
2011 PRESENTATIONS
The following presentations are available from the GFIRST 2011 Conference.
Tuesday, August 9, 10:30 a.m.-11:30 a.m.
- Breaking the Security Insanity Cycle
- Dr. Anup Ghosh, Founder and Chief Scientist, Invincea, Inc.
- IPv6 Is Here. Is Your Network Secure?
- Jeremy Duncan, IPv6 Senior Director, Command Information
- Visualizing Change-Over-Time to Support Digital Forensics
- Timothy R. Leschke, Senior Forensic Engineer, Mantech International
Tuesday, August 9, 1:00 p.m.-2:00 p.m.
- Combating the Database Insider Threat within the Federal Infrastructure
- Josh Shaul, CTO, Application Security
Tuesday, August 9, 2:30 p.m.-3:30 p.m.
- How Eco Risk Management Can Help Predict Risk for Critical Infrastructure Businesses
- Edward McPherson, Adjunct Professor, Kennesaw State University
- Al Decker, Co-Founder, EcoRisk Institute
- How to Stop Insider Attacks: Technical Demonstrations from the CERT Insider Threat Lab
- Dawn Cappelli, Technical Manager, CERT Program/SEI
- Joji Montelibano, Insider Threat Team Lead, CERT Program/SEI
- Infected! Using the Oregon SIRT Malware Toolkit to Safely Determine Source, Vector, and Duration of a
Malware Infection
- John Ritchie, Senior Security Analyst, State of Oregon Enterprise, Security Office
Wednesday, August 10, 10:30 a.m.-11:30 a.m.
- Using Threat Intelligence to Understand Cyber Ecosystem Risk
- Derek Gabbard, CEO, Lookingglass Cyber Solutions
Wednesday, August 10, 1:00 p.m.-2:00 p.m.
- Enabling Distributed Threat Analysis: Common Attack Patterns and Malicious Attributes
- Sean Barnum, Software Assurance Principal, MITRE
- Penny Chase, Program Manager, MITRE
- Real-World Security Scripting
- Chris Sanders, Senior Analyst, SPAWAR
- Jason Smith, Senior Analyst, SPAWAR
- Uber Data Source: Holy Grail or Final Fantasy?
- Josh Goldfarb, Freelance Security Analyst, Your Cyber Analyst LLC
Wednesday, August 10, 2:30 p.m.-3:30 p.m.
- Cyber Incident Management: A Process-Driven Approach with an Integrated, Train-in-Place, Cyber Drill and
Exercise Capability
- Christopher Fogle, Partner, Delta Risk LLC
- Brian Zaas, Director, Enterprise Solutions, Avineon, Inc.
- Enabling Distributed Event Management: Interoperability for Automated Response and
Prevention
- Sean Barnum, Software Assurance Principal, MITRE
- George Saylor, Security Consultant, G2, Inc.
- The Promise and Reality of SCAP Implementation
- Karl Brower, Senior Principal Systems Engineer, ManTech-Mission, Cyber and Technology Solutions
Wednesday, August 10, 2:30 p.m.-5:00 p.m.
- Sniper Forensics: One Shot, One Kill
- Christopher E. Pogue, Senior Security Analyst, Trustwave
Wednesday, August 10, 4:00 p.m.-5:00 p.m.
- Enabling Distributed Incident Management: Identifying, Responding, Reporting, and Coordinating at Scale and Speed
- Paul Cichonski, Information Technology Specialist, NIST
- Tom Millar, Chief of Communications, US-CERT
- Marcos Osorno, Knowledge Operations Research, JHU-APL
Thursday, August 11, 9:00 a.m.-10:00 a.m.
- A Framework for Evaluation of Network Traffic Analysis Tools
- Dr. Timothy J. Shimeall, Senior MTS, NetSA, CERT Program/SEI
- And Now for Something Completely Different - Influencing Threat Behavior
- Matthew Stern, Program Director, General Dynamics Advanced Information Systems
- The Evolution of Collective Intelligence
- Wes Young, Principal Security Engineer, Research and Education Networking Information Sharing and Analysis Center (REN-ISAC)
- Using Indicators of Compromise to Find Evil and Fight Crime
- Chris Bream, Manager, Mandiant
- David Ross, Technical Director, Mandiant
Thursday, August 11, 10:30 a.m.-11:30 a.m.
- Analysis Pipeline: Real-Time Flow Processing
- Daniel J. Ruef, Software Engineer, CERT Program/SEI
- Five Opportunities for Improvement in FISMA
- Antione Manson, Program Manager, Federal Network Security, National Cyber Security Division, Department of Homeland Security
- Situational Awareness as the Foundation of Cyber Security
- Michael Peterson, Lt Gen, USAF, Ret, Vice President, Strategic Initiatives, Apptis
Thursday, August 11, 1:00 p.m.-2:00 p.m.
- Carrier Based CyberSecurity Solutions for Internet Protection
- Michael Miller, Vice President, Federal Sector, Global Crossing
- Closed Network Design
- George Warnagiris, Network Analyst, CERT Program/SEI
Thursday, August 11, 2:30 p.m.-3:30 p.m.
- The Eye of the Beholder: Cyber Situational Awareness
- Vince Holtmann, System Engineer, General Dynamics Advanced Information Systems
- Trust, but Verify: Leveraging Active Directory to Secure and Audit Access to On-premise and Cloud-based UNIX,
Linux, and Mac Systems
- David McNeely, Senior Director, Product Management, Centrify, Corporation
Information Sharing Collaboration Demo