Sunday, October 12

5:00pm - 8:00pm

Early Registration

Monday, October 13

8:30am - 9:30am

Welcome and Keynote Address

Steve Shirley, Department of Defense Cyber Crime Center

9:30am - 10:30am

Expert Briefing: The Forensic and IR Counterinsurgency Field Manual - Rob Lee, SANS/Mandiant

10:30am - 10:45am

Break

10:45am - 12:15pm

Expert Briefing: Upping the "Anti": Using Memory Analysis to Fight Malware - Aaron Walters, Volatile Systems

12:15pm - 1:15pm

Lunch

1:15pm - 2:15pm

IR/Forensic Team Tactics Panel - The best incident response and forensic techniques while responding to a data breach - Cory Altheide/Harlan Carvey, IBM ISS; Kris Harms/Ken Bradley, Mandiant; Chris Novak/Stan Kang, Verizon Cybertrust; Mike Poor/Tom Liston, Intelguardians

2:15pm - 2:50pm

Expert Briefing: iPhone Forensics - Steve Whalen, Forward Discovery

2:50pm - 3:05pm

Break

3:05pm - 4:00pm

Government and Defense Industrial Branch Panel - Successful strategies in responding and mitigating enterprise level intrusion investigations - Government, Department of Defense, Law Enforcement, and Defense Industrial Branch representatives - Ovie Carroll, DOJ; Monty McDougal, Raytheon; George Bakos, Northrop Grumman; Michael Cloppert, Lockheed Martin; Jennifer Kolde, FBI; Kevin Rivera, DC3; Henri Vangoethem, Mantech

4:00pm - 5:00pm

Solution Provider and Vendor Panel: Demonstrations of the latest enterprise and host incident response and forensic tools to combat sophisticated threats

5:00pm - 8:00pm

Vendor Hospitality Suites

Tuesday, October 14

8:30am - 9:30am

Welcome and Keynote Address

Richard Bejtlich, Director of Incident Response, General Electric
Incident Response: Speaking Truth to Power
Are incident responders part of the problem, part of the solution, or somewhere in between? Are we doing what we can, or what we must? Do we make a difference?

9:30am - 10:30am

Expert Briefing: "Slaying the Red Dragon: Countering the China Cyber Threat" - Ken Bradley/Wendi Rafferty, Mandiant

10:30am - 10:45am

Break

10:45am - 11:15am

Expert Briefing: Law Enforcement Trends and the Future of Computer Forensics and Incident Response - Ovie Carroll, DOJ

11:15am - 12:15pm

IR/Forensic Team Strategy Panel - Incidents Gone Wrong! How can you prepare better for potential compromise? Case studies of organizational best/worst practices - Cory Altheide/Harlan Carvey, IBM ISS; Kris Harms/Ken Bradley, Mandiant; Chris Novak/Stan Kang, Verizon Cybertrust; Mike Poor/Tom Liston, Intelguardians; Brett Padres, Stroz Friedberg LLC

12:15pm - 1:15pm

Lunch

1:15pm - 2:05pm

Expert Briefing: "Applying Security Intelligence to Drive Incident-Handling" - Bryan Sartin, Verizon Cybertrust

2:05pm - 2:50pm

Expert Briefing: Using the Home Advantage: Combating Anti-Forensics and Linkage Blindness - Eoghan Casey, Handbook of Computer Crime Investigation, Johns Hopkins University Information Security Institute

2:50pm - 3:05pm

Break

3:05pm - 4:00pm

Secrets of Registry Analysis Revealed - Harlan Carvey, IBM ISS, author of Windows Forensic Analysis

4:00pm - 5:00pm

Vendor Panel: Tools Shootout. Vendors discuss and compare capabilities to investigate and analyze enterprise threats in an open forum where audience participation leads the discussion.