×

• Home
• Security Publications
• Alerts and Tips
• Related Resources
• About Us
• GFIRST

2011 PRESENTATIONS

The following presentations are available from the GFIRST 2011 Conference.

Tuesday, August 9, 10:30 a.m.-11:30 a.m.

• Breaking the Security Insanity Cycle
  • Dr. Anup Ghosh, Founder and Chief Scientist, Invincea, Inc.
• IPv6 Is Here. Is Your Network Secure?
  • Jeremy Duncan, IPv6 Senior Director, Command Information
• Visualizing Change-Over-Time to Support Digital Forensics
  • Timothy R. Leschke, Senior Forensic Engineer, Mantech International

Tuesday, August 9, 1:00 p.m.-2:00 p.m.

• Combating the Database Insider Threat within the Federal Infrastructure
  • Josh Shaul, CTO, Application Security

Tuesday, August 9, 2:30 p.m.-3:30 p.m.

• How Eco Risk Management Can Help Predict Risk for Critical Infrastructure Businesses
  • Edward McPherson, Adjunct Professor, Kennesaw State University
  • Al Decker, Co-Founder, EcoRisk Institute
• How to Stop Insider Attacks: Technical Demonstrations from the CERT Insider Threat Lab
  • Dawn Cappelli, Technical Manager, CERT Program/SEI
  • Joji Montelibano, Insider Threat Team Lead, CERT Program/SEI
• Infected! Using the Oregon SIRT Malware Toolkit to Safely Determine Source, Vector, and Duration of a Malware Infection
  • John Ritchie, Senior Security Analyst, State of Oregon Enterprise, Security Office

Wednesday, August 10, 10:30 a.m.-11:30 a.m.

• Using Threat Intelligence to Understand Cyber Ecosystem Risk
  • Derek Gabbard, CEO, Lookingglass Cyber Solutions

Wednesday, August 10, 1:00 p.m.-2:00 p.m.

• Enabling Distributed Threat Analysis: Common Attack Patterns and Malicious Attributes
  • Sean Barnum, Software Assurance Principal, MITRE
  • Penny Chase, Program Manager, MITRE
• Real-World Security Scripting
  • Chris Sanders, Senior Analyst, SPAWAR
  • Jason Smith, Senior Analyst, SPAWAR
• Uber Data Source: Holy Grail or Final Fantasy?
  • Josh Goldfarb, Freelance Security Analyst, Your Cyber Analyst LLC

Wednesday, August 10, 2:30 p.m.-3:30 p.m.

• Cyber Incident Management: A Process-Driven Approach with an Integrated, Train-in-Place, Cyber Drill and Exercise Capability
  • Christopher Fogle, Partner, Delta Risk LLC
  • Brian Zaas, Director, Enterprise Solutions, Avineon, Inc.
• Enabling Distributed Event Management: Interoperability for Automated Response and Prevention
  • Sean Barnum, Software Assurance Principal, MITRE
  • George Saylor, Security Consultant, G2, Inc.
• The Promise and Reality of SCAP Implementation
  • Karl Brower, Senior Principal Systems Engineer, ManTech-Mission, Cyber and Technology Solutions

Wednesday, August 10, 2:30 p.m.-5:00 p.m.

• Sniper Forensics: One Shot, One Kill
  • Christopher E. Pogue, Senior Security Analyst, Trustwave

Wednesday, August 10, 4:00 p.m.-5:00 p.m.

• Enabling Distributed Incident Management: Identifying, Responding, Reporting, and Coordinating at Scale and Speed
  • Paul Cichonski, Information Technology Specialist, NIST
    • Cichonski presentation
  • Tom Millar, Chief of Communications, US-CERT
    • Millar presentation
  • Marcos Osorno, Knowledge Operations Research, JHU-APL
    • Osorno presentation

Thursday, August 11, 9:00 a.m.-10:00 a.m.

• A Framework for Evaluation of Network Traffic Analysis Tools
  • Dr. Timothy J. Shimeall, Senior MTS, NetSA, CERT Program/SEI
• And Now for Something Completely Different - Influencing Threat Behavior
  • Matthew Stern, Program Director, General Dynamics Advanced Information Systems
• The Evolution of Collective Intelligence
  • Wes Young, Principal Security Engineer, Research and Education Networking Information Sharing and Analysis Center (REN-ISAC)
• Using Indicators of Compromise to Find Evil and Fight Crime
  • Chris Bream, Manager, Mandiant
  • David Ross, Technical Director, Mandiant

Thursday, August 11, 10:30 a.m.-11:30 a.m.

• Analysis Pipeline: Real-Time Flow Processing
  • Daniel J. Ruef, Software Engineer, CERT Program/SEI
• Five Opportunities for Improvement in FISMA
  • Antione Manson, Program Manager, Federal Network Security, National Cyber Security Division, Department of Homeland Security
• Situational Awareness as the Foundation of Cyber Security
  • Michael Peterson, Lt Gen, USAF, Ret, Vice President, Strategic Initiatives, Apptis

Thursday, August 11, 1:00 p.m.-2:00 p.m.

• Carrier Based CyberSecurity Solutions for Internet Protection
  • Michael Miller, Vice President, Federal Sector, Global Crossing
• Closed Network Design
  • George Warnagiris, Network Analyst, CERT Program/SEI

Thursday, August 11, 2:30 p.m.-3:30 p.m.

• The Eye of the Beholder: Cyber Situational Awareness
  • Vince Holtmann, System Engineer, General Dynamics Advanced Information Systems
• Trust, but Verify: Leveraging Active Directory to Secure and Audit Access to On-premise and Cloud-based UNIX, Linux, and Mac Systems
  • David McNeely, Senior Director, Product Management, Centrify, Corporation

Information Sharing Collaboration Demo

• CSIRT Coordination Model
• CSIRT Coordinated Incident Management
• CSIRT Coordinated Incident Management Timeline

I Want To

• Report an incident
• Report a software vulnerability
• Report phishing

Subscribe to Alerts

Receive security alerts, tips, and other updates.

Mailing Lists and Feeds

• Mailing Lists and Feeds

Contact Us

• (888) 282-0870
• Send us email
• Download PGP/GPG keys