AusCERT2007

Day Zero: Sunday 20/05/2007
Tee-off from 11:00	Golf
15:00 - 20:00	Conference Registration
18:00 - 20:00	Welcome Cocktail evening - Wine tasting

Day One: Monday 21/05/2007
Start Time	End Time	Minutes
8:00	17:30		Registration Desk Open
8:00	8:30	0:30	Coffee
8:30	9:05	0:35	Conference Opening: Nick Tate (AusCERT) and Graham Ingram (AusCERT) (Blue Room)
9:05	9:10	0:05	Change Over Period
9:10	10:00	0:50	Keynote: Ivan Krstić (One Laptop Per Child) - Everything you know about desktop security is wrong, or: How I Learned to Stop Worrying and Love the Virtual Machine (Blue Room)
10:00	10:30	0:30	Morning Break
			Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room
10:30	11:05	0:35	Scott McIntyre (FIRST, KPN-CERT, XS4ALL) - Toxbot Takedown and Provider Paranoia: A reflection on modern ISP incident response.	Dan Klein - RFID - social impacts and implications	Haf Saba (Attachmate) - The Top 10 ways to Protect your Critical Systems	Darren O'Loughlin (Dimension Data) - The Keys to Building an Investigative Infrastructure
11:05	11:10	0:05	Change Over Period
11:10	11:45	0:35	Joanna Rutkowska (Invisible Things Lab) - Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools	Peter Cassidy (Anti-Phising Working Group (APWG)) - APWG Technology and Policy Priorities	Anthony Nadalin (IBM) - Eclipse Project Higgins and Identity 2.0	Phil Montgomery (Citrix) - Protecting customer information on the web with PCI-DSS
11:45	11:50	0:05		Change Over Period
11:50	12:30	0:40		Kay Lam-Beattie (IDEALAW) - Avoid getting sued - can it be done?	Peter Woollacott (Tier-3) - Gaining an advantage on modern "Hackers"	Colin Bradley (Cisco Systems) - An Architectural Approach to Security
12:35	13:55	1:20	Lunch Break		Lunch Break
13:00	13:45	0:45			Michael Sentonas (McAfee) - Stop Managing Security. Start Managing Risk	Eric Krieger (Secure Computing) - Web 2.0 Gateway Security: A paradim shift in enterprise security
13:45	13:50	0:05			Change Over Period
13:50	14:25	0:35	Keith Mitchell (Internet Systems Consortium) - Infrastructure and Applications for Large-scale DNS statistics collection	Marcus Sachs (SRI International) - Cyber attacks directed against critical infrastructure control systems	George Stathakopoulos, Peter Watson ( Microsoft ) - Ask Microsoft	Freddy Mangum (Fortinet) - Unifying Networking and Security
14:25	14:30	0:05	Change Over Period
14:30	15:10	0:40	David Litchfield (NGSSoftware) - Forensic Dissection of an Oracle Attack	Husin Bin Jazri (CyberSecurity Malaysia) - Establishment of the CyberSecurity Malaysia	Jason Mical (CA) - CSI:SIM - Enhance Your Security Information Management with Forensic Analysis	Paul Ducklin (Sophos) - Exploits, rootkits, bootkits, fruitkits!
15:10	15:40	0:30	Afternoon break
15:40	16:20	0:40	Johannes Ullrich (SANS) - The SANS Internet Storm Center: A Collaborative Network Security Community	Andy Purdy - The Cyber Risk of Untrustworthy Software from the Globalization of Information Technology	Patrick Peterson (Ironport Systems) - Inside the petrie dish - an up close look at modern malware	David Thomason (Sourcefire) - Enterprise Threat Management (ETM): Bringing Security Together Through Intelligence
16:20	16:30	0:10	Coffee Break
16:30	17:10		The Australian Access Federation (AAF) BOF The Australian Network Operator's Group (AusNOG) BOF Interbank meeting (closed session) The Open Web Application Security Project (OWASP) BOF
18:00			VENDOR Cocktail evening - THEME: James Bond 007 - Black tie optional

Day Two: Tuesday 22/05/2007
Start Time	End Time	Minutes
8:00	17:30		Registration Desk Open
8:00	8:30	0:30	Coffee
8:30	8:55	0:25	Opening remarks: Graham Ingram (General Manager - AusCERT) - Who are we? (Blue Room)
8:55	9:00	0:05	Change Over Period
9:00	9:45	0:45	Keynote: Howard A. Schmidt (R & H Security Consulting, LLC) - The International State of Information Security. The wins, the losses and the work that needs to be done (Blue Room)
9:45	9:50	0:05	Change Over Period
9:50	10:30	0:40	Plenary: Special Agent Mark Grantz (DHS) and a U.S. Secret Service employee. (Blue Room)
10:30	11:00	0:30	Morning Break
			Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room	R&D Yellow Room
11:00	11:35	0:35	Brian Carrier (Basis Technology) - Advances in Data Recovery and Carving	Raja Azrina Raja Othman (MyCERT) - Digital Forensics- Emerging Trends	Stephen MacDonald (Check Point Software Technologies) - Is UTM a UFO? Identifying UTM in enterprise	Vincent Weafer (Symantec) - Developing Tactical Intelligence	Qiong Ren (University of Wollongong) - Mitigating Phishing by a New ID-based Chameleon Hash without Key Exposure
11:35	11:40	0:05	Change Over Period
11:40	12:20	0:40	Nelson Murilo (Pangeia) - 10 yrs of rootkits	Bob Martin (Mitre) - Vulnerability Type Distributions in CVE	James Collinge (TippingPoint) - Ips-Secured Networks: 360° Network Security & Control	Richard Cullen (SurfControl) - Evolving Threat Landscape, Building a Layered E-mail Security Defence	Jared Ring (Queensland University of Technology) - A Secure Billing Architecture for 4G Wireless Networks
12:20	13:40	1:20	Lunch Break		Lunch Break		Lunch Break
12:50	13:35	0:45			Mark Sunner (MessageLabs) - The Rise of the Selfish Bot: How Spam and Target Attacks are Becoming the New Attack Vehicle	Wade Alcorn (NGSSoftware) - Advanced Browser Attacks
13:35	13:40	0:05			Change Over Period
13:40	14:15	0:35	Daniel Cid (OSSEC) - Log-based intrusion detection using OSSEC	Tammy Clark (Georgia State University) - ISO 27001 Certification Process	Steve Manzuik (Juniper Networks) - The Past, Future & Evolution of IPS	Andy Solterbeck (SafeNet) - How PCI DSS is changing the security industry and what it means to you?	Elankayer Sithirasenan (Griffith University) - Substantiating Security Threats Using Different Views of Wireless Network Traces
14:15	14:20	0:05	Change Over Period
14:20	15:00	0:40	Andrew Collins, Mark Titley, Sarah Tueno ( Stratsec ) - Evolution of a Security Event Management System	Jodie Siganto (Bridgepoint) - Security Return on Investment - A Case Study	Kiran Deshpande (Air Tight Networks) - Wireless - The Weakest Link in Enterprise Security	Daniel Zatz (VeriSign) - Security in the "Any Era"	David Ross (Queensland University of Technology) - Securely Depolying IEEE 802.11 WLANs
15:00	15:30	0:30	Afternoon break
15:30	16:05	0:35	Ron McLeod (Telecom Applications Research Alliance (TARA) ) - The Nature Behaviour and Impact of Recreational Traffic	Sean Catlett (Bank of America) - The incident response standardization and risk assessment process	Jim Wyre (Tumbleweed Communications) - Certificate Validation Solutions- Past, Present, Future / Content Management for Email and Web	Michael Livingstone (Tier-3) - Making Security a business enabler- not a cost centre	Andrew Marrington (Queensland University of Technology) - Event-based Computer Profiling for the Forensic Reconstruction of Computer Activity
16:05	16:10	0:05	Change Over Period
16:10	16:45	0:35	Aaron Hackworth (CERT/CC) - Advanced Features of Botnets	Rupert Dodds (KPMG) - An introduction to CobiT® Version 4.0 as a security management tool	Steve Reddock (Internet Security Systems) - Virtualisation's Impact on Enterprise Security	Andy Purdy - Secure and Optimized Multi-Protocol Application Delivery	Zieb Rana (Defence Science and Technology Organisation) - Using Event Attribute Name-Value Pairs for Summarizing Log Data
16:45	16:50	0:05	Change Over Period
16:50	17:30		The Australian Computer Society (ACS) SIG meeting (closed session) AusCERT member-only BOF.
18:30			Conference GALA Dinner - departure from RP

Day Three: Wednesday 23/05/2007
Start Time	End Time	Minutes
8:20	17:30		Registration Desk Open
8:20	8:50	0:30	Coffee
8:50	8:55	0:05	Opening remarks: Nick Tate (AusCERT) and Graham Ingram (AusCERT) (Blue Room)
8:55	9:00	0:05	Change Over Period
9:00	9:50	0:50	Keynote: Mary Ann Davidson (Oracle Corporation) - Web 2.0 - Securing the Brave New World (Blue Room)
9:50	10:20	0:30	Morning Break
			Technical Blue Room	Business Green Room	Vendor 1 Purple Room	Vendor 2 Red Room
10:20	10:55	0:35	Greg Castle (Defence Signals Directorate) - White is the new black: How to implement sysadmin-friendly and user-friendly whitelisting of web sites, and why this is essential to mitigate compromise and data exfiltration.	Patrick Peterson (Ironport Systems) - Know thy Enemy: deconstructing a multi-billion message spam attack & the criminals behind it	Andrew Clarke (Patchlink) - Patch & Vulnerability Management Solution - Core of a Comprehensive Security Strategy	Maros Mozola (Eset) - A Proactive Roadmap To Fight Today And Tomorrow's Threats
10:55	11:00	0:05	Change Over Period
11:00	11:35	0:35	Andrea Barisani (Inverse Path Ltd) - Lessons in Open Source Security: the tale of a 0-day incident, security threats in OSS projects and paranoid practices that can save your day.	Stas Filshtinskiy (ANZ) - The Cyber Criminal Economy	Jeff Paine (Network Box) - 10 Security Questions You Need to Ask	David Rand (Trend Micro) - Threat Management: A New Frontier
11:35	11:40	0:05	Change Over Period
11:40	12:20	0:40	Daniel Cuthbert (Corsaire Security) - The Secure Development Life-Cycle, where are today's development projects going wrong?	Mike Newton (Stanford University) - Large Scale Flow Collection and Analysis	Roger Thornton (Fortify Software) - Making Source Code Analysis Part of the Security Review Process	Jo Stewart-Rattray (Vectra Corporation) - Information Security Governance - the Nuts and Bolts
12:20	13:40	1:20	Lunch Break
13:40	14:15	0:35	Jason Edelstein (Sense of Security) - VoIP: Attacks & Countermeasures in the Corporate World	Cristine Hoepers (CERT.br) - SpamPots Project: Using Honeypots to Measure the Abuse of End-User Machines to Send Spam	John Lindquist (EWA / IIT) - Homeland Security Partnerships with the Private Sector	Mason Hooper (Novell) - Novell's Vision for Identity and Security Management
14:15	14:20	0:05	Change Over Period
14:20	14:55	0:35	Richard Bejtlich (TaoSecurity) - The Self-Defeating Network	Jeff Wright (Department of Homeland Security - DHS) - Brave New World: Combined Public-Private Sector Disaster Response Exercises
14:55	15:00	0:05	Change Over Period
15:00	15:40	0:40	John McHugh (Dalhousie Uni) - Network Awareness and Network Security	Prof Cory Schou (Idaho State University) - Security certification into salaries
15:40	16:10	0:30	Afternoon break
16:10	16:55	0:45	Richard Thieme (ThiemeWorks) - Closing Address (Blue Room)
16:55	17:00	0:05	Change Over Period
17:00	17:10	0:10	Conference Close: Nick Tate (AusCERT) and Graham Ingram (AusCERT) (Blue Room)

Day Four: Thursday 24/05/2007 (Tutorials A - tracks 1, 2 & 3)
Start Time	End Time	Minutes	Track 1 Blue Room	Track 2 Green Room	Track 3 Purple Room
9:00	10:30	1:30	Richard Bejtlich (TaoSecurity) - Network Incident Response	Andrew Collins, Mark Titley, Sarah Tueno ( Stratsec ) - Malware Reverse Engineering	Tammy Clark (Georgia State University) - ISO 27001 Certification Process - Business Tutorial
10:30	10:50	0:20	Morning Break
10:50	12:30	1:40	Richard Bejtlich (TaoSecurity) - Network Incident Response	Andrew Collins, Mark Titley, Sarah Tueno ( Stratsec ) - Malware Reverse Engineering	Tammy Clark (Georgia State University) - ISO 27001 Certification Process - Business Tutorial
12:30	13:30	1:00	Lunch Break
13:30	15:00	1:30	Richard Bejtlich (TaoSecurity) - Network Incident Response	Andrew Collins, Mark Titley, Sarah Tueno ( Stratsec ) - Malware Reverse Engineering	Dr Michael Cohen (AFP) - Incident Response using PyFlag - the Forensic and Log Analysis GUI
15:00	15:20	0:20	Afternoon break
15:20	17:00	1:40	Richard Bejtlich (TaoSecurity) - Network Incident Response	Andrew Collins, Mark Titley, Sarah Tueno ( Stratsec ) - Malware Reverse Engineering	Dr Michael Cohen (AFP) - Incident Response using PyFlag - the Forensic and Log Analysis GUI

Day Four: Thursday 24/05/2007 (Tutorials B - tracks 4 & 5)
Start Time	End Time	Minutes	Track 4 Red Room	Track 5 Yellow Room
9:00	10:30	1:30	Brian Carrier (Basis Technology) - An Introduction To The Sleuth Kit and File System Forensic Analysis	David Litchfield, Ron Brandis, Wade Alcorn ( NGSSoftware ) - Database security - SESSION FULL
10:30	10:50	0:20	Morning Break
10:50	12:30	1:40	Brian Carrier (Basis Technology) - An Introduction To The Sleuth Kit and File System Forensic Analysis	David Litchfield, Ron Brandis, Wade Alcorn ( NGSSoftware ) - Database security - SESSION FULL
12:30	13:30	1:00	Lunch Break
13:30	15:00	1:30	Andrea Barisani (Inverse Path Ltd) - Building a modern LDAP-based security framework - SESSION FULL	David Litchfield, Ron Brandis, Wade Alcorn ( NGSSoftware ) - Database security - SESSION FULL
15:00	15:20	0:20	Afternoon break
15:20	17:00	1:40	Andrea Barisani (Inverse Path Ltd) - Building a modern LDAP-based security framework - SESSION FULL	David Litchfield, Ron Brandis, Wade Alcorn ( NGSSoftware ) - Database security - SESSION FULL

Day Five: Friday 25/05/2007 (Tutorials C - tracks 1)
Start Time	End Time	Minutes	Track 1 Green Room
9:00	10:30	1:30	Chris Gatford, Ty Miller ( Pure Hacking ) - 'Hands-on' Infrastructure penetration testing - SESSION FULL
10:30	10:50	0:20	Morning Break
10:50	12:30	1:40	Chris Gatford, Ty Miller ( Pure Hacking ) - 'Hands-on' Infrastructure penetration testing - SESSION FULL
12:30	13:30	1:00	Lunch Break
13:30	15:00	1:30	Chris Gatford, Ty Miller ( Pure Hacking ) - 'Hands-on' Infrastructure penetration testing - SESSION FULL
15:00	15:20	0:20	Afternoon break
15:20	17:00	1:40	Chris Gatford, Ty Miller ( Pure Hacking ) - 'Hands-on' Infrastructure penetration testing - SESSION FULL

Day Five: Friday 25/05/2007 (Tutorials D - track 1 & 2)
Start Time	End Time	Minutes	Track 1 Blue Room	Track 2 Red Room
9:00	10:30	1:30	John McHugh (Dalhousie Uni), Ron McLeod (Telecom Applications Research Alliance (TARA) ) - Acquisition and Analysis of Large Scale Network Data	Stephen Wilson (Lockstep Consulting Pty Ltd) - A Practical Guide to Authentication for Strategists and Policy Makers - Business Tutorial
10:30	10:50	0:20	Morning Break
10:50	12:30	1:40	John McHugh (Dalhousie Uni), Ron McLeod (Telecom Applications Research Alliance (TARA) ) - Acquisition and Analysis of Large Scale Network Data	Stephen Wilson (Lockstep Consulting Pty Ltd) - A Practical Guide to Authentication for Strategists and Policy Makers - Business Tutorial
12:30	13:30	1:00	Lunch Break
13:30	15:00	1:30	John McHugh (Dalhousie Uni), Ron McLeod (Telecom Applications Research Alliance (TARA) ) - Acquisition and Analysis of Large Scale Network Data	Stephen Wilson (Lockstep Consulting Pty Ltd) - A Practical Guide to Authentication for Strategists and Policy Makers - Business Tutorial
15:00	15:20	0:20	Afternoon break
15:20	17:00	1:40	John McHugh (Dalhousie Uni), Ron McLeod (Telecom Applications Research Alliance (TARA) ) - Acquisition and Analysis of Large Scale Network Data	Stephen Wilson (Lockstep Consulting Pty Ltd) - A Practical Guide to Authentication for Strategists and Policy Makers - Business Tutorial

feedback
	© AusCERT 2007
	Email: webmaster@auscert.org.au
	Web URL: http://conference.auscert.org.au
	Maintained by: ITS - University of Queensland
	Last Updated - April 2007