Whitfield Diffie The history of information security is one of repeated confrontations resources too valuable to be ...
Scenes from the 2010 US/China cyberwar Marcus J. Ranum After watching the great US/China cyberwar of 2010, I was left puzzled, confused, and probably ...
Using Vulnerability Management to Thwart Data Loss Bob Maley Four years ago, the state of Pennsylvania had almost no capability for finding or reporting ...
Security FAIL: We're doing it wrong. Scott Mcintyre Working as the Chief Security Officer at an ISP and member of a national telco's ...
Presentation to be announced John N. Stewart N/A
Speed-debating: Topics in information security Roger Dingledine , Max Kilger , Frank Stajano , Scott Mcintyre , Tim Redhead , Marcus J. Ranum , Adam Spencer , Alastair Macgibbon , Paul Gampe First introduced at AusCERT2008, this session comprises a series of fast-paced mini-debates where mixed teams ...
DDoS Self Defence Joe Stewart DDoS attacks allow someone to leverage a large number of computers against a target whose ...
Stranger in a Strange Land: Reflections of a Linux Guy in Microsoft Windows Crispin Cowan Crispin Cowan, famous Linux security guy and vocal Microsoft critic, now works at Microsoft. What? ...
Mobile Security Ben Bromhead , Ken Hendrie With the widespread expansion of mobile phone functionality and the increasing demand to incorporate mobile ...
Telco Security - from the inside Mike Seddon We are now surrounded by multiple security frameworks, compliance obligations, regulatory requirements, and a growing ...
A Framework to understand and handle Internet Abuse Incidents Juhani ( Jussi ) Eronen Today Internet Abuse comes in many forms, e.g. spam, malware infections, identity theft, targeted attacks, ...
Connecting PM to routers Hillar Aarelaid This presentation demonstrates a novel approach to managing a state CIIP infrastructure. Development of a ...
Amazon EC2 security Simone Brunozzi Simone Brunozzi, Amazon Web Services (AWS) Technology Evangelist for APAC, will briefly introduce the Amazon ...
Titan Rain, the inside story of Shawn Carpenter Richard Stiennon While most of the countries of the world seek peaceful co-existence some have engaged in ...
A history of Microsoft exploit mitigations Benjamin Mosse The theory behind memory corruption vulnerabilities has been known and understood since the early seventies, ...
The Rules of the Internet, and the Browsers That Break Them Daniel Grzelak , Paul Theraault The Web, as a software platform, is a complex mess of binary: operating systems, browsers, ...
Digital Forensics Accreditation Aaron Wooten As the concept of computer forensics has started to evolve into mainstream security consulting, so ...
AFP High Tech Crime year in review Alex Tilley , Col Dix The Australian Federal Police's High Tech Crime Operations and Investigations areas deal with an increasingly ...
Setting the scene in vulnerability work Juhani ( Jussi ) Eronen Software faults and vulnerabilities are complex issues that involve actors with various goals as well ...
Understanding scam victims: seven principles for systems security Frank Stajano The success of many attacks on computer systems can be traced back to the security ...
Integrating Information Security Policies within the Corporate Risk and Business Continuity Management Framework Maria Corpuz Organizations implement corporate risk and business continuity management practices in accordance with their corporate governance ...
US Secret Service: Cell Phone and Embedded Technology Forensics Andy Kearns A look at the current and future capabilities of cell phone forensics as conducted by ...
Black Hat, White Hat, Gray Hat, RedHat: What Dr. Seuss Forgot to Tell You About the Computer Hacker Community 2.0 Max Kilger At the very first AUSCERT conference in 2002 this original talk outlined some of the ...
Liability in Cyberspace - Time for a Re-think? Arun Raghu This presentation explores a fundamental question for which no definitive answer yet exists: who should ...
US Internal Revenue Service - Criminal Investigation of Electronic Crimes Jeffrey Willert , Raymond O. Aghaian This presentation will cover the 'program', its significant investigations, and forensic methodologies and will include ...
Stay safe with your head in the clouds Paul Gampe Don't let security concerns prevent you from adopting the latest innovation in IT infrastructure - ...
Cyber Exercises: Training and Skills Identification Tim Rosenberg As cyber exercises move into the mainstream; there are several considerations about their use to ...
A Perspective from the UK. The counter-fraud activities of 'Action Fraud' and 'National Lead Force Peter Ratcliffe This presentation will highlight the significant developments that have taken place in the past 3 ...
Engagement between National / Government CERTs and the vendor community; benefits and challenges Steve Adegbite , Karl Hanmore This presentation examines the complex interactions between the National/Government CERT communities and software vendors. This ...
The Four Types of Lock Deviant Ollam Physical security is an oft-overlooked component of data and system security in the technology world. ...
Windows volatile memory forensics for incident response Michael Cohen , Bradley Schatz This full day tutorial will teach forensic acquisition and analysis techniques with a focus on ...
Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle This course will focus on using open source tools to perform web application assessments. The ...
Enterprise Resilience through effective Business Continuity Management Guy Peterson , Alan Fraser , Mick Grover Participants will be provided with a solid overview of Enterprise Resilience and Business Continuity Management. ...
Incident Response tutorial Mark Goudie , Chris Novak Verizon Business routinely performs Incident Response training for our Rapid Response retainer clients, and we ...
AusCERT2010 Executive Program Whitfield Diffie , Bob Maley , Nick Tate , Danny Smith We all know being CxO of a major organisation is an enormous responsibility, with some ...
Securing the Internet for a Web 2.0 Collaborative Culture Gerhard Eschelbeck Gerhard’s presentation will discuss the convergence of the latest Web 2.0 and Social Media based ...
Beyond Aurora's Veil: A Vulnerable Tale Derek Manky In 2009, the Conficker worm was dissected by researchers, and then fried by the spotlight ...
Protect Critical Data and Systems with Proactive IT Security Andrew Latham N/A
Securing the New Network: Firewalls in a mobile world Nicko van Someren While the physical topologies of our networks have not changed a great deal over the ...
Securing the 21st Century Andy Solterbeck Telstra will present an overview of our approach to Securing the 21st Century workspace. The ...
The Anatomy of an Attack - Modern Fraud Detection Colby Derodeff The Anatomy of an Attack – Modern Fraud Detection The rise of the Internet as ...
Managed SIEM Unmasked Gavin Matthews N/A
Culture Shift: Social Networking and Enterprise Environments (Security Risk vs Reward) John W. Pirc N/A
The need for Dynamic Network Security in 2010 and Beyond Patrick Sweeney No abstract provided for this presentation yet. Please check again later.
Dude Where's My Data - Web Application and Database Security De constructed Terry Ray Daily incidents of unauthorized data access attempts grew exponentially from 2008 to 2009. SQL Injection, ...
Social Networking and Cyber-Security: Strength, Weakness, Opportunity, or Threat? Matt Keil No abstract provided for this presentation yet. Please check again later.
BZM XNT BQZBJ SGD BNCD? Paul Ducklin Can you crack the code? Come to this talk for a fascinating live demonstration of ...
e-Crime, the Age of Cybergeddon Jason Pearce Cybergeddon?... This is a term coined by the FBI. The current crimeware landcape has been ...
The Future of Digital Security: The Kaspersky Vision Eugene Kaspersky In his presentation 'The Future of Digital Security: The Kaspersky Vision', Eugene Kaspersky, CEO and ...
Maintaining Control and Compliance in Cloud Computing: Data-centric information security Andrew Younger There’s no doubt about it: virtualization is the future. With its promises of flexibility, ease ...
Defense Strategy against Advanced Persistent Threats Rishi Bhargava No abstract provided for this presentation yet. Please check again later.
Computer Theft and Data Security for the Mobile Workforce Mark Winter No abstract provided for this presentation yet. Please check again later.
Trend Micro is Security that Fits: in a Virtual World Glynn Stokes No abstract provided for this presentation yet. Please check again later.
Identity Management - methodologies and tools to make user self service a reality Paul Conroy IT security teams can deliver tangible benefit to their organisations through identity management. The on-boarding ...
Vulnerability & Configuration Management Best Practices Joe Revels Creating audience specific and actionable reporting/processes for minimizing vulnerability risk and achieving compliance management. A ...
The Web is the Battleground; and Social Networks Lead the Charge Corey Nachreiner Our web browser has become the universal app. We no longer use it just to ...
Cloud Computing and Security - are they really like oil & water? Paul Ashley During this session, we will explore the IT Security challenges posed by cloud computing and ...
Global insight into Web 2.0 in the workplace today Richard Turner As web communications and collaboration have matured and become more and more integral to people’s ...
Identities Are Ready To Party! What's Next? Clarence Cheah No abstract provided for this presentation yet. Please check again later.
What's on a CISO's mind in 2010? James Turner No abstract provided for this presentation yet. Please check again later.
Anatomy of a Data Breach: Why Breaches Happen and What to Do About It Sean Kopelke No abstract provided for this presentation yet. Please check again later.
Why Unified Content Security is More Important Than Ever Devin Redmond This session will cover: Modern, hybrid threats (such as the Aurora attack on Google and ...
Identity Management at Queensland Health: A True Story! Tim Redhead No abstract provided for this presentation yet. Please check again later.
Understanding and Teaching Heuristics Randy Abrams This paper is designed to provide a basic understanding of what heuristics are and how ...
Enhanced PKI Validation with SCVP Hari Nair PKI-enabled systems depend on digital certificates to establish identity and trust. However, issuance of digital ...
Digging for Identity Management Gold: Australian Role Mining Case Study Nick Engelman Ask most organisations what’s holding up their Identity Management program and they’ll tell you it’s ...
Smartphone Security: From a Perspective of the Ten Immutable Laws of Security Ian Robertson , Chris Bender First published by Microsoft, the Ten Immutable Laws of Security serve as a framework for ...
New Threats, Intelligent Solutions Sam Pickles No abstract provided for this presentation yet. Please check again later.
Protecting your e-Business from Cyber Attacks in Real Time John Dubber No abstract provided for this presentation yet. Please check again later.
Web Security - Adapt to Survive Anthony Farr No abstract provided for this presentation yet. Please check again later.
Beef-Up your security with mobile technologies: An insight for all IT professionals Jeat Shyan Wong IT professionals have many challenges. One of the challenge is to ensure security and integrity ...