Program 2025

tir. 07. okt.

9:00 - 14:00
5 timer
Workshop: Hands-On Investigation of Malware Delivery
Sopra Steria, Posthuset
9:00 - 16:00
7 timer
Incident Response Manager Training
mnemonic, Henrik Ibsens Gt 100

ons. 08. okt.

9:00 - 9:30
30 minutter
Registration and Coffee
Eldorado Hub, Torggata 9B
9:30 - 9:45
15 minutter
Welcome Remarks
9:45 - 10:15
30 minutter
TBD | Jørgen Bøhnsdalen, Helse- Og KommuneCERT
10:15 - 10:30
15 minutter
Break
10:30 - 11:00
30 minutter
Exploiting Adversary Infrastructure | Martin Öberg, Visma
11:00 - 11:15
15 minutter
Break
11:15 - 11:45
30 minutter
Threat Hunting for Beginners | Ågot Stornes, NAV
11:45 - 12:45
1 time
Lunch
12:45 - 13:15
30 minutter
Tracking the Adversaries in the Middle | Magnus Refsnes, mnemonic
13:15 - 13:30
15 minutter
Break
13:30 - 14:00
30 minutter
CEO Fraud - Playing along with the Bad Guys | Linn Kristin Klausen, DNB
14:00 - 14:15
15 minutter
Break
14:15 - 14:45
30 minutter
Lessons in Modern Resilience: Closing the Gaps We Didn’t See | Petter B. Bjørklund & Sivert S. Lund, Norges Bank
14:45 - 15:00
15 minutter
Break
15:00 - 15:45
45 minutter
Confusing and (Somewhat) Amusing – Red Ishtar’s Ever Evolving TTPs Over Multiple Years | Jono Davis, PwC
15:45 - 16:00
15 minutter
Closing Remarks

tor. 09. okt.

9:00 - 9:30
30 minutter
Registration and Coffee
Eldorado Hub, Torggata 9B
9:30 - 9:45
15 minutter
Welcome Remarks
9:45 - 10:15
30 minutter
The Curious Case of the Storage Spoofing | Jesse Voet, LyondellBasell
10:15 - 10:30
15 minutter
Break
10:30 - 11:15
45 minutter
Stop Hitting Yourself: Turning Evasion Techniques Against Malware
11:15 - 11:30
15 minutter
Break
11:30 - 12:00
30 minutter
APT Defense Without Illusions: Good Practices, Bad Habits, and How to Fix Them | Raymond Hagen, Digdir
12:00 - 13:00
1 time
Lunch
13:00 - 13:45
45 minutter
Who did it? Getting started with Threat Actor Profiling | Marthe R. Rogndokken, Sopra Steria
13:45 - 14:00
15 minutter
Break
14:00 - 14:30
30 minutter
We need the factory up by Sunday! | Håkon Prestvik, Defendable
14:30 - 14:45
15 minutter
Break
14:45 - 15:30
45 minutter
Analyzing a Nation-State Linux Rootkit: Inside the DPRK's Latest Malware | Craig H. Rowland, Sandfly
15:30 - 15:45
15 minutter
Closing Remarks

Program 2025

tir. 07. okt.

Workshop: Hands-On Investigation of Malware Delivery

Incident Response Manager Training

ons. 08. okt.

Registration and Coffee

Welcome Remarks

TBD | Jørgen Bøhnsdalen, Helse- Og KommuneCERT

Break

Exploiting Adversary Infrastructure | Martin Öberg, Visma

Break

Threat Hunting for Beginners | Ågot Stornes, NAV

Lunch

Tracking the Adversaries in the Middle | Magnus Refsnes, mnemonic

Break

CEO Fraud - Playing along with the Bad Guys | Linn Kristin Klausen, DNB

Break

Lessons in Modern Resilience: Closing the Gaps We Didn’t See | Petter B. Bjørklund & Sivert S. Lund, Norges Bank

Break

Confusing and (Somewhat) Amusing – Red Ishtar’s Ever Evolving TTPs Over Multiple Years | Jono Davis, PwC

Closing Remarks

tor. 09. okt.

Registration and Coffee

Welcome Remarks

The Curious Case of the Storage Spoofing | Jesse Voet, LyondellBasell

Break

Stop Hitting Yourself: Turning Evasion Techniques Against Malware

Break

APT Defense Without Illusions: Good Practices, Bad Habits, and How to Fix Them | Raymond Hagen, Digdir

Lunch

Who did it? Getting started with Threat Actor Profiling | Marthe R. Rogndokken, Sopra Steria

Break

We need the factory up by Sunday! | Håkon Prestvik, Defendable

Break

Analyzing a Nation-State Linux Rootkit: Inside the DPRK's Latest Malware | Craig H. Rowland, Sandfly

Closing Remarks

FIRST Norway

oslo-tc@first.org

About FIRST Norway

FIRST

Forum of Incident Response and Security Teams

first-sec@first.org

About FIRST

Shortcuts