As a follow up to our previous post, the agenda for the S4 Incident Responder and Researcher Conference, being held at OpenDNS HQ on September 18th, 2014, is now finalized.

Training Sessions


Time Title Presenter
8:00 Breakfast and coffee (first talk 9AM SHARP!) n/a
9:00 – 11:00 Malware Analysis for Incident Responders Lenny ZeltserThe SANS Institute
11:00 – 13:00 Using Bro* Anthony KaszaOpenDNS
13:00 – 15:00 Using Moloch Scott Floyd, Salesforce
15:00 – 17:00 IR 2.0 : Elastic Search, Logstash, Kibana (ELK) The folks at Elastic Search


Note: Lunch will be provided and available during the Bro session.


Evening Talks


Time Title Presenter
17:00 – 17:20 Measuring the IQ of your Threat Intelligence Feeds Alex PintoMLSec Project
17:30 – 17:50 FastResponder: New Open Source weapon to detect and understand a large scale compromise Sébastien LarinierGuillaume Arcas, and Olivier Zheng, Sekoia
18:00 – 18:20 Threat intelligence for Incident Responders Sam LilesCyberforensics Laboratory at Purdue
18:30 – 18:50 Building Your Own DFIR Sidekick Scott J RobertsGitHub
19:00 – 19:20 GRR and Rekall: State of the Union Elizabeth Schweinsberg and Kristinn Gudjonsson, Google
19:30 – 22:00 Networking, drinks, and conversation n/a


S4 Incident Responder and Researcher Conference Details


Who: Incident Responders, Security Researchers, Security Analysts
What: S4 (San Francisco Security Series): Incident Responder and Researcher Conference
When: September 18, 2014 (registration starts at 8:30 AM. First training at 9:00AM)
Where: OpenDNS HQ, 135 Bluxome St., San Francisco, CA 94107
Price: Free
Food and Drinks: Provided
Free and reliable WiFi: Provided
Event Hashtag: #s4con
OpenDNS Twitter Account:


Please reserve soon as space is limited. Again, the registration link can be found here:

We look forward to seeing you!

This post is categorized in: