For the second year in a row, the CERT Coordination Center (CERT/CC) and the Forum of Incident Response and Security Teams (FIRST) jointly hosted an international competition to honor best practices and advances in safeguarding the security of computer systems and networks. The purpose of the contest was to solicit best practices that prevent cyber attacks or mitigate attacks that are unfolding so that others may benefit from the knowledge.
The contest was held in conjunction with the 2009 FIRST Conference that focuses on computer security incident handling. The topic of this year's competition was selected from the phases of a computer security incident response team's cycle of activity: Protect, Detect, Respond and Sustain. This year's topic was "Detect." The 2009 winning entries were:
- Autoreporter: Keeping the Finnish Network Space Secure, by CERT's Thomas Grenman. Autoreporter is a fully automated service provided by CERT-FI for collecting and reporting information security incidents in the Finnish network space.
- Netflow For Incident Detection, by Michael Scheck of Cisco. Netflow was originally developed to help network administrators gain a better understanding of what their network traffic looked like. It can be used for network traffic accounting, usage-based network billing, network planning, security, Denial of Service monitoring capabilities, and network monitoring.