Reference: TaoSecurity News

I started speaking publicly about digital security in 2000. I used to provide this information on my Web site, but since I don’t keep that page up-to-date anymore, I decided to publish it here.

• 2017

• * Mr. Bejtlich led a podcast titled Threat Hunting: Past, Present, and Future, in early July 2017. He interviewed four of the original six GE-CIRT incident handlers. The audio is posted on [YouTube](<https://www.youtube.com/watch?v=t5Gt-8uBK1A>). Thank you to [Sqrrl](<http://info.sqrrl.com/threat-hunting-past-present-future>) for making the reunion possible.
  

  • Mr. Bejtlich’s latest book was inducted into the Cybersecurity Canon.
  • Mr. Bejtlich is doing limited security consulting. See this blog post for details.
• 2016

• * Mr. Bejtlich organized and hosted the Management track (now "Executive track") at the 7th annual Mandiant MIRCon (now "FireEye Cyber Defense Summit") on 29-30 November 2016.
  

  • Mr. Bejtlich delivered the keynote to the 2016 Air Force Senior Leaders Orientation Conference at Joint Base Andrews on 29 July 2016.
  • Mr. Bejtlich delivered the keynote to the FireEye Cyber Defense Live Tokyo event in Tokyo on 12 July 2016.
  • Mr. Bejtlich delivered the keynote to the New Zealand Cyber Security Summit in Auckland on 6 May 2016.
  • Mr. Bejtlich delivered the keynote to the Lexpo Summit in Amsterdam on 21 April 2016. Video posted here.
  • Mr. Bejtlich discussed cyber security campaigns at the 2016 War Studies Cumberland Lodge Conference near London on 30 March 2016.
  • Mr. Bejtlich offered a guest lecture to the Wilson Center Congressional Cybersecurity Lab on 5 February 2016.
  • Mr. Bejtlich delivered the keynote to the SANS Cyber Threat Intelligence Summit on 4 February 2016. Slides and video available.
• 2015

• * Mr. Bejtlich spoke on a panel at the DefenseOne Summit on 2 November 2015.
  

  • Mr. Bejtlich spoke on a panel at the AEI Internet Strategy event on 27 October 2015.
  • Mr. Bejtlich organized and hosted the Management track at the 6th annual Mandiant MIRCon on 13-14 October 2015.
  • Mr. Bejtlich testified to the House Foreign Affairs Committee on 7 October 2015.
  • Mr. Bejtlich testified to the House Armed Services Committee on 30 September 2015.
  • Mr. Bejtlich delivered a keynote at the 2015 Army Cyber Institute Cyber Talks on 22 September 2015 in Washington, DC.
  • Mr. Bejtlich delivered a keynote at the 2015 Security Onion Conference on 11 September 2015 in Augusta, GA.
  • Mr. Bejtlich delivered a keynote at the 2015 World Services Group Conference on 10 September 2015 in New York, NY.
  • Mr. Bejtlich delivered a keynote at the CoBank 2015 Communications Industry Executive Forum on 19 August 2015 in Colorado Springs, CO.
  • Mr. Bejtlich delivered a keynote at the Black Hat USA 2015 CISO Summit on 4 August 2015 in Las Vegas, NV.
  • Mr. Bejtlich participated in an panel hosted by AEI on 22 July 2015, with video.
  • Mr. Bejtlich spoke on a panel at the Chatham House Cyber 2015 event, 2-3 July 2015 in London, UK.
  • Mr. Bejtlich participated in a panel hosted by the National Journal on 24 June 2015.
  • Mr. Bejtlich testified to the House Committee on Financial Services Subcommittee on Oversight and Investigations on 16 June 2015.
  • Mr. Bejtlich spoke on a panel at the Cyber Summit USA on 3 June 2015.
  • Mr. Bejtlich testified to the House Permanent Select Committee on Intelligence on 19 March 2015.
  • Mr. Bejtlich testified to the House Oversight and Government Reform Subcommittee on Information Technology on 18 March 2015.
  • Mr. Bejtlich testified to the House Energy and Commerce Committee on 3 March 2015.
  • Mr. Bejtlich spoke on a panel at the Washington Business Journal cyber conference on 26 February 2015.
  • Mr. Bejtlich spoke on a panel at the Wall Street Journal CIO Network conference on 3 February 2015.
  • Mr. Bejtlich testified to the Senate Committee on Homeland Security and Government Affairs on 28 January 2015.
• 2014

• * Mr. Bejtlich taught [Network Security Monitoring 101](<https://www.blackhat.com/tr-14/training/network-security-monitoring-101.html>) at [Black hat Trainings 2014](<https://www.blackhat.com/tr-14/>): 8-9 December 2014 / Potomac, MD.
  

  • Mr. Bejtlich organized and hosted the Management track at the 5th annual Mandiant MIRCon on 8-9 October 2014.
  • Mr. Bejtlich delivered the keynote address at the inaugural Security Onion conference on 12 September 2014 in Augusta, GA.
  • Mr. Bejtlich delivered the keynote address (video) at the inaugural ArchC0n conference on 6 September 2014 in St Louis, MO.
  • Mr. Bejtlich taught Network Security Monitoring 101 at Black Hat USA 2014: 4-5 August 2014 / Las Vegas, NV.
  • Mr. Bejtlich spoke at the US Cyber Crime Conference on 29 April 2014. Video online at Youtube.
  • Mr. Bejtlich recorded a Webcast titled Defining and Justifying an Advanced Security Program for FireEye on 17 March 2014.
  • Mr. Bejtlich participated in a podcast titled Ukraine Crisis, Target Breach, and Edward Snowden: What’s Next for U.S. Cyber Policy? for the Brookings Institution on 13 March 2014.
  • Mr. Bejtlich participated on a panel hosted by the Center for National Policy on Building a cybersecurity roadmap: A Monitor, Center for National Policy seminar on 12 February 2014.
  • Mr. Bejtlich spoke about digital security at the Boston Infragard quarterly meeting on 11 February 2014.
  • Mr. Bejtlich delivered a lecture on digital security at West Point on 15 January 2014.
  • Mr. Bejtlich spoke about digital security at seminars supporting the DoD Minerva Initiative at MIT and Harvard Kennedy School on 7-8 January 2014.
• 2013

• * Mr. Bejtlich taught [Network Security Monitoring 101](<https://www.blackhat.com/wc-13/training/Network-Security-Monitoring-101.html>) at [Black Hat Seattle 2013](<https://www.blackhat.com/wc-13/>): 9-10 December 2013 / Seattle, WA.
  

  • Mr. Bejtlich offered a guest lecture on digital security at George Washington University on 23 November 2013.
  • Mr. Bejtlich spoke about digital security at the Mid-Atlantic CIO Council on 21 November 2013.
  • Mr. Bejtlich was a panelist at the Brookings Institute on 19 November 2013.
  • Mr. Bejtlich offered several guest lectures on digital security at the Massachusetts Institute of Technology on 18 November 2013.
  • Mr. Bejtlich was a panelist at the Atlantic Council on 15 November 2013.
  • Mr. Bejtlich organized and hosted the Management track at the 4th annual Mandiant MIRCon on 5-6 November 2013.
  • Mr. Bejtlich was a panelist at the Free Thinking Film Festival on 2 November 2013.
  • Mr. Bejtlich offered the keynote at the Cyber Ark user conference on 30 October 2013.
  • Mr. Bejtlich was a panelist at the Indiana University Center for Applied Cybersecurity Research on 21 October 2013.
  • Mr. Bejtlich spoke at the national ISSA conference on 10 October 2013.
  • Mr. Bejtlich was a panelist at the Politico Cyber 7 event on 8 October 2013.
  • Mr. Bejtlich offered the keynote at the BSides August 2013 conference on 14 September 2013.
  • Mr. Bejtlich taught Network Security Monitoring 101 at Black Hat USA 2013: 27-28 and 29-30 July 2013 / Las Vegas, NV.
  • Mr. Bejtlich was a panelist at the Chatham House Cyber Security Conference in London, England on 10 June 2013.
  • Mr. Bejtlich appeared in the documentary Hacked, first available 7 June 2013.
  • Mr. Bejtlich was interviewed at the Center for National Policy, with video archived, on 15 May 2013.
  • Mr. Bejtlich delivered a keynote at the IT Web Security Summit in Johannesburg, South Africa on 8 May 2013.
  • Mr. Bejtlich was a panelist at The George Washington University and US News & World Report Cybersecurity Conference on 26 April 2013.
  • Mr. Bejtlich testified to the House Committee on Foreign Affairs on 21 March 2013.
  • Mr. Bejtlich testified to the House Committee on Homeland Security on 20 March 2013.
  • Mr. Bejtlich testified to the Senate Armed Services Committee on 19 March 2013.
  • Mr. Bejtlich shared his thoughts on the APT1 report with the Federalist Society on 12 March 2013. The conference call was recorded as Cybersecurity And the Chinese Hacker Problem - Podcast.
• 2012

• * Mr. Bejtlich taught [TCP/IP Weapons School 3.0](<http://www.blackhat.com/ad-12/training/tcp-ip-weapons-school-3.html>) at [Black Hat Abu Dhabi 2012](<http://www.blackhat.com/ad-12/>): 3-4 Dec / Abu Dhabi, UAE.
  

  • Mr. Bejtlich spoke at a Mandiant breakfast event in Calgary, AB on 28 Nov 2012.
  • Mr. Bejtlich spoke at AppSecUSA in Austin, TX on 26 Oct 2012. The talk Incident Response: Security After Compromise is posted as a video (42 min).
  • Mr. Bejtlich organized and hosted the Management track at the 3rd annual Mandiant MIRCon on 17-18 October 2012.
  • Mr. Bejtlich spoke at a SANS event in Baltimore, MD on 5 Oct 2012.
  • Mr. Bejtlich spoke at a Mandiant breakfast event in Dallas, TX on 13 Sep 2012.
  • Mr. Bejtlich taught TCP/IP Weapons School 3.0 at Black Hat USA 2012: 21-22 and 23-24 Jul / Las Vegas, NV.
  • Mr. Bejtlich taught a compressed version of TCP/IP Weapons School 3.0 at a U.S. Cyber Challenge Summer Camp in Ballston, VA on 28 Jun 2012.
  • Mr. Bejtlich participated on a panel titled Hackers vs Executives at the Forrester conference in Las Vegas on 25 May 2012.
  • Mr. Bejtlich spoke at the Cyber Security for Executive Leadership: What Every CEO Should Know event in Raleigh, NC on 11 May 2012.
  • Mr. Bejtlich participated on a panel titled SEC Cyber Security Guidelines: A New Basis for D&O Exposure? at the 8th Annual National Directors & Officers Insurance ExecuSummit in Uncasville, CT on 8 May 2012.
  • Mr. Bejtlich delivered the keynote to the 2012 National Cyber Crime Conference in Norwood, MA on 30 Apr 2012.
  • Mr. Bejtlich spoke at the FOSE conference on a panel discussing new attacks on 4 Apr 2012.
  • Mr. Bejtlich testified to the US-China Economic and Security Review Commission on 26 Mar 2012.
  • Mr. Bejtlich spoke at the Air Force Association CyberFutures conference (audio mp3) on 23 Mar 2012.
  • Mr. Bejtlich delivered the keynote to the IANS Research Mid-Atlantic conference on 21 Mar 2012.
  • Mr. Bejtlich spoke at a Mandiant breakfast event with Secretary Michael Chertoff in New York, NY on 15 Mar 2012.
  • Mr. Bejtlich spoke to the Augusta, GA ISSA chapter on 8 Mar 2012.
  • Mr. Bejtlich participated on a panel about digital threats at the RSA Executive Security Action Forum on 27 Feb 2012.
  • Mr. Bejtlich spoke at a Mandiant breakfast event with Gen (ret.) Michael Hayden in Washington, DC on 22 Feb 2012.
  • Mr. Bejtlich spoke at the ShmooCon Epilogue conference on 30 Jan 2012.
  • Mr. Bejtlich spoke at a Mandiant breakfast event with Secretary Michael Chertoff in Houston, TX on 12 Jan 2012.
• 2011

• * Mr. Bejtlich taught [ TCP/IP Weapons School 3.0](<https://www.blackhat.com/html/bh-ad-11/training/bh-ad-11-training_TS-tcpip.html>) at [Black Hat Abu Dhabi 2011](<http://www.blackhat.com/html/bh-ad-11/bh-ad-11-home.html>): 12-13 Dec / Abu Dhabi, UAE.
  

  • Mr. Bejtlich organized and hosted the Management track at the 2nd annual Mandiant MIRCon on 5-6 November 2011.
  • Mr. Bejtlich taught TCP/IP Weapons School 3.0, 26-27 Oct 2011 in McLean, VA.
  • Mr. Bejtlich offered the keynote at the HawaiianTel 2011 Business Security Conference on 7 Sep 2011 in Honolulu, HI.
  • Mr. Bejtlich participated in a panel titled Why Bad Breaches Happen To Good Companies on 25 Aug 2011.
  • Mr. Bejtlich taught TCP/IP Weapons School 3.0 at USENIX Security: 8-9 Aug / San Francisco, CA.
  • Mr. Bejtlich taught TCP/IP Weapons School 3.0 at Black Hat USA 2011: 30-31 Jul and 1-2 Aug / Las Vegas, NV.
  • Mr. Bejtlich participated in the Attacking Cyber Security Marketecture panel at BSidesSanFrancisco: 1100-1145 15 Feb / San Francisco, CA. Video available at Livestream with the talk starting at 12:35.
  • Mr. Bejtlich participated in a panel at the e10+ Experienced Security event at RSA Conference USA 2011: 0730-1200 14 Feb / San Francisco, CA.
  • Mr. Bejtlich presented “Cooking the Cuckoo’s Egg” at the DoJ Cybersecurity Conference: 1100-1145 08 Feb / Washington, DC.
  • Mr. Bejtlich presented Building a Fortune 5 CIRT Under Fire (twice) and participated in an APT panel at DoD Cybercrime: 26 Jan 2011 / Atlanta, GA.
  • Mr. Bejtlich taught TCP/IP Weapons School 3.0 at Black Hat DC 2011: 16-17 Jan 2011 / Arlington, VA.
• 2010

• * Mr. Bejtlich presented to the TechTarget Emerging Threats forum on 16 Nov 2010 / New York, NY.
  

  • Mr. Bejtlich participated in the MANDIANT MirCon Wrap-Up Webcast on 19 Oct 2010.
  • Mr. Bejtlich spoke on the Incident Response Dream Team Panel at the first annual Mandiant MIRCon, 12-13 Oct 2010 / Alexandria, VA.
  • Mr. Bejtlich offered a guest lecture on digital security at Loyola University Maryland on 11 Oct 2010.
  • Mr. Bejtlich presented to the TechTarget Emerging Threats forum on 28 Sep 2010 / Seattle, WA.
  • Mr. Bejtlich delivered the VizSec 2010 keynote on 14 Sep 2010, and then attended RAID 2010 15-17 Sep 2010 / Ottawa, Canada.
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat USA 2010: 24-25 and 26-27 Jul 2010 / Las Vegas, NV.
  • Mr. Bejtlich presented CIRT-Level Response to APT at
  • SANS WhatWorks in Incident Response and Forensic Solutions 2010: 8-9 Jul 2010 / Washington, DC
  • Mr. Bejtlich presented Building a Fortune 5 CIRT Under Fire at FIRST 2010 18 Jun 2010 / Miami, FL
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat Europe 2010: 12-13 Apr 2010 / Barcelona, Spain.
  • Mr. Bejtlich offered a guest lecture on digital security at Georgetown University on 22 March 2010.
  • Mr. Bejtlich offered a guest lecture on digital security at the United States Naval Academy on 2 March 2010.
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat DC 2010: 31 Jan - 1 Feb 2010 / Arlington, VA.
• 2009

• * Mr. Bejtlich organized and led the [SANS WhatWorks in Incident Detection Summit 2009](<http://www.sans.org/incident-detection-summit-2009/>), 9-10 Dec 09 / Washington, DC.
  

  • Mr. Bejtlich offered a keynote and participated in panels at DojoCon, 6-7 Nov 09 / MD
  • Mr. Bejtlich offered a keynote and class at the Information Security Summit, 29-30 Oct 09 / Corporate College East, Warrensville Heights, OH.
  • Mr. Bejtlich participated in a panel titled The Laws of Vulnerabilities at Black Hat USA 2009 on 29 July 2009.
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat USA 2009: 25-26 and 27-28 July 2009 / Caesars Palace, Las Vegas, NV.
  • Mr. Bejtlich delivered the keynote at the SANS WhatWorks Summit in Forensics and Incident Response 2009, 6-7 July 2009 / The Fairmont Washington, Washington, DC.
  • Mr. Bejtlich offered a guest lecture on digital security at the United States Air Force Academy on 1 May 2009.
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat Europe 2009 Training: 14-15 April 2009 / Moevenpick Hotel Amsterdam City Centre, Amsterdam, The Netherlands.
  • Mr. Bejtlich taught TCP/IP Weapons School 2.0 at Black Hat DC 2009 Training: 16-17 February 2009 / Hyatt Regency Crystal City, Arlington, VA.
  • Mr. Bejtlich presented Network Security Monitoring Using FreeBSD at DC BSDCon 2009, 6 February 2009 / Washington Marriott Wardman Park, Washington, DC.
• 2008

• * Mr. Bejtlich delivered the keynote at the [1st ACM Workshop on Network Data Anonymization](<http://www.ics.forth.gr/~antonat/nda08.html>) (NDA 2008), 31 October 2008 / Hilton Alexandria Mark Center, Alexandria, VA.
  

  • Mr. Bejtlich offered a guest lecture on digital security at Johns Hopkins University on 20 October 2008.
  • Mr. Bejtlich delivered the keynote on the second day of the SANS WhatWorks in Incident Response and Forensic Solutions Summit 2008, 13-14 October 2008 / Caesars Palace, Las Vegas, NV.
  • Mr. Bejtlich taught TCP/IP Weapons School at Black Hat USA 2008 Training: 2-3 and 4-5 August 2008 / Caesars Palace, Las Vegas, NV
  • Mr. Bejtlich provided the keynote ate Detection of Intrusions and Malware & Vulnerability Assessment: 10-11 July 2008 / France Telecom R&D / Orange Labs, Issy les Moulineaux, near Paris, France
  • Mr. Bejtlich taught Network Security Operations at TechnoSecurity 2008: 31 May 2008 / Myrtle Beach Marriott Resort, Myrtle Beach, SC
  • Mr. Bejtlich taught TCP/IP Weapons School at Black Hat DC 2008: 18-19 February 2008 / Westin Hotel, Washington, DC
• 2007

• * Mr. Bejtlich offered a guest lecture on digital security at George Mason University on 29 November 2007.
  

  • Network Security Operations: 27-29 August 2007 / public 3 day class / Chicago, IL
  • Mr. Bejtlich spoke to the Chicago Electronic Crimes Task Force and the Chicago Snort Users Group on 30 and 29 August 2007, respectively.
  • Mr. Bejtlich taught Network Security Operations on 21-23 August 2007 / Cincinnati, OH
  • Mr. Bejtlich taught TCP/IP Weapons School (layers 4-7) at USENIX Security 2007: 6-7 August 2007 / Boston, MA.
  • Mr. Bejtlich taught TCP/IP Weapons School at Black Hat USA 2007: 28-29 and 30-31 July 2007 / Caesars Palace, Las Vegas, NV.
  • USENIX 2007: 20-22 June 2007 / Network Security Monitoring and TCP/IP Weapons School (Layers 2-3) tutorials / Santa Clara, CA
  • Mr. Bejtlich briefed GFIRST 2007: 25-26 June 2007 / Network Incident Response and Forensics (two half-day tutorials) and Traditional IDS Should Be Dead conference presentation / Orlando, FL
  • Mr. Bejtlich taught TCP/IP Weapons School (Layers 2-3) and briefed Open Source Network Forensics at Techno Security 2007: 5-7 June 2007 / / Myrtle Beach, SC.
  • Mr. Bejtlich briefed Open Source Network Forensics at ISS World Spring 2007: 31 May 2007 / Washington, DC
  • Mr. Bejtlich briefed Network Incident Response and Forensics at AusCERT 2007: 23-24 May 2007 / Gold Coast, Australia.
  • Mr. Bejtlich taught Network Security Monitoring: 25 May 2007 / Sydney, Australia.
  • Mr. Bejtlich briefed at CONFIDENCE 2007: 13 May 2007 / Krakow, Poland.
  • Mr. Bejtlich briefed at ShmooCon: 24 March 2007 / Washington, DC; video here.
• 2006

• * Mr. Bejtlich presented a special two evening training class, [Enterprise Network Instrumentation](<http://www.sans.org/cdieast06/description.php?tid=453>), on 14-15 December 2006, at [SANS CDI East 2006](<http://www.sans.org/cdieast06/>). More details are posted [ here](<http://taosecurity.blogspot.com/2006/09/bejtlich-returns-for-sans-cdi-east.html>).
  

  • Mr. Bejtlich presented TCP/IP Weapons School Part 2 on 9-10 December 2006, after USENIX LISA in Washington, DC.
  • Mr. Bejtlich taught days one and two of TCP/IP Weapons School on 3 and 4 December 2006 at USENIX LISA in Washington, DC. He also taught Network Security Monitoring with Open Source Tools on 8 December 2006.
  • Mr. Bejtlich appeared on the Tenable Webinar at 1000 ET on Friday 17 November 2006.
  • Mr. Bejtlich participated in the DE Communications Inside Job Webinar at 11 ET on Thursday 9 November 2006.
  • Mr. Bejtlich spoke at the Net Optics Think Tank in Fairfax, VA on Tuesday, 26 September 2006 from 1215-1315.
  • Mr. Bejtlich spoke at the 2006 FFIEC Information Technology Conference in Arlington, VA on Wednesday, 23 August 2006 from 0830-1000.
  • Mr. Bejtlich taught TCP/IP Weapons School at USENIX Security 2006 in Vancouver, BC on 31 July and 1 August 2006.
  • Mr. Bejtlich spoke at the 2006 FIRST Conference in Baltimore, MD on Friday, 30 June 2006 from 1500 to 1530.
  • Mr. Bejtlich spoke at the 2006 Techno Security Conference in Myrtle Beach, SC on Tuesday, 6 June 2006. From 0800-0930 he presented Enterprise Network Instrumentation Fundamentals. From 1000-1200 he presented Enterprise Network Instrumentation: Advanced Topics. At 1530 he joined Ron Gula, Marcus Ranum, Ross Rogers, and Johnny Long for a security panel discussion.
  • Mr. Bejtlich taught a one day course on Network Security Monitoring with Open Source Tools at the USENIX 2006 Annual Technical Conference in Boston, MA on Friday, 2 June 2006.
  • Mr. Bejtlich offered a guest lecture at the University of Cambridge Computer Laboratory Security Group Seminar Series in Cambridge, UK, on Friday 19 May 2006 on network security monitoring.
  • Mr. Bejtlich spoke at the 2006 Computer and Enterprise Investigations Conference in Lake Las Vegas, NV on Thursday, 4 May 2006 from 1400-1530 on Network Forensics.
  • Mr. Bejtlich spoke at the US-CERT 2006 GFIRST Conference in Orlando, FL on Monday, 1 May 2006 from 1030-1200 on Network Incident Response.
  • Mr. Bejtlich spoke at the Network Security 2006 Conference in Reston, VA on Monday, 17 April 2006 from 1845 to 1945.
  • Mr. Bejtlich spoke at the 2006 Rocky Mountain Information Security Conference in Denver, CO on Wednesday, 5 April 2006 on Network Incident Response.
  • Mr. Bejtlich spoke at the RSA Conference 2006 in San Jose, CA on Tuesday, 14 February 2006 from 1735 to 1825. The subject was Traffic-Centric Incident Response and Forensics.
  • Mr. Bejtlich spoke at ShmooCon 2006 in Washington, DC on Saturday, 14 January 2006 at 1600. The subject was Network Security Monitoring with Sguil.
  • Mr. Bejtlich delivered presentations on network incident response and network forensics at the 2006 DoD Cybercrime Conference in Palm Harbor, FL on 11 January 2006.
• 2005

• * Mr. Bejtlich presented three full-day tutorials at [USENIX LISA 2005](<http://www.usenix.org/events/lisa05/>) in San Diego, CA, from 6-8 December 2005. He taught [network security monitoring](<http://www.usenix.org/events/lisa05/training/tutonefile.html#t1>), [incident response](<http://www.usenix.org/events/lisa05/training/tutonefile.html#W1>), and [forensics](<http://www.usenix.org/events/lisa05/training/tutonefile.html#R1>).
  

  • Mr. Bejtlich spoke at the Cisco Fall 2005 System Engineering Security Virtual Team Meeting in San Jose, CA on 10 October 2005.
  • Mr. Bejtlich spoke at the Net Optics Think Tank at the Hilton Santa Clara in Santa Clara, CA on 21 September 2005. He discussed network forensics, with a preview of material in his next book Real Digital Forensics.
  • Mr. Bejtlich taught network security monitoring to security analysts from the Pentagon with Special Ops Security on 23 and 24 August 2005 in Rosslyn, VA.
  • Mr. Bejtlich spoke at the InfraGard 2005 National Conference on 9 August 05 in Washington, DC on the basics of network forensics.
  • Mr. Bejtlich taught a one day course on network incident response, with his forensics book as the background material, at USENIX Security 05 on 1 August 2005 in Baltimore, MD.
  • Mr. Bejtlich taught a one day course on network security monitoring, with his NSM book as the background material, at USENIX Security 05 on 31 July 2005 in Baltimore, MD.
  • Mr. Bejtlich offered a guest lecture on digital security at George Washington University on 23 June 2005.
  • Mr. Bejtlich spoke at the Techno Security 2005 conference on 13 June 2005 in Myrtle Beach, CA. He was invited by Tenable Security to appear at their evening social event.
  • Mr. Bejtlich spoke at the Net Optics Think Tank on 18 May 2005 in Sunnyvale, CA.
  • Mr. Bejtlich presented Keeping FreeBSD Up-To-Date and More Tools for Network Security Monitoring at BSDCan 2005 on 13 May 2005.
  • Mr. Bejtlich spoke to the Pentagon Security Forum on 19 April 2005.
  • Mr. Bejtlich taught a one day course on network security monitoring, with his book as the background material, at USENIX 05 on 14 April 2005 in Anaheim, CA.
  • Mr. Bejtlich spoke to the Government Forum of Incident Response and Security Teams (GFIRST) on 5 April 2005 in Orlando, FL.
  • Mr. Bejtlich spoke to the Information Systems Security Association of Northern Virginia (ISSA-NoVA) on 17 February 2005 in Reston, VA.
  • Mr. Bejtlich spoke at the 2005 DoD Cybercrime Conference on 13 January 2005 in Palm Harbor, FL.
• 2004

• * Mr. Bejtlich spoke to the [DC Systems Administrators Guild](<http://www.dc-sage.org/>) (DC-SAGE) on 21 October 2004 about Sguil.
  

  • Mr. Bejtlich spoke to the DC Linux Users Group on 15 September 2004 about Sguil.
  • Mr. Bejtlich spoke to the High Technology Crime Investigation Association International Conference and Expo 2004 on 13 September 2004 in Washington, DC about Sguil.
  • Mr. Bejtlich taught a one day course on network security monitoring, with his first book as the background material, at USENIX Security 04 on 9 August 2004 in San Diego.
  • Mr. Bejtlich spoke to the DC Snort User’s Group on 24 Jun 2004 about Sguil.
  • Mr. Bejtlich presented Network Security Monitoring with Sguil (.pdf) at BSDCan on 14 May 2004.
  • Mr. Bejtlich spoke to the SANS Local Mentor program in northern Virginia for two hours on 11 May 2004 about NSM using Sguil. Joe Bowling invited him.
  • Mr. Bejtlich gave a lightning talk demo of Sguil at CanSecWest 04 on 22 April 2004.
• 2003

• * Mr. Bejtlich spoke to ISSA-CT about network security monitoring on 9 December 2003.
  

  • Mr. Bejtlich taught Foundstone’s Ultimate Hacking Expert class at Black Hat Federal 2003 in Tyson’s Corner, 29-30 September 2003.
  • Mr. Bejtlich recorded a second webcast on network security monitoring for SearchSecurity.com. He posted the slides here.
  • Mr. Bejtlich taught the first day of Foundstone’s Ultimate Hacking Expert class at Black Hat USA 2003 Training in Las Vegas on 28 July 2003.
  • Mr. Bejtlich spoke on 21 July 2003 in Washington, DC at the SANS NIAL conference.
  • Mr. Bejtlich discussed digital security in Toronto on 13 March 2003 and in Washington, DC on Tuesday, 25 March 2003 at the request of Watchguard.
  • Mr. Bejtlich taught days four, five, and six of the SANS intrusion detection track in San Antonio, Texas from 28-30 January 2003.
• 2002

• * Mr. Bejtlich recorded a [webcast on network security monitoring](<https://web.archive.org/web/20161115143903/www.taosecurity.com/bejtlich_visscher_techtarget_webcast_4_dec_02.pdf>) (PDF slides) with his friend Bamm Visscher for SearchSecurity.com and [answered questions](<http://searchsecurity.techtarget.com/qna/0,289202,sid14_gci870026,00.html>) submitted by listeners. A SearchSecurity editor [commented](<http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci868247,00.html>) on the talk as well.
  

  • Mr. Bejtlich helped teach Foundstone’s Ultimate Hacking class at Black Hat USA 2002 Training in Las Vegas on 29-30 July 2002.
  • Mr. Bejtlich taught days one, two, and three of the SANS intrusion detection track in San Antonio, Texas from 15-17 July 2002.
  • Mr. Bejtlich taught day four of the SANS intrusion detection track in Toronto, Ontario on 16 May 2002.
  • On 11 April 2002 Mr. Bejtlich briefed the South Texas ISSA chapter on Snort.
  • Mr. Bejtlich helped teach day four of the SANS intrusion detection track in San Antonio, Texas on 14 March 2002 after Marty Roesch was unable to teach the class.
• 2000-2001

• * On 24-25 October 2001 Mr. Bejtlich spoke to the Houston InfraGard chapter at their 2001 conference.
  

  • In August and September 2001 Mr. Bejtlich briefed analysts at the AFCERT on Interpreting Network Traffic.
  • On 19 October 2000 Mr. Bejtlich was invited back to speak at the SANS Network Security 2000 Technical Conference.
  • During 14-16 August 2000 Mr. Bejtlich participated in the Cyber Summit 2000 sponsored by the Air Intelligence Agency. Mr. Bejtlich was a captain in the AFCERT. You will find him in the middle of this picture.
  • In June 2000 Mr. Bejtlich signed a letter protesting the Council of Europe draft treaty on Crime in Cyberspace.
  • In June 2000 Mr. Bejtlich briefed FIRST on third party effects. This predated CAIDA’s 2001 USENIX “backscatter” paper.
  • On 25 March 2000 Mr. Bejtlich presented Interpreting Network Traffic: A Network Intrusion Detector’s Look at Suspicious Events at the SANS 2000 Technical Conference.

Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)