OWASP - User contributions [en]

OWASP AppSec Conference Sponsors

2007-05-04T16:55:50Z

Kdhuie: /* Sending Materials to Conference Facility in Milan */

== OWASP Conference Sponsorship ==

OWASP is accepting sponsorships for the 2007 OWASP Conferences. Financial sponsorship for a conference will help defray the non-profit OWASP Foundation's expenses to prepare for and hold this conference.

The following is our current sponsorship plan:

* Sponsor information will be presented on the main conference page

* A Sponsor information sheet will be included in handouts to all attendees

* Sponsors can include a poster (no larger than 6 ft. x 4 ft.) at the conference in the main hallway

* Includes 2 Free admissions to the conference

The sponsorship fee for the 6th OWASP Conference in May 2007 in Milan, Italy is 3500 Euros. The fee for sponsoring the 7th OWASP Conference in San Jose, CA in October 2007 is $4250.

If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

== Sending Materials to Conference Facility in Milan ==

Sponsors, please ship your conference materials to:

Milan Marriott Hotel, c/o Ufficio Economato

Via Organdino

20146 Milano

Ref. OWASP Event.

All materials must arrive no earlier than May 10th.

== Conference Sponsors ==

The following are the sponsors for the 6th OWASP AppSec Conference.

[http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]

OWASP AppSec Europe 2007 - Italy/Agenda

2007-05-02T18:19:41Z

Kdhuie: /* 6th OWASP AppSec Conference Schedule - May 16-17 (Milan 2007) */

== OWASP Milan Training Courses - May 15th 2007 ==

The tutorials and the conference itself will be held at the Marriott in Milan.

{| style="width:80%" border="0" align="center"
! align="center" style="background:#4058A0; color:white" | T1. Foundations of Web Application Security - One Day Course - Parini Room
|-
| style="background:#F2F2F2" | This powerful one day course focuses on the most common web application security problems, including the OWASP Top Ten. The course will introduce and demonstrate hacking techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities into their code. [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Read more here!]]
|-
! align="center" style="background:#4058A0; color:white" | T2. WebServices and XML Security - One Day Course - Raffaello Room
|-
| style="background:#F2F2F2" | Many enterprises are currently developing new Web Services and/or adding and acquiring Web Services functionality into existing applications -- now is the time to build security into the system! [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Read more here!]]
|-
! align="center" style="background:#4058A0; color:white" | T3. Advanced ASP.NET Exploits and Countermeasures - One Day Course - Porta Room
|-
| style="background:#F2F2F2" | In this one day course you will push ASP.NET to the limit and will be shown how ASP.NET applications and environments can be exploited by skilled attackers. Advanced exploitation techniques will be presented together with low-level technical analysis of the .NET Framework. You will also learn advanced defense techniques such as: Building an ASP.NET Security Protection layer (also called a Web Application Firewall) and Real time patching of vulnerabilities in the target application, the .NET Framework or the CLR. [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Read more here!]]
|}

== 6th OWASP AppSec Conference Schedule - May 16-17 (Milan 2007) ==

{| style="width:80%" border="0" align="center"
! colspan="3" align="center" style="background:#4058A0; color:white" | Day 1 - May 16, 2007
|-
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Track 1: Manzoni Room
| style="width:40%; background:#BCA57A" | Track 2: Parini Room
|-
| style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Registration and Coffee
|-
| style="width:10%; background:#7B8ABD" | 09:00-09:10 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Welcome to 6th OWASP AppSec Conference: Dave Wichers, OWASP Conferences Chair
|-
| style="width:10%; background:#7B8ABD" | 09:10-10:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Keynote: The Benefits of the SDL initiative to Microsoft and its Customers – Alex Lucas, Senior Security Engineer, Microsoft
|-
| style="width:10%; background:#7B8ABD" | 10:00-11:10 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | OWASP 2.0 - Enabling organizations to develop, maintain, and acquire applications they can trust, Dinis Cruz, OWASP Chief Evangelist
|-
| style="width:10%; background:#7B8ABD" | 11:10-11:30 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
|-
| style="width:10%; background:#7B8ABD" | 11:30-12:30 || style="width:40%; background:#BC857A" align="left" | OWASP CLASP Project, Pravir Chandra, Security Engineer, Cigital
| style="width:40%; background:#BCA57A" align="left" | OWASP PANTERA – Dissecting Web Applications – Simon Roses Femerling – Security Technologist - Microsoft
|-
| style="width:10%; background:#7B8ABD" | 12:30-13:45 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch
|-
| style="width:10%; background:#7B8ABD" | 13:45-14:20 || style="width:40%; background:#BC857A" align="left" | Update on the OWASP XML Security Gateway evaluation criteria project, Gunnar Peterson, Arctec Group
| style="width:40%; background:#BCA57A" align="left" | XSS Tunneling, Ferruh Mavituna, Security Engineer, Portcullis Computer Security, OWASP Turkey Chapter Leader
|-
| style="width:10%; background:#7B8ABD" | 14:20-15:00 || style="width:40%; background:#BC857A" align="left" | The SANS Secure Programming Skills Assessement Initiative, Dave Wichers, COO Aspect Security and OWASP Conferences Chair
| style="width:40%; background:#BCA57A" align="left" | Overtaking Google Desktop - A Security Analysis, Yair Amit, Sr. Security Researcher, Watchfire
|-
| style="width:10%; background:#7B8ABD" | 15:00-15:20 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
|-
| style="width:10%; background:#7B8ABD" | 15:20-16:30 || style="width:40%; background:#BC857A" align="left" | OWASP WebGoat and WebScarab – the Autumn of Code 2006 Releases – Dave Wichers, COO, Aspect Security and OWASP Conferences Chair
| style="width:40%; background:#BCA57A" align="left" | Presentation #1: The Darker Side of AJAX, Brian Chess, Chief Scientist, Fortify Software (35 min)

&

Presentation #2: Advance Web Hacking Revealed, Petko D. Petkov (AKA PDP Architect), Senior Security Researcher (40 min)
|-
| style="width:10%; background:#7B8ABD" | 16:30-16:50 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
|-
| style="width:10%; background:#7B8ABD" | 16:50-18:00 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Panel: "Public site vulnerability research and disclosure - The XSS elephant, the Tsunami Hacker, the killing of the canaries and the power of legislation"
Moderator: Robert Mann, ABN Amro

Panelists: Dinis Cruz, Stefano Di Paola, Petko D. Petkov (AKA PDP Architect)
|-
| style="width:10%; background:#7B8ABD" | 18:00-19:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Chapter Leads Meeting - With Dinis Cruz and Sebastien Deleersnyder
|-
| style="width:10%; background:#7B8ABD" | 19:00-21:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Social Gathering: Dinner and Drinks at Ristorante Why Not?
|-
! colspan="3" align="center" style="background:#4058A0; color:white" | Day 2 - May 17, 2007
|-
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Track 1: Manzoni Room
| style="width:40%; background:#BCA57A" | Track 2: Parini Room
|-
| style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Coffee
|-
| style="width:10%; background:#7B8ABD" | 09:00-09:50 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Keynote: Raoul Chiesa – CTO, ISECOM - The security level of Web Applications in Italy: data and stats from everyday experiences.
|-
| style="width:10%; background:#7B8ABD" | 09:50-10:50 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Protecting Web Applications from Universal PDF XSS: A discussion of how weird the web application security world has become – Ivan Ristic, Chief Evangelist, Breach Security
|-
| style="width:10%; background:#7B8ABD" | 10:50-11:10 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
|-
| style="width:10%; background:#7B8ABD" | 11:10-11:50 || style="width:40%; background:#BC857A" align="left" | Microsoft ACE Team – Application Security from the Core, Simon Roses Femerling – Security Technologist - Microsoft
| style="width:40%; background:#BCA57A" align="left" | Refereed Paper #1 of 3: The OWASP Testing Guide version 2, Matteo Meucci, OWASP Italy
|-
| style="width:10%; background:#7B8ABD" | 11:50-12:30 || style="width:40%; background:#BC857A" align="left" | Making Source Code Analysis Part of the Security Review Process, Brian Chess, Chief Scientist, Fortify Software
| style="width:40%; background:#BCA57A" align="left" | Testing Flash Applications: A new attack vector for XSS and XSFlashing, Stefano di Paola
|-
| style="width:10%; background:#7B8ABD" | 12:30-13:45 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch
|-
| style="width:10%; background:#7B8ABD" | 13:45-15:10 || style="width:40%; background:#BC857A" align="left" | A whirlwind tour of the OWASP tools and projects, Dinis Cruz, OWASP Chief Evangelist and .Net Project Lead
| style="width:40%; background:#BCA57A" align="left" | Refereed Paper #2) Software Security - The bigger picture, Rudolph Araujo (40 min)

&

Refereed Paper #3) Generic Detection of Application Layer Attacks: ModSecurity Core Rule Set<br>Ofer Shezaf, OWASP Israel Chapter Leader, CTO, Breach Security (40 min)
|-
| style="width:10%; background:#7B8ABD" | 15:10-15:30 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break
|-
| style="width:10%; background:#7B8ABD" | 15:30-16:30 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Panel: "What is needed to fix web app sec vulnerabilities once and for all?"
Moderator: Gunnar Peterson – Arctec Group

Panelists: Dave Wichers, Aspect Security, Ivan Ristic, Breach Security, Brian Chess, Fortify Software, Pravir Chandra, Cigital
|-
| style="width:10%; background:#7B8ABD" | 16:30-17:00 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Conference Wrap Up - Dave Wichers, OWASP Conferences Chair
|}

OWASP AppSec Europe 2007 - Italy

2007-04-26T19:15:07Z

Kdhuie: /* Evening Social Event - May 16th */

The next OWASP Europe conference will be held in Milan, Italy May 15th-17th 2007.

==Conference Location==

This year's OWASP AppSec conference in Europe will be held at the Marriott in Milan, Italy from May 15th-17th. More information about this hotel can be found at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/

Via Washington, 66

Milan, 20146 Italy

Phone: 39 02 48521

[[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Training Day: May 15th]]

Main Conference: May 16th-17th

==Agenda and Presentations - May 16th-17th==

The [[6th_OWASP_AppSec_Conference_-_Italy_2007/Agenda | agenda]] will follow the (current) standard OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.

This conference will include presentations from many different OWASP contributors and leading Application Security professionals, and will include one panel each day.

==Training Day: Tuesday - May 15th==

OWASP has arranged several Application Security one-day training courses which are offered on May 15th, the day prior to the conference. More information about the first tutorial is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T1._Foundations_of_Web_Application_Security_-_One_Day_Course_-_May_15th.2C_2007 | The Foundations of Web Application Security]]. This course provides a great introduction for conference attendees into the fundamental security issues that are highly prevalent in today's Web Applications. The prevalence of such vulnerabilities is why OWASP was formed to raise awareness of and help organizations and individuals eliminate such vulnerabilities from their application code.

OWASP has also arranged for a second one-day training course on Web Services Security. Information on this course is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T2._Web_Services_and_XML_Security_-_One_Day_Course_-_May_15th.2C_2007 | Web Services Security]]. The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software.

A third course is now also available: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T3._Advanced_Asp.Net_Exploits_and_Countermeasures_-_One_Day_Course_-_May_15th.2C_2007 | Advanced Asp.Net Exploits and Countermeasures]] - In this course, you will push ASP.NET to the limit and will be shown how ASP.NET applications and environments can be exploited by skilled attackers.

==Evening Social Event - May 16th==

At every conference we have an evening social event the first night. This allows participants to have some unstructured time to mingle with the other attendees. They are always fun and typically attract about half the conference attendees. This year's event will be held nearby at Ristorante Why Not? which is located at Via S. Michele del Carso, 7, about a five minute walk from the conference, and is expected to start around 6:30 or 7. After dinner, many of the participants then wander to the nearest bar/pub and continue sometimes into the wee hours of the morning. In Europe last year some were pretty hard core, staying out till 5 AM. I 'think' the bars in Milan probably close earlier than that :-)

==Accommodations==

OWASP has arranged for a room block of 50 rooms at the Marriott in Milan where the conference is being held. The conference rate is 170 Euros / night (including VAT and breakfast) for up to two people per room. Information about the hotel and reservations can be made at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/. You can also download, fill out, print, and then fax in this [http://www.owasp.org/index.php/Image:OWASP-Marriott-Milan-RegistrationForm.doc registration form].

NOTE: The above room block is being held through April 30th!! After that date, there is no guarantee that rooms at this rate will be available at the Marriott.

Unfortunately, we were not able to make group rate arrangements at other hotels. However, the following is a list of nearby accommodations that may have availability at lower prices:

Hotel Washington Milano (4 stars)
www.hotelwashington-milano.com
Via Washington, 23
Ph.+39 02.45.47.30.26

Hotel Sant'Ambroeus
www.hotelsantambroeus.it
Viale Papiniano, 14
Ph.+39.02.48.00.89.89

Atahotel De Angeli (4 stars)
www.atahotels.it/deangeli
Via Trivulzio, 8
Ph.+39.02.46.70.31

==Conference Fees==

The conference fees are currently as follows, but are still subject to change at the moment:

Standard: 450 Euros, OWASP Members: 400 Euros, Students: 250 Euros.

Conference Dinner (Evening of May 15th): 50 Euros

Conference Tutorial (All day tutorial May 15th): 650 Euros, Student Fee: 350 Euros

Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

==[http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 Registration]==

Here is the [http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 registration page].

== [[OWASP AppSec Conference Sponsors | Conference Sponsors]]==

The following organizations are sponsors for this conference. If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

[http://www.aspectsecurity.com https://www.owasp.org/images/d/d1/Aspect_logo.gif]
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]

More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].

[[Category:OWASP AppSec Conference]]

__NOTOC__

OWASP AppSec Europe 2007 - Italy

2007-04-26T19:14:00Z

Kdhuie: /* Accommodations */

The next OWASP Europe conference will be held in Milan, Italy May 15th-17th 2007.

==Conference Location==

This year's OWASP AppSec conference in Europe will be held at the Marriott in Milan, Italy from May 15th-17th. More information about this hotel can be found at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/

Via Washington, 66

Milan, 20146 Italy

Phone: 39 02 48521

[[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Training Day: May 15th]]

Main Conference: May 16th-17th

==Agenda and Presentations - May 16th-17th==

The [[6th_OWASP_AppSec_Conference_-_Italy_2007/Agenda | agenda]] will follow the (current) standard OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.

This conference will include presentations from many different OWASP contributors and leading Application Security professionals, and will include one panel each day.

==Training Day: Tuesday - May 15th==

OWASP has arranged several Application Security one-day training courses which are offered on May 15th, the day prior to the conference. More information about the first tutorial is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T1._Foundations_of_Web_Application_Security_-_One_Day_Course_-_May_15th.2C_2007 | The Foundations of Web Application Security]]. This course provides a great introduction for conference attendees into the fundamental security issues that are highly prevalent in today's Web Applications. The prevalence of such vulnerabilities is why OWASP was formed to raise awareness of and help organizations and individuals eliminate such vulnerabilities from their application code.

OWASP has also arranged for a second one-day training course on Web Services Security. Information on this course is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T2._Web_Services_and_XML_Security_-_One_Day_Course_-_May_15th.2C_2007 | Web Services Security]]. The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software.

A third course is now also available: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T3._Advanced_Asp.Net_Exploits_and_Countermeasures_-_One_Day_Course_-_May_15th.2C_2007 | Advanced Asp.Net Exploits and Countermeasures]] - In this course, you will push ASP.NET to the limit and will be shown how ASP.NET applications and environments can be exploited by skilled attackers.

==Evening Social Event - May 16th==

At every conference we have an evening social event the first night. This allows participants to have some unstructured time to mingle with the other attendees. They are always fun and typically attract about half the conference attendees. This year's event will be held nearby at Ristorante Why Not? which is located at 7 Via S. Michele del Carso, about a five minut walk from the conference, and is expected to start around 6:30 or 7. After dinner, many of the participants then wander to the nearest bar/pub and continue sometimes into the wee hours of the morning. In Europe last year some were pretty hard core, staying out till 5 AM. I 'think' the bars in Milan probably close earlier than that :-)

==Accommodations==

OWASP has arranged for a room block of 50 rooms at the Marriott in Milan where the conference is being held. The conference rate is 170 Euros / night (including VAT and breakfast) for up to two people per room. Information about the hotel and reservations can be made at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/. You can also download, fill out, print, and then fax in this [http://www.owasp.org/index.php/Image:OWASP-Marriott-Milan-RegistrationForm.doc registration form].

NOTE: The above room block is being held through April 30th!! After that date, there is no guarantee that rooms at this rate will be available at the Marriott.

Unfortunately, we were not able to make group rate arrangements at other hotels. However, the following is a list of nearby accommodations that may have availability at lower prices:

Hotel Washington Milano (4 stars)
www.hotelwashington-milano.com
Via Washington, 23
Ph.+39 02.45.47.30.26

Hotel Sant'Ambroeus
www.hotelsantambroeus.it
Viale Papiniano, 14
Ph.+39.02.48.00.89.89

Atahotel De Angeli (4 stars)
www.atahotels.it/deangeli
Via Trivulzio, 8
Ph.+39.02.46.70.31

==Conference Fees==

The conference fees are currently as follows, but are still subject to change at the moment:

Standard: 450 Euros, OWASP Members: 400 Euros, Students: 250 Euros.

Conference Dinner (Evening of May 15th): 50 Euros

Conference Tutorial (All day tutorial May 15th): 650 Euros, Student Fee: 350 Euros

Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

==[http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 Registration]==

Here is the [http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 registration page].

== [[OWASP AppSec Conference Sponsors | Conference Sponsors]]==

The following organizations are sponsors for this conference. If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

[http://www.aspectsecurity.com https://www.owasp.org/images/d/d1/Aspect_logo.gif]
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]

More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].

[[Category:OWASP AppSec Conference]]

__NOTOC__

OWASP AppSec Europe 2007 - Italy

2007-04-26T18:49:51Z

Kdhuie: /* Evening Social Event - May 16th */

The next OWASP Europe conference will be held in Milan, Italy May 15th-17th 2007.

==Conference Location==

This year's OWASP AppSec conference in Europe will be held at the Marriott in Milan, Italy from May 15th-17th. More information about this hotel can be found at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/

Via Washington, 66

Milan, 20146 Italy

Phone: 39 02 48521

[[6th_OWASP_AppSec_Conference_-_Italy_2007/Training | Training Day: May 15th]]

Main Conference: May 16th-17th

==Agenda and Presentations - May 16th-17th==

The [[6th_OWASP_AppSec_Conference_-_Italy_2007/Agenda | agenda]] will follow the (current) standard OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.

This conference will include presentations from many different OWASP contributors and leading Application Security professionals, and will include one panel each day.

==Training Day: Tuesday - May 15th==

OWASP has arranged several Application Security one-day training courses which are offered on May 15th, the day prior to the conference. More information about the first tutorial is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T1._Foundations_of_Web_Application_Security_-_One_Day_Course_-_May_15th.2C_2007 | The Foundations of Web Application Security]]. This course provides a great introduction for conference attendees into the fundamental security issues that are highly prevalent in today's Web Applications. The prevalence of such vulnerabilities is why OWASP was formed to raise awareness of and help organizations and individuals eliminate such vulnerabilities from their application code.

OWASP has also arranged for a second one-day training course on Web Services Security. Information on this course is available here: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T2._Web_Services_and_XML_Security_-_One_Day_Course_-_May_15th.2C_2007 | Web Services Security]]. The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software.

A third course is now also available: [[6th_OWASP_AppSec_Conference_-_Italy_2007/Training#T3._Advanced_Asp.Net_Exploits_and_Countermeasures_-_One_Day_Course_-_May_15th.2C_2007 | Advanced Asp.Net Exploits and Countermeasures]] - In this course, you will push ASP.NET to the limit and will be shown how ASP.NET applications and environments can be exploited by skilled attackers.

==Evening Social Event - May 16th==

At every conference we have an evening social event the first night. This allows participants to have some unstructured time to mingle with the other attendees. They are always fun and typically attract about half the conference attendees. This year's event will be held nearby at Ristorante Why Not? which is located at 7 Via S. Michele del Carso, about a five minut walk from the conference, and is expected to start around 6:30 or 7. After dinner, many of the participants then wander to the nearest bar/pub and continue sometimes into the wee hours of the morning. In Europe last year some were pretty hard core, staying out till 5 AM. I 'think' the bars in Milan probably close earlier than that :-)

==Accommodations==

OWASP has arranged for a room block of 50 rooms at the Marriott in Milan where the conference is being held. The conference rate is 170 Euros / night (including VAT and breakfast) for up to two people per room. Information about the hotel and reservations can be made at: http://marriott.com/hotels/travel/milit-milan-marriott-hotel/. You can also download, fill out, print, and then fax in this [http://www.owasp.org/index.php/Image:OWASP-Marriott-Milan-RegistrationForm.doc registration form].

NOTE: The above room block is being held through April 30th!! After that date, there is no guarantee that rooms at this rate will be available at the Marriott.

OWASP is working to arrange other, hopefully less expensive alternate hotel locations near the conference facility as well. This information will be posted as soon as any additional arrangements have been worked out.

==Conference Fees==

The conference fees are currently as follows, but are still subject to change at the moment:

Standard: 450 Euros, OWASP Members: 400 Euros, Students: 250 Euros.

Conference Dinner (Evening of May 15th): 50 Euros

Conference Tutorial (All day tutorial May 15th): 650 Euros, Student Fee: 350 Euros

Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

==[http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 Registration]==

Here is the [http://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=4abc935c-a7f8-47e1-83a0-23a2c36faf26 registration page].

== [[OWASP AppSec Conference Sponsors | Conference Sponsors]]==

The following organizations are sponsors for this conference. If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

[http://www.aspectsecurity.com https://www.owasp.org/images/d/d1/Aspect_logo.gif]
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]

More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].

[[Category:OWASP AppSec Conference]]

__NOTOC__