Conference

8th CERT workshop - Part I

ENISA 8th annual workshop 'CERTs in Europe' - Part I is an opportunity to provide EU national/governamental CERT teams technical specialists hands-on training, and additionally to offer a chance to exchange contacts. Participants get to know and meet again other CERT team members, and share their opinions about best practices and experiences. The workshop is for the EU national/governmental CERT teams free of charge, by invitation only, and is hosted by Agency ARNIEC/RoEduNet, the national research and education network in Romania (www.nren.ro).

Time
May 21, 2013 09:00 to May 22, 2013 17:00
Place
Bucharest,, Romania
Contact name
Lauri Palkmets
Contact phone
+306951782269
Add to calendar
Add to iCal, Add to vCal

Warning: past event.

ENISA 8th annual workshop 'CERTs in Europe' - Part I will be held on 21 & 22 May 2013 in Bucharest, Romania, at the Hotel Radisson Blu in Bucharest City Centre. The meeting will be co-located with the 39th TF-CSIRT meeting.

The first day of workshop will contain ENISA CERT exercises available here and on the second day Team Cymru will provide a training specifically tailored for CERT community.

Workshop agenda:

Agenda Day 1

Agenda day 1 group A (21 May 2013)
09:00 - 09:30 Registration of participants and coffee break
09:30 - 09:45 Opening from ENISA (Andrea Dufkova, Lauri Palkmets, Cosmin Ciobanu)
09:45 - 10:00 Splitting into 2 groups
10:00 - 12:00 Incident handling during an attack on Critical Information Infrastructure
12:00 - 12:30 CloudCERT and SCADA Lab
12:30 - 14:00 Lunch
14:00 – 14.45 Incident handling during an attack on Critical Information Infrastructure (discussion)
14:45 – 15.30 Mobile threats incident handling
15:30 - 16:00 Coffee break
16:00 - 17:00 n/g CERTs topics - round table discussion (moderator: Andrea Dufkova)
17:00 - 17:10 Closing remarks for the day
Agenda day 1 group B (21 May 2013)
09:00 - 09:30 Registration of participants and coffee break
09:30 - 09:45 Opening from ENISA (Andrea Dufkova, Lauri Palkmets, Cosmin Ciobanu)
09:45 - 10:00 Splitting into 2 groups
10:00 - 12:30 Honeypots
12:30 - 14:00 Lunch
14:00 – 15.30 Honeypots
15:30 - 16:00 Coffee break
16:00 - 17:00 n/g CERTs topics - round table discussion (moderator: Andrea Dufkova)
17:00 - 17:10 Closing remarks for the day

Agenda Day 2

A day in the life of malware-example

Team Cymru will focus on understanding the operation and nature of malware by following the life cycle of a piece of malware from compromising a target machine and creation of a botnet, to the observation and identification of malware, its capture, extraction and subsequent analysis. In the analysis emphasis will be given to understand how the analysis can provide clues and information that can assist in tracking that botnet and eventual attribution.

Participants will engaged in the identification of the botnet through network based analysis, followed by extraction and analysis of malware using both static and dynamic processes. The exercises will be conducted on virtual machines.

Agenda day 2 group A (22 May 2013)
09:00 - 09:30 Registration of participants and coffee break
09:30 - 09:45 Opening from Team Cymru
09:45 - 10:00 Splitting into 2 groups
10:00 - 12:30 A day in the life of malware-example
12:30 - 14:00 Lunch
14:00 – 15.30 A day in the life of malware-example
15:30 - 16:00 Coffee break
16:00 - 17:00 A day in the life of malware-example
17:00 - 17:10 Closing remarks of the workshop (ENISA; Team Cymru)

Agenda day 2 group B (22 May 2013)
09:00 - 09:30 Registration of participants and coffee break
09:30 - 09:45 Opening from Team Cymru
09:45 - 10:00 Splitting into 2 groups
10:00 - 12:30 A day in the life of malware-example
12:30 - 14:00 Lunch
14:00 – 15.30 A day in the life of malware-example
15:30 - 16:00 Coffee break
16:00 - 17:00 A day in the life of malware-example
17:00 - 17:10 Closing remarks of the workshop (ENISA; Team Cymru)

Note: Agenda is provisional and subject to change

                    Team Cymru logo        enisa_small       

Location

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more