https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Jonathan+Fern%C3%A1ndez 2026-04-30T08:58:15Z User contributions MediaWiki 1.27.2 https://wiki.owasp.org/index.php?title=Chile&diff=192463 2015-03-30T21:47:22Z

<p>Jonathan Fernández: /* AGENDA DE LA CONFERENCIA 2015 */ cambia imagen a tabla</p> <hr /> <div>__NOTOC__ <br /> {|<br /> |-<br /> ! width=&quot;700&quot; align=&quot;center&quot; | &lt;br&gt; <br /> ! width=&quot;500&quot; align=&quot;center&quot; | &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; | [[Image:877px-2015-03-23 23 08 41-Chile - OWASP.jpg|888px|link=https://www.owasp.org/index.php/LatamTour2015#tab=CHILE]] <br /> | align=&quot;center&quot; | <br /> |}<br /> <br /> [https://www.owasp.org/index.php/LatamTour2015#tab=CHILE OWASP CHILE LatamTour 2015]<br /> <br /> = Owasp-Chile =<br /> <br /> == OWASP es una organización mundial sin fines de lucro ==<br /> <br /> *OWASP se dedica a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los Proyectos OWASP donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias de OWASP y aprenda como sacar provecho a estos recursos gratuitos.<br /> <br /> == ¿Como unirte a OWASP Chile? &amp;nbsp; &amp;nbsp; ¿Como estar informado de novedades? ==<br /> <br /> <br /> &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; + [http://lists.owasp.org/mailman/listinfo/owasp-chile Agregate a la lista de correo.]<br /> &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; + [https://twitter.com/#!/search/realtime/owaspchile Siguenos en nuestro Twitter.] <br /> &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; + [mailto:carlos.allendes@owasp.org Contactanos vía Correo.]<br /> <br /> <br /> == Equipo de Trabajo y Coordinación ==<br /> <br /> <br /> + Carlos Allendes D., Presidente y Líder OWASP Chile. [mailto:carlos.allendes@owasp.org Carlos Allendes] &amp;nbsp;&amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; [http://cl.linkedin.com/in/carlosallendes Perfil en LinkedIN]<br /> + Alejandro Johannes, Vice-presidente OWASP Chile. [mailto:ajohannesm@gmail.com Alejandro Johannes] &amp;nbsp;&amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;&amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/pub/alejandro-johannes/b/811/a12 Perfil en linkedIN]<br /> + Leonardo Pizarro, Relacionador Público OWASP Chile. [mailto:leonardo.pizarro@gmail.com Leonardo Pizarro] [http://cl.linkedin.com/in/leonardopizarro Perfil en LinkedIN]<br /> + NN - Secretari@ del Capitulo Local OWASP Chile. <br /> + Carlos Apablaza, Coordinador Web y difusión OWASP Chile. [mailto:carlos.apablaza@owasp.org Carlos Apablaza]&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/pub/carlos-apablaza-zamorano/20/a34/a38 Perfil en LinkedIN]<br /> + Jonathan Fernández, Coordinador Web y difusión OWASP Chile. [mailto:jonathan.fernandez04@gmail.com Jonathan Fernández]&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/pub/carlos-apablaza-zamorano/20/a34/a38 Perfil en LinkedIN] <br /> <br /> <br /> <br /> <br /> <br /> == Fotografias del LatamTour Chile 2014 ==<br /> <br /> <br /> [[Image:2014-04-27 15 55 18-1.jpg|thumb|left|333px]] <br /> <br /> [[Image:2014-04-sesion.jpg|thumb|left|333px]] <br /> <br /> [[Image:2014-04-owaspchile) on Twitter.jpg|thumb|center|333px]] <br /> <br /> <br /> [[Image:2014-04-27 17 11 07-Libro1 - Excel.jpg|thumb|left|222px]] <br /> <br /> <br /> [[Image:2014-04-27 16 55 56-Twitter Notifications.jpg|thumb|center|333px]] <br /> <br /> <br /> <br /> <br /> <br /> == Fotografias de conferencias anteriores ==<br /> <br /> [[Image:Owasp2013_(8).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(21).JPG|thumb|center|333px]] <br /> [[Image:Owasp2013_(5).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(6).jpg|thumb|center|333px]] <br /> [[Image:Owasp2013_(4).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(1).JPG|thumb|center|333px]] <br /> [[Image:Owasp2013_(7).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(20).jpg|thumb|center|333px]] <br /> [[Image:Owasp2013_(9).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(2).JPG|thumb|center|333px]] <br /> <br /> <br /> <br /> [[Image:Tg 013.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 019.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 021.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 023.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 014.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 028.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 031.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 037.JPG|thumb|center|333px]] <br /> <br /> <br /> [[Image:Latamtour001.JPG|thumb|left|300px]] <br /> <br /> [[Image:Latamtour002.JPG|thumb|center|300px]] <br /> <br /> [[Image:Latamtour005.JPG|thumb|center|300px]] <br /> <br /> <br /> <br /> <br /> =LatamTour-2015=<br /> <br /> <br /> <br /> == PRESENTACIONES DE LA CONFERENCIA 2015 ==<br /> <br /> *Bienvenida, Carlos Allendes [descargar PPT]<br /> <br /> *Slot #1 Relator 1 [descargar PPT]<br /> *Slot #2 Relator 2 [descargar PPT]<br /> *Slot #3 Relator 3 [descargar PPT]<br /> *Slot #4 Relator 4 [descargar PPT]<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Droguett Chapter Leader OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:50<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug Bounty, programs reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Freddy Grey (CHILE)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:50 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:10 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico WIFI de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. (ESPAÑA)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Es seguro utilizar redes Wi­Fi? Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:00 - 12:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Estado transparente, descentralización y confianza ¿Apoyado con Tecnología?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Esteban Valenzuela Van Treek (Escritor, doctor en Historia, ex alcalde/diputado, Director de Ciencia Política U.A.Hurtado)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Potenciar el regionalismo, la descentralización y la trasparencia del pais, usando la tecnología e internet (teletrabajo, e-learning, flexibilidad laboral, innovación, etc.)<br /> |-|-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:35 - 13:10<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OpenSAMM. Donde Iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes Droguett (CHILE)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Tecnico y Ecónomico para maximizar el retorno de la inversión en hacking etico, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:10 - 14:50<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:50 - 15:40<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. (PERU)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales de dominio y escalar privilegios hasta obtener un acceso de administrador de dominio.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:40 - 16:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | HTTPS: Usted, úselo bien.<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristián Rojas, CLCERT U.de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS? Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:30 - 16:40<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:40 - 17:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad Incorporada al Ciclo de Desarrollo<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Alejandro Johannes (CHILE)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Principios y fundamentos para disponer de una gestión con seguridad y calidad en el Ciclo de Desarrollo de aplicaciones.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:20 - 18:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Importancia de la seguridad en el software<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hector Takami (MEXICO)<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | En lo que respecta a la seguridad del software, dar importancia a proyectos como OpenSAMM e integrar estas sugerencias en un modelo de seguridad aplicativa.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 18:00 - 18:10<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Sorteo de Premios<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | membresías OWASP (entre inscritos)<br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =LatamTour-2014=<br /> <br /> <br /> <br /> == PRESENTACIONES DE LA CONFERENCIA 2014 ==<br /> <br /> *Bienvenida, Carlos Allendes [https://www.owasp.org/images/7/74/2014-abril-1_Bienvenida.pdf descargar]<br /> *Saludos OWASP GLOBAL, Fabio Cerullo [https://www.owasp.org/images/d/da/2014-abril-2_OWASPquovadis.pdf descargar]<br /> *Innovación y emprendimiento TI, Dr. Jaime Soto M., Presidente ACTI CHILE. [https://www.owasp.org/images/f/ff/2014-abril-3_Innovaci%C3%B3n_y_emprendimiento.pdf descargar]<br /> *Banca Móvil: Un análisis de la seguridad, Boris Murillo ( CHILE). [https://www.owasp.org/images/6/68/2014-abril-2_Banca_movil3.pdf descargar]<br /> *Presente y Futuro de Seguridad de Aplicaciones, Fabio Cerullo (IRLANDA). [https://www.owasp.org/images/2/2f/2014-abril-4_PteFuturoSeguridadapp.pdf descargar]<br /> *Atacando y Apagando una red completa con un solo computador, Manuel Moreno (CHILE). [*pendiente*]<br /> *Sismos: ¿Será el único riesgo a considerar en Infraestructura Crítica y Sistemas de Control Industrial?, Mateo Martinez (URUGUAY). [*pendiente*]<br /> *Ciberseguridad Industrial. Estado actual y próximos desafíos. Carlos Jaureche (CHILE). [https://www.owasp.org/images/0/05/2014-abril-7_Ciberseguridad_Industrial_v2x%281%29.pdf descargar]<br /> <br /> <br /> == AGENDA DE LA CONFERENCIA 2014 ==<br /> <br /> Miércoles 23 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)<br /> <br /> Horario Modulo Ponente Detalles<br /> * 09:00 - 09:30 Acreditación <br /> * 09:30 - 10:00 Bienvenida al Evento, DUOC-UC y OWASP-Chile Andrés Del Alcázar Cavallo. Director de Carrera DUOC-UC.<br /> * 10:00 - 10:45 Innovación y emprendimiento TI, Dr. Jaime Soto M., Presidente ACTI CHILE <br /> * 10:50 - 11:10 Break <br /> * 11:15 - 12:00 Banca Móvil: Un análisis de la seguridad, Boris Murillo ( CHILE) <br /> * 12:05 - 13:00 Presente y Futuro de Seguridad de Aplicaciones, Fabio Cerullo (IRLANDA) <br /> * 13:00 - 14:30 Break para Almorzar <br /> * 14:30 - 15:30 Atacando y Apagando una red completa con 1 solo computador, Manuel Moreno (CHILE) <br /> * 15:40 - 16:40 Sismos: ¿Será el único riesgo a considerar en Infraestructura Crítica y Sistemas de Control Industrial?, Mateo Martinez (URUGUAY) <br /> * 16:40 - 17:40 Ciberseguridad Industrial. Estado actual y próximos desafíos. Carlos Jaureche (CHILE) <br /> * 17:40 - 18:00 Break y Cierre del evento <br /> <br /> <br /> <br /> <br /> = LatamTour-2013 =<br /> <br /> == OWASP LatamTour - Chile Marzo 2013 ==<br /> == Excelente y masivo evento con muchos participantes de regiones ==<br /> <br /> Un evento lleno de satisfacciones tanto por su masividad, como por el interés y concentración de los asistentes.<br /> Variada concurrencia con asistentes y empresas de regiones... Talca , Valparaiso, Concepción, entre otras.<br /> <br /> Primera versión extendida que duró hasta las 17:20hrs y la concurrencia permanecio atenta y paticipativa, hasta el final.<br /> <br /> Al igual que otros años, nuestro anfitrión DUOC UC se lució con la organización y logística de todo el evento.<br /> <br /> == OWASP LATAMTOUR 2013 ==<br /> <br /> Fecha: Martes 19-Marzo Lugar: Auditorium DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda)<br /> -<br /> * 09:00 - 09:30 Registro de participantes<br /> * 09:30 - 09:50 Palabras de Bienvenida [ Anfitriones DUOC y OWASP ]<br /> * 10:00 - 10:50 ¿Cómo construir un modelo de desarrollo seguro? [ Mateo Martinez - URUGUAY ]<br /> * 10:50 - 11:15 &lt;Coffee Break&gt;<br /> * 11:20 - 12:10 ZAP 2.0 OpenTool para Test de Penetración y Vulnerabilidades [ Simon Bennetts - INGLATERRA ]<br /> * 12:20 - 13:10 ¿Su sitio web propaga malware? Como detectar y prevenir? [ Pablo Ramos - ARGENTINA ]<br /> * 13:10 - 14:50 &lt;Receso para Almorzar&gt;<br /> * 15:00 - 15:50 OWASP-BWA: Hacking the Web, como aprender y practicar sin terminar en la cárcel. [ Felipe Sanchez - CHILE ]<br /> * 16:00 - 16:50 CAPTCHA Hacking: Técnicas y herramientas que vulneran sitios de la banca y comercio electrónico [ Ricardo Supo - PERU ]<br /> * 16:50 - 17:10 Entrega de premios y Cierre del Evento <br /> -<br /> == Fotografias del LatamTour Chile 2013 ==<br /> <br /> [[Image:Owasp2013_(8).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(2).JPG|thumb|center|333px]] <br /> [[Image:Owasp2013_(5).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(6).jpg|thumb|center|333px]] <br /> [[Image:Owasp2013_(4).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(1).JPG|thumb|center|333px]] <br /> [[Image:Owasp2013_(7).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(20).jpg|thumb|center|333px]] <br /> [[Image:Owasp2013_(9).jpg|thumb|left|333px]] <br /> [[Image:Owasp2013_(21).JPG|thumb|center|333px]] <br /> <br /> <br /> <br /> [[Image:2013-03-07_owaspSCL2.jpg|888px]] <br /> <br /> == ¿Quieres asistir al LatamTour-2013 del 19-Marzo? [http://lists.owasp.org/mailman/listinfo/owasp-chile ...Inscribete y participa!] ==<br /> <br /> [http://lists.owasp.org/mailman/listinfo/owasp-chile Agregate en nuestra lista de correo y estarás registrado para el evento &lt;AQUI&gt;.]<br /> <br /> <br /> {{:LatamTour2013 STGO Agenda}} <br /> <br /> <br /> {{Social Media Links}}<br /> <br /> <br /> <br /> <br /> <br /> <br /> = LatamTour-2012 =<br /> <br /> == OWASP LatamTour - Chile Mayo 2012 ==<br /> == Excelente evento y temas interesantes ==<br /> <br /> Un cierre de evento satisfactorio, con temáticas interesantes y expositores que captaron el interes de los asistentes. Gracias a todos quienes participaron y que hicieron posible esta conferencia.<br /> <br /> En particular agradecemos a nuestros anfitriones DUOC UC por la impecable organización y recepción de la conferencia LATAM.<br /> <br /> == OWASP LATAMTOUR 2012 ==<br /> <br /> *OWASP_LatamTour_bienvenida. [https://www.owasp.org/images/6/63/01_OWASP_LatamTur2012_Bienvenida.pdf descargar] <br /> <br /> *Necesitas implantar PCI,¿Te dijeron qué hacer?. [https://www.owasp.org/images/b/b2/02_OWASP_LatamTur2012_A.Bedini.pdf descargar] <br /> <br /> *INGENIERÍA SOCIAL: HACKING PSICOLÓGICO [https://www.owasp.org/images/5/57/03_OWASP_LatamTur2012_G.Izunza.pdf descargar] <br /> <br /> *Seguridad en Bases de Datos [https://www.owasp.org/images/7/7a/04_OWASP_LatamTur2012_M.Mart%C3%ADnez.pdf descargar] <br /> <br /> *Desarrollo Seguro usando OWASP [https://www.owasp.org/images/3/34/05_OWASP_LatamTur2012_F.Cerullo.pdf descargar] <br /> <br /> <br /> <br /> <br /> = LatamTour-2011 =<br /> <br /> == OWASP LatamTour - Chile Agosto 2011 ==<br /> <br /> {| cellpadding=&quot;2&quot; style=&quot;border: 1px solid darkgray;&quot;<br /> |-<br /> ! width=&quot;800&quot; | <br /> |- align=&quot;center&quot;<br /> | [[Image:Logo latamtour.jpg]]<br /> |}<br /> <br /> == Agradecimientos ==<br /> <br /> Estimados participantes y patrocinadores del LatamTour 2011, agradecemos el apoyo y la participación de todos Uds. Muchos miembros activos del OWASP Chile que entregaron su tiempo y esfuerzo y a las empresas patrocinadoras que hicieron posible recepcionar en Chile este evento que recorrio cinco paises latinoamericanos exponiendo y sensibilizando respecto del “Desarrollo seguro de aplicaciones” y la “Seguridad en Internet”, involucrando a las comunidades tecnológicas y docentes cercanas al ámbito del desarrollo de software. <br /> <br /> A continuación se subirán las ponencias que se realizaron el martes 09-08-11, también iremos subiendo las fotografías del evento. <br /> <br /> <br /> <br /> <br /> <br /> == Documentacion y Ponencias *Links para bajar en formato PDF* ==<br /> <br /> + [http://www.owasp.org/index.php/File:01_OWASP_LatamTur2011_Bienvenida.pdf Palabras de Bienvenida e Introducción a Fundación OWASP. Carlos Allendes, Presidente OWASP-Chile]<br /> + [http://www.owasp.org/index.php/File:02_OWASP_LatamTur2011_Delitos_Informaticos.pdf? Delitos Informáticos. Felipe Sánchez, Perito Informático]<br /> + [http://www.owasp.org/index.php/File:03_OWASP_LatamTur2011_Seguridad_de_acceso_a_datos.pdf? Seguridad en el acceso de Datos. David Sutherland, Socio Consultor Datactiva Ltda.]<br /> + [http://www.owasp.org/index.php/File:04_OWASP_TOP10_como_base_para_Inspección_de_Código.pdf? TOP10 como base para Inspección de Código. Katherine Andrade, TestGroup S.A]<br /> + [http://www.owasp.org/index.php/File:05_OWASP_LatamTur2011_OpenSAMM.pdf? Modelo de Madurez para Desarrollo Seguro de Software (OpenSAMM). Fabio Cerullo, Líder OWASP – Irlanda ]<br /> <br /> <br /> <br /> <br /> <br /> == Fotografias de la conferencia ==<br /> <br /> [[Image:Latamtour001.JPG|thumb|left|300px]] <br /> <br /> [[Image:Latamtour002.JPG|thumb|center|300px]] <br /> <br /> [[Image:Latamtour005.JPG|thumb|center|300px]] <br /> <br /> <br /> = FirstEvent-2010 =<br /> <br /> == First OWASP DAY - Chile Noviembre 2010 ==<br /> <br /> [[Image:FirstOWASPDay-Chile.jpg|thumb|center|FirstOWASPDay-Chile.jpg]] <br /> <br /> == Agradecimientos ==<br /> <br /> Estimados participantes y patrocinadores del OWASP Day, queremos agradecer el apoyo y la participación desinteresada de todos Uds. Muchos miembros activos del OWASP Chile que entregaron su tiempo y esfuerzo y a las empresas patrocinadoras que hicieron posible esta primera conferencia. <br /> <br /> A continuación se subirán las ponencias que se realizaron el viernes 05-11-10, también iremos subiendo las fotografías del evento. <br /> <br /> <br /> <br /> '''OWASP DAY Chile''' <br /> <br /> First OWASP DAY Chile - 2010. Evento a realizarse el viernes 05-11-10, de 14:30 a 18:30 hrs. <br /> <br /> *Lugar: Edificio de la Cámara de Comercio de Santiago, Monjitas 392 (esquina JM de la Barra), Santiago - Chile <br /> [http://maps.google.cl/maps?hl=es&amp;biw=1280&amp;bih=601&amp;q=Calle%20Monjitas%20392%2C%20Santiago&amp;um=1&amp;ie=UTF-8&amp;sa=N&amp;tab=wl Mapa] Acceso vía Metro Bellas Artes.<br /> <br /> <br /> <br /> <br /> <br /> *Documentación y Ponencias Links para bajar en formato PDF<br /> <br /> <br /> <br /> + [http://www.owasp.org/index.php/File:OWASP_y_OWASP-Chile.pdf Introducción a Fundación OWASP y OWASP-Chile. Carlos Allendes, Presidente OWASP-Chile]<br /> + [http://www.owasp.org/index.php/File:PRESENTACION_OWASP_PDI-CiberCrimen.pdf Crimen Informático en Chile, Realidad y Tendencias. Inspector Felipe Herrera,PDI-Brigada CiberCrimen]<br /> + [http://www.owasp.org/index.php/File:Seguridad_SDLC.pdf Seguridad en el Ciclo de Vida del Desarrollo de Software. Alejandro Johannes, Vice-Presidente OWASP-Chile]<br /> + [http://www.owasp.org/index.php/File:OWASP_TOP10_Caso_Practico_Implantaci%C3%B3n.pdf OWASP Top Ten un Caso Práctico de implantación. Alejandro Bedini, Nexus S.A.]<br /> + [http://www.owasp.org/index.php/File:OWASPyTendenciasEnSeguridad.pdf OWASP y las Tendencias en Seguridad de Aplicaciones. Juan Carlos Calderón, Líder OWASP - México]<br /> <br /> <br /> <br /> <br /> *Equipo Coordinador OWASP Day <br /> <br /> Un agradecimiento especial al equipo de &quot;Mosqueteros&quot;, como se autodenomina el comité organizador <br /> <br /> + Carlos Allendes, Presidente y Líder OWASP Chile. [mailto:carlos.allendes@owasp.org Carlos Allendes] &amp;nbsp; &amp;nbsp; &amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/in/carlosallendes Perfil en LinkedIN]<br /> + Alejandro Johannes, Vice-presidente OWASP Chile. [mailto:ajohannesm@gmail.com Alejandro Johannes] &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/pub/alejandro-johannes/b/811/a12 Perfil en linkedIN]<br /> + Leonardo Pizarro, Relacionador Público OWASP Chile. [mailto:leonardo.pizarro@gmail.com Leonardo Pizarro] [http://cl.linkedin.com/in/leonardopizarro Perfil en LinkedIN]<br /> + Jose Espina, Secretario del Capitulo Local OWASP Chile. [mailto:jose.espina@imatec.cl Jose Espina] &amp;nbsp; &amp;nbsp; [http://cl.linkedin.com/pub/jos%C3%A9-guillermo-espina-dote/21/a44/200 Perfil en LinkedIN]<br /> + Carlos Apablaza, Coordinador Web y difusión OWASP Chile. [mailto:c.apablaza.z@gmail.com Carlos Apablaza]&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp; [http://cl.linkedin.com/pub/carlos-apablaza-zamorano/20/a34/a38 Perfil en LinkedIN]<br /> <br /> <br /> <br /> == Fotografias de la conferencia ==<br /> <br /> [[Image:Tg 013.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 019.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 021.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 023.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 014.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 028.JPG|thumb|center|333px]] <br /> <br /> [[Image:Tg 031.JPG|thumb|left|333px]] <br /> <br /> [[Image:Tg 037.JPG|thumb|center|333px]] <br /> <br /> [[Image:Pendon owasp.jpg|thumb|left|Pendon owasp.jpg]] <br /> <br /> [[Image:Owasp chile.jpg|thumb|left|Owasp chile.jpg]] <br /> <br /> <br /> = Oferta Laboral =<br /> == Ofertas Laborales ==<br /> <br /> <br /> <br /> <br /> <br /> *30-octubre-2013 &gt;&gt;&gt; Oferta Laboral 2 Ingenieros especialistas en SGSI .. http://goo.gl/fkJeKQ<br /> <br /> ---------- Mensaje reenviado ----------<br /> Estimad@s<br /> <br /> Se requiere con disponibilidad inmediata 02 ingenieros especialistas en seguridad de la información. Duración proyecto de 2,5 meses.<br /> <br /> &amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;<br /> Proyecto 2,5 meses.<br /> Necesita 02 Profesionales con experiencia en ISO.27001.- Seguridad de la Información<br /> <br /> A)Experiencia verificable de 6+ años en implementación y gestión de proyectos de Seguridad de la Información.<br /> <br /> B)Poseer certificacion o cursos formales relativos a Seguridad de la Información (CISM, CISSP u otro relacionado)<br /> <br /> C)Responsabilidades y tareas principales:<br /> <br /> 1. Realizar seguimiento/monitoreo a la implementación de un SGSI.<br /> 2. QA técnico SGSI. Ejercer como contraparte técnica del proyecto de Seguridad de la Información y QA a los procedimientos de TI asociados al SGSI.<br /> 3. Implementar los compromisos de auditoría que surjan al SGSI.<br /> 4. Levantar y documentar procedimientos de operación asociados al SGSI.<br /> 5. Identificar riesgos asociados al proyecto que puedan afectar el cumplimiento de sus objetivos de costo tiempo y/o calidad.<br /> <br /> &amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;&amp;<br /> <br /> ----------<br /> <br /> <br /> <br /> *27-abril-2013 &gt;&gt;&gt; Oferta Laboral Analista de seguridad y Analista Riesgos<br /> <br /> *25-marzo-2013 &gt;&gt;&gt; Oferta Laboral Ingeniero de Procesos http://goo.gl/BcvSQ<br /> <br /> *18-marzo-2013 &gt;&gt;&gt; Oferta Laboral Oficial de Seguridad... http://goo.gl/32qYN <br /> <br /> *11-marzo-2013 &gt;&gt;&gt; Oferta Laboral PPQA...(disponibilidad inmedita) http://goo.gl/BM0Si <br /> <br /> <br /> = Documentos =<br /> <br /> <br /> <br /> == OWASP LATAMTOUR 2014 ==<br /> <br /> <br /> *Bienvenida, Carlos Allendes [https://www.owasp.org/images/7/74/2014-abril-1_Bienvenida.pdf descargar]<br /> *Saludos OWASP GLOBAL, Fabio Cerullo [https://www.owasp.org/images/d/da/2014-abril-2_OWASPquovadis.pdf descargar]<br /> *Innovación y emprendimiento TI, Dr. Jaime Soto M., Presidente ACTI CHILE. [https://www.owasp.org/images/f/ff/2014-abril-3_Innovaci%C3%B3n_y_emprendimiento.pdf descargar]<br /> *Banca Móvil: Un análisis de la seguridad, Boris Murillo ( CHILE). [https://www.owasp.org/images/6/68/2014-abril-2_Banca_movil3.pdf descargar]<br /> *Presente y Futuro de Seguridad de Aplicaciones, Fabio Cerullo (IRLANDA). [https://www.owasp.org/images/2/2f/2014-abril-4_PteFuturoSeguridadapp.pdf descargar]<br /> *Atacando y Apagando una red completa con un solo computador, Manuel Moreno (CHILE). [*pendiente*]<br /> *Sismos: ¿Será el único riesgo a considerar en Infraestructura Crítica y Sistemas de Control Industrial?, Mateo Martinez (URUGUAY). [*pendiente*]<br /> *Ciberseguridad Industrial. Estado actual y próximos desafíos. Carlos Jaureche (CHILE). [https://www.owasp.org/images/0/05/2014-abril-7_Ciberseguridad_Industrial_v2x%281%29.pdf descargar]<br /> <br /> <br /> == OWASP LATAMTOUR 2013 ==<br /> <br /> *¿Cómo construir un modelo de desarrollo seguro (Mateo Martinez - URUGUAY). [https://www.owasp.org/images/4/49/2013-1_C%C3%B3mo_construir_un_modelo_de_desarrollo_seguro_-_Mateo_Martinez_-_URUGUAY_-.pdf descargar] <br /> <br /> *¿Su sitio web propaga malware? Como detectar y prevenir (Pablo Ramos - ARGENTINA). [https://www.owasp.org/images/e/e3/2013-2_Su_sitio_web_propaga_malware_Como_detectar_y_prevenir_-_Pablo_Ramos_-_ARGENTINA_-.pdf descargar] <br /> <br /> *ZAP OWASP - A Real ZAP Story - Mateo Martínez v0.1. [https://www.owasp.org/images/8/86/2013-3_ZAP_OWASP_-_A_Real_ZAP_Story_-_Mateo_Mart%C3%ADnez_v0.1.pdf descargar]<br /> <br /> *CAPTCHA Hacking: Técnicas y herramientas que vulneran sitios de la banca y comercio electrónico (Ricardo Supo - PERU). [https://www.owasp.org/images/2/2d/2013-4_CAPTCHA_Hacking_T%C3%A9cnicas_y_herramientas_que_vulneran_sitios_de_la_banca_y_comercio_electr%C3%B3nico_-_Ricardo_Supo_-_PERU_-.pdf descargar]<br /> <br /> *OWASP-BWA Hacking the Web, como aprender y practicar sin terminar en la cárcel. (Felipe Sanchez - CHILE) [https://www.owasp.org/images/7/71/2013-5_OWASP-BWA_Hacking_the_Web%2C_como_aprender_y_practicar_sin_terminar_en_la_c%C3%A1rcel._-_Felipe_Sanchez_-_CHILE_-.pdf descargar]<br /> <br /> <br /> <br /> <br /> <br /> <br /> == OWASP LATAMTOUR 2012 ==<br /> <br /> *OWASP_LatamTour_bienvenida. [https://www.owasp.org/images/6/63/01_OWASP_LatamTur2012_Bienvenida.pdf descargar] <br /> <br /> *Necesitas implantar PCI,¿Te dijeron qué hacer?. [https://www.owasp.org/images/b/b2/02_OWASP_LatamTur2012_A.Bedini.pdf descargar] <br /> <br /> *INGENIERÍA SOCIAL: HACKING PSICOLÓGICO [https://www.owasp.org/images/5/57/03_OWASP_LatamTur2012_G.Izunza.pdf descargar] <br /> <br /> *Seguridad en Bases de Datos [https://www.owasp.org/images/7/7a/04_OWASP_LatamTur2012_M.Mart%C3%ADnez.pdf descargar] <br /> <br /> *Desarrollo Seguro usando OWASP [https://www.owasp.org/images/3/34/05_OWASP_LatamTur2012_F.Cerullo.pdf descargar] <br /> <br /> <br /> == OPEN SAMM ==<br /> <br /> *OPEN SAMM traducido al español. [http://www.opensamm.org/downloads/SAMM-1.0-es_MX.pdf descargar] <br /> <br /> == Owasp Top 10 ==<br /> <br /> *Owasp Top 10 traducido al español. [https://www.owasp.org/images/2/2d/OWASP_Top_10_-_2010_FINAL_%28spanish%29.pdf descargar] <br /> <br /> == OWASP Secure Coding Practices ==<br /> <br /> *OWASP Secure Coding Practices traducido al español. [http://www.owasp.org/images/c/c8/OWASP_SCP_Quick_Reference_Guide_SPA.doc descargar] <br /> <br /> == OWASP SCP Quick Reference Guide SPA ==<br /> <br /> *OWASP SCP Quick Reference Guide SPA traducido al español. [https://www.owasp.org/images/a/aa/OWASP_SCP_Quick_Reference_Guide_SPA.pdf descargar] <br /> <br /> <br /> == Videos ==<br /> ==OWASP [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series AppSec Tutorial Project] ==<br /> == Episode 1 ==<br /> {{#ev:youtube|CDbWvEwBBxo}}<br /> == Episode 2 ==<br /> {{#ev:youtube|pypTYPaU7mM}}<br /> == Episode 3 ==<br /> {{#ev:youtube|_Z9RQSnf8-g}}<br /> <br /> <br /> __NOTOC__ &lt;headertabs /&gt;<br /> <br /> [[Category:OWASP_Document]] [[Category:OWASP_Download]] [[Category:OWASP_Release_Quality_Document]]<br /> [[Category:South_America]] [[Category:Latin_America]] [[Category:OWASP_Chapter]]</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191683 2015-03-18T18:12:18Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ cambia tbd a &quot;por definir&quot;</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes Droguett [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes Droguett [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> [https://www.owasp.org/index.php/Chile El Capítulo Chileno de OWASP], tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC] sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicada a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''HAGA CLICK AQUI PARA REGISTRARSE''']<br /> &lt;br&gt;<br /> Para asistentes registrados se sortean 5 membresías, que permiten acceder gratis (o con descuento preferente) a eventos y talleres OWASP durante 12 meses.<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Droguett Chapter Leader OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug Bounty, programs reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Freddy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico WIFI de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde Iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes Droguett [http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Tecnico y Ecónomico para maximizar el retorno de la inversión en hacking etico, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales de dominio y escalar privilegios hasta obtener un acceso de administrador de dominio.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | HTTPS: Usted, úselo bien.<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristián Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS? Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | Por Definir<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | ''' TBD '''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 09:00 am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''Universidad Tecnológica del Peru - Esquina Av. 28 de Julio con Av. Petit Thouars, Lima – Perú'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 9:30 am<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 am<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:30 am<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:30 am<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191611 2015-03-17T19:38:53Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ cambia todo el texto a español</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''HAGA CLICK AQUI PARA REGISTRARSE''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug Bounty, programs reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Freddy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico WIFI de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde Iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. [http://http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Tecnico y Ecónomico para maximizar el retorno de la inversión en hacking etico, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://www.inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales de dominio y escalar privilegios hasta obtener un acceso de administrador de dominio.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS? Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191605 2015-03-17T19:20:32Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ Correción faltas de ortografía</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug Bounty, programs reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Freddy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico WIFI de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde Iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. [http://http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Tecnico y Ecónomico para maximizar el retorno de la inversión en hacking etico, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://www.inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales de dominio y escalar privilegios hasta obtener un acceso de administrador de dominio.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS? Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191550 2015-03-17T15:06:22Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ Corrige header tabla talleres</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug bounty y programas reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Fredy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico de wifi de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. [http://http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Técnico y Económico para maximizar el retorno de la inversión en hacking ético, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://www.inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales, de dominio y escalar privilegios hasta obtener un administrador de dominio. <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿Estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS. Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191549 2015-03-17T14:35:48Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ Agrega calendario tentativo de talleres</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug bounty y programas reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Fredy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico de wifi de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. [http://http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Técnico y Económico para maximizar el retorno de la inversión en hacking ético, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://www.inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales, de dominio y escalar privilegios hasta obtener un administrador de dominio. <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿Estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS. Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> | style=&quot;width:30%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | TBD<br /> <br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191540 2015-03-17T14:18:41Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ Agrega links a webs mencionadas.</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug bounty y programas reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Fredy Grey [http://www.0rnitorrinco.cl'''www.0rnitorrinco.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico de wifi de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. [http://www.wifense.com'''www.wifense.com''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. [http://http://www.qualityfactory.cl'''www.QualityFactory.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Técnico y Económico para maximizar el retorno de la inversión en hacking ético, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. [http://www.inzafe.cl'''www.inzafe.cl''']<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales, de dominio y escalar privilegios hasta obtener un administrador de dominio. <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿Estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS. Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | ** Sin Talleres en CHILE **<br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191537 2015-03-17T14:04:44Z

<p>Jonathan Fernández: /* Santiago: April, 8th-9th 2015 */ Agrega ponentes a listado de conferencias</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Rodrigo Cea Warner. Director de Carrera DUOC-UC. Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug bounty y programas reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Ormeño y Fredy Grey www.Ornitorrinco.cl<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:45 - 11:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:05 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico de wifi de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Yago Fernández H. www.wifense.com<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM. Donde iniciar?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Carlos Allendes D. www.QualityFactory.cl<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque Técnico y Económico para maximizar el retorno de la inversión en hacking ético, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Ricardo Supo P. www.inzafe.cl<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales, de dominio y escalar privilegios hasta obtener un administrador de dominio. <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | SSL Instalado... ¿Estamos realmente seguros?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cristin Rojas, CLCERT Universidad de Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ¿Que riesgos acechan, aunque tengamos instalado SSL/TLS. Año 2014 fue intenso: Heartbleed, POODLE, y errores de implementación como el GOTO FAIL.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:05 - 16:20<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Coffee - Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 16:20 - 17:25<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | TBD<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 17:30 - 17:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | ** Sin Talleres en CHILE **<br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo , &lt;b&gt;Dublin Irlanda&lt;/b&gt;&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Keynote: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=LatamTour2015&diff=191476 2015-03-16T12:33:07Z

<p>Jonathan Fernández: Se agrega tabla con información de owasp latam tour 2015</p> <hr /> <div>__NOTOC__ <br /> <br /> [[Image:Banner_latam_2015.jpg ‎|750px|link=https://www.owasp.org/index.php/LatamTour2015]]<br /> <br /> =WELCOME= <br /> <br /> <br /> <br /> == '''Schedule''' ==<br /> <br /> * Santiago, '''Chile''': April, 8th-9th 2015<br /> * Patagonia, '''Argentina''': April, 10th-11th 2015<br /> * Bucaramanga, '''Colombia''': April, 14th 2015<br /> * Montevideo, '''Uruguay''': April, 15th-16th 2015<br /> * Lima, '''Peru''': April, 17th-18th 2015<br /> * Santa Cruz, '''Bolivia''': April 17th -18th 2015 <br /> * San Jose, '''Costa Rica''': April, 21st 2015<br /> * Guatemala, '''Guatemala''': April, 21st-22nd 2015<br /> * Buenos Aires, '''Argentina''': April, 24th 2015<br /> * Caracas, '''Venezuela''': April, 23rd 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> '''REGISTRATION IS NOW OPEN, PLEASE CHECK THE LOCATION TAB YOU ARE INTERESTED IN'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Latam Tour Objective''' ==<br /> <br /> The OWASP Latam Tour objective is to raise awareness about application security in the Latin America region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.<br /> <br /> We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =='''Who Should Attend the Latam Tour?'''==<br /> <br /> *Application Developers <br /> *Application Testers and Quality Assurance <br /> *Application Project Management and Staff <br /> *Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff <br /> *Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance <br /> *Security Managers and Staff <br /> *Executives, Managers, and Staff Responsible for IT Security Governance <br /> *IT Professionals Interesting in Improving IT Security<br /> *Anyone interested in learning about or promoting Web Application Security&lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> == '''Become an OWASP Member''' ==<br /> <br /> <br /> As part of the OWASP Latam Tour, you could '''become an OWASP Member by ONLY paying 20 U$D'''. Show your support and become an OWASP member today!<br /> <br /> [[Image:Join_button.jpg|100px|link=http://sl.owasp.org/newmember]] [[Image:Renewal.jpg |100px|link=http://sl.owasp.org/renewmember]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Questions''' ==<br /> <br /> *If you have any questions about the Latam Tour 2015, please send an email to andrea.villar@owasp.org / fcerullo@owasp.org<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == '''Social Media''' ==<br /> <br /> '''[http://twitter.com/search?q=%23LATAMTOUR #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br /> <br /> '''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' &lt;twitter&gt;34534108&lt;/twitter&gt;<br /> <br /> = CALL FOR PAPERS &amp; TRAININGS =<br /> <br /> == '''Do you want to give a talk or a training session in Latin America?''' ==<br /> &lt;br&gt; <br /> <br /> '''Please send your proposals to the corresponding chapter leader before February 1st 2015:'''<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * '''Argentina''' (Buenos Aires): Martin Tartarelli via [https://docs.google.com/forms/d/1ncVFYKsBv6aUsf3WBI657yRHUQLkazjkT9VMu4Vdp9I/viewform '''this Google form''']<br /> * '''Argentina''' (Patagonia): Gaston Toth [gaston.toth@owasp.org]<br /> * '''Colombia''': Diego Ademir Duarte [dadhemir@owasp.org]<br /> * '''Costa Rica''': Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * '''Chile''': Carlos Allendes [carlos.allendes@owasp.org]<br /> * '''Guatemala''': Pablo Barrera [pbarrera@gmail.com]<br /> * '''Peru'''(Lima) : John Vargas [john.vargas@owasp.org] vía [https://docs.google.com/forms/d/1HJAwdnCxhnDjxdEOrHVBaewrkQncIB2uxHCzxEtxwug '''this Google form''']<br /> * '''Uruguay''': Mateo Martinez [mateo.martinez@owasp.org]<br /> * '''Venezuela''': Edgar Salazar [edgar.salazar@owasp.org]<br /> &lt;br&gt;<br /> <br /> ''By your submission you agree to the [https://www.owasp.org/images/4/4f/AppSec_Latam_2015_Speaker_Agreement.pdf '''OWASP Speaker Agreement'''] or [https://www.owasp.org/images/f/fa/LatamTour_2015_Training_Instructor_Agreement.pdf ‎'''Instructor Agreement'''].<br /> <br /> =TEAM=<br /> <br /> '''Chapter Leaders'''<br /> <br /> * Bucaramanga, Colombia: Diego Ademir Duarte [dadhemir@owasp.org]<br /> * Santiago, Chile: Carlos Allendes [carlos.allendes@owasp.org]<br /> * Guatemala, Guatemala: Pablo Barrera [pbarrera@gmail.com]<br /> * Santa Cruz de las Sierras, Bolivia: Daniel Torres [daniel.torres@owasp.org]<br /> * San Jose, Costa Rica: Michael Hidalgo [michael.hidalgo@owasp.org]<br /> * Montevideo, Uruguay: Mateo Martinez [mateo.martinez@owasp.org]<br /> * Caracas, Venezuela: Edgar Salazar [edgar.salazar@owasp.org]<br /> * Buenos Aires, Argentina: Martin Tartarelli [martin.tartarelli@gmail.com]<br /> * Patagonia, Argentina: Gaston Toth [gaston.toth@owasp.org]<br /> * Lima, Peru: John Vargas [john.vargas@owasp.org]<br /> <br /> <br /> '''Operations'''<br /> <br /> *[[User:Fabio.e.cerullo|Fabio Cerullo]], &lt;br&gt;<br /> * Andrea Villar<br /> * Kate Hartmann<br /> * [https://www.owasp.org/index.php/User:Kelly_Santalucia Kelly Santalucia]<br /> <br /> =PATAGONIA=<br /> <br /> <br /> =='''Patagonia: April, 10th-11th 2015'''==<br /> <br /> ===Registrarse===<br /> Los interesados en asistir al evento deben registrarse en:&lt;br&gt; <br /> [https://www.regonline.com/owasplatamtour15patagonia https://www.regonline.com/owasplatamtour15patagonia]&lt;br&gt;<br /> <br /> ===Agenda ===<br /> '''Viernes 10 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Conferencia<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 09:00 - 10:00<br /> | Acreditacion<br /> | <br /> |- <br /> | 10:00 - 10:15<br /> | Bienvenida e intoduccion a OWASP<br /> |<br /> |-<br /> | 10:20 - 11:00<br /> | [https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]<br /> | [https://www.linkedin.com/in/ariancho Andrés Riancho]<br /> |- <br /> | 11:00 - 11:30<br /> | Pausa para café<br /> |<br /> |-<br /> | 11:30 - 12:00 <br /> | Aspectos Legales de la Seguridad informática&lt;br&gt;<br /> | Marcelo Campetella<br /> |-<br /> | 12:00 - 12:30<br /> | El mercado del Malware en las Apps de los Store para Android<br /> | Claudio Caracciolo<br /> |-<br /> | 12:30 - 14:00<br /> | Pausa para almuerzo<br /> |<br /> |- <br /> | 14:00 - 14:40<br /> | Mobile Apps and how to Pentest them<br /> | Gustavo Sorondo<br /> |-<br /> | 14:40 - 15:10<br /> | CIOs vs CISOs: OWASP al rescate <br /> | Mauro Graziosi<br /> |-<br /> | 15:10 - 15:40<br /> | Pausa para café<br /> |<br /> |-<br /> | 15:40 - 16:20<br /> | Certificate Pinning: ¿tenemos el c...ertificado roto?<br /> | Cristian Borghello<br /> |- <br /> | 16:20 - 16:30<br /> | Agradecimientos y cierre<br /> |<br /> |}<br /> <br /> '''Sabado 11 de abril'''&lt;br&gt;<br /> {| class=&quot;wikitable&quot;<br /> |-<br /> ! width=&quot;100&quot; align=&quot;center&quot; | Hora<br /> ! width=&quot;450&quot; align=&quot;center&quot; | Entrenamiento<br /> ! width=&quot;150&quot; align=&quot;center&quot; | Expositor<br /> <br /> |-<br /> | 08:00 - 12:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 1)<br /> | Cristian Borghello<br /> |- <br /> | 12:00 - 13:00<br /> | Pausa para almuerzo<br /> |<br /> |-<br /> | 13:00 - 17:00<br /> | Hacking de aplicaciones web basado en OWASP Top 10 (Parte 2)<br /> | Cristian Borghello<br /> |}<br /> <br /> ===¿Dónde?===<br /> Universidad Nacional del Comahue, Buenos Aires 1400, Neuquén&lt;br&gt;<br /> [[File:Ubicacion.png|link=https://www.google.com.ar/maps/place/38%C2%B056'26.2%22S+68%C2%B003'15.5%22W/@-38.940623,-68.054305,228m/data=!3m2!1e3!4b1!4m2!3m1!1s0x0:0x0]]<br /> <br /> ===Afiche para difusión===<br /> [[File:PosterLatamtour2015-Patagonia.jpg|link=https://www.owasp.org/images/6/60/Poster_Latamtour.pdf]]<br /> <br /> ===Patrocinio===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;&lt;br&gt;<br /> Cualquier consulta no duden en escribir a [mailto:gaston.toth@owasp.org Gaston Toth] o a [mailto:diego.dinardo@patagoniasec.com.ar Diego Di Nardo].<br /> &lt;br&gt;<br /> <br /> =BUENOS AIRES=<br /> <br /> Invitamos a estudiantes, desarrolladores, expertos en seguridad informática y curiosos en general a compartir con la comunidad de OWASP un nuevo evento en Buenos Aires! Será una jornada de charlas técnicas, en un ambiente relajado e ideal para conocer otras personas interesadas en la seguridad en aplicaciones.<br /> <br /> <br /> =='''Inscripcion'''==<br /> <br /> Recuerden que es necesario [https://www.regonline.com/owasplatamtour15argentina '''inscribirse'''] para asistir. La registración es '''completamente gratis''' y es unicamente utilizada para verificar su identidad en la entrada de la Universidad.<br /> <br /> == '''Fecha y lugar'''==<br /> <br /> 24 Abril 2015 - 9am (puntual!)&lt;br&gt;<br /> [http://www.udemm.edu.ar/ Universidad de la Marina Mercante]&lt;br&gt;<br /> [https://www.google.com.ar/maps/place/Av+Rivadavia+2258,+Buenos+Aires,+Ciudad+Aut%C3%B3noma+de+Buenos+Aires/@-34.6096561,-58.3984517,17z/data=!3m1!4b1!4m2!3m1!1s0x95bccae91dc7f349:0x3177aaca9808e637 Av. Rivadavia 2258, Ciudad Autonoma de Buenos Aires]&lt;br&gt;<br /> <br /> <br /> == '''Charlas'''==<br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f; color:#FFF;&quot;&gt;<br /> &lt;td&gt;&lt;b&gt;Hora&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Titulo&lt;/b&gt;&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Orador&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:10&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Introducción a OWASP&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fabio Cerullo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;9:35&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Steering a Bullet Train&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Santiago Kantorowicz&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;10:25&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Y ahora nos preocupamos por la privacidad? Gracias #Snowden&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Mariano M. del Rio&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Building a High Interaction Honeypot: Implementation and logging techniques&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Fernando Catoira&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;11:45&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;[https://www.owasp.org/index.php/LatamTour2015/VulnerabilidadesGatewayPago Vulnerabilidades en Gateways de Pago]&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;[https://www.linkedin.com/in/ariancho Andrés Riancho]&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;13:55&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Threat not found!&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Sheila Berta&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;14:20&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Mobile Application Security&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Puky Sorondo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;15:40&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;HP Sponsor talk&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;TBD&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;100&quot;&gt;16:05&lt;/td&gt;<br /> &lt;td width=&quot;491&quot;&gt;Web Security for Bitcoin Services&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Juliano Rizzo&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =CHILE=<br /> <br /> =='''Santiago: April, 8th-9th 2015'''==<br /> <br /> El Capítulo Chileno de OWASP, tiene el agrado de invitar a la conferencia LatamTour2015, con el auspicio de DUOC-UC sede Alonso Ovalle Nro.1586 (Metro Moneda).<br /> <br /> OWASP es una organización mundial sin fines de lucro dedicado a identificar y combatir las causas que hacen inseguro el software. Revise nuestra documentación y metodologías en los [[:Category:OWASP_Project|Proyectos OWASP]] donde encontrará valioso material de aplicación práctica en los ambientes corporativos. Asista a los talleres y conferencias del LatamTour y aprenda como sacar provecho a estos recursos de libre acceso.<br /> <br /> <br /> [http://www.duoc.cl/escuela/escuela-de-informatica-y-telecomunicaciones Duoc UC]&lt;br&gt;<br /> Alonso Ovalle Nro.1586&lt;br&gt;<br /> Santiago de Chile&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15chile'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#4B0082&quot; align=&quot;center&quot; colspan=&quot;6&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''DETALLES DE LA CONFERENCIA (Miércoles 8 de Abril en DUOC-UC sede Alonso Ovalle Nro.1586 -Metro Moneda-)'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Horario''' <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Modulo'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:00 - 09:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 09:30 - 10:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bienvenida y Presentación del Evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | DUOC-UC y OWASP-Chile<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Andrés Del Alcázar Cavallo. Director de Carrera DUOC-UC. <br /> Carlos Allendes Chapter Leader in OWASP Chile.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:00 - 10:45<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Bug bounty y programas reload<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoques e investigación sobre programas de BUG BOUNTY periodico a través de vectores de ataque poco convencionales.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 10:50 - 11:10<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 11:15 - 12:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Analizando tráfico de wifi de smartphones <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Intercepción on-line del tráfico wi-fi en conexiones de smartphone y tecnicas de hacking. ¿es seguro utilizar redes Wi­Fi?<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 12:05 - 13:00<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Gestionar la inversión en seguridad con OPENSAMM<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Planificar la inversión en hacking etico, pentesting, desarrollo seguro, análisis del código, pruebas de seguridad.<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 13:00 - 14:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Break para Almorzar<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 14:30 - 15:15<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hacking efectivo: Desde una credencial hasta el Domain Admin en un solo día<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Como ganar acceso a credenciales locales, de dominio y escalar privilegios hasta obtener un administrador de dominio. <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 15:20 - 16:05<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Plataformas de computación distribuida<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Enfoque y soluciones para acelerar la entrega de contenido global de Internet y aplicaciones distribuidas.<br /> |-<br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | 18:10 - 18:30<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cierre del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |}<br /> &lt;br&gt;<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Jueves 9 de Abril)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Jueves 9 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | ** Sin Talleres en CHILE **<br /> |}<br /> &lt;br/&gt;<br /> <br /> =COLOMBIA=<br /> <br /> <br /> == '''Bucaramanga: April, 14th 2015''' ==<br /> <br /> <br /> [http://www.upb.edu.co/bucaramanga Universidad Pontifica Bolivariana]&lt;br&gt;<br /> Seccional Bucaramanga &lt;br&gt;<br /> Autopista Piedecuesta Kilometro 7 &lt;br&gt;<br /> Bloque K - 605 &lt;br&gt;<br /> [http://goo.gl/EwBpTu'''Mapa :: Ubicación del evento''']<br /> &lt;br&gt;<br /> [[File:Owasp_upb_2015.jpg|link=https://www.google.com/maps/place/Universidad+Pontificia+Bolivariana+Seccional+Bucaramanga/@7.0389574,-73.071732,14z/data=!4m2!3m1!1s0x8e6840b36653b9c5:0x4dcdbc55842151df]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> ===REGISTRO===<br /> Recuerde que el ingreso al evento es &lt;b&gt;totalmente gratuito, sólo debe registrarse previamente&lt;/b&gt;.&lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15colombia'''Pulsa aquí para registrarte al evento''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===CONFERENCIAS===<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 7:30 a.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Diego Ademir Duarte Santana&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP ASVS 2.0 Web Application Standard&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;9:00&lt;/td&gt;<br /> &lt;td&gt;Jhon César Arango Serna&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;IPv6 Ventaja o Amenaza&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Hugo Armando Rodriguez Vera&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Protección de Datos Personales, infracción y consecuencias&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;11:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;MundoHacker&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Ciberespionaje y Cibercrimen as a Service&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Lunch&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;14:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;German Alonso Suárez Guerrero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Proactive Controls&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;15:00&lt;/td&gt;<br /> &lt;td&gt;Ronald Escalona&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Hardening del Servidor Web, enfoque práctico con jail/chroot para entornos multisitios&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;16:00&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Javier Orlando Mantilla P&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Seguridad en desarrollo de aplicaciones web usando Apache Tomee&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Finish Event&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Se contará con &lt;b&gt;transmisión vía streaming&lt;/b&gt; para las personas ubicadas fuera de la ciudad.&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> ===PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las <br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf oportunidades de patrocinio]<br /> &lt;br&gt;<br /> Cualquier consulta pueden escribir a [mailto:dadhemir@owasp.org Diego Ademir Duarte Santana] .<br /> &lt;br&gt;<br /> <br /> =BOLIVIA=<br /> <br /> [[File:Santa.jpg]]<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> Lugar: Universidad NUR<br /> &lt;br&gt;<br /> Dirección: Av. Banzer, Victorino Rivero 100<br /> &lt;br&gt;<br /> Santa Cruz de la Sierra, Bolivia<br /> &lt;br&gt;<br /> Fecha: 17 y 18 de abril del 2015<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> [[File:Mapa.jpg]]<br /> <br /> <br /> [https://www.regonline.com/owasplatamtour15bolivia'''REGISTARTION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> <br /> &lt;table width=&quot;761&quot; border=&quot;1&quot; cellpadding=&quot;0&quot; cellspacing=&quot;0&quot; &gt;<br /> &lt;tr style=&quot;background-color: #30608f;<br /> color:#FFF;&quot;&gt;<br /> &lt;td&gt;Nro&lt;/td&gt;<br /> &lt;td&gt;Nombre&lt;/td&gt;<br /> &lt;td&gt;Ciudad&lt;/td&gt;<br /> &lt;td&gt;Tema&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;25&quot;&gt;1&lt;/td&gt;<br /> &lt;td width=&quot;200&quot;&gt;Alvaro Machaca Tola&lt;/td&gt;<br /> &lt;td width=&quot;187&quot;&gt;La Paz ,Bolivia&lt;/td&gt;<br /> &lt;td width=&quot;321&quot;&gt;Análisis de riesgos aplicando la metodología OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;2&lt;/td&gt;<br /> &lt;td&gt;Deyvi Bustamante Perez&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Exploit development&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;3&lt;/td&gt;<br /> &lt;td&gt;Walter Camama Menacho&lt;/td&gt;<br /> &lt;td&gt;Trinidad, Bolivia&lt;/td&gt;<br /> &lt;td&gt;MiTM a nivel de browser con beef y metasploit&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;4&lt;/td&gt;<br /> &lt;td&gt;Leonardo Camilo Quenta Alarcon&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en sistemas financieros. Buenas prácticas de programación y aplicación de pruebas de penetración OWASP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;5&lt;/td&gt;<br /> &lt;td&gt;Hernán Marcelo Leytón Balderrama&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Seguridad en los Satélites de Comunicación&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;6&lt;/td&gt;<br /> &lt;td&gt;Jaime Iván Mendoza Ribera&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Análisis de vulnerabilidades web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;7&lt;/td&gt;<br /> &lt;td&gt;Juan Pablo Barriga Sapiencia&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Riesgos en TI&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;8&lt;/td&gt;<br /> &lt;td&gt;Richard Villca Apaza&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Rompiendo el modelo de negocios: Debugging Android Apps&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;9&lt;/td&gt;<br /> &lt;td&gt;Alex Villegas y Roller Ibanez&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Gestión de continuidad del negocio un enfoque resilente basado en el estándar ISO 22301&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;10&lt;/td&gt;<br /> &lt;td&gt;Daniel Torres Sandi&lt;/td&gt;<br /> &lt;td&gt;Sucre , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Headers seguros en HTTP&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;11&lt;/td&gt;<br /> &lt;td&gt;Gonzalo Nina Mamani&lt;/td&gt;<br /> &lt;td&gt;Cochabamba , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Sistema para la recolección de información orientado a la mejora en la evaluación de seguridad en aplicaciones Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;12&lt;/td&gt;<br /> &lt;td&gt;Cristhian Lima Saravia&lt;/td&gt;<br /> &lt;td&gt;Cochabamba, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Framework Pleni&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;13&lt;/td&gt;<br /> &lt;td&gt;Elvin Vidal Mollinedo Mencia&lt;/td&gt;<br /> &lt;td&gt;Santa Cruz de la Sierra, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Los 7 pecados de un desarrollador Web&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;14&lt;/td&gt;<br /> &lt;td&gt;Erick Calderon Mostajo&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Herramientas de Aprendizaje OWASP.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;15&lt;/td&gt;<br /> &lt;td&gt;Dennis Ariel Ruiz Vasquez&lt;/td&gt;<br /> &lt;td&gt;La Paz , Bolivia&lt;/td&gt;<br /> &lt;td&gt;Whitehat vs Blackhat&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;16&lt;/td&gt;<br /> &lt;td&gt;Cesar Roberto Cuenca Díaz&lt;/td&gt;<br /> &lt;td&gt;La Paz, Bolivia&lt;/td&gt;<br /> &lt;td&gt;Desarrollo Seguro Principios y Buenas Prácticas.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;17&lt;/td&gt;<br /> &lt;td&gt;Juan Alberto Fajardo Canaza&lt;/td&gt;<br /> &lt;td&gt;Potosí, Bolivia&lt;/td&gt;<br /> &lt;td&gt;WAF Testing Framework&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;18&lt;/td&gt;<br /> &lt;td&gt;Gabriel Labrada Hernandez&lt;/td&gt;<br /> &lt;td&gt;Mexico&lt;/td&gt;<br /> &lt;td&gt;Seguridad en Hardware y los servicios en la nube&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td&gt;19&lt;/td&gt;<br /> &lt;td&gt;Jaime Andres Restrepo Gomez&lt;/td&gt;<br /> &lt;td&gt;Colombia&lt;/td&gt;<br /> &lt;td&gt;Hackeando carros en Latinoamérica&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =COSTA RICA=<br /> == '''San Jose: April, 21st 2015''' ==<br /> <br /> El evento se va a llevar a cabo en el auditorio de la Ciudad de la Investigación de la Universidad de Costa Rica. [http://goo.gl/Y64lZG'''Ver Dirección exacta''']<br /> <br /> [[File:Mapa-ucr-auditorio.png|800px]]<br /> <br /> &lt;br&gt;<br /> <br /> === REGISTRO ===<br /> Recuerde que el ingreso al evento es totalmente gratuito, sólo debe registrarse previamente. '''El comprobante de registro será solicitado en el momento de ingresar en el auditorio'''.<br /> [https://www.regonline.com/owasplatamtour15costarica'''Pulse aquí para registrarse en el evento.''']<br /> &lt;br&gt;<br /> <br /> === CONFERENCIAS-LISTADO DE EXPOSITORES===<br /> <br /> '''Martes 21 de Abril'''<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Recepción y Registro De 7:30 am a 8:00 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;150&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:00 am a 8:10 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Costa Rica &amp;amp; UCR&lt;/td&gt;<br /> &lt;td width=&quot;500&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;8:10-9:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Fabio Cerullo, Dublin Irlanda&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Charla: Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas? &lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;09:00-09:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Eduardo Rojas&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Bloques de construcción en la implementación estratégica del software seguro con SAMM&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;09:50-10:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:10-11:00 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Mauricio Oviedo&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Manejo Seguro del DNS&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:00-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Walter Montes&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Buenas prácticas para manejo de autenticación y sesión&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;11:50-1:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:20-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Randall Barnett&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Vulnerabilidades encontradas en Sistema de Control de Tráfico Nacional&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-3:05 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Mario Robles&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; &lt;b&gt;Web Application Penetration Testing&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;3:05-3:25 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:25-4:15 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Champin &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Gobierno Electrónico en América Latina: Las Amenazas de Hoy a Sitios y Aplicaciones Web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-5:00 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Bertin Bervis&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;MiTM Attacks con DNS proxys a escala WAN el modem bajo ataque&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> === PATROCINIO===<br /> Los interesados en participar con un stand en el evento y su logo en la página del Tour (entre otras posibilidades), pueden revisar las oportunidades de patrocinio <br /> Cualquier consulta pueden contactar a [mailto:michael.hidalgo@owasp.org Michael Hidalgo].<br /> <br /> =GUATEMALA=<br /> <br /> <br /> == '''Ciudad de Guatemala: April, 21st-22nd 2015''' ==<br /> ===CONFERENCIAS===<br /> &lt;b&gt;Día 1&lt;/b&gt;<br /> &lt;b&gt;Abril 21&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Camilo Fernandez&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;OWASP Tools&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;3:00&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;La verdad sobre los ataques de denegación de servicio&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:30&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Oscar Rodas y Marco To&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Avances en investigación sobre seguridad informática&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot; style=&quot;text-align: center&quot;&gt;5:15&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;Elder Guerra&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#FFFFFF&quot;&gt;&lt;b&gt;Un verdadero análisis de riesgos&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;br&gt;<br /> &lt;b&gt;Día 2&lt;/b&gt;<br /> &lt;b&gt;Abril 22&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Register from 1:30 p.m.&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:00 PM Salon 1&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;Luis Cordon&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Web Pentesting&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td style=&quot;text-align: center&quot;&gt;2:00 PM Salon 2&lt;/td&gt;<br /> &lt;td&gt;Pablo Barrera&lt;/td&gt;<br /> &lt;td&gt;&lt;b&gt;Server Hardening: métodos de aseguramiento de tu servidor web y los datos que contiene&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:00PM&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Concurso de Ethical Hacking&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> &lt;b&gt;Tendremos algunas otras sorpresas más relacionadas con SEGURIDAD INFORMÁTICA Y CIBERSEGURIDAD !!!!&lt;/b&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> <br /> [http://www.galileo.edu/ Universidad Galileo]&lt;br&gt;<br /> 4A Calle 7a. Avenida, calle Dr. Eduardo Suger Cofiño, &lt;br&gt;<br /> Ciudad de Guatemala 01010&lt;br&gt;<br /> &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15guatemala'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> =PERU=<br /> <br /> == '''Lima: April, 17th-18th 2015''' ==<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; height=&quot;30&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''TALLERES Y CONFERENCIAS''' <br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | <br /> == '''OWASP Latam Tour - Lima 2015''' == <br /> <br /> '''Viernes 17 de Abril''' ''(Talleres)'' &lt;br&gt;'''Sábado 18 de Abril''' ''(Conferencia)''<br /> |-<br /> | valign=&quot;center&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | '''Descripcion y Objetivo'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; colspan=&quot;2&quot; | '''OWASP LATAM TOUR,''' es una gira por Latino América que promueve la seguridad en aplicaciones web en diversas instituciones, como: universidades, organismos gubernamentales, empresas de TI y entidades financieras, buscando crear conciencia sobre la seguridad en las aplicaciones y puedan tomar decisiones informadas sobre los verdaderos riesgos de seguridad.<br /> <br /> *Ademas del OWASP Top 10, la mayoría de los [[:Category:OWASP_Project|Proyectos OWASP]] no son ampliamente utilizados en los ambientes corporativos. En la mayoría de los casos esto no es debido a una falta de calidad en los proyectos o la documentación disponible, sino mas bien por desconocer donde se ubicaran en un Ecosistema de Seguridad de Aplicaciones empresarial. <br /> <br /> *Esta serie de talleres y conferencias tienen como objetivo cambiar esta situación proporcionando una explicación sobre los proyectos OWASP mas maduros y listos para ser utilizados en el ambito empresarial.<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''LIMA PERÚ'''&lt;/span&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''TALLERES (Viernes 17)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | ''' Viernes 17 de Abril '''<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | Durante todo el OWASP LatamTour se estarán realizando talleres de capacitación dictados por destacados profesionales en la materia.&lt;br&gt; <br /> '''Duracion:''' 8 horas&lt;br&gt; <br /> '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).&lt;br&gt; <br /> '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com&lt;br&gt; <br /> '''Link de Registro''': [TBD] '''&lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 1'''&lt;/span&gt;<br /> |-<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''De 0 a Ninja con Metasploit'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Dragonjar.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | El taller de 0 a Ninja con Metasploit, busca detallar el uso de la herramienta Metasploit ampliamente utilizada en auditorias de seguridad por profesionales del área, desde su instalación y puesta a punto para el trabajo, hasta el uso de sus funciones para llevar a feliz termino una auditoria en seguridad.<br /> De 0 a Ninja DragonJAR<br /> <br /> Este curso, altamente práctico, tiene una duración de 8 horas en las que los asistentes podrán acortar la curva de aprendizaje, gracias a la transmisión de conocimientos y experiencias de los docentes, altamente calificados, con el fin de que una vez finalizado el taller puedas aplicar los conocimientos adquiridos.<br /> <br /> Duracion: 1 día (8 horas)<br /> ====De 0 a Ninja con Metasploit====<br /> *Introducción a Metasploit<br /> *Introducción a la linea de comandos de Metasploit<br /> *Trabajando con Metasploit y sus componentes (msfconsole, msfcli, msfgui, msfweb, msfpayload, msfencode, msfvenom, etc…)<br /> *Etapas de un Pentesting y las herramientas para realizarlas incluidas en Metasploit<br /> *Post-Explotación, ya tengo shell … ¿ahora que hago?<br /> *Trabajando con Meterpreter<br /> *Trabajo colaborativo usando Armitage/Cobalt Strike<br /> *Generando el informe ¿Alguna tool que pueda ayudarme?<br /> <br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/DragonJAR/ Jaime Andrés Restrepo (DragonJAR)]''', es Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Co-Fundador del ACK Security Conference, Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background: #4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt;'''TALLER 2'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Taller''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''INTRODUCTION TO WEB APPLICATION SECURITY'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | [[Image:Cerullof.jpg|150px]]<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | The contents are aligned with the OWASP Top 10, a world-renowned document about the security risks of Web Applications.<br /> '''Format:'''<br /> <br /> It combines theory and practical exercises. The participants learn to identify vulnerabilities in a dummy web application specifically built with bugs &amp; coding errors and then exploit them using different open source tools and techniques in a safe lab environment.<br /> <br /> '''Audience:''' IT Staff, Managers, System Architects, Information Security Professionals, Developers, QA Professionals.<br /> <br /> '''Duration:''' 1 day (8 hours)<br /> <br /> '''Deliverables:'''<br /> <br /> - Printed Materials<br /> - OWASP Live CD including tools used.<br /> - Certificate of Participation (CPE Points)<br /> <br /> ==== INTRODUCTION TO WEB APPLICATION SECURITY ====<br /> The topics covered include:<br /> <br /> *Introduction to Web Application Security<br /> *Technology used in Web Applications<br /> *Critical Areas in Web Applications<br /> **Injection&lt;br&gt;<br /> **Cross Site Scripting (XSS)&lt;br&gt;<br /> **Broken Authentication and Session Management&lt;br&gt;<br /> **Insecure Direct Object References&lt;br&gt;<br /> **Cross Site Request Forgery&lt;br&gt;<br /> **Security Misconfiguration&lt;br&gt;<br /> **Insecure Cryptographic Storage&lt;br&gt;<br /> **Failure to restrict URL Access&lt;br&gt;<br /> **Insufficient Transport Layer Protection&lt;br&gt;<br /> **Unvalidated Redirects and Forwards&lt;br&gt;<br /> *Secure Software Development Lifecycle (SSDLC)<br /> &lt;br&gt;<br /> '''Perfil del Trainer : '''<br /> <br /> '''[https://twitter.com/fcerullo Fabio Cerullo]''', over 10 years of experience in the information security field gained across a diverse range of industries.<br /> As CEO &amp; Founder of Cycubix, he helps customers around the globe by assessing the security of applications developed in-house or by third parties, defining policies and standards, implementing risk management initiatives, as well as providing training on the subject to developers, auditors, executives and security professionals.&lt;br&gt;<br /> As a member of the OWASP Fundation, Fabio is part of the Global Education Committee whose mission is to provide training and educational services to businesses, governments and educational institutions on application security, and has been appointed OWASP Ireland Chapter Leader since early 2010.<br /> He holds a Msc in Computer Engineering from UCA and has been granted the CISSP &amp; CSSLP certificates by (ISC)2. &lt;br&gt;<br /> <br /> * '''Duracion:''' 8 horas (El taller iniciará a las 9:00am y finaliza a las 6:00pm)<br /> <br /> * '''Precio:''' U$S200 (Miembros OWASP). $250 (Público en General).<br /> <br /> * '''Para mayor informacion : ''' Por favor comuniquese al correo owasp.peru@gmail.com<br /> <br /> * '''Link de Registro''': [https://www.regonline.com/Register/Checkin.aspx?EventID=1492427 Registrese aquí!] '''&lt;br&gt; &lt;br&gt;<br /> |-<br /> |}<br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#4B0082;&quot; colspan=&quot;2&quot; | &lt;span style=&quot;color:#ffffff&quot;&gt; '''CONFERENCIAS (Sábado 18)'''&lt;/span&gt;<br /> |-<br /> | style=&quot;width:20%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Fecha''' <br /> | style=&quot;width:80%&quot; valign=&quot;middle&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Lugar'''<br /> |-<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; | Sábado 18 de Abril<br /> | valign=&quot;middle&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;left&quot; | '''TBD'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Precio y Registro'''<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#EEEEEE;&quot; colspan=&quot;2&quot; | El ingreso a las conferencias es '''GRATUITO''' - El proceso de registro lo podrá ubicar en el siguiente link : &lt;br&gt;<br /> [https://www.regonline.com/owasplatamtour15lima'''REGISTRATION IS NOW OPEN''']<br /> &lt;br&gt;<br /> |-<br /> | align=&quot;center&quot; style=&quot;background:#CCCCEE;&quot; colspan=&quot;2&quot; | '''Promociones'''<br /> |-<br /> | valign=&quot;left&quot; height=&quot;80&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;2&quot; | OFERTA ESPECIAL - Durante todo el OWASP Latam Tour el costo de la membresía anual es de solamente U$D 20. Utilice el código de descuento &quot;LATAM&quot; durante el proceso de registro electrónico como miembro individual en el enlace disponible a continuación.&lt;br&gt;<br /> [http://myowasp.force.com/memberappregion Hágase MIEMBRO DE OWASP AQUÍ] &lt;br&gt;<br /> '''Si usted aun no es miembro OWASP, por favor considere unirse a nuestra organización.'''<br /> |}<br /> &lt;br&gt;<br /> <br /> {|style=&quot;vertical-align:top;width:90%;background-color:#white;padding:10px;border:1px solid silver;&quot; align=&quot;center&quot; cellspacing=&quot;5&quot;<br /> |-<br /> | style=&quot;width:90%&quot; valign=&quot;middle&quot; height=&quot;40&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;6&quot; | '''DETALLES DE LA JORNADA'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | ''' - '''<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Tema'''<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Ponente'''<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCCCEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | '''Detalles'''<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Acreditación<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP PERU<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#CCEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Presentación del evento<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/John_Vargas John Vargas]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Cyber War in Web and Mobile Applications <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [Jesús González]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Desarrollo Rápido y Seguro de Aplicaciones – Es posible tener las dos cosas?<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |[https://twitter.com/fcerullo Fabio Cerullo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Seguridad en Aplicaciones Moviles<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/pITea_security Juan Pablo Quiñe]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Todos a Sh3ll34r!<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/gabsitus Gabriel Lazo]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Se verán distintas técnicas utilizadas por atacantes maliciosos para lograr subir shells y obtener acceso a servidores web.<br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | OWASP Zap <br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/Alonso_ReYDeS Alonso Caballero]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |-<br /> | style=&quot;width:10%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; |<br /> | style=&quot;width:27%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | Hackeando Carros en Latinoamérica<br /> | style=&quot;width:23%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | [https://twitter.com/DragonJAR Andrés Restrepo (DragonJAR)]<br /> | style=&quot;width:40%&quot; valign=&quot;middle&quot; height=&quot;30&quot; bgcolor=&quot;#EEEEEE&quot; align=&quot;center&quot; colspan=&quot;0&quot; | <br /> |}<br /> <br /> =URUGUAY=<br /> <br /> == '''Montevideo: April 15th-16th 2015''' ==<br /> El evento más importante de la región llega nuevamente a Uruguay, OWASP Latam tour 2015!. Expositores internacionales estarán presentando conferencias sobre los temas más importantes en Seguridad en Aplicaciones.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> '''¿Dónde?''' <br /> <br /> [http://www.ucu.edu.uy/ Universidad Católica del Uruguay]&lt;br&gt;<br /> Av. 8 de Octubre 2738&lt;br&gt;<br /> Montevideo 11600 Montevideo, Uruguay. &lt;br&gt;<br /> Ver en [https://www.google.com/maps/place/Universidad+Cat%C3%B3lica+del+Uruguay/@-34.888694,-56.159218,17z/data=!3m1!4b1!4m2!3m1!1s0x0:0x13508c3340b76e45 Google Maps]<br /> &lt;br&gt;<br /> <br /> == '''Charlas: Miércoles 15 de abril''' ==<br /> <br /> Las charlas serán a partir de las 18:00hs.<br /> <br /> {| class=&quot;wikitable&quot;<br /> !colspan=&quot;3&quot;| Charlas aceptadas<br /> |-<br /> |Christian Borghello<br /> |Certificate Pinning: ¿tenemos el c...ertificado roto?&lt;br&gt;<br /> |<br /> |-<br /> |Edgar Salazar<br /> |Inseguridad en Aplicaciones Móviles<br /> |Esta charla pretende demostrar en vivo la explotación de distintas vulnerabilidades en una aplicación móvil de tal manera que podamos revisar las causas y consecuencias, ademas recomendar las medidas de seguridad pertinentes.<br /> |-<br /> |Carlos Eduardo Santiago<br /> |(IN)secure Development<br /> |Forget Injection and XSS<br /> This lecture aims to demonstrate simple traps in web development, and bad practices in addition to some factors are likely to cause critical security flaws. We will analyze some cases and demonstrate ways to mitigate and correct such failures.<br /> |-<br /> |Ricardo Supo Picón<br /> |Hacking Efectivo: Desde una Credencial hasta el Domain Admin en un sólo día<br /> |Los dominios windows están presentes en gran cantidad de organizaciones, en estos la autenticación de usuarios esta disponible en muchos servicios. En esta charla analizaremos los distintos tipos de autenticación de windows y como obtener credenciales locales y de dominio así mismo como a partir de una sola credencial se puede obtener más credenciales hasta obtener un administrador de dominio. Así mismo se detallará como poder realizar intrusiones masivas en red de computadores que ayudan a que un sólo hacker pueda multiplicar sus actividades y conseguir su objetivo en un sólo día, presentación de la herramienta Domainator.<br /> |}<br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA REGISTRARSE AL EVENTO HAGA CLIC AQUI! - SIN COSTO''']<br /> <br /> == '''Trainings: Jueves 16 de abril''' ==<br /> <br /> === TRAINING 1: Hacking de aplicaciones web basado en OWASP Top 10 ===<br /> <br /> '''Instructor:''' Christian Borghello<br /> <br /> Los desarrolladores son una raza extraña. Los Pentesters viven en una burbuja. Este entrenamiento ayuda a los desarrolladores a conocer sobre seguridad en el desarrollo web y a los Pentesters a probar aplicaciones web de forma adecuada.<br /> <br /> Objetivos: - Conocer OWASP Top 10 (quick summary) - Aprender cómo comprobar cada vulnerabilidad desde el punto de vista del Desarrollador y del Pentester - Conocer recomendaciones desde el punto de vista del Pentester - Conocer recomendaciones desde el punto de vista del Desarrollador <br /> <br /> Orientado a desarrolladores, pentesters y personas relacionados con el ciclo de vida del desarrollo de software o sus pruebas de seguridad. <br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> === TRAINING 2: BYOX101/Construya su propio xploit 101/Build Your Own Xploit 101 ===<br /> <br /> '''Instructor:''' Mauricio Campiglia<br /> <br /> ¿Alguna vez te preguntaste de dónde salen ese montón de numeritos que por arte de magia te dejan en una línea de comandos con privilegios? Esta es tu oportunidad para conocer de dónde salen y porqué están ahí y no en otro lugar. Este entrenamiento te guía desde cero hasta la creación de exploits sencillos e intermedios aprendiendo en el recorrido los por qué de cada paso. No se verán exploits de dia cero ni muy complejos, nos concentraremos en lo probado y conocido pues el objetivo es entender el proceso de creación de un exploit.<br /> <br /> '''Detalles''':&lt;br /&gt;<br /> <br /> Entrenamiento mayormente práctico de creación básica de exploits para<br /> sistemas MS Windows. Se usarán ejemplos conocidos pero fiables y se crearán<br /> programas de ejemplo vulnerables a propósito.<br /> <br /> '''Conocimientos obtenidos''':&lt;br /&gt;<br /> <br /> Quienes asistan entenderán el proceso de creación de un exploit entendiendo en el camino la confirmación de memoria de sistemas MS Windows y las protecciones de este sistema. ¿Por qué participar de este entrenamiento?<br /> * La habilidad de creación de exploits no es algo que se encuentre facilmente en un curso.<br /> * Entender este proceso te da la flexibilidad de adaptarte cuando un ataque no funciona tal como te lo dieron.<br /> * Desenmarañar el porqué de un montón de números sin sentido que te dan un acceso que no tienes es mágico.<br /> <br /> [https://www.regonline.com/owasplatamtour15uruguay'''PARA INSCRIBIRSE HAGA CLIC AQUI!''']<br /> <br /> =VENEZUELA=<br /> <br /> <br /> == '''Caracas: April, 23rd 2015''' ==<br /> [[File:bwoltv.png| center |bwoltv.png ]]<br /> &lt;br&gt;<br /> <br /> == Registro ==<br /> El registro es totalmente gratis, nos complacería mucho que nos acompañaras este día. <br /> <br /> Te esperamos!!!<br /> <br /> [https://www.regonline.com/owasplatamtour15venezuela'''REGISTRATE AQUI''']<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> == UBICACIÓN ==<br /> <br /> [http://www.ucv.ve/ Universidad Central de Venezuela]&lt;br&gt;<br /> Facultad de Ciencias &lt;br&gt;<br /> Auditórium Tobías Lasser&lt;br&gt;<br /> Paseo Los Ilustres Urb. Valle Abajo. &lt;br&gt;<br /> 1040 Caracas&lt;br&gt;<br /> &lt;br&gt;<br /> <br /> [[File:UbicacionLatamCaracas.png]]<br /> <br /> == LISTADO DE SPEAKERS ==<br /> <br /> &lt;table width=&quot;804&quot; border=&quot;0&quot;&gt;<br /> &lt;tr&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Registro 8:30 am&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td width=&quot;96&quot; bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:00 am&lt;/td&gt;<br /> &lt;td width=&quot;212&quot; bgcolor=&quot;#CED7EF&quot;&gt;OWASP Venezuela &amp; UCV&lt;/td&gt;<br /> &lt;td width=&quot;482&quot; bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Palabras de Bienvenida&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;9:15-9:55 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Jair Garcia&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt;&lt;b&gt;Hacking Etico: Cacería de Vulnerabilidades&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;10:00-9:35 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt; Randy Ortega&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Sessión Hijacking: Peligro en la web&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;10:40-11:10am&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;11:15-11:50 am&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Michael Hidalgo (Costa Rica)&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Ataques de denegación de servicio a través de expresiones regulares: De la explotación a la corrección&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> <br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;12:00-1:30 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Almuerzo Libre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;1:35-2:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Josmell Chavarri&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Conociendo al Enemigo: Honeypots&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;2:15-2:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; Rodrigo Bravo y Eliezer Romero&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; &gt; &lt;b&gt;Programación Segura en Python&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;2:45-3:20 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Coffee Break&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;3:35-4:10 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Maximiliano Anlonzo (Uruguay) &lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Peligro: software en construcción&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot; style=&quot;text-align: center&quot;&gt;4:15-4:40 pm&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;Carlos Suárez&lt;/td&gt;<br /> &lt;td bgcolor=&quot;#CED7EF&quot;&gt;&lt;b&gt;Beef como framework de explotación xss&lt;/b&gt;&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;tr&gt;<br /> &lt;td bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;4:45-5:00 pm&lt;/td&gt;<br /> &lt;td colspan=&quot;3&quot; bgcolor=&quot;#FBF1D7&quot; style=&quot;text-align: center&quot;&gt;Palabras de cierre&lt;/td&gt;<br /> &lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> =SPONSORS=<br /> <br /> ==We are looking for Sponsors for the Latam Tour 2015==<br /> &lt;br&gt;<br /> <br /> This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology &amp; security in the Latin-America region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> <br /> * ''' Sponsorship benefits for organizations specializing in IT &amp; Security:'''<br /> <br /> ** Opportunity to use the latest technological trends for professional training / development<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your business development strategy with leading information from the security industry<br /> ** Get networking and headhunting opportunities with world-class specialists and professionals<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Increase your image as a professional company through this unique branding opportunity<br /> &lt;br&gt;<br /> &lt;br&gt;<br /> * '''Sponsorship benefits for organizations utilizing the internet in their business:'''<br /> <br /> ** Opportunity to increase the international brand awareness and conduct business networking<br /> ** Strengthen your company strategy by learning the latest trends in web software security<br /> ** Improve your service development by understanding the latest trends in security issues &amp; risks<br /> ** Contribute to information society as a company by developing safe and secure services<br /> ** Get the chance to interact with high-need discerning users to improve product development<br /> ** Opportunity to brand your company as one that focuses on the highest standards in technology<br /> <br /> <br /> Make your company part of the conversation. Become a sponsor of the tour today! [https://www.owasp.org/images/5/5f/Latam_Tour_2015_Sponsorship_Opportunities.pdf'''SPONSOR OPPORTUNITIES''']<br /> [https://www.owasp.org/images/6/67/Latam_Tour_2015_Oportunidades_de_Patrocinio.pdf '''OPORTUNIDADES DE PATROCINIO''']<br /> <br /> <br /> <br /> &lt;headertabs /&gt;<br /> <br /> {{:LatamTour2015 Sponsors}}</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=The_Owasp_Code_Review_Top_9&diff=167445 2014-02-05T17:23:10Z

<p>Jonathan Fernández: Undo revision 167442 by Jonathan Fernández (talk)</p> <hr /> <div>{{LinkBar<br /> | useprev=PrevLink | prev=The Owasp Orizon Framework | lblprev=<br /> | usemain=MainLink | main=OWASP Code Review Guide Table of Contents | lblmain=Table of Contents<br /> | usenext=NextLink | next=The Owasp Code Review Scoring System | lblnext=<br /> }}<br /> __TOC__<br /> <br /> == Preface ==<br /> In this section, we will try to organize the most critical security flaws you can find during a code review in order to have a finite set of categories to evaluate the whole code review process.<br /> <br /> == The 9 Flaw Categories ==<br /> In terms of source code security, source code vulnerabilities can be managed in a million ways. <br /> <br /> Source code vulnerabilities must reflect Owasp Top 10 recommendations. Applications are made of source code , so, in some way, source code flaws can be re conducted to flaws in application. <br /> <br /> The following family of categories are included as a default library in Owasp Orizon Project v1.0 that was released in October 2008. <br /> <br /> ===The Nine Source Code Flaw Categories===<br /> * Input validation<br /> * Source code design<br /> * Information leakage and improper error handling<br /> * Direct object reference<br /> * Resource usage<br /> * API usage<br /> * Best practices violation<br /> * Weak Session Management<br /> * Using HTTP GET query strings<br /> <br /> As you can see 3 categories out of 9 are equivalent to the corresponding Owasp Top 10. <br /> <br /> Let's go more in detail, going deeper in describing the source code flaw categories. <br /> <br /> === Input Validation ===<br /> This flaw category is the source code counterpart of the Owasp Top 10 A1 category. <br /> <br /> This category contains the follow security flaw families: <br /> Input validation <br /> <br /> Input validation<br /> * Cross site scripting<br /> * SQL Injection<br /> * XPATH Injection<br /> * LDAP Injection<br /> * Cross site request forgery<br /> * Buffer overflow<br /> * Format bug<br /> <br /> === Source Code Design ===<br /> Security in source code starts from design, and from the choices made before starting to code. <br /> <br /> In the source code design flaw categories, you can find security check families tied to scope and source code organization. <br /> <br /> Source code design<br /> * Insecure field scope<br /> * Insecure method scope<br /> * Insecure class modifiers<br /> * Unused external references<br /> * Redundant code<br /> <br /> === Information leakage and improper error handling ===<br /> This category meets the correspondent Owasp Top 10 one. It contains security check families about how source code manage errors, exception, logging and sensitive information. <br /> <br /> The following families are present: <br /> <br /> Information leakage and improper error handling <br /> * Unhandled exception<br /> * Routine return value usage<br /> * NULL Pointer dereference<br /> * Insecure logging<br /> <br /> === Direct object reference ===<br /> This category is the same as the one stated in the Owasp Top 10 project. It refers to the attacker's capability to interact with application internals supplying an ad hoc crafted parameter. <br /> <br /> The families contained in this category are: <br /> <br /> Direct object reference <br /> * Direct reference to database data<br /> * Direct reference to filesystem<br /> * Direct reference to memory<br /> <br /> === Resource usage ===<br /> This category is related to all the unsafe ways a source code can request operating system managed resources. Most of the vulnerability families contained here, if exploited, will result in a some kind of denial of service. <br /> <br /> Resources can be:<br /> * filesystem objects<br /> * memory<br /> * CPU<br /> * network bandwidth<br /> <br /> The families included are: <br /> Resource usage <br /> * Insecure file creation<br /> * Insecure file modifying<br /> * Insecure file deletion<br /> * Race condition<br /> * Memory leak<br /> * Unsafe process creation<br /> <br /> === API usage ===<br /> This section is about APIs provided by the system or by the framework in use that can be used in a malicious way. In this category you can find: <br /> * insecure database calls<br /> * insecure random number creation<br /> * improper memory management calls<br /> * insecure HTTP session handling<br /> * insecure strings manipulation<br /> <br /> === Best practices violation ===<br /> This category is about all miscellaneous security violations that don’t fit in the previous categories. Most, but not all, of these contain warning-only source code best practices. <br /> This category includes: <br /> <br /> * insecure memory pointer usage<br /> * NULL pointer dereference<br /> * pointer arithmetic<br /> * variable aliasing<br /> * unsafe variable initialization<br /> * missing comments and source code documentation<br /> <br /> === Weak Session Management ===<br /> <br /> * Not invalidating session upon an error occurring <br /> * Not checking for valid sessions upon HTTP request <br /> * Not issuing a new session upon successful authentication<br /> * Passing cookies over non SSL connections (no secure flag)<br /> <br /> === Using HTTP GET query strings ===<br /> Payload data is logged if contained in query strings. This information can be logged in all nodes between client/browser and server. Passing sensitive information using a query string and HTTP GET is a mortal sin. SSL does not even protect you here.<br /> <br /> * Passing sensitive data over URL /querystring<br /> <br /> {{LinkBar<br /> | useprev=PrevLink | prev=The Owasp Orizon Framework | lblprev=<br /> | usemain=MainLink | main=OWASP Code Review Guide Table of Contents | lblmain=Table of Contents<br /> | usenext=NextLink | next=The Owasp Code Review Scoring System | lblnext=<br /> }}<br /> <br /> [[Category:OWASP Code Review Project]]</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=Owasp_Top_10&diff=167443 2014-02-05T17:20:12Z

<p>Jonathan Fernández: enlace a owasp top 10</p> <hr /> <div>https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project</div>

Jonathan Fernández https://wiki.owasp.org/index.php?title=The_Owasp_Code_Review_Top_9&diff=167442 2014-02-05T17:19:42Z

<p>Jonathan Fernández: agrega enlace a owasp top 10 project</p> <hr /> <div>{{LinkBar<br /> | useprev=PrevLink | prev=The Owasp Orizon Framework | lblprev=<br /> | usemain=MainLink | main=OWASP Code Review Guide Table of Contents | lblmain=Table of Contents<br /> | usenext=NextLink | next=The Owasp Code Review Scoring System | lblnext=<br /> }}<br /> __TOC__<br /> <br /> == Preface ==<br /> In this section, we will try to organize the most critical security flaws you can find during a code review in order to have a finite set of categories to evaluate the whole code review process.<br /> <br /> == The 9 Flaw Categories ==<br /> In terms of source code security, source code vulnerabilities can be managed in a million ways. <br /> <br /> Source code vulnerabilities must reflect [[Owasp Top 10]] recommendations. Applications are made of source code , so, in some way, source code flaws can be re conducted to flaws in application. <br /> <br /> The following family of categories are included as a default library in Owasp Orizon Project v1.0 that was released in October 2008. <br /> <br /> ===The Nine Source Code Flaw Categories===<br /> * Input validation<br /> * Source code design<br /> * Information leakage and improper error handling<br /> * Direct object reference<br /> * Resource usage<br /> * API usage<br /> * Best practices violation<br /> * Weak Session Management<br /> * Using HTTP GET query strings<br /> <br /> As you can see 3 categories out of 9 are equivalent to the corresponding Owasp Top 10. <br /> <br /> Let's go more in detail, going deeper in describing the source code flaw categories. <br /> <br /> === Input Validation ===<br /> This flaw category is the source code counterpart of the Owasp Top 10 A1 category. <br /> <br /> This category contains the follow security flaw families: <br /> Input validation <br /> <br /> Input validation<br /> * Cross site scripting<br /> * SQL Injection<br /> * XPATH Injection<br /> * LDAP Injection<br /> * Cross site request forgery<br /> * Buffer overflow<br /> * Format bug<br /> <br /> === Source Code Design ===<br /> Security in source code starts from design, and from the choices made before starting to code. <br /> <br /> In the source code design flaw categories, you can find security check families tied to scope and source code organization. <br /> <br /> Source code design<br /> * Insecure field scope<br /> * Insecure method scope<br /> * Insecure class modifiers<br /> * Unused external references<br /> * Redundant code<br /> <br /> === Information leakage and improper error handling ===<br /> This category meets the correspondent Owasp Top 10 one. It contains security check families about how source code manage errors, exception, logging and sensitive information. <br /> <br /> The following families are present: <br /> <br /> Information leakage and improper error handling <br /> * Unhandled exception<br /> * Routine return value usage<br /> * NULL Pointer dereference<br /> * Insecure logging<br /> <br /> === Direct object reference ===<br /> This category is the same as the one stated in the Owasp Top 10 project. It refers to the attacker's capability to interact with application internals supplying an ad hoc crafted parameter. <br /> <br /> The families contained in this category are: <br /> <br /> Direct object reference <br /> * Direct reference to database data<br /> * Direct reference to filesystem<br /> * Direct reference to memory<br /> <br /> === Resource usage ===<br /> This category is related to all the unsafe ways a source code can request operating system managed resources. Most of the vulnerability families contained here, if exploited, will result in a some kind of denial of service. <br /> <br /> Resources can be:<br /> * filesystem objects<br /> * memory<br /> * CPU<br /> * network bandwidth<br /> <br /> The families included are: <br /> Resource usage <br /> * Insecure file creation<br /> * Insecure file modifying<br /> * Insecure file deletion<br /> * Race condition<br /> * Memory leak<br /> * Unsafe process creation<br /> <br /> === API usage ===<br /> This section is about APIs provided by the system or by the framework in use that can be used in a malicious way. In this category you can find: <br /> * insecure database calls<br /> * insecure random number creation<br /> * improper memory management calls<br /> * insecure HTTP session handling<br /> * insecure strings manipulation<br /> <br /> === Best practices violation ===<br /> This category is about all miscellaneous security violations that don’t fit in the previous categories. Most, but not all, of these contain warning-only source code best practices. <br /> This category includes: <br /> <br /> * insecure memory pointer usage<br /> * NULL pointer dereference<br /> * pointer arithmetic<br /> * variable aliasing<br /> * unsafe variable initialization<br /> * missing comments and source code documentation<br /> <br /> === Weak Session Management ===<br /> <br /> * Not invalidating session upon an error occurring <br /> * Not checking for valid sessions upon HTTP request <br /> * Not issuing a new session upon successful authentication<br /> * Passing cookies over non SSL connections (no secure flag)<br /> <br /> === Using HTTP GET query strings ===<br /> Payload data is logged if contained in query strings. This information can be logged in all nodes between client/browser and server. Passing sensitive information using a query string and HTTP GET is a mortal sin. SSL does not even protect you here.<br /> <br /> * Passing sensitive data over URL /querystring<br /> <br /> {{LinkBar<br /> | useprev=PrevLink | prev=The Owasp Orizon Framework | lblprev=<br /> | usemain=MainLink | main=OWASP Code Review Guide Table of Contents | lblmain=Table of Contents<br /> | usenext=NextLink | next=The Owasp Code Review Scoring System | lblnext=<br /> }}<br /> <br /> [[Category:OWASP Code Review Project]]</div>

Jonathan Fernández