🎧 The #FIRSTImpressionsPodcast returns for #FIRSTCON26!

New episodes drop every Friday leading up to conference! Tune in for interviews featuring conference speakers, cybersecurity leaders, and conversations previewing important sessions and ideas ahead of the conference — plus recap episodes after the event.

We’re kicking things off with our 2026 Program Chair, Merike Kaeo discussing this year’s theme:

🏔️ "Peak Defense: Building Adaptive Systems for Modern Threats"

Listen now at: https://media.first.org/podcasts/FIRST_Impressions-MerikeKaeo26.mp3

📍 38th Annual FIRST Conference
📅 June 14–19, 2026

🎉 The CVE/FIRST #VulnCon26 & Annual CNA Summit has wrapped, and what a week it was.

500+ security professionals from around the world gathered in Scottsdale, AZ to advance the #VulnerabilityManagement ecosystem, with sessions led by leaders from CISA, ENISA, NIST, Google, Microsoft, NVIDIA, Cisco, Dell, and dozens more.

Highlights:
✅ CISA reaffirmed the CVE program as a top agency priority and called on AI companies to play a larger role going forward
✅ CWE is becoming a more integral part of vulnerability disclosure, with root-cause mapping gaining wider adoption
✅ New product launches on the show floor, including Volerion's Vulnerability Intelligence Platform, NetRise Provenance, and a major Red Hat security data overhaul
✅ Key updates from CVE Working Groups, the EPSS SIG, and Women of FIRST

Speaker sessions will be available on-demand for virtual attendees in the FIRST Events app, as well as FIRST's YouTube channel in the coming weeks.

A huge thank you to everyone who attended, presented, sponsored, and supported this event.

This community is what makes the vulnerability management ecosystem stronger!

Read more: https://go.first.org/WabqC

#CyberDefense #cybersecurity #infosec

🎉 That’s a wrap on the Ljubljana 2025 FIRST #TechnicalColloquium!

For two dynamic days, the global incident response community came together for in-depth technical exchange, hands-on learning, and meaningful collaboration. Hosted by SI-CERT and Register.si (the registry for the .si top-level domain, both units of ARNES – the Academic and Research Network of Slovenia), the event welcomed 123 participants from 21 countries, including 12 expert lecturers and representatives from FIRST members, industry, government, the WB6 project, and eGA.

Technical track sessions saw strong engagement across both days, complemented by two highly successful hands-on workshops:
• Threat Hunting with CIRCL Tools
• Hands-On Data Breach Investigation with the Dark Net

Experts from the EU-funded Cyber Balkans project (IPA III/2022/435-019) enriched the program with valuable regional and operational insights.

👏 Thank you to all speakers, participants, partners, and organizers who made Ljubljana 2025 such a success! Cheers to you!

FIRST achieved record growth in 2025, surpassing 820 member teams across 110+ countries and delivering practical tools and resources for the global cybersecurity community.

Key highlights from the year:

🌍 Expanding Global Community: Our membership includes organizations from national CERTs to multinational enterprises such as CISA, Google, Airbus, Samsung, and the Australian Cyber Security Centre.

👥 Member-Led Innovation: Our 30+ Special Interest Groups produced high-impact resources including the "Suspicious" threat detection framework, DNS Abuse guidance, and TLP:CLEAR Ransomware Empowerment Training.

📈 Research & Frameworks: FIRST-supported research advanced threat understanding through Vulnerability Forecast Reports, ransomware analysis, and EPSS integrations with Proofpoint and Microsoft Security Copilot.

🤝 Building Capacity Worldwide: Community trainers delivered 33+ trainings in 2025, including the A4 Initiative in The Bahamas, Cameroon, Malawi, and Trinidad & Tobago, and the Africa Regional Liaison Initiative's cyber drill in Ghana.

Read the full announcement: https://go.first.org/qffaV

#cybersecurity #CyberDefense
#IncidentResponse #infosec

FIRST, through our ARL team, is thrilled to share the success of the 2025 Threat Conference in Durban, South Africa - an energizing gathering held under the powerful theme “Cybersecurity Across Cultures.”

The FIRST Africa Regional Liaison initiative is made possible through generous support of the UK International Development as part of the Africa Cyber Program.

Opened by Deputy Minister Mondli Gungubele, the conference brought together 87 participants from 41 institutions, soaring past attendance expectations by nearly 74% and breaking historical benchmarks for the event. The energy in the room reflected a shared commitment across South Africa’s cybersecurity community to collaborate, learn, and build resilient digital ecosystems.

🌍 A cross-sector milestone
Government, academia, and private industry were all at the table, including national leaders such as the Civil Aviation Authority (sectoral CSIRT), DCDT, CSIR, SABC, and Shadowserver Foundation.
Ministerial-level support amplified the importance of aligning with South Africa’s digital priorities and highlighted FIRST’s growing role as a trusted partner in the region.

🚀 Impact That Moves the Needle
• Strengthened ARL’s role as a catalyst for national and regional cybersecurity capacity building
• Gained deeper insights into South Africa’s national and municipal cyber challenges, directly shaping our 2026 roadmap
• Reaffirmed momentum from our ongoing work with the DCDT
• Clear demand for support in sectoral CSIRT maturity, municipal cyber readiness, AI-related cyber risks, and policymaker digital literacy

💡 Key Takeaways Driving Future Work
• Localized, hands-on technical training continues to deliver the strongest impact
• Policy and technical interventions must go hand-in-hand: no more working in silos
• Sectoral CSIRTs (like Civil Aviation) are ready for long-term maturity uplift programs
• Municipal governments are calling for more structured capacity development
• Stakeholders showed strong interest in emerging technologies, especially AI, and the cyber implications ahead

🎤 ARL’s Contributions at ThreatCon
• Delivered a keynote: “From Inclusion to Resilience: Securing Africa’s Digital Transformation with Trust, Culture, and Collaboration”
• Led a fully hands-on technical workshop: “Hunting Threat Actor TTPs with Open Source Tools: Windows OS”
• Engaged across multiple plenary discussions with regional experts

We’re incredibly proud of the collaborative spirit shown at ThreatCon 2025 and energized by the momentum this creates for cybersecurity capacity building across Africa. Thank you to all our partners and participants for helping move this work forward.
More on the conference: https://www.threatcon.co.za/

FIRST's Africa Regional Liaison Initiative and The Shadowserver Foundation recently delivered a Threat Intelligence and Information Sharing training and cyberdrill in Ghana during National Cybersecurity Awareness Month.

The Africa Regional Liaison Initiative is made possible by generous funding from UK International Development as part of the Africa Cyber Program. Building on two previous successful collaborations with Ghana's Cyber Security Authority (CSA), the exercise brought together 66 participants from 21 institutions across public and private sectors.

Key highlights:

🛡️ First-of-its-kind cyberdrill utilizing the public Shadowserver Dashboard to simulate cyberattack response and conduct national cyber hygiene assessments

💻 Hands-on training with open-source tools including MISP, IntelMQ, and Shadowserver data feeds

🤝 Strategic discussions with CERT-GH and CSA leadership to expand collaboration across West Africa

🌍 FIRST and Shadowserver teams met with Rt. Hon. Stephen McPartland, CREST Ambassador and former UK Minister of State for Security, to discuss the African Cybersecurity Program's impact

#CyberDefense #cybersecurity
#IncidentResponse #infosec