AusCERT2006

AusCERT2006
AusCERT Asia Pacific
Information Technology Security Conference
21st - 26th May 2006 - Royal Pines Resort - Gold Coast, Australia

Day Zero: Sunday 21/05/2006
From 12:00	Golf (limited hole shotgun)
15:00 - 20:00	Conference Registration
18:00 - 20:00	Welcome Reception

Day One: Monday 22/05/2006
8:00 - 15:30	Registration Desk Open
8:00 - 8:30	Coffee Break
8:30 - 8:40	Opening remarks: Nick Tate (AusCERT) and Graham Ingram (AusCERT)
8:40 - 9:10	Conference Opening: The Honourable Gary Nairn, MP, Special Minister of State
9:10 - 10:00	Keynote: Karen Worstell - Managing Risk: Is it Right for Your Business
10:00 - 10:40	Plenary: Mark Estberg (Director of Information Security Analysis, Design and Awareness - Microsoft IT) - Information Security as a Strategic Asset at Microsoft
10:40 - 11:10	Morning Break
	Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room
11:10 - 11:50	Eric Cole (Chief Scientist - Lockheed Martin Information Technology) - Steganography	Kevin Zuccato (Director of the Australian High Tech Crime Centre - Australian Federal Police) - 2006 Australian Computer Crime and Security Survey	Peter Watson (Chief Security Advisor - Microsoft Australia) and Jesper Johansson (Senior Security Strategist - Microsoft) - Microsoft Security “Question Time”	Bernhard van der Feen (Product Manager - SafeNet Inc.) - Data Encryption - The Ultimate Line of Defense
11:55 - 12:35	Scott Gosling (Data#3) and Grae Meyer-Gleaves (Data#3) - Logical Separation and Protection of Hosts on your Network	Dr. Phyllis Schneck (Vice President of Strategic Development - CipherTrust, Inc.) - From Email to VoIP: Securing the Global Messaging Infrastructure	Rob Pregnell (Regional Product Marketing Manager, Asia Pacific - Symantec) - The top 3 security trends you can’t afford to overlook	Eric Sorenson (Senior Sales Engineer - Secure Computing Corporation) - Sidewinder G2 Live Attack Demo
12:35 - 13:55	Lunch Break
13.05 - 13.45	Lunch Break		Paul Ducklin (Head of Technology (Asia Pacific) - Sophos) - All About Rootkits	Oscar Marquez (Chief Technology Officer - iSheriff) - The full ecosystem of Enterprise Content Security
13:55 - 14:35	Darren Bilby (Senior Security Consultant - Security Assessment) - Defeating Windows Forensic Analysis in the Kernel	Bosco Tan (Research Analyst - SIFT) - Cyber Insurance and its Economic Viability	Steve Reddock (Technical Services Manager - Internet Security Systems Australasia) - Security 2010: The Changing Landscape	Chris Thomas (Principal Consultant - Enterprise Security - CA Australia) - The convergence of IAM & SIM - Enabling the power of Security
14:40 - 15:20	Marcelo Chaves (CERT.br) - Fraud and Phishing in Brazil	Colin Whittaker (Head of Security - APACS) - Payments industry approach to customer identity management using the emv payment smartcard	Jeremy Poulton (SurfControl Partner Manager - SurfControl Pty Ltd) - Data Theft: the new corporate Nightmare	Dave Marcus (Security Research and Communications Manager - McAfee AVERT Labs) - Malware. Is it dooms day, or just another day?
15:20 - 15:50	Afternoon break
15:50 - 16:30	Geoff Huston (Senior Internet Researcher - APNIC) - A PKI for IDR	Alastair MacGibbon (Director, Trust & Safety - eBay Australia & New Zealand) - Defence in depth – a model for tackling cybercrime	Greg Fitzgerald (Vice President Marketing - TippingPoint, a division of 3Com) - Secure, Intelligent Networks of the Future	Greg Bunt (Systems Engineering Manager - Juniper Networks) - Unified Access Control - Its not just about 802.1x
16:30 - 16:40	Coffee Break
16:40 - 17:20	BOF Sessions: 1. Blue Room: Challenges of IT Security in the higher education and research sectors 2. Green Room: eSecurity Cluster 3. Red Room: Snort Users Reception Light hors d’ourves and refreshments will be served throughout
18:00 - 20:00	VENDOR Cocktail evening

Day Two: Tuesday 23/05/2006
8:00 - 15:30	Registration Desk Open
8:05 - 8:35	Coffee Break
8:35- 8:45	Opening remarks: Nick Tate (AusCERT) and Graham Ingram (AusCERT)
8:45 - 9:25	Keynote: Richard Thieme (ThiemeWorks) - Myths and Realities: The Security Business and the Business of Security
9:25 - 10:05	Plenary: Richard Forno (KRvW Associates) - Responding to the Security Needs of a Company with 500 CEOs
10:05 - 10:35	Morning Break
	Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room	R & D Yellow Room
10:35 - 11:15	Kenneth R. van Wyk (KRvW Associates) - Bridging the Gap Between Incident Responses and Secure Software Development.	Karl Hanmore (AusCERT) - IT Security Management: A broad look at an even broader topic	Scott McKinnel (Check Point Software Technologies) - UTM: Move Beyond the Security Box	Chuck Trent (Vice President - Cisco Systems) - A Security Day in the Life of the World’s Largest Networking Company	Alfonso Valdes (SRI International) - Data Cube Indexing of Large Infosec Repositories
11:20 - 12:00	Wietse Venema (IBM) - Secure programming traps and pitfalls	William J (Bill) Caelli (Queensland University of Technology (QUT)) - Hardening National IT Infrastructures with Trusted Systems: Mission Impossible?	Peter Woollacott (Tier-3) - Managing beyond known threats	Steve Terry (Australia & New Zealand RSA Security) - One Size Does Not Fit All: Building Trust and Invigorating Online Transactions for Consumers	Bradley Schatz (QUT) - An Open Architecture for Digital Evidence Integration
12:00 - 13:20	Lunch Break
12:30 - 13:10	Lunch Break		David Thomason (Director of Security Engineering - Sourcefire) - True Intrusion Prevention: Protecting Against Threats From All Vectors, AT All Times	Tom Chan (Enterprise and Partner Client Services Manager - MessageLabs Australasia Pty Ltd) - The Rise of Multi-vector Attacks – the new threat paradigm targeting organisations	Lunch Break
13:20 - 14:00	Peter Gutmann (University of Auckland) - Security and Usability	Michael Monaghan (Deputy Commissioner - ATO) - Online Aspects of Fraud and Identity Theft as seen by the ATO and what is being done to address it.	Kelvin Rundle (Citrix Systems Asia Pacific) - Security can deliver business agility: how to build an access strategy that will meet practically any access scenario	Rohit Dhamankar (Lead Security Architect - TippingPoint, a division of 3Com) - The SANS Top 20 Internet Security Vulnerabilities List & SANS @RISK Consensus Security Vulnerability Alert Project	Charles Tarimo (Stockholm University / Royal Institute of Technology) - A Generic Framework for Implementation and Use of Intrusion Detection Systems
14:05 - 14:45	Peter Gutmann (University of Auckland) - Security and Usability	David Pegrem (APRA) - What to expect when APRA calls	Erik Rudin (Senior Technical Consultant (VoIP) - NetIQ) - Securing Your Converged Voice & Data Network	Fraser Thomas (Swivel Secure Limited) - Protection in a Hostile Environment: how Two-Factor Authentication can ensure that you and your client's are not at risk	Ejaz Ahmed (NUST Institute of Information Technology) - Cluster-based Intrusion Detection (CBID) Architecture for Mobile Ad Hoc Networks
14:45 - 15:15	Afternoon Break
15:15 - 15:55	Kathy Wang (The MITRE Corporation) - Honeyclient technology and the latest client-side attacks	Yvo Desmedt (BT Chair of Information Security - Department of Computer Science, University College London) - Academia vs. Business vs. Hackers in Information Security: the Case of Identity Theft	Ben Karlo (Fortinet) - Safe VoIP, is there such thing? - A Technical Session on Securing VoIP Systems for All Companies	Daniel Zatz (Managed Security Services Business Manager - Asia Pacific, VeriSign) - How vulnerable are you really?	Ernest Foo (QUT) - A New Authentication Mechanism and Key Agreement Protocol for SIP Using Identity-based Cryptography
16:00 - 16:40	Steve Gill (Team Cymru) - Miscreant Life Beyond MS	Jake Jacobson (U.S. Secret Service) - Trends in Online Financial Crime: Technology in the Service of Serious Online Criminality	Neal Gemassmer (Vice President - PatchLink), Ben Chan (Patchlink) - Protecting Against the New Wave: Revising Security Strategies to Meet the Closing Vulnerability Window	Jo Stewart Rattray (Director Information Security - Vectra Corporation Ltd) - Managing Identity in the Cyber World	Praveen Gauravaram (QUT) and Adrian McCullagh (QUT) - Attacks on MD5 and SHA-1: Is this the "Sword of Damocles" for Electronic Commerce?
16:40 - 16:50	Coffee Break
16:50 - 17:30	BOF Sessions 1. The Australian Higher Education and Research sectors Certification Authority Federation 2. AusCERT member forum				Selwyn Russel (QUT) - A Project for the Synthesis of Composite TCP/IP Networks During Emergencies
18:30	Conference GALA dinner

Day Three: Wednesday 24/05/2006
8:00 - 15:30	Registration Desk Open
8:05 - 8:35	Coffee Break
8:35 - 8:45	Opening remarks: Nick Tate (AusCERT) and Graham Ingram (AusCERT)
8:45 - 9:35	Keynote: Eugene Spafford (Professor - Purdue University) - Information Security: Insanity Rules
9:35 - 10:05	Morning Break
	Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room
10:05 - 10:45	Mikko Hyppönen (F-Secure Corp) - Current and Future Mobile Phone viruses	Michael Brookes (Honeywell Building Solutions) - The Power of One	Richard Ting (Aventail) - Securing End-to-End Remote Access: the Connection, the Network, and the Endpoint	Bryan Sartin (Vice President Investigative Response - Cybertrust) - The Horrors of Headlines: Keeping Your Company Out of the Press, Lessons from a leading forensic investigator
10:50 - 11:30	Marcus Sachs (Computer Science Laboratory, SRI International) - DNSSEC Use and Deployment	Jesper Johansson (Senior Security Strategist - Microsoft) - Is that App Really Safe?	Venkat Raghavan (Manager of Security Products - IBM) - Secure SOA: Dream or Reality?	Mike Bessey (Technical Manager - IronPort Systems) - Fighting Blended Threats
11:35 - 12:15	Shah Shreeraj (Founder and Director - Net Square) - Advanced web services hacking: Attacks & Defense	Mark Sunner (CTO - MessageLabs) - Spam, Botnets & Spyware	Jorke Odolphi (Product Engineer - WebCentral) and Rob Risetto (DBA Team Leader - WebCentral) - Securing .NET2 and SQL2005: A Web Hosting Perspective	Adrian Noblett (Networking Specialist - Nortel) - Keeping The Bad Guys Out and Good Guys In
12:15 - 13:35	Lunch Break
12:45 - 13:35			Adam Biviano (Premium Support Manager - Trend Micro Australia) - Myths, Misconceptions and Mitigation Strategies	*No Session*
13:35 - 14:15	Michael Sutton (iDEFENSE/VeriSign) - Fuzzing: Brute Force Vulnerability Discovery	Theo Nassiokas (Westpac Banking Corporation) - Security in Context	Oliver Binz (General Manager - b-sec consulting) and Justin Derry - Web Services: New Technology – New Risks	Todd MacDonald (Tumbleweed) - Why is FTP and managed file transfer so important?
14:20 - 15:00	Steve Manzuik (eEYE) and Andre Derek Protas (eEYE) - Silently Fixed Vulnerabilities – Skeletons In Microsoft's Closet	Hans van Grieken (Capgemini - NL) - De-perimeterizing Networks: the need to interconnect Network and Information Security	Archie Reed (HP) - Identity Management - latest fad or potent business tool?	Kenneth Udd (SSH Communications Security) - Securing FTP and Telnet in Cross-Platform Networks
15:00 - 15:30	Afternoon Break
15:30 - 16:10	Plenary: Abe Singer (Security Techonogies Group San Deigo Supercomputer Centre) - Security without Firewalls
16:10 - 17:00	Closing Address: Dr Annie Antón (Purdue University) - Conformance Across Privacy Values, Software Requirements, Policies, and Law
17:00 - 17:10	Conference Close: Nick Tate (AusCERT) and Graham Ingram (AusCERT)

Day Four: Thursday 25/05/2006 – Tutorials
9:00 - 10:30	Kenneth R. van Wyk & Richard Forno - Software Security Day 1 (Tech)	Marcus Sachs (Computer Science Laboratory, SRI International) - DNSSEC Use and Deployment	Eric Cole - Insider Threats (Bus)	Peter Gutmann - Godzilla Crypto (Tech)
10:30 - 10:50	Morning Break
10:50 - 12:30	Kenneth R. van Wyk & Richard Forno - Software Security Day 1 (Tech)	Marcus Sachs (Computer Science Laboratory, SRI International) - DNSSEC Use and Deployment	Eric Cole - Insider Threats (Bus)	Peter Gutmann - Godzilla Crypto (Tech)
12:30 - 13:30	Lunch Break
13:30 - 15:00	Kenneth R. van Wyk & Richard Forno - Software Security Day 1 (Tech)	Wietse Venema - Forensic discovery (Tech)	Eric Cole - Insider Threats (Bus)	Eddie Cornejo - Introductory Malware Analysis Techniques (Tech)
15:00 - 15:20	Afternoon Break
15:20 - 17:00	Kenneth R. van Wyk & Richard Forno - Software Security Day 1 (Tech)	Wietse Venema - Forensic discovery (Tech)	Eric Cole - Insider Threats (Bus)	Eddie Cornejo - Introductory Malware Analysis Techniques (Tech)

Day Five: Friday 26/05/2006 Tutorials
9:00 - 10:30	Kenneth R. van Wyk & Richard Forno - Software Security Day 2 (Tech)	Ernst & Young - eXtreme Hacking – Web Applications (Tech)	Abe Singer - Log Analysis (Tech)	Jamie Gillespie - Windows Intrusion Prevention Workshop (Tech)
10:30 - 10:50	Morning Break
10:50 - 12:30	Kenneth R. van Wyk & Richard Forno - Software Security Day 2 (Tech)	Ernst & Young - eXtreme Hacking – Web Applications (Tech)	Abe Singer - Log Analysis (Tech)	Jamie Gillespie - Windows Intrusion Prevention Workshop (Tech)
12:30 - 13:30	Lunch Break
13:30 - 15:00	Kenneth R. van Wyk & Richard Forno - Software Security Day 2 (Tech)	Ernst & Young - eXtreme Hacking – Web Applications (Tech)	Russell Coker - Administration of NSA Security Enhanced Linux system (Tech)	Jamie Gillespie - Windows Intrusion Prevention Workshop (Tech)
15:00 - 15:20	Afternoon Break
15:20 - 17:00	Kenneth R. van Wyk & Richard Forno - Software Security Day 2 (Tech)	Ernst & Young - eXtreme Hacking – Web Applications (Tech)	Russell Coker - Administration of NSA Security Enhanced Linux system (Tech)	Jamie Gillespie - Windows Intrusion Prevention Workshop (Tech)

feedback
	© AusCERT 2006
	Email: webmaster@auscert.org.au
	Web URL: http://www.auscert.org.au
	Maintained by: ITS - University of Queensland
	Last Updated - 7th February 2006