OWASP - User contributions [en]

OWASP AppSec Asia 2008 - Taiwan

2008-11-17T03:25:12Z

Rahul: /* (2008/10/27) - Day 1 */

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] ''' '''[https://www.owasp.org/images/6/6a/OWASP_Asia_2008_Fyodor.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
'''[https://www.owasp.org/images/d/d3/OWASP_Asia_Taiwan_Charmi.pdf Slides]‎'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== ''Guide Team:'' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== ''Organizers:'' ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== ''Platinum Sponsors:'' ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== ''Gold Sponsors:'' ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== ''Silver Sponsors:'' ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== ''Media Partners'': ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

File:OWASP Asia 2008 Fyodor.pdf

2008-11-17T03:24:48Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-14T08:01:41Z

Rahul: /* (2008/10/27) - Day 1 */

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
'''[https://www.owasp.org/images/d/d3/OWASP_Asia_Taiwan_Charmi.pdf Slides]‎'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== ''Guide Team:'' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== ''Organizers:'' ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== ''Platinum Sponsors:'' ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== ''Gold Sponsors:'' ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== ''Silver Sponsors:'' ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== ''Media Partners'': ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-14T07:59:36Z

Rahul: /* OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) */

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
'''[https://www.owasp.org/images/d/d3/OWASP_Asia_Taiwan_Charmi.pdf]‎'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== ''Guide Team:'' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== ''Organizers:'' ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== ''Platinum Sponsors:'' ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== ''Gold Sponsors:'' ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== ''Silver Sponsors:'' ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== ''Media Partners'': ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

File:OWASP Asia Taiwan Charmi.pdf

2008-11-14T07:57:47Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-14T07:54:06Z

Rahul: /* OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) */

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
'''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]‎'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== ''Guide Team:'' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== ''Organizers:'' ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== ''Platinum Sponsors:'' ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== ''Gold Sponsors:'' ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== ''Silver Sponsors:'' ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== ''Media Partners'': ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

File:OWASP Asia 2008 Steven.pdf

2008-11-14T07:47:43Z

Rahul: uploaded a new version of "Image:OWASP Asia 2008 Steven.pdf"

OWASP AppSec Asia 2008 - Taiwan

2008-11-05T07:46:20Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== ''Guide Team:'' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== ''Organizers:'' ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== ''Platinum Sponsors:'' ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== ''Gold Sponsors:'' ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== ''Silver Sponsors:'' ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== ''Media Partners'': ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T08:15:58Z

Rahul:

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== Guide Team: ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== Organizers: ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== Platinum Sponsors: ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== Gold Sponsors: ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== Silver Sponsors: ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== Media Partners: ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T08:09:00Z

Rahul:

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg|center|733px]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== Guide Team: ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== Organizers: ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== Platinum Sponsors: ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== Gold Sponsors: ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== Silver Sponsors: ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== Media Partners: ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T08:01:10Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

----

=== Guide Team: ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

----

=== Organizers: ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

----

=== Platinum Sponsors: ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

----

=== Gold Sponsors: ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

----

=== Silver Sponsors: ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

----

=== Media Partners: ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T07:52:21Z

Rahul: /* Guide Team */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

=== Guide Team ===

----

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

=== Organizers ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

=== Platinum Sponsors ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

=== Gold Sponsors ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

=== Silver Sponsors ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

=== Media Partners ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T07:51:14Z

Rahul: /* Platinum Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

=== Guide Team ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

=== Organizers ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

=== Platinum Sponsors ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png] - [http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png] - [http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png] -
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png] -
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png] -
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png] -
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

=== Gold Sponsors ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

=== Silver Sponsors ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

=== Media Partners ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

File:YahooTw.png

2008-11-04T07:36:28Z

Rahul: uploaded a new version of "Image:YahooTw.png"

File:TWISC.png

2008-11-04T07:36:00Z

Rahul: uploaded a new version of "Image:TWISC.png"

File:SYSTEX.png

2008-11-04T07:35:46Z

Rahul: uploaded a new version of "Image:SYSTEX.png"

File:NETWORK BOX.png

2008-11-04T07:35:30Z

Rahul: uploaded a new version of "Image:NETWORK BOX.png"

File:Mu Dynamics.png

2008-11-04T07:35:10Z

Rahul: uploaded a new version of "Image:Mu Dynamics.png"

File:MTECH.png

2008-11-04T07:34:56Z

Rahul: uploaded a new version of "Image:MTECH.png"

File:MOEA.png

2008-11-04T07:34:41Z

Rahul: uploaded a new version of "Image:MOEA.png"

File:ERay.png

2008-11-04T07:34:23Z

Rahul: uploaded a new version of "Image:ERay.png"

File:BLUECOAT.png

2008-11-04T07:31:41Z

Rahul: uploaded a new version of "Image:BLUECOAT.png"

File:Fortify.png

2008-11-04T07:25:27Z

Rahul: uploaded a new version of "Image:Fortify.png"

File:INFOSECURITY.png

2008-11-04T07:23:23Z

Rahul: uploaded a new version of "Image:INFOSECURITY.png"

File:INFOSECURITY.png

2008-11-04T07:22:16Z

Rahul: uploaded a new version of "Image:INFOSECURITY.png"

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T05:06:06Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

=== Guide Team ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

=== Organizers ===

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

=== Platinum Sponsors ===

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

=== Gold Sponsors ===

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

=== Silver Sponsors ===

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

=== Media Partners ===

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T05:03:59Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

=== '''Guide Team''' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

'''Media Partners'''

[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/9/97/INFOSECURITY.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T05:03:27Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

=== '''Guide Team''' ===

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

'''Media Partners'''

https://www.owasp.org/images/9/97/INFOSECURITY.png

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T05:02:38Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

'''Media Partners'''

https://www.owasp.org/images/9/97/INFOSECURITY.png

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T05:01:42Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

'''Media Partners'''
https://www.owasp.org/images/9/97/INFOSECURITY.png

File:INFOSECURITY.png

2008-11-04T05:01:27Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:59:32Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/ https://www.owasp.org/images/0/08/NETWORK_BOX.png]

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:58:45Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

'''Silver Sponsors'''

[http://www.network-box.com.tw/01.asp https://www.owasp.org/images/0/08/NETWORK_BOX.png]

File:NETWORK BOX.png

2008-11-04T04:55:20Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:54:30Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

'''Gold Sponsors'''

[http://www.bluecoat.com/ https://www.owasp.org/images/9/9c/BLUECOAT.png]
[http://www.eraysecure.com.tw/ https://www.owasp.org/images/e/ea/ERay.png]
[http://tw.yahoo.com/ https://www.owasp.org/images/a/a9/YahooTw.png]

File:YahooTw.png

2008-11-04T04:53:12Z

Rahul:

File:ERay.png

2008-11-04T04:50:16Z

Rahul:

File:BLUECOAT.png

2008-11-04T04:48:43Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:47:02Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]
[http://www.twisc.ntust.edu.tw/ https://www.owasp.org/images/6/6d/TWISC.png]

File:TWISC.png

2008-11-04T04:46:04Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:45:24Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]
[http://www.systex.com.tw/english/index.asp https://www.owasp.org/images/5/5e/SYSTEX.png]

File:SYSTEX.png

2008-11-04T04:43:44Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:43:18Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]
[http://www.mudynamics.com/ https://www.owasp.org/images/1/17/Mu_Dynamics.png]

File:Mu Dynamics.png

2008-11-04T04:40:47Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:40:02Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]
[http://www.mtechpro.com/ https://www.owasp.org/images/b/be/MTECH.png]

File:MTECH.png

2008-11-04T04:38:40Z

Rahul:

OWASP AppSec Asia 2008 - Taiwan

2008-11-04T04:36:19Z

Rahul: /* OWASP AppSec Asia 2008 Conference Sponsors */

== A Note of Thanks ==

We would like to thank this year's 1200+ attendees who came to show support for OWASP App Sec Asia 2008!! As well as our Speakers, Chapter leaders and Sponsors who helped make this year's OWASP Asia Conference a great success!
[[Image:OWASP_Asia_08.jpg]]

== NOW AVAILABLE: OWASP AppSec Asia 2008 Session Slides ==

The session slides are now available; please go to SESSION column under [https://www.owasp.org/index.php/OWASP_AppSec_Asia_2008_-_Taiwan#OWASP_AppSec_Asia_2008.2C_Conference_Schedule_.28Oct_27th_-_Oct_28th.29 Conference Schedule] to access to the slides.

== OWASP AppSec Asia 2008 - Taiwan==

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.

[[Image:Map2.png|center]]

== OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th) ==

{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |
=== (2008/10/27) - Day 1 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:30- 09:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Opening welcome and an introduction to this year’s program]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Wayne Huang, Conference Chair]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:40-09:50''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Institute for Information Industry '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:50-10:00''' || style="width:30%; background:#A7BFDE" align="center" | '''Welcome by Information Security Consortium, Information Service Industry Association '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:00-10:50''' || style="width:30%; background:#A7BFDE" align="center" | ''' [[What's Next? Strategies for Web Application Security]] ''' '''[https://www.owasp.org/images/4/41/OWASP_Asia_2008_YMChen.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[YM Chen, Director, Foundstone, A Division of McAfee]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:00-11:50''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web-based Malware obfuscation: the kung-fu and the detection]]''' '''[https://www.owasp.org/images/6/6b/OWASP_Asia_2008_Wayne.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | ''' [[Wayne Huang, OWASP Taiwan Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''12:40 - 13:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Good Business Penetration Testing]] ''' '''[https://www.owasp.org/images/1/14/OWASP_Asia_2008_KK.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[KK Mookhey (OWASP Mumbai)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | '''13:40 - 15:40 Asia Chapter Leader Meeting'''
'''Attendee:''' China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters

'''P.S:''' Meeting with go in parallel to the two of the talk sessions and coffee break.
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |
|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''13:40 - 14:30''' || style="width:33%; background:#A7BFDE" align="center" | '''[[How bad can Web vulnerabilities be—case study on a 50 million personal records breach]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[PK (Taiwan Criminal Investigation Bureau)]] '''
|-

|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:50 - 15:40''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Tiny coding errors, big losses: real stories of website 0wnage]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Fyodor Yarochkin (Guard-Info)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:50 - 16:40''' || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices ''' '''[https://www.owasp.org/images/d/d2/OWASP_Asia_2008_FrankFan.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Frank Yuan Fan, OWASP China Chapter]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:50 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Why Webmail systems are hard to secure--using real case studies]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Charmi Lin (Taiwan Information & Communication Security Technology Center)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:40 - 18:10''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Penetration Test with BackTrack: Art of Exploitation]] ''' '''[https://www.owasp.org/images/f/f7/OWASP_Asia_2008_Anthony.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Anthony Lai (Dark Floyd), OWASP HK Chapter]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" |

=== (2008/10/28) - Day 2 ===
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''09:00- 10:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[New 0-Day Browser Exploits: Clickjacking - yea, this is bad...]] ''' '''[https://www.owasp.org/images/9/9f/OWASP_Asia_2008_RSnake.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Robert "RSnake" Hansen (SecTheory)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''10:40- 11:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Web 2.0, Consumerization, and Application Security]] ''' '''[https://www.owasp.org/images/1/15/OWASP_Asia_2008_Chenxi.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Chenxi Wang, Ph.D. (Forrester Research)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''11:40- 12:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks]] ''' '''[https://www.owasp.org/images/7/74/OWASP_Asia_2008_Pukhraj.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Dhruv Soi (OWASP Delhi Chapter Leader)]], [[Pukhraj Singh (OWASP Delhi Chapter)]] '''
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 - 14:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example]] ''' '''[https://www.owasp.org/images/e/e5/OWASP_Asia_2008_TimBass.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Tim Bass, OWASP Thailand]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 - 15:20''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Best Practices Guide: Web Application Firewalls]]
'''[https://www.owasp.org/images/5/5d/AppSecASIA08-BPWAF.pdf Slides]''' '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Alexander Meisel (OWASP Germany)]] '''
|-
|-
{| style="width:80%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break
|-
{| style="width:80%" border="0" align="center"
! colspan="4" align="center" style="background:#4F81BD; color:white" |

|-
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''

|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:40 - 16:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets]] ''' '''[https://www.owasp.org/images/0/09/OWASP_Asia_2008_Steven.pdf Slides]'''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[[Steven Adair (ShadowServer Foundation)]] '''
|-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:40 - 17:30''' || style="width:30%; background:#A7BFDE" align="center" | '''[[Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?]] '''
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/Alexander_Meisel_(OWASP_Germany) Alex], [https://www.owasp.org/index.php/Anthony_Lai_(Dark_Floyd)%2C_OWASP_HK_Chapter Anthony], [https://www.owasp.org/index.php/Chenxi_Wang%2C_Ph.D._(Forrester_Research) Chenxi], [https://www.owasp.org/index.php/Dhruv_Soi_(OWASP_Delhi_Chapter_Leader) Dhruv], [https://www.owasp.org/index.php/Frank_Fan%2C_OWASP_China Frank Fan], [https://www.owasp.org/index.php/Fyodor_(Guard-Info) Fyodor], [https://www.owasp.org/index.php/KK_Mookhey_(OWASP_Mumbai) KK], [https://www.owasp.org/index.php/Robert_%22RSnake%22_Hansen_(SecTheory) Robert], [https://www.owasp.org/index.php/Tim_Bass%2C_OWASP_Thailand Tim Bass], [https://www.owasp.org/index.php/Wayne_Huang%2C_OWASP_Taiwan_Chapter Wayne], [https://www.owasp.org/index.php/YM_Chen%2C_Director%2C_McAfee_Foundstone YM] '''
|-

|}

==Conference Fees & Registration==

=== Conference Fees ===

The fee for the two days conference is USD 35, which includes:
*Two lunches
*Coffee breaks
*Conference T-Shirt

=== Registration ===

Registration is now open!! Please [mailto:wayne.owasp@gmail.com '''contact us'''] for the registration.

== Conference T-Shirt ==
[[Image:OWAS AppSec Asia Tshirt.png]]

== Conference Venue==

'''Taipei International Convention Center'''

'''Address:''' 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

'''[http://www.ticc.com.tw/index_en.aspx Website]'''

== Hotel Information ==

'''San Want Hotel'''

'''Address:''' No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

'''[http://www.sanwant.com/ Website]'''

'''Hope City FuShing Hotel'''

'''Address:''' No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

'''[http://www.city-hotel.com.tw/bussiness/b2/b2-en.htm Website]'''

== Taipei City Map - With OWASP Venue and Hotels Marked ==

[[Image: Owasp_appsec_asia_2007_tpe_map_new.png|center]]

== Welcome to Taiwan==
And WELCOME TO TAIWAN! Please check out [http://tw.youtube.com/watch?v=wRc0q9xQEQ4 this video] about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com '''contact us!''']

== OWASP AppSec Asia 2008 Conference Sponsors ==

[[Image:Sponsor_Owasp_Asia.png|840px]]

'''Guide Team'''

[http://www.moeaidb.gov.tw https://www.owasp.org/images/8/82/IDB.png]
[http://www.moea.gov.tw/ https://www.owasp.org/images/a/a4/MOEA.png]

'''Organizers'''

[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/2/2b/OWASP_TW.png]
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://web.cisanet.org.tw/# https://www.owasp.org/images/6/64/CISA.png]

'''Platinum Sponsors'''

[http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
[http://www.fortify.com/ https://www.owasp.org/images/c/c7/Fortify.png]
[http://www.imperva.com/ https://www.owasp.org/images/d/da/IMPERVA.png]

File:IMPERVA.png

2008-11-04T04:35:36Z

Rahul:

File:Fortify.png

2008-11-04T04:33:33Z

Rahul:

File:Armorize.png

2008-11-04T04:31:20Z

Rahul: