OWASP Göteborg & ISACA Väst: Forensics, February 28th 2013
Thursday, February 28, 2013 from 5:30 PM to 9:00 PM (CET)
San Francisco, California
London, United Kingdom
OWASP Göteborg and ISACA Väst proudly presents an evening dedicated to forensics. We are happy to announce that we have enlisted speakers from TeliaSonera (Morten Schiønning), Omegapoint (Rikard Bodforss) and Halmstad University (Mattias Weckstén). The event will be held in English.
It will be an evening when we all can learn what to do and what not to do when a security incident has occurred. We want to thank our sponsor Omegapoint for the food, drinks and venue. The seats are limited so please make sure to book your seat today!
Everyone is welcome to attend and register for the event - you need to be a member in OWASP Gothenburg or ISACA Sweden. It's easy to become a member; all you need to do is to add yourself to the OWASP mailing list or enroll as an ISACA member over at www.isaca.org
Abstracts / Bio
Morten Schiønning - TeliaSonera - Incidents and Forensics [ENGLISH]
As with most things in life, dealing with security incidents is something you need to prepare and train for. Once a security incident has been declared you will need to do a number of things simultaneously, an essential part of which is the gathering of evidence to the facts. There are lots of considerations to be made and usually a lot of people to lead and/or coordinate. Understanding the risks and the pit-falls, working disciplined, knowing the dos and don’ts and keeping a cool head may very well save the day. Even of you as an incident handler do not do the actual forensics, you need to know what happens, when and how, in order to make the best of the possibilities you have - as you are always at a disadvantage of the perpetrator.
I am a Senior Security Investigator at TeliaSonera CERT Coordination Centre, I have my offices in Copenhagen, but TS-CERT serve the entire TeliaSonera Group and fully owned companies in 17 countries. I have more than 25 years of experience in working with IT and 12 of those have been spent as a security professional. I have been half of that at DK*CERT, UNI-C, the CERT for the Danish education- and research network as well as the general public and the rest in various functions at TeliaSonera. I have also worked independently, doing forensics, for the Danish Police, several news media and as a specialist for the Danish Judicial system. I am a GIAC certified Forensics analyst and Incident Handler and do most of the ‘hands-on’ disciplines within IT and Mobile Forensics as well as penetration testing, security auditing and most, if not all other aspects of IT security and physical security. I am not and do not wish to be a public figure.
Rikard Bodforss - Omegapoint - Don't touch that system! [ENGLISH]
Understanding of how different acquisition methods affect the system is important when examining the collected evidence and can be critical if the case ends up in a court of law. Rikard will give a hands-on demonstration of forensic artifacts from different routine tasks. The demonstration will give a basic understanding of how delicate the system is and why some acquisition methods leave a bigger footprint than others.
Rikard Bodforss is a security advisor at Omegapoint in Gothenburg, Sweden. He has over twenty years of experience from the IT industry and most of that working with information- and IT-security. He has held positions as Global Perimeter Protection Manager and Head of Forensics within Volvo Group. Now he is working with clients from many different industries like; critical public utilities (SCADA security), banking, automotive, retail and trade. His area of expertise ranges from very technical security, like forensics, to information security governance. Rikard holds a CISSP and a CISA certification, and was awarded the ISACA Thomas Fitzgerald Award in 2009 for acheiving the highest score in the world on the CISA exam. He is a very popular speaker at national and international conferences and promises to deliver a talk you do not want to miss! You can follow him on Twitter @rbodforss and listen to him (in Swedish) at sakerhetspodcasten.se where he is a co-host.
Mattias Weckstén - Halmstad University - Entry level it-forensic training from an academic point of view [ENGLISH]
A short talk about the IT-forensic program at Halmstad university, our view of the IT-forensic investigator, courses and skills taught and the future of the trade. The talk will be concluded with an overview of a selection of previous and current thesis projects.
Mattias is adjunct in computer engineering with a specialization in it-forensics at Halmstad University. Teaching a multitude of technical aspects of the trade of manual digital forensics. Promoting it-forensic awareness through popular science in modern media.
17:30 Event starts with a light snack and drink. A word from our sponsor Omegapoint
18:00 Community update
18:10 Morten Schiønning (TeliaSonera) - Incidents and Forensics
18:55 Rikard Bodforss (Omegapoint) - Don't touch that system!
19:50 Mattias Weckstén (Halmstad University) - Entry level it-forensic training from an academic point of view
20:30 Beer, snacks and some serious security live chat
approx. 21:30 Event ends
The event entitles participants 2 CPE's
When & Where
Det lokala chaptret i Göteborg inom Open Web Application Security Project (OWASP)
Att bli medlem är enkelt och gratis - du behöver du bara gå med i mailinglistan.