{"status":"OK","status-code":200,"version":"1.0","access":"public","total":1032,"offset":0,"limit":100,"data":[{"id":41241,"title":"PR3TACK: The Preemptive Tactics & Countermeasures Knowledgebase","summary":"The Preemptive Tactics & Countermeasures Knowledgebase (PR3TACK) is an\nopenly accessible framework designed to catalogue *plausible but\nunobserved* adversary tactics, techniques, and procedures (TTPs).\nWhereas existing knowledge bases such as MITRE ATT&CK and MITRE D3FEND\nare constructed retrospectively from observed adversarial activity,\nPR3TACK seeks to bridge the anticipatory gap. It provides a structured\nmeans of conceptualising techniques that adversaries could plausibly\ndevelop and deploy, based on the convergence of known system\nvulnerabilities, adversarial innovation patterns, and technological\naffordances. In so doing, PR3TACK offers defenders a strategic\nadvantage: the ability to harden environments preemptively, before\nexploitation occurs. This paper outlines the rationale, structure, and\nprospective impact of PR3TACK, situating it within ongoing debates about\nproactive defence, resilience engineering, and the epistemology of cyber\nthreat intelligence.","link":"https://www.first.org/blog/20260708-FIRSTCON26-PR3TACK","image":"https://www.first.org/blog/_media/FIRSTCON26-PR3TACK/image4.png","published":"Wed, 08 Jul 2026 04:00:00 GMT"},{"id":41242,"title":"39th Annual FIRST Conference","summary":"June 13 - 18, 2027<br/>\nBangkok, Thailand<br/>\n\\#FIRSTCON27","link":"https://www.first.org/conference/2027/","image":"https://www.first.org/_/e/firstcon27/firstcon27-sq.jpg","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41243,"title":"The Metrics SIG","summary":"This quarter, the Metrics SIG released [Metrics for the FIRST CSIRT Services Framework – Version 1.1](https://www.first.org/global/sigs/metrics/metrics_csirt_services_framework_v1-1), completing metrics for all five service areas of the Framework. The release also includes refinements to improve consistency, readability, and implementation guidance, providing organizations with practical resources to establish and mature their measurement programs.","link":"https://www.first.org/newsroom/releases/202606-029","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41244,"title":"Malware Analysis SIG","summary":"The MA-SIG is continuously updating the [Malware Analysis Framework](https://www.first.org/global/sigs/malware/ma-framework/). The last updates contain real life examples of malware analysis lab setups, the updated tools list and additions to the new version. The Framework has as well been updated with an appendix detailing how it can be applied in practice to dissect malware typically found in corporate environments.\n\nRead more on our [website](https://www.first.org/global/sigs/malware/ma-framework/).\n\n","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41245,"title":"Threat Intel Coalition SIG","summary":"The Threat Intel Coalition SIG is back in action after an involuntary period of hibernation. We have new leadership, with Cristiana Brafman-Kittner (Proofpoint) having been voted in as a new co-chair alongside Lennart Maschmeyer. Going ahead, we plan to scale up our assistance for civil society and make it more sustainable by hiring dedicated staff. Currently the SIG is entirely volunteer-driven, which means activity comes in busts and booms depending on everyone’s ability to donate time. To flatten the curve, we have applied for a grant from the Open Technology Foundation’s Internet Freedom Fund. If awarded, we will hire a case manager to handle day-to-day requests and assistance and an outreach manager to spread the word to civil society organizations in need. We know civil society is under threat, especially in the global south. We also know that those organizations most in need of support usually have the least knowledge about cybersecurity and support out there. Our outreach strategy aims to change that. Stay tuned for more information, and hopefully good news, soon!\n\n","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41246,"title":"Sneak Peek: Women of FIRST Mentorship Program","summary":"Something exciting is on the horizon for the Women of FIRST community!\n\nWe're thrilled to announce that the Women of FIRST (WoF) Mentorship Program is currently in development. This unique initiative is designed to connect women working in cybersecurity with experienced professionals across the FIRST community through structured, meaningful mentorship. Built for women, by women, and supported by women allies, the program aims to foster career growth, leadership development, and lasting professional connections in a supportive environment.\n\nThe program is planned as a 6–9-month mentorship experience for working professionals, with a pilot cohort launching in Q3 2026. As we shape this first-of-its-kind WoF initiative, we'd love to hear from you. If you're interested in participating as a mentor or mentee, [please complete our interest survey by July 20](https://firstdotorg.wufoo.com/forms/first-women-of-first-mentorship-program/).\n\nTogether, we're building more than a mentorship program; we're building a community that empowers, uplifts, and inspires women to thrive in cybersecurity\n \nThe initiative is being supported through [FIRST CORE](https://www.first.org/global/core/) and its generous sponsors.","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41247,"title":"FIRST ‌Security ‌Operations ‌Center (SOC) SIG Update","summary":"The goal of the FIRST Security Operations Center (SOC) Special Interest Group (SIG) is to strengthen Security Operations through collaboration, shared experiences, and practical guidance for the FIRST community.\n \nFIRST has a long history of publishing useful standards, frameworks, and best practices for the global security community. Still, day-to-day SOC operations brings its own set of operational challenges, that’s why the SOC SIG was formed, to focus on the problems modern SOCs experience in practice. The SOC SIG focuses on resources that help organizations build, run, and grow an effective SOC, regardless of the organization’s size, sector, or mission.\n","link":"https://www.first.org/newsroom/releases/202606-033","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41248,"title":"Insider Threat SIG: Building a stronger community to address an evolving threat landscape","summary":"Insider threats remain one of the most challenging areas of cybersecurity. Whether driven by malicious intent, negligence, compromised identities, or trusted third parties, insider-related incidents continue to grow in complexity as organizations become increasingly interconnected. Technical controls alone are no longer sufficient. Effective insider threat programs require collaboration across security, human resources, legal, privacy, leadership, and operational teams, making this a uniquely multidisciplinary challenge.\n","link":"https://www.first.org/newsroom/releases/202606-034","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41249,"title":"New Version of EPSS went live June 15th!","summary":"If you are relying on EPSS Scores, nothing (except some scores) will change. We will be swapping to an updated algorithm on the backend and new scores will be published in place of the previous algorithm's output. No change is required for any downstream consumers to get the updated scores!\n","link":"https://www.first.org/newsroom/releases/202606-035","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41250,"title":"DNS Abuse SIG","summary":"The @firstdotorg DNS Abuse SIG has now released v1.3 of the DNS Abuse Techniques Matrix, after the last version published back in 2023. We've been working hard on consistency, clarity, and overall polish to create a foundation for further work, and I am SO proud to be part of this publication. It's awesome to see it being used more and more. It was weird (but so cool!) the first time I was chatting with an AI and it answered with a reference to our own work!\n\n\n[Download the latest version.](https://www.first.org/global/sigs/dns/DNS-Abuse-Techniques-Matrix_v1.3.pdf)\n","link":"https://www.first.org/newsroom/releases/202606-036","published":"Mon, 06 Jul 2026 00:00:00 GMT"},{"id":41240,"title":"When FIRSTCON26 Rode into Denver","summary":"Well, partner... what a week. This June, 700 cybersecurity professionals saddled up in Denver, Colorado for the 38th Annual FIRST Conference (FIRSTCON26), proving once again that when the global incident response community gets together, great things happen.","link":"https://www.first.org/blog/20260703-When-FIRSTCON26-Rode-into-Denver","image":"https://www.first.org/blog/","published":"Fri, 03 Jul 2026 00:00:00 GMT"},{"id":41239,"title":"FIRST Concludes FIRSTCON26 Amid Record Surge in Cyber Vulnerabilities","summary":"Five-day summit highlights AI-driven CVE spikes, breakthrough incident response frameworks, and a major expansion of global capacity-building initiatives","link":"https://www.first.org/newsroom/releases/20260619","published":"Fri, 19 Jun 2026 19:00:00 GMT"},{"id":41238,"title":"CVE | FIRST VulnCon 2027 & Annual CNA Summit","summary":"March 30 - April 2, 2027<br/>\nScottsdale, USA<br/>\n\\#VULNCON27","image":"https://www.first.org/_/e/vulncon27/vulncon27-sq.jpg","published":"Tue, 16 Jun 2026 00:00:00 GMT"},{"id":41235,"title":"FIRST Mid-Year Vulnerability Forecast Confirms Historic Surge, Projects ~66,000 CVEs in 2026","summary":"AI and a rapidly expanding CVE ecosystem blow past February's already-record projections by 46%, but exploitable risk remains flat","link":"https://www.first.org/newsroom/releases/20260615","published":"Mon, 15 Jun 2026 00:00:00 GMT"},{"id":41237,"title":"The 2026 Vulnerability Forecast Update: Navigating the AI Epoch","summary":"The cumulative drift is currently +46.3% above the original forecast (an excess of 6,420 CVEs), leading to a revised 2026 projection of ~68K CVEs.There were many questions earlier this year when we produced prediction intervals as wide as 100k. Still, an important feature of a forecast is that it encompasses unlikely but realistically possible outcomes. AI-assisted discovery has increased the chances that we see what many people would consider an extreme number of vulnerabilities this year, and we take such things into account when producing the strategic forecast.","link":"https://www.first.org/blog/20260615-vulnerability-forecast-update","published":"Mon, 15 Jun 2026 00:00:00 GMT"},{"id":41234,"title":"Episode 60: Mars Cheng, TXOne Networks Inc., FIRSTCON26 Speaker","summary":"Rapidly approaching, the EU Cyber Resilience Act (CRA) is set to reshape how manufacturers develop, secure, and support digital products. In this episode of the First Impressions Podcast, Mars Cheng of TXOne Networks breaks down what the CRA means for organizations that want to sell products in the European market and why the regulation is being called one of the most significant cybersecurity compliance initiatives in years. Previewing his FIRSTCON26 talk, the discussion covers practical steps companies can take today, including stakeholder alignment, tabletop exercises, internal reporting processes, and compliance planning. ","link":"https://media.first.org/podcasts/FIRST_Impressions-mars2026.mp3","published":"Fri, 12 Jun 2026 00:00:00 GMT"},{"id":41233,"title":"Episode 59: Julie Agnes Sparks and Greg Foss, Datadog, FIRSTCON26 Speakers","summary":"In this episode of First Impressions, Julie Agnes Sparks and Greg Foss of Datadog discuss the growing wave of SaaS-focused attacks, from credential theft and supply chain compromises to large-scale data exfiltration campaigns targeting platforms like Salesforce, GitHub, and other cloud services. They explore the visibility gaps that make these incidents difficult to detect, the challenges of monitoring non-human identities and API-driven access, and why many organizations are overlooking some of their most valuable security telemetry.","link":"https://media.first.org/podcasts/FIRST_Impressions-sparks-foss.mp3","published":"Mon, 08 Jun 2026 00:00:00 GMT"},{"id":41232,"title":"Episode 58: Cheng-Lin Yang and Lily Chen, CyCraft, FIRSTCON26 Speakers","summary":"In this episode of the First Impressions Podcast, FIRSTCON26 Speakers, Cheng-Lin Yang and Lily Chen of CyCraft, explore a growing threats to LLM-assisted security workflows: poisoned artifacts designed to manipulate AI-generated analysis. They discuss how a single malicious document can attract an AI's attention, influence its reasoning, and ultimately alter the information presented to security teams. The conversation covers the evolution of prompt injection attacks, the challenges of defending modern language models, and more! Tune in to preview their FIRSTCON26 session. ","link":"https://media.first.org/podcasts/FIRST_Impressions-cheng-lily.mp3","published":"Fri, 05 Jun 2026 00:00:00 GMT"},{"id":41230,"title":"Episode 57: Vijay Sarvepalli and Christopher Cullen, FIRSTCON26 Speakers","summary":"In this episode of the First Impressions Podcast, we sit down with Vijay Sarvepalli and Christopher Cullen to unpack the chaotic reality of modern vulnerability coordination. From AI-generated bug reports and patching nightmares to insecure pickle files, Log4j flashbacks, and the race to secure open source software before attackers strike, the conversation dives deep into how security teams can “push left” and automate the path from vulnerability discovery to secure release. Equal parts technical insight, cautionary tale, and therapy session for anyone who survived Log4Shell, this episode explores why fixing vulnerabilities is still harder than finding them, and what the future of coordinated vulnerability disclosure might look like in an AI-driven world.","link":"https://media.first.org/podcasts/FIRST_Impressions-vijay-chris.mp3","published":"Fri, 29 May 2026 00:00:00 GMT"},{"id":41216,"title":"Training, CCB, and CORE","summary":"FIRST is happy to announce the launch of a new capacity and trust building initiative in the Framework of the G7-ECOWAS Platform for Advancing Cybersecurity. Together with the German Federal Foreign the Economic Community of West African States (ECOWAS) and with Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH as implementing partner, FIRST will support regional cyber Confidence-Building Measure (CBMs). Initially a tool for cyber diplomats, CBMs have evolved to cover any efforts of countries, security agencies and incident responders to reduce the risks stemming from the (mis)use of ICT tools.","link":"https://www.first.org/newsroom/releases/202606-009","image":"https://www.first.org/_/img/news/firstpost2606-standards.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41217,"title":"Peak Incident Response 2026","summary":"This year we held our first Swiss Technical Colloquium - [Peak Incident Response](https://www.first.org/events/colloquia/geneva2026) - as part of the [Geneva Cyber Week (GCW)](https://genevacyberweek.com/en). So, why another TC? The GCW is an annual global platform to advance international cooperation and resilience in cyberspace. This sounds a bit like it could describe just about any FIRST event. But the GCW mostly caters to policy folks, diplomats, and members of civil society, including some of our trusted partners such as DCAF and the HD Centre.","link":"https://www.first.org/blog/20260518-Peak-Incident-Response-2026","image":"https://www.first.org/_/img/news/firstpost2606-peak.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41218,"title":"FIRSTCTI26 Recap: Threat Intel & Pretzels Sold Out!","summary":"Ten years ago, a group of cybersecurity professionals gathered in Munich with a simple but ambitious idea: create a trusted space where threat intelligence experts from different sectors could actually talk to each other, collaborate openly, and tackle emerging challenges together.","link":"https://www.first.org/blog/20260518-FIRSTCTI26-Event-Recap","image":"https://www.first.org/_/img/news/firstpost2606-firstcti26.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41219,"title":"VulnCon 2026 Recap: Sun, Strategy, and Security!","summary":"What happens when you gather hundreds of vulnerability management professionals in the Arizona sunshine for a week of collaboration, workshops, debates, and margaritas? VulnCon 2026: and this year's event was bigger, bolder, and more collaborative than ever.","link":"https://www.first.org/blog/20260518-Vulncon26-Event-Recap","image":"https://www.first.org/_/img/news/firstpost2606-vulncon26.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41220,"title":"Conference Coverage, Season 2 of \"Improving Security Across Nations With FIRST,” Production Wrap, and Mid-Year Vulnerability Forecast","summary":"Growth Stack Media secured 107+ pieces of earned media coverage for FIRST in Q2FY26 across notable publications including CSO, Dark Reading, Help Net Security, Infosecurity Magazine, and Security Boulevard. You can view the full CoverageBook of articles [here](https://www.first.org/newsroom/newsletters/FIRST_FY26Q2_PR_Coverage.pdf).","link":"https://www.first.org/newsroom/releases/202606-026","image":"https://www.first.org/_/img/news/firstpost2606-media.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41221,"title":"Time Security SIG: coordinating before the clock runs out","summary":"Most security properties quietly assume that systems share a correct, coherent sense of time. That assumption is now under pressure from two directions at once. Time sources can be manipulated or spoofed today, whether via NTP in transit or GNSS from the sky. A vast installed base of critical infrastructure still represents time as a fixed-width value that reaches the end of its range in 2038.\n","link":"https://www.first.org/newsroom/releases/202606-028","image":"https://www.first.org/_/img/news/firstpost2026-sig-news.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41222,"title":"AGM Update","summary":"The Annual General Meeting was held on June 15th 2026 during the annual conference in Denver, Colorado.     \n\nThe results of the election were announced: \n\nSerge Droz (Liaison, CH), Carlos Leonardo (CSIRT-RD, DO) and I (Olivier Caleff (Liaison, FR) were re-elected, Mona Elisabeth Østvang (mnemonic, NO) was re-elected after a year's absence and Logan Wilkins (Cisco) was newly elected to the Board of Directors for the term 2026-2028.\n\nMichael Hausding (SWITCH-CERT, CH), Carlos Alvarez (ZeroFox, US), Tracy Bills (CERT/CC,US), Yukako Uchida (JPCERT/CC, JP) and Graciela Martinez Giordano, (LACNIC, UY) will continue their 2025-2027 terms.","link":"https://www.first.org/newsroom/releases/202606-002","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41223,"title":"2026 Mexico City Technical Colloquium","summary":"August 17-19, 2026<br/>\nMexico City, Mexico<br/>\n\\#FIRSTMX26","link":"https://www.first.org/events/colloquia/firstmx26/","image":"https://www.first.org/_/e/firstmx26/firstmx26-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41224,"title":"FIRST-APNIC Technical Colloquium","summary":"September 8-10, 2026<br/>\nMumbai, India<br/>\nHosted by APNIC","link":"https://www.first.org/events/colloquia/apnic26/","image":"https://www.first.org/_/e/apnic26/apnic26-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41225,"title":"2026 VulnOptiCON","summary":"September 23-25, 2026<br/>\nGare, Luxembourg<br/>","link":"https://vulnopticon.org/","image":"https://www.first.org/_/img/news/vulnopticon-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41226,"title":"2026 FIRST Regional Symposium Latin America & Caribbean","summary":"October 21-22, 2026<br/>\nMendoza, Argentina<br/>","image":"https://www.first.org/_/e/latam2026/latam26-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41227,"title":"2026 FIRST Regional Symposium for Africa & Joint AfricaCERT Meeting","summary":"October 27-30, 2026<br/>\nNairobi, Kenya<br/>\n\\#FIRSTAA26","image":"https://www.first.org/_/e/firstaa26/firstaa26-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41228,"title":"2026 FIRST Regional Symposium for Asia Pacific & Joint APCERT AGM","summary":"November 5-6, 2026<br/>\nBusan, Republic of Korea<br/>\nHosted by KrCERT/CC","link":"https://www.first.org/events/symposium/asia-pacific2026/","image":"https://www.first.org/_/e/asia-pacific2026/asia-pacific2026-sq.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41213,"title":"Member spotlight","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41214,"title":"Where FIRST Meets the Standards World","summary":"The Standards SIG is a monthly gathering where FIRSTies whose day jobs somehow touch standards development come to compare notes. It's a place to swap ideas, share war stories, and commiserate over the peculiar joys of consensus-building. We have regular participation from folks active at ISO, IETF, ETSI, NIST, ITU-T, OASIS, and beyond. Chaired by Brian DeWyngaert and Trey Darley, we meet the last Wednesday of each month, 16:00–17:00 Brussels time. We'll take a hiatus over the summer to freshen things up and reconvene with a kick-off call on 30 September. If any part of your work brushes against standards, you'd be very welcome. Come find your people.","image":"https://www.first.org/_/img/news/firstpost2606-standards-2.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41215,"title":"Special Interest Group Updates","summary":"**Metrics SIG**<br> \n_By Logan WIlkins - Chair, Metrics SIG_   \n\nThis quarter, the Metrics SIG released [Metrics for the FIRST CSIRT Services Framework – Version 1.1](https://www.first.org/global/sigs/metrics/metrics_csirt_services_framework_v1-1), completing metrics for all five service areas of the Framework. The release also includes refinements to improve consistency, readability, and implementation guidance, providing organizations with practical resources to establish and mature their measurement programs.","image":"https://www.first.org/_/img/news/firstpost2026-sig-news.jpg","published":"Tue, 26 May 2026 00:00:00 GMT"},{"id":41229,"title":"Sector CERTs and How To Build Them","summary":"CERT Ghana has been creating a network of sector CERTs in significant areas and has created strong bonds in the process.","link":"https://www.first.org/blog/20260525-Sector-CERTs-and-how-to-build-them","image":"https://www.first.org/blog/","published":"Mon, 25 May 2026 00:00:00 GMT"},{"id":41209,"title":"Episode 56: Mor Weinberger and Lior Kaplan, FIRSTCON26 Speakers","summary":"In the first episode of the 2026 season of the First Impressions Podcast, Mor Weinberger and Lior Kaplan preview their upcoming FIRST Conference session, “From Discovery to Fix: What 10,000 Open Source Projects Reveal About CVE Remediation.” The discussion explores why vulnerability remediation remains slow despite the growing speed of CVE discovery, especially as AI accelerates vulnerability research and exploit development. Drawing from research across thousands of open source projects, they examine the challenges of patch adoption, dependency management, and supply chain complexity. The episode also highlights practical ways organizations can reduce risk and improve remediation efforts ahead of FIRSTCON26 in Denver.","link":"https://media.first.org/podcasts/FIRST_Impressions-MorLior.mp3","published":"Fri, 22 May 2026 00:00:00 GMT"},{"id":41208,"title":"Peak Incident Response 2026","summary":"This year we held our first Swiss Technical Colloquium - Peak Incident Response - as part of the Geneva Cyber Week (GCW). So, why another TC? The GCW is an annual global platform to advance international cooperation and resilience in cyberspace. This sounds a bit like it could describe just about any FIRST event. But the GCW mostly caters to policy folks, diplomats, and members of civil society, including some of our trusted partners such as DCAF and the HD Centre.","link":"https://www.first.org/blog/20260518-Peak-Incident-Response-2026","image":"https://www.first.org/blog/","published":"Mon, 18 May 2026 00:00:00 GMT"},{"id":41210,"title":"FIRSTCTI26 Recap: Threat Intel & Pretzels Sold Out!","summary":"Ten years ago, a group of cybersecurity professionals gathered in Munich with a simple but ambitious idea: create a trusted space where threat intelligence experts from different sectors could actually talk to each other, collaborate openly, and tackle emerging challenges together.","link":"https://www.first.org/blog/20260518-FIRSTCTI26-Event-Recap","image":"https://www.first.org/blog/","published":"Mon, 18 May 2026 00:00:00 GMT"},{"id":41211,"title":"VulnCon 2026 Recap: Sun, Strategy, and Security!","summary":"What happens when you gather hundreds of vulnerability management professionals in the Arizona sunshine for a week of collaboration, workshops, debates, and margaritas? VulnCon 2026: and this year's event was bigger, bolder, and more collaborative than ever.","link":"https://www.first.org/blog/20260518-Vulncon26-Event-Recap","image":"https://www.first.org/blog/","published":"Mon, 18 May 2026 00:00:00 GMT"},{"id":41207,"title":"Episode 55: Merike Kaeo, FIRSTCON26 Program Chair","summary":"The FIRST Impressions Podcast returns for FIRSTCON26! This kick off episode brings Program Chair, Merike Kaeo, to the table to discuss the vision behind the 38th Annual FIRST Conference program and the goals and challenges faced. Centered around the theme “Peak Defense: Building Adaptive Systems for Modern Threats,” Merike shares how this year’s program was carefully designed to balance technical depth, operational strategy, incident response, and AI security topics while ensuring diverse perspectives and skill levels. The episode highlights the importance of community collaboration, knowledge sharing, and making cybersecurity capabilities more accessible for smaller and underserved organizations through automation, practical incident response planning, and stronger global cooperation.","link":"https://media.first.org/podcasts/FIRST_Impressions-MerikeKaeo26.mp3","published":"Fri, 15 May 2026 00:00:00 GMT"},{"id":41205,"title":"FIRST POST: Apr-Jun 2026","link":"https://www.first.org/newsroom/post/202606","published":"Thu, 30 Apr 2026 00:00:00 GMT"},{"id":41206,"title":"Message from the Chair","image":"https://www.first.org/_/img/news/firstpost2606-chair.jpg","published":"Thu, 30 Apr 2026 00:00:00 GMT"},{"id":41173,"title":"FIRST POST: Jan-Mar 2026","summary":"Message from the Chair; Board Spotlight; Member Spotlight; From Operational Experience to Global Policy: The UN Global Cybersecurity Mechanism; Special Interest Group Updates; Training, CCB, and CORE; Membership Dues; AGM Update; Seven signals cyber experts agreed on at FIRST Paris 2026; Bangalore 2026 FIRST Technical Colloquium highlights resilience, AI, and community; Threats, Tech, and Tashkent: FIRSTUZ26 Recap; Breakthrough Vulnerability Projections, Global Conference Series Launch, and CVSS Implementation Leadership; Upcoming Events","link":"https://www.first.org/newsroom/post/202603","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41174,"title":"Message from the Chair","summary":"Vulnerabilities ... What's in a name? (again)\n\nVulnCon 2026 came at a perfect time. Over the years, vulnerabilities have become a subject of choice. \n\nVulnerabilities are all over the press, social media, blogs, reports and ... our mailing lists, our messaging apps, discussions in our FIRST community. And vulnerabilities translate for most into CVEs. But some are not CVEs.\n","link":"https://www.first.org/newsroom/releases/202603-1","image":"https://www.first.org/_/img/news/firstpost2603-message-chair.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41175,"title":"Member Spotlight","summary":"**Building the infrastructure of trust — one open-source contribution at a time**\n\nKoen Van Impe is one of those community figures whose impact is greater than the sum of its visible parts. With over 20 years of experience in cybersecurity, Koen works as a freelancer specializing in threat intelligence, incident response and security operations, and is part of the core team behind the MISP project, the world's most widely used open-source platform for structured threat intelligence sharing. His profile as a FIRST member reflects a consistent track record of contribution to the global community of CSIRTs and response teams.","link":"https://www.first.org/newsroom/releases/202603-3","image":"https://www.first.org/_/img/news/firstpost2603-koen-van-imp.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41177,"title":"Special Interest Group Updates","summary":"**STP SIG White Paper published on the future of CERTs/CSIRTs/ISACs and their operating models**  \n\n“This white paper, authored by AUSCERT, examines the rapid evolution of CERTs/CSIRTs/ISACs as the cyber threat landscape grows increasingly complex and interconnected. Originally created as technical response units, CERTs have since expanded into strategic institutions supporting national resilience, sectoral preparedness, and organisational cyber maturity. Rising regulatory pressures, globalised supply‑chain risk, and competition from commercial cybersecurity providers have reshaped expectations of CERTs, demanding both technical excellence and the ability to coordinate diverse stakeholders during high‑impact events, whilst maintaining sustainable operations.","link":"https://www.first.org/newsroom/releases/202603-7","image":"https://www.first.org/_/img/news/firstpost2026-sig-news.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41178,"title":"Training, CCB, and CORE","summary":"FIRST CORE is excited to welcome the support of the Internet Society and Internet Society Foundation through the newly launched Common Good Cyber Fund (CGCF).  As part of the initial pilot phase, the CGCF grant will bolster FIRST’s community and capacity building program to better support and grow our community training efforts. ","link":"https://www.first.org/newsroom/releases/202603-9","image":"https://www.first.org/_/img/news/firstpost2603-core.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41179,"title":"Breakthrough Vulnerability Projections, Global Conference Series Launch, and CVSS Implementation Leadership","summary":"Growth Stack Media secured and tracked 120+ pieces of earned media coverage, generating more than 1M views of content for FIRST in Q1FY26 across notable publications including Fast Company, CSO, SC Media, and Infosecurity Magazine. You can view the full CoverageBook of articles [here](https://www.first.org/newsroom/newsletters/FIRST_FY26Q1_PR_Coverage.pdf). This robust coverage reinforced FIRST's position as the authoritative voice in vulnerability management and global cybersecurity coordination.","link":"https://www.first.org/newsroom/releases/202603-20","image":"https://www.first.org/_/img/news/firstpost2603-media.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41194,"title":"Membership Dues","summary":"As Chair of FIRST, I want to inform you about an upcoming adjustment to the annual membership fee for full members (teams). Starting with the 2027 membership year, and for the period 2027–2029, the fee will increase from 2,800 USD to 3,000 USD per year.","link":"https://www.first.org/newsroom/releases/202603-12","image":"https://www.first.org/_/img/news/firstpost2603-dues.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41195,"title":"AGM Update","summary":"FIRST holds its Annual General Meeting (AGM) during the Annual Conference.  The 2026 FIRST AGM will take place on June 15, 2026 22:00 UTC (16:00 MDT, local time) and will also be streamed for observation.","link":"https://www.first.org/newsroom/releases/202603-13","image":"https://www.first.org/_/img/news/firstpost2603-agm-2.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41196,"title":"From Operational Experience to Global Policy: The UN Global Cybersecurity Mechanism","summary":"The launch of the United Nations Global Cybersecurity Mechanism (G-Mech) marks an important step toward more stable and continuous governance of cyberspace. Unlike previous processes, this new arrangement has been established as a permanent framework, with an organizational session that began in March 2026, a first substantive plenary next July, and dedicated thematic groups in December. Its structure combines general discussions in plenary with more focused exchanges in the Dedicated Thematic Groups, under the five well-established pillars of the framework for responsible State behaviour: threats, norms, international law, confidence-building measures, and capacity-building.","link":"https://www.first.org/newsroom/releases/202603-6","image":"https://www.first.org/_/img/news/firstpost2603-global-cybersecurity.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41204,"title":"Board Spotlight ","summary":"**Can you walk us through your career background and how that experience brought you into the organization?**\n\nI started installing firewalls in the mid-1990s and looked at the logs... and I right away entered incident management! Long story short, I joined the emerging informal association of CSIRTs in France - aka InterCERT France - at the turn of the century, then TF-CSIRT, and FIRST in 2013 while joining French GovCERT, CERT-FR.","link":"https://www.first.org/newsroom/releases/202603-2","image":"https://www.first.org/_/img/news/firstpost2603-olivier-caleff.jpg","published":"Tue, 28 Apr 2026 00:00:00 GMT"},{"id":41201,"title":"The Infrastructure Nobody Owns: (Residential) Proxy Networks and the Case for Collective Visibility","link":"https://www.first.org/blog/20260424-Infrastructure-Nobody-Owns","image":"https://www.first.org/blog/","published":"Fri, 24 Apr 2026 16:00:00 GMT"},{"id":41203,"title":"FIRST Concludes Sold-Out 2026 Cyber Threat Intelligence Conference in Munich","summary":"Global practitioners gathered to advance AI-driven CTI, detection engineering, and threat intelligence standards","link":"https://www.first.org/newsroom/releases/20260423","published":"Thu, 23 Apr 2026 09:00:00 GMT"},{"id":41202,"title":"A Reef Takes Time to Grow: CIRT-BS","summary":"A reef is a great metaphor for cybersecurity. It protects an ecosystem, allows good things through, keeping bad things out. But it also takes a long time to build. We talked to Bahamas CIRT ahead of the official launch of their Cyber Reef.","link":"https://www.first.org/blog/20260422-A-Reef-Takes-Time-to-Grow","published":"Wed, 22 Apr 2026 08:00:00 GMT"},{"id":41199,"title":"Malicious Packages Don't Fit the Vulnerability Intelligence Model","summary":"Malicious open source packages and software vulnerabilities may look alike on the surface, but they demand entirely different response playbooks. Treating a malicious npm or PyPI package like a CVE leaves critical questions unanswered: what did it execute, where did it phone home, and what campaign is it part of? Purpose-built malicious package intelligence infrastructure is needed to answer those questions.","link":"https://www.first.org/blog/20260420-Malicious-Packages-Dont-Fit","image":"https://www.first.org/blog/","published":"Mon, 20 Apr 2026 16:00:00 GMT"},{"id":41198,"title":"FIRST Wraps CVE/VulnCon 2026 with 500+ Attendees, New Product Launches, and Key Vulnerability Management Milestones","summary":"Four-day summit in Scottsdale draws global security leaders to advance CVE quality, AI security, and coordinated disclosure.","link":"https://www.first.org/newsroom/releases/20260416","published":"Thu, 16 Apr 2026 20:30:00 GMT"},{"id":41187,"title":"Threats, Tech, and Tashkent: FIRSTUZ26 Recap","summary":"The 2026 FIRST Regional Symposium for Central Asia brought the global cybersecurity community to Tashkent, Uzbekistan over February 26-27, 2026, marking an exciting milestone for the organization. Hosted by [UZCERT](https://uzcert.uz/en/) and [INHA University in Tashkent](https://inha.uz/), it was the very first regional symposium organized by the Forum of Incident Response and Security Teams (FIRST) in Central Asia, and it did not disappoint.","link":"https://www.first.org/blog/20260318-FIRSTUZ26-Recap","image":"https://www.first.org/blog/_media/FIRSTUZ26-03.jpg","published":"Mon, 30 Mar 2026 00:00:00 GMT"},{"id":41188,"title":"Bangalore 2026 FIRST Technical Colloquium highlights resilience, AI, and community","summary":"The 2026 FIRST Technical Colloquium in Bangalore brought together a group of security professionals and students for two days of practical learning, technical discussion, and community building on Cisco's campus on February 10-11, 2026. The event created space for attendees to exchange ideas, share lessons learned, and strengthen connections across the incident response community.","link":"https://www.first.org/blog/20260319-Bangalore-TC","image":"https://www.first.org/_/img/news/firstpost2603-bangalore.jpg","published":"Mon, 30 Mar 2026 00:00:00 GMT"},{"id":41189,"title":"Seven signals cyber experts agreed on at FIRST Paris 2026","summary":"Group-IB hosted the FIRST Technical Colloquium in Paris, where cybersecurity experts challenged assumptions around modern cyber defense. FIRST Chair Olivier Caleff opened and moderated the event.   \nThe cybersecurity industry has been facing multiple parallel challenges in recent years. The pace at which cybercrime evolves is hard to match, but gatherings like FIRST provide a unique opportunity for the community to convene, reflect, and move forward together.","link":"https://www.first.org/blog/20260323-Paris-TC","image":"https://www.first.org/_/img/news/firstpost2603-paris.jpg","published":"Mon, 30 Mar 2026 00:00:00 GMT"},{"id":41190,"title":"The Trust Builders: FIRST’s African Liaisons","summary":"In the past two years, the FIRST Africa Regional Liaison (ARL) initiative has directly supported 1,210 cybersecurity professionals, delivered more than 50 targeted initiatives across 33 countries, and maintained sustained engagement with at least 70 Computer Security Incident Response Teams (CSIRTs).\n\nThat’s a lot of work for the two liaisons: Eric Akumiah (Ghana) and myself, Lawrence Muchilwa (Kenya).","link":"https://www.first.org/blog/20260311-Trust-Builders","image":"https://www.first.org/_/img/news/firstpost2603-africa-liaisons.jpg","published":"Mon, 30 Mar 2026 00:00:00 GMT"},{"id":41182,"title":"2026 Peak Incident Response Technical Colloquium","summary":"May 5-6, 2026<br/>\nGeneva (CH)<br/>\n","link":"https://www.first.org/events/colloquia/geneva2026/","image":"https://www.first.org/_/e/geneva2026/geneva2026-sq.jpg","published":"Fri, 27 Mar 2026 00:00:00 GMT"},{"id":41183,"title":"Zimbabwe FIRST Technical Colloquium","summary":"May 6-8, 2026<br/>\nVictoria Falls (ZW)<br/>","link":"https://www.first.org/events/colloquia/zimbabwe2026/","image":"https://www.first.org/_/e/zimbabwe2026/zimbabwe2026-sq.jpg","published":"Fri, 27 Mar 2026 00:00:00 GMT"},{"id":41184,"title":"38th Annual FIRST Conference","summary":"June 14-19, 2026<br/>\nDenver (US)<br/>\n\\#FIRSTCON26","link":"https://www.first.org/conference/2026/","image":"https://www.first.org/_/e/firstcon26/firstcon26-sq.jpg","published":"Fri, 27 Mar 2026 00:00:00 GMT"},{"id":41185,"title":"2026 Mexico City Technical Colloquium","summary":"SAVE THE DATE!<br/>\nAugust 17-19, 2026<br/>\nMexico City (MX)<br/>\n\\#FIRSTMX26","link":"https://www.first.org/events/colloquia/firstmx26/","image":"https://www.first.org/_/e/firstmx26/firstmx26-sq.jpg","published":"Fri, 27 Mar 2026 00:00:00 GMT"},{"id":41186,"title":"2026 FIRST Regional Symposium for Africa & Joint AfricaCERT Meeting","summary":"SAVE THE DATE!<br/>\nOctober 27-30, 2026<br/>\nNairobi (KE)","image":"https://www.first.org/_/e/firstaa26/firstaa26-sq.jpg","published":"Fri, 27 Mar 2026 00:00:00 GMT"},{"id":41191,"title":"Critical Thinking Within CTI","summary":"All too often in 2026, analysts now rely upon tools, technology, and artificial intelligence (AI) to do the “thinking for us” instead of using our brains in the cyber threat intelligence (CTI) lifecycle. Analysts are “drowning in data” with a wealth of emails, tweets, texts, messages, feeds, and other information that all have to be read, processed, normalized, correlated, understood, and potentially weaponized into tools and technology for defensive posture.  A reliance upon tools and artificial intelligence (AI) is quickly becoming the new standard, a threat to \"human in the loop” and our most important asset, people!","link":"https://www.first.org/global/sigs/cti/blog/20260326-Critical-Thinking-Within-CTI","image":"https://www.first.org/global/sigs/cti/blog/","published":"Thu, 26 Mar 2026 00:00:00 GMT"},{"id":41192,"title":"Hypothesis and Theory: Words do Matter!","summary":"The terms hypothesis and theory are widely recognized, yet their precise meanings are often misunderstood. As a result, they are frequently used interchangeably - most commonly with theory being misapplied in situations where hypothesis would be more accurate.","link":"https://www.first.org/global/sigs/cti/blog/20260326-Hypothesis-and-Theory","image":"https://www.first.org/global/sigs/cti/blog/","published":"Thu, 26 Mar 2026 00:00:00 GMT"},{"id":41193,"title":"What is Cyber Threat Hunting?","summary":"As a pioneer in the world of Cyber Threat Intelligence (CTI), I see many technologies, tools, and people attempting to perform “threat hunting”, without a proper understanding or guidance in how to do it effectively within the lifecycle of CTI. Today, many rely upon tools and technology for “good enough” intelligence, while others chase Indicators of Compromise (IoCs), thinking that is threat hunting - it is not. Join me on a journey to understanding what threat hunting is and is not, and the types of hunts one performs to actionably move the needle to lower cyber risk.","link":"https://www.first.org/global/sigs/cti/blog/20260326-What-is-Cyber-Threat-Hunting","image":"https://www.first.org/global/sigs/cti/blog/","published":"Thu, 26 Mar 2026 00:00:00 GMT"},{"id":41172,"title":"Seven signals cyber experts agreed on at FIRST Paris 2026","summary":"The cybersecurity industry has been facing multiple parallel challenges in recent years. The pace at which cybercrime evolves is hard to match, but gatherings like FIRST provide a unique opportunity for the community to convene, reflect, and move forward together.","link":"https://www.first.org/blog/20260323-Paris-TC","image":"https://www.first.org/blog/","published":"Mon, 23 Mar 2026 00:00:00 GMT"},{"id":41171,"title":"Bangalore 2026 FIRST Technical Colloquium highlights resilience, AI, and community","summary":"The 2026 FIRST Technical Colloquium in Bangalore brought together a group of security professionals and students for two days of practical learning, technical discussion, and community building on Cisco's campus on February 10-11, 2026. The event created space for attendees to exchange ideas, share lessons learned, and strengthen connections across the incident response community.","link":"https://www.first.org/blog/20260319-Bangalore-TC","image":"https://www.first.org/blog/","published":"Thu, 19 Mar 2026 00:00:00 GMT"},{"id":41170,"title":"Threats, Tech, and Tashkent: FIRSTUZ26 Recap","summary":"The 2026 FIRST Regional Symposium for Central Asia brought the global cybersecurity community to Tashkent, Uzbekistan over February 26-27, 2026, marking an exciting milestone for the organization. Hosted by UZCERT and INHA University in Tashkent, it was the very first regional symposium organized by the Forum of Incident Response and Security Teams (FIRST) in Central Asia, and it did not disappoint.","link":"https://www.first.org/blog/20260318-FIRSTUZ26-Recap","image":"https://www.first.org/blog/","published":"Wed, 18 Mar 2026 00:00:00 GMT"},{"id":41169,"title":"FIRST Unveils Three Global Conferences to Strengthen the World's Cyber Defenses in 2026","summary":"Speakers include cybersecurity leaders from organizations including the Cybersecurity and Infrastructure Security Agency (CISA), Google, Microsoft, Nvidia, European Commission, Munich University of Applied Sciences, and others","link":"https://www.first.org/newsroom/releases/20260312","published":"Thu, 12 Mar 2026 05:00:00 GMT"},{"id":41168,"title":"The Trust Builders: FIRST’s African Liaisons","link":"https://www.first.org/blog/20260311-Trust-Builders","image":"https://www.first.org/blog/","published":"Wed, 11 Mar 2026 00:00:00 GMT"},{"id":41164,"title":"FIRST Releases 2026 Vulnerability Report, Projecting Record-Breaking Common Vulnerabilities and Exposures","summary":"For the first time ever, annual CVE disclosures expected to surpass 50,000, signaling a potential paradigm shift in vulnerability management workloads","link":"https://www.first.org/newsroom/releases/20260211","published":"Wed, 11 Feb 2026 00:00:00 GMT"},{"id":41165,"title":"FIRST Welcomes New Members and Thanks Sponsoring Teams!","summary":"FIRST has welcomed 64 new members over the second semester of 2025: 39 Teams, 23 Liaisons, and 2 Associates.   \n\nMost growth comes from new Teams and Liaisons from the US (+9), Dominican Republic (+7), Taiwan, Province of China (+5), Switzerland (+3), Germany (+3), Great Britain (+3), Republic of Korea (+3), and Mexico (+3).   \n   \nOverall at the end of 2025, FIRST community covers 116 countries, and is composed of 824 Teams (+87), 4 Associates (+4), and 202 Liaisons (+44).\n","link":"https://www.first.org/newsroom/releases/202512-18","image":"https://www.first.org/_/img/news/firstpost2512-welcome.jpg","published":"Mon, 26 Jan 2026 00:00:00 GMT"},{"id":41163,"title":"Zimbabwe FIRST Technical Colloquium","summary":"May 06-08, 2026<br/>\nVictoria Falls (ZW)<br/>\n","link":"https://www.first.org/events/colloquia/zimbabwe2026/","image":"https://www.first.org/_/e/zimbabwe2026/zimbabwe2026-sq.jpg","published":"Fri, 16 Jan 2026 00:00:00 GMT"},{"id":41162,"title":"Why We Can’t Stop Talking About Information Sharing","summary":"I know — it’s a tired topic. So much has been written about information sharing that it can feel like white noise. Yet, it remains a critical issue that we haven't quite solved.   \n\nDuring a recent trip to China, I heard a recurring concern: “People no longer share vulnerabilities with us.” When I mention this back home, the common retort is, “Well, of course — their state actors will just use that data to attack us.”\n","link":"https://www.first.org/newsroom/releases/202512-17","image":"https://www.first.org/_/img/news/firstpost2512-sharing.jpg","published":"Thu, 08 Jan 2026 00:00:00 GMT"},{"id":41145,"title":"FIRST POST: Oct-Dec 2025","summary":"Message from the Chair; Member Spotlight; Standards Update; Special Interest Group Updates; Training and CCB; Record Growth Announcement, Cybersecurity Awareness Month and African Cyber Capacity Building; Why We Can’t Stop Talking About Information Sharing; FIRST Welcomes New Members and Thanks Sponsoring Teams!; Upcoming Events","link":"https://www.first.org/newsroom/post/202512","published":"Wed, 31 Dec 2025 00:00:00 GMT"},{"id":41159,"title":"2025 Vulnerability Forecast: Year-End Review","summary":"As 2025 draws to a close, we find ourselves in the satisfying position of reviewing forecasts that worked. Next year’s forecast will look and feel a bit different, but you can expect that in January and we like to keep them separate.","link":"https://www.first.org/blog/20251229-Vulnerability-Forecast-Review","published":"Mon, 29 Dec 2025 00:30:00 GMT"},{"id":41153,"title":"Upskilling Communications","summary":"Sharing information in cybersecurity is vital for prevention and response. There’s a lot of technical processes available, and best practice to learn from. FIRST, for example, was created for that exact reason back in the 90s, to share techniques and information between teams.","link":"https://www.first.org/blog/20251216-upskilling_communications","image":"https://www.first.org/blog/","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41154,"title":"Training and CCB","summary":"FIRST continues to provide training on different cybersecurity topics and in different parts of the world through our Community Trainers and CCB program. From October to December, FIRST has delivered nine trainings across seven economies with support from our training community, thanks to everyone for sharing their expertise and experience!","link":"https://www.first.org/newsroom/releases/202512-10","image":"https://www.first.org/_/img/news/firstpost2512-training.jpg","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41155,"title":"Record Growth Announcement, Cybersecurity Awareness Month and African Cyber Capacity Building","summary":"Growth Stack Media secured and tracked 29 pieces of earned media coverage for FIRST in Q4FY25 across notable publications including Dark Reading, SecurityBrief, and IT Brief. [You can view the full CoverageBook of articles here](https://www.first.org/newsroom/newsletters/FIRST_FY25Q4_PR_Coverage.pdf).","link":"https://www.first.org/newsroom/releases/202512-15","image":"https://www.first.org/_/img/news/firstpost2512-media.jpg","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41156,"title":"Special Interest Group Updates","summary":"The new [**Time Security SIG**](https://www.first.org/global/sigs/time/) was approved and started operating. It exists to help the global FIRST community prepare for the 2036–2038 epoch rollovers. By coordinating research, testing, and outreach on time integrity, the SIG connects CSIRTs, vendors, and standards bodies to strengthen resilience across critical infrastructure. It´s goal is to ensure the world’s clocks keep running — securely — long past 2038. If you are interested in more information or want to join, head over to https://www.first.org/global/sigs/time/.","link":"https://www.first.org/newsroom/releases/202512-7","image":"https://www.first.org/_/img/news/firstpost2026-sig-news.jpg","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41157,"title":"Standards Update","summary":"Big milestone at the ITU-T SG17 closing plenary (Thursday 2025-12-11) in Geneva! The membership officially approved C396 XS.TP.epoch \"Technical Report on Global Coordination Requirements for 2038-class rollover events (including but not limited to 2036, 2038, and 2106)\".","link":"https://www.first.org/newsroom/releases/202512-5","image":"https://www.first.org/_/img/news/firstpost2512-standard.jpg","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41158,"title":"Member Spotlight","summary":"Let's cast some light on our first FIRST member spotlight: Dr Kaleem Ahmed Usmani from CERT-MU in Mauritius. The aim of this award is to recognize **outstanding contributions and exceptional leadership in advancing cybersecurity collaboration and community engagement within the FIRST network**.   \n\nDr Kaleem Ahmed Usmani played a key role in organizing the [2025 FIRST & AfricaCERT Symposium: Africa and Arab Regions](https://www.first.org/events/symposium/africa-arab-regions2025/) in December 2025. His dedication and hard work made the event a success. Not a surprise from a FIRST member who has paid enormous efforts for the success of the community since an initial AfricaCERT event hosted in Mauritius in 2014. \n\n_“Hosting the FIRST and AfricaCERT Technical Symposium in Mauritius in December 2025 demonstrated the power of collaboration in building cyber resilience, uniting experts across regions to address today's challenges and prepare for tomorrow's digital threats”_ said Dr Kaleem Ahmed Usmani.\n\n\n","image":"https://www.first.org/_/img/news/firstpost2512-spotlight-drkaleem.jpg","published":"Tue, 16 Dec 2025 00:00:00 GMT"},{"id":41144,"title":"FIRST Reports Record Growth and Expanding Global Impact","summary":"Momentum Year Marked by Record Membership, New Resources, and Broader Collaboration Across 110+ Countries","link":"https://www.first.org/newsroom/releases/20251210","image":"https://www.first.org/_/img/first-big-icon.png","published":"Wed, 10 Dec 2025 14:00:00 GMT"},{"id":41146,"title":"Paris 2026 FIRST Technical Colloquium","summary":"February 9-10, 2026<br/>\nParis (FR)<br/>","link":"https://www.first.org/events/colloquia/paris2026/","image":"https://www.first.org/_/e/paris2026/paris2026-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41147,"title":"Bangalore 2026 FIRST Technical Colloquium","summary":"February 10-11, 2026<br/>\nBangalore (IN)<br/>\n\\#BANGALORETC26","link":"https://www.first.org/events/colloquia/bangalore2026/","image":"https://www.first.org/_/e/bangalore2026/bangalore-2026-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41148,"title":"2026 FIRST Regional Symposium for Central Asia","summary":"February 26-27, 2026<br/>\nTashkent (UZ)<br/>\nCo-hosted by UZCERT","link":"https://www.first.org/events/symposium/central-asia2026/","image":"https://www.first.org/_/e/central-asia2026/central-asia2026-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41149,"title":"CVE | FIRST VulnCon 2026 & Annual CNA Summit","summary":"Early Registration Available!<br/>\nApril 13-16, 2026<br/>\nScottsdale (USA)<br/>\n\\#VULNCON26","link":"https://www.first.org/conference/vulncon26","image":"https://www.first.org/_/e/vulncon26/vulncon26-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41150,"title":"2026 Cyber Threat Intelligence Conference","summary":"SAVE THE DATE<br/>\nApril 21-23, 2026<br/>\nMunich (DE)<br/>\n\\#FIRSTCTI26","link":"https://www.first.org/conference/firstcti26/","image":"https://www.first.org/_/e/firstcti26/firstcti26-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41151,"title":"38th Annual FIRST Conference","summary":"Early Registration Available!<br/>\nJune 14-19, 2026<br/>\nDenver (US)<br/>\n\\#FIRSTCON26","link":"https://www.first.org/conference/2026/","image":"https://www.first.org/_/e/firstcon26/firstcon26-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41152,"title":"Message from the Chair","summary":"We all know that FIRST stands for **Forum of Incident Response and Security Teams**. Even though most FIRST members are focusing on Incident Response the cohort of Security Teams is increasing too. During the last quarter of 2025, we reached the **1,024 milestone** of active members split in 825 teams, 196 Liaisons, and 3 Associates. It took 35 years, but let's guess that reaching 2,048 active members will come faster.   \n\nMost member teams bear 'CSIRT', 'CERT' or 'PSIRT' in their names, and have been built, got inspiration from or evolved using the well known [**CSIRT Framework**](https://www.first.org/standards/frameworks/csirts/) or the [**PSIRT Framework**](https://www.first.org/standards/frameworks/psirts). Many use [**SIM3**](https://opencsirt.org/csirt-maturity/sim3-and-references/) maturity model as a way to assess then improve their organisation, procedures, and better handle human and tooling aspects.","link":"https://www.first.org/newsroom/releases/202512-1","image":"https://www.first.org/_/img/news/firstpost2512-message-chair-2.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41160,"title":"Balkan Cybersecurity Days 2026","summary":"March 18-20, 2026<br/>\nShkodër, Albania (AL)<br/>\n\\#BCD2026","link":"https://www.first.org/events/colloquia/bcd2026/","image":"https://www.first.org/_/e/bcd2026/bcd2026-sq.jpg","published":"Tue, 09 Dec 2025 00:00:00 GMT"},{"id":41142,"title":"Building Resilience Through Reporting","summary":"The Actioning Alerts and Advisories (A4) project aimed to improve threat reporting in cybersecurity by providing technical expertise, analysis, and communications support to National Cybersecurity Incident Response Teams (CSIRTs). The project worked with teams from four countries, fostering collaboration and knowledge-sharing","link":"https://www.first.org/blog/20251201-NatCSIRT","image":"https://www.first.org/blog/","published":"Mon, 01 Dec 2025 00:00:00 GMT"},{"id":41143,"title":"Building Resilience Through Reporting","summary":"he Actioning Alerts and Advisories (A4) project aimed to improve threat reporting in cybersecurity by providing technical expertise, analysis, and communications support to National Cybersecurity Incident Response Teams (CSIRTs). The project worked with teams from four countries, fostering collaboration and knowledge-sharing\namong stakeholders, and empowering CSIRTs to create actionable reports that can be used to prevent cyber threats.","link":"https://www.first.org/blog/20251201-NatCSIRT","published":"Mon, 01 Dec 2025 00:00:00 GMT"},{"id":41141,"title":"2025 Q4 Vulnerability Publication Forecast","summary":"Usually, we begin a blog post with a review of last quarter, but our volunteer team couldn’t get a forecast out last quarter. We had several pressing matters between multiple team members, and we apologise. So, we’ll move swiftly on to this quarter’s predictions.","link":"https://www.first.org/blog/20251016-Q4Vulnerability-Forecast","image":"https://www.first.org/blog/_media/20240923-image01.png","published":"Thu, 16 Oct 2025 00:30:00 GMT"},{"id":41140,"title":"Paris 2026 FIRST Technical Colloquium","summary":"SAVE THE DATE<br/>\nFebruary 9-10, 2026<br/>\nParis (FR)<br/>\nMore details coming soon!","image":"https://www.first.org/_/e/paris2026/paris2026-sq.jpg","published":"Tue, 07 Oct 2025 00:00:00 GMT"}]}
