AusCERT2010

Day Zero: Sunday 16/05/2010
15:00 - 20:00	Conference Registration Desk Open
11:00	Golf - Registration from 11:00am. Shotgun start from 12:00pm
18:00 - 20:00	Welcome Cocktail Evening - 18:00 - 20:00

Day One: Monday 17/05/2010
Time
8:00 - 17:30	Conference Registration Desk Open
8:00 - 8:50	Coffee Break
8:50 - 9:10	Conference Opening: AusCERT - Welcome speech
9:10 - 10:00	Keynote Address: Whitfield Diffie - An Historical Look at Cloud Computing
10:00 - 10:40	Plenary: Bob Maley (Strategic CISO) - Using Vulnerability Management to Thwart Data Loss
10:40 - 11:10	Morning Break Book signing opposite Registration Desk: Whitfield Diffie
	Stream 1	Stream 2	Vendor Stream 1	Vendor Stream 2
11:10 - 11:45	Joe Stewart (SecureWorks) - DDoS Self Defence	Frank Stajano (University of Cambridge, UK) - Understanding scam victims: seven principles for systems security	Derek Manky (Fortinet) - Beyond Aurora's Veil: A Vulnerable Tale	Paul Conroy (Microsoft) - Identity Management - methodologies and tools to make user self service a reality
11:50 - 12:25	Crispin Cowan (Microsoft) - Stranger in a Strange Land: Reflections of a Linux Guy in Microsoft Windows	Maria Corpuz (Department of Education and Training (Queensland)) - Integrating Information Security Policies within the Corporate Risk and Business Continuity Management Framework	Andrew Latham (Tripwire) - Protect Critical Data and Systems with Proactive IT Security	Joe Revels (Ncircle) - Vulnerability & Configuration Management Best Practices
12:25 - 13:50	Lunch Break
13:00 - 13:35	Lunch Break continues	Gerhard Eschelbeck (Webroot) - Securing the Internet for a Web 2.0 Collaborative Culture	Nicko van Someren (Juniper Networks) - Securing the New Network: Firewalls in a mobile world	Corey Nachreiner (WatchGuard) - The Web is the Battleground; and Social Networks Lead the Charge
13:50 - 14:25	Ben Bromhead & Ken Hendrie (stratsec) - Mobile Security	Technical Investigations, Cyber Security Operations Centre (Defence Signals Directorate) - Cyber Intrusion: A Government Case Study	Andy Solterbeck (Telstra) - Securing the 21st Century	Paul Ashley (IBM) - Cloud Computing and Security - are they really like oil & water?
14:30 - 15:10	Mike Seddon (Telecom New Zealand) - Telco Security - from the inside	Andy Kearns (Special Agent - United States Secret Service) - US Secret Service: Cell Phone and Embedded Technology Forensics	Colby DeRodeff (ArcSight) - The Anatomy of an Attack - Modern Fraud Detection	Richard Turner (Clearswift) - Global insight into Web 2.0 in the workplace today
15:10 - 15:40	Afternoon break
15:40 - 16:20	Juhani Eronen (CERT Finland) - A Framework to understand and handle Internet Abuse Incidents	Max Kilger (The HoneyNet Project) - Black Hat, White Hat, Gray Hat, RedHat: What Dr. Seuss Forgot to Tell You About the Computer Hacker Community 2.0	Gavin Matthews (Seccom Global) - Managed SIEM Unmasked	Clarence Cheah (Oracle) - Identities Are Ready To Party! What's Next?
16:20 - 17:00	Hillar Aarelaid (CERT Estonia) - Connecting PM to routers	Arun Raghu (stratsec) - Liability in Cyberspace - Time for a Re-think?	John Pirc (3com/TippingPoint Technologies) - Culture Shift: Social Networking and Enterprise Environments (Security Risk vs Reward)	James Turner (IBRS) - What's on a CISO's mind in 2010?
17:00 - 17:10	Coffee
17:10 - 17:50	ACS Meeting	AISA Meeting		OWASP Meeting
18:00	Sponsor Cocktail Party - THEME: Nothing Without Security - Starts around 18:00

Day Two: Tuesday 18/05/2010
Time
8:00 - 17:30	Conference Registration Desk Open
7:30 - 8:30	Education & Research Breakfast
8:30 - 8:50	Coffee Break
8:50 - 9:40	Keynote Address: Marcus J. Ranum (Tenable Network Security, Inc.) - Scenes from the 2010 US/China cyberwar
9:40 - 10:20	Plenary: Scott McIntyre (XS4ALL) - Security FAIL: We're doing it wrong.
10:20 - 10:40	Morning Break
	Stream 1	Stream 2	Vendor Stream 1	Vendor Stream 2	Turbo-Talks
10:40 - 11:15	Simone Brunozzi (Amazon.com) - Amazon EC2 security	Jeffrey Willert and Raymond O. Aghaian (US Internal Revenue Service & United States Attorney's Office) - US Internal Revenue Service - Criminal Investigation of Electronic Crimes	Patrick Sweeney (SonicWALL) - The need for Dynamic Network Security in 2010 and Beyond	Sean Kopelke (Symantec) - Anatomy of a Data Breach: Why Breaches Happen and What to Do About It	This session will be a series of rapid-fire 5-minute presentations by AusCERT2010 attendees only. Bring along your great idea or raise your burning issue! Sign-ups open Monday morning (May 17) and close at the end of sessions on Monday (May 17) at the AusCERT booth. NOTE: You need to be at the conference to speak at this session. More on - AusCERT Turbo Talks
11:20 - 11:55	Richard Stiennon (IT Harvest) - Titan Rain, the inside story of Shawn Carpenter	Paul Gampe (Vice President of Engineering Services and Operations at Red Hat) - Stay safe with your head in the clouds	Terry Ray (Imperva) - Dude Where's My Data - Web Application and Database Security De constructed	Devin Redmond (Websense) - Why Unified Content Security is More Important Than Ever
11:55- 13:15	Lunch Break
12:25 - 13:00	Lunch Break continues		Matt Keil (Palo Alto Networks) - Social Networking and Cyber-Security: Strength, Weakness, Opportunity, or Threat?	Tim Redhead (Dotsec) - Identity Management at Queensland Health: A True Story!	Lunch Break continues
13:20 - 13:55	Benjamin Mosse (stratsec) - A history of Microsoft exploit mitigations	Tim Rosenberg (White Wolf Security) - Cyber Exercises: Training and Skills Identification	Paul Ducklin (Sophos) - BZM XNT BQZBJ SGD BNCD?	Randy Abrams (ESET) - Understanding and Teaching Heuristics	Turbo-Talks continued...
14:00 - 14:35	Daniel Grzelak & Paul Theraault (stratsec) - The Rules of the Internet, and the Browsers That Break Them	Peter Ratcliffe (Detective Chief Inspector - National Fraud Authority - UK) - A Perspective from the UK. The counter-fraud activities of 'Action Fraud' and 'National Lead Force'	Jason Pearce (M86 Security) - e-Crime, the Age of Cybergeddon	Hari Nair (Axway) - Enhanced PKI Validation with SCVP
14:40 - 15:15	Aaron Wooten (StratSec) - Digital Forensics Accreditation	Karl Hanmore & Steve Adegbite (Microsoft) - Engagement between National / Government CERTs and the vendor community; benefits and challenges	Eugene Kaspersky (Kaskpersky) - The Future of Digital Security: The Kaspersky Vision	Nick Engelman (CA) - Digging for Identity Management Gold: Australian Role Mining Case Study
15:15 - 15:30	Afternoon Break
15:35 - 16:10	Alex Tilley and Col Dix (Australian Federal Police) - AFP High Tech Crime year in review	Deviant Ollam (deviating.net) - The Four Types of Lock	Andrew Younger (SafeNet) - Maintaining Control and Compliance in Cloud Computing: Data-centric information security	Chris Bender & Ian Robertson (Blackberry) - Smartphone Security: From a Perspective of the Ten Immutable Laws of Security	Turbo-Talks continued...
16:15 - 16:50	Juhani Eronen (CERT Finland) - Setting the scene in vulnerability work	Deviant Ollam (deviating.net) - The Four Types of Lock	Rishi Bhargava (McAfee) - Defense Strategy against Advanced Persistent Threats	Sam Pickles (F5 Networks) - New Threats, Intelligent Solutions	Turbo-Talks continued...
18:45	Conference Gala Dinner and SC Magazine Awards at RACV Royal Pines Resort THEME: Masquerade Ball (BYO mask if you can..) (6:15pm Shuttle Bus will be provided from other venues)

Day Three: Wednesday 19/05/2010
Time

8:00 - 17:30	Conference Registration Desk Open
8:30 - 9:00	Coffee Break
	In-depth Stream 1	In-depth Stream 2	Vendor Stream 1	Vendor Stream 2	Tutorial Track A
9:00 - 10:00	Chris Spencer (iDefense) - Professional Vulnerability Research and Analysis	Michael Sutton (ZSCALER) - Pulling the Plug: Security Risks in the Next Generation of Offline Web Applications	Mark Winter (inTechnology) - Computer Theft and Data Security for the Mobile Workforce	John Dubber (Radware) - Protecting your e-Business from Cyber Attacks in Real Time	Deviant Ollam (deviating.net) - Lock Picking - class instance 1 - SESSION FULL
10:00 - 11:00	Roger Dingledine (The Tor Project) - Tor and censorship: lessons learned	Matt Jonkman (The Open Information Security Foundation) - Suricata and the Open Information Security Foundation(OISF)	Glynn Stokes (Trend Micro) - Trend Micro is Security that Fits: in a Virtual World	Anthony Farr (Blue Coat Systems) - Web Security - Adapt to Survive
10:55 - 11:30	Morning Break Book signing opposite Registration Desk: Raffael Marty
11:30 - 12:30	Joe Stewart (SecureWorks) - BlackEnergy 2 Revealed	Max Kilger (The HoneyNet Project) - The Role and Function of Social Networks in the Russian Malware Community		Jeat Shyan Wong (TalariaX) - Beef-Up your security with mobile technologies: An insight for all IT professionals	Deviant Ollam (deviating.net) - Lock Picking - class instance 2 - SESSION FULL
12:30 - 13:30	Jason Milletary (SecureWorks) - The Torpig Trojan: Lessons Learned From Five Years In The Trenches	Richard Beach (InLand Revenue - NZ Government) - Training Your Pigs to Dance on a Shoestring - How to Run a Security Awareness Programme		Colin Bradley (Cisco) - What is a "Security Group Tag" (SGT) and how will it improve identity controls in my network?
13:25- 14:30	Lunch Break
14:30 - 15:15	Closing Address: John Stewart (Vice President and Chief Security Officer - Cisco)
15:15 - 15:30	Coffee Break
15:30 - 16:45	Panel session: Chair: Adam Spencer; Panel: Max Kilger, Scott McIntyre, Marcus J. Ranum, Roger Dingledine, Alastair MacGibbon, Paul Gampe, Tim Redhead & Frank Stajano - Speed-debating: Topics in information security
16:45 - 16:55	Closing Remarks:AusCERT - Farewell speech

Day Four: Thursday 20/05/2010 (Tutorial Day 1)
Time	Track 1	Track 2	Executive Program
9:00 - 10:30	Michael Cohen & Bradley Schatz (Australian Federal Police and Schatz Forensic) - Windows volatile memory forensics for incident response - SESSION FULL	Justin Searle (InGuardians) - Assessing and Exploiting Web Applications with Samurai-WTF - SESSION FULL	Whitfield Diffie Dr Nick Tate Professor Danny Smith Bob Maley (various organisations) - AusCERT2010 Executive Program
10:30 - 10:50	Morning Break
10:50 - 12:30	Michael Cohen & Bradley Schatz (Australian Federal Police and Schatz Forensic) - Windows volatile memory forensics for incident response - SESSION FULL	Justin Searle (InGuardians) - Assessing and Exploiting Web Applications with Samurai-WTF - SESSION FULL
12:30 - 13:30	Lunch Break		Executive Lunch
13:30 - 15:00	Michael Cohen & Bradley Schatz (Australian Federal Police and Schatz Forensic) - Windows volatile memory forensics for incident response - SESSION FULL	Justin Searle (InGuardians) - Assessing and Exploiting Web Applications with Samurai-WTF - SESSION FULL
15:00 - 15:20	Afternoon Break
15:20 - 17:00	Michael Cohen & Bradley Schatz (Australian Federal Police and Schatz Forensic) - Windows volatile memory forensics for incident response - SESSION FULL	Justin Searle (InGuardians) - Assessing and Exploiting Web Applications with Samurai-WTF - SESSION FULL

Day Four: Thursday 20/05/2010 (Tutorial Day 1 ctd)
Time	Track 3	Track 4
9:00 - 10:30	Guy Peterson & Alan Fraser & Mick Grover (BOARTES Consulting and Booz & Company) - Enterprise Resilience through effective Business Continuity Management	Mark Goudie & Chris Novak (Verizon Business) - Incident Response tutorial - SESSION FULL
10:30 - 10:50	Morning Break
10:50 - 12:30	Guy Peterson & Alan Fraser & Mick Grover (BOARTES Consulting and Booz & Company) - Enterprise Resilience through effective Business Continuity Management	Mark Goudie & Chris Novak (Verizon Business) - Incident Response tutorial - SESSION FULL
12:30 - 13:30	Lunch Break
13:30 - 15:00	Guy Peterson & Alan Fraser & Mick Grover (BOARTES Consulting and Booz & Company) - Enterprise Resilience through effective Business Continuity Management	Mark Goudie & Chris Novak (Verizon Business) - Incident Response tutorial - SESSION FULL
15:00 - 15:20	Afternoon break
15:20 - 17:00	Guy Peterson & Alan Fraser & Mick Grover (BOARTES Consulting and Booz & Company) - Enterprise Resilience through effective Business Continuity Management	Mark Goudie & Chris Novak (Verizon Business) - Incident Response tutorial - SESSION FULL

Day Five: Friday 21/05/2010 (Tutorial Day 2)
Time	Track 1	Track 2
9:00 - 10:30	Room reserved for a closed event	Raffael Marty (Loggly) - Applied Security Visualization - SESSION FULL
10:30 - 10:50	Morning Break
10:50 - 12:30	Room reserved for a closed event	Raffael Marty (Loggly) - Applied Security Visualization - SESSION FULL
12:30 - 13:30	Lunch Break
13:30 - 15:00	Room reserved for a closed event	Raffael Marty (Loggly) - Applied Security Visualization - SESSION FULL
15:00 - 15:20	Afternoon Break
15:20 - 17:00	Room reserved for a closed event	Raffael Marty (Loggly) - Applied Security Visualization - SESSION FULL

Day Five: Friday 21/05/2010 (Tutorials D - track 3 & 4)
Time	Track 3	Track 4
9:00 - 10:30	Daniel Grzelak & Paul Theraault (stratsec) - Cryptography is hard - SESSION FULL	Tim Rosenberg (White Wolf Security) - Capture the Flag
10:30 - 10:50	Morning Break
10:50 - 12:30	Daniel Grzelak & Paul Theraault (stratsec) - Cryptography is hard - SESSION FULL	Tim Rosenberg (White Wolf Security) - Capture the Flag
12:30 - 13:30	Lunch Break
13:30 - 15:00		Tim Rosenberg (White Wolf Security) - Capture the Flag
15:00 - 15:20	Afternoon Break
15:20 - 17:00		Tim Rosenberg (White Wolf Security) - Capture the Flag

feedback
	© AusCERT 2013
	Email: webmaster@auscert.org.au
	Web URL: http://conference.auscert.org.au
	Maintained by: ITS - University of Queensland
	Last Updated - 20 June, 2013