OWASP - User contributions [en]

Global Industry Committee - Application 15

2011-12-14T03:20:53Z

Zhendong Yu:

[[How to Join a Committee|Click here to return to 'How to Join a Committee' page]]

----

{| style="width: 100%" class="FCK__ShowTableBorders" border="0" align="center"
|-
! style="background: #4058a0; color: white" colspan="2" align="center" | '''COMMITTEE APPLICATION FORM'''
|-
| style="width: 25%; background: #7b8abd" align="center" | '''Applicant's Name'''
| style="width: 85%; background: #cccccc" align="left" | Frank Fan
|-
| style="width: 25%; background: #7b8abd" align="center" | '''Current and past OWASP Roles'''
| style="width: 85%; background: #cccccc" align="left" | OWASP China VP
|-
| style="width: 25%; background: #7b8abd" align="center" | '''Committee Applying for'''
| style="width: 85%; background: #cccccc" align="left" | Global Industry Committee
|}

----

 

----

Please be aware that for an application to be considered by the board, '''you MUST have 5 recommendations'''. An incomplete application will not be considered for vote.

----

 

----

{| style="width: 100%" class="FCK__ShowTableBorders" border="0" align="center"
|-
! style="background: #4058a0; color: white" colspan="8" align="center" | '''COMMITTEE RECOMMENDATIONS'''
|-
! style="background: white; color: white" align="center" | 
! style="background: #7b8abd; color: white" align="center" | '''Who Recommends/Name'''
! style="background: #7b8abd; color: white" align="center" | '''Role in OWASP'''
! style="background: #7b8abd; color: white" align="center" | '''Recommendation Content'''
|-
| style="width: 3%; background: #cccccc" align="center" | '''1'''
| style="width: 20%; background: #cccccc" align="center" | Helen Gao
| style="width: 20%; background: #cccccc" align="center" | Long Island Chapter Founder & Leader, Global Membership Comittee
| style="width: 57%; background: #cccccc" align="center" | I first met Frank at the OWASP conference in 2010. Frank is one of the most intelligent entrepreneurs and infosec experts I have ever met. Frank's company has been one of the main sponsors of the past two OWASP conferences in China. As a matter of fact, Frank has volunteered to host the OWASP submit in 2013. Frank's education and experience in both US and China is rare, especially among OWASP leaders. I am confident that he will be an asset to OWASP.
|-
| style="width: 3%; background: #cccccc" align="center" | '''2'''
| style="width: 20%; background: #cccccc" align="center" | Ivy Zhang
| style="width: 20%; background: #cccccc" align="center" | Member of China Chapter
| style="width: 57%; background: #cccccc" align="center" | Being the VP of China Chapter, Frank also has more than ten years experience in US. His experience and knowledge is crucial in OWASP's mission
|-
| style="width: 3%; background: #cccccc" align="center" | '''3'''
| style="width: 20%; background: #cccccc" align="center" | Tin Zaw
| style="width: 20%; background: #cccccc" align="center" | Los Angeles Chapter Leader
| style="width: 57%; background: #cccccc" align="center" | Frank is a highly-respected, well-connected, successful engineer/businessman in China and he is very committed to success of OWASP, in China and globally. These attributes make him an ideal candidate for the Industry Committee.
|-
| style="width: 3%; background: #cccccc" align="center" | '''4'''
| style="width: 20%; background: #cccccc" align="center" | Weilin Zhong
| style="width: 20%; background: #cccccc" align="center" | Lead of Top 10 Chinese Project
| style="width: 57%; background: #cccccc" align="center" | I worked with Frank for the OWASP China Summit 2010 hosted in Beijing. He was one of the key members of the summit organization committee and the local host. Frank was not only a security expert but also a security entrepreneur with rich understanding of both the American and the Chinese security industries and communities. He is resourceful and well-connected. He provided great support for the summit and showed strong commitment of promoting both OWASP and application security in the China and Asian areas. His unique combination of US and Chinese education backgrounds, industrial experiences and leaderships positions him well for prompting OWASP in a global level and connecting to international communities . I am sure he will be a great asset for OWASP.
|-
| style="width: 3%; background: #cccccc" align="center" | '''5'''
| style="width: 20%; background: #cccccc" align="center" | rip
| style="width: 20%; background: #cccccc" align="center" | Owasp china chapter founder &  leader
| style="width: 57%; background: #cccccc" align="center" | Support Frank,  Hope to devote more time to promote the development of Owasp china.
|-
| style="width: 3%; background: #cccccc" align="center" | '''6'''
| style="width: 20%; background: #cccccc" align="center" | Zhendong Yu
| style="width: 20%; background: #cccccc" align="center" | OWASP China Summit Organizer, TOP 10 Chinese Project
| style="width: 57%; background: #cccccc" align="center" | From my experience working with Frank during OWASP China Summit 2010 and OWASP Asia Summit 2011, I can tell Frank will be a great asset to OWASP, with his vast experience in the science and business of making information security work, within China and globally. Fully endorsed.
|}

----

OWASP Global AppSec Asia 2011

2011-06-03T18:16:49Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia 2011''' in Beijing, China from Nov. 8 to Nov. 11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/OWASP_Conference/OWASP_2011 OWASP 2011亚太峰会]
==== Registration ====
请使用[http://www.regonline.com/appsecasia2011 RegOnline 链接]来注册(中文).

Please use [http://www.regonline.com/owaspglobalappsecasia2011 RegOnline link] for your registration (English).

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/d/d3/OWASP_AppSec_Asia_2011_CFP_v2.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 10th and 11th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

'''Beijing International Convention Center'''

No 8 Beichen Dong Road
Chaoyang District, Beijing
China 100101

Tel: +86-10-84979768

website: http://www.bicc.com.cn

=== Hotel ===
Beijing Continental Grand Hotel

Tel: +86-10-84980105

website: http://www.bcghotel.com
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-06-03T18:16:21Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia 2011''' in Beijing, China from Nov. 8 to Nov. 11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/OWASP_Conference/OWASP_2011 OWASP 2011亚太峰会]
==== Registration ====
请使用[http://www.regonline.com/appsecasia2011 RegOnline 链接]来注册(中文).
Please use [http://www.regonline.com/owaspglobalappsecasia2011 RegOnline link] for your registration (English).
'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/d/d3/OWASP_AppSec_Asia_2011_CFP_v2.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 10th and 11th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

'''Beijing International Convention Center'''

No 8 Beichen Dong Road
Chaoyang District, Beijing
China 100101

Tel: +86-10-84979768

website: http://www.bicc.com.cn

=== Hotel ===
Beijing Continental Grand Hotel

Tel: +86-10-84980105

website: http://www.bcghotel.com
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-06-03T16:56:47Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia 2011''' in Beijing, China from Nov. 8 to Nov. 11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/OWASP_Conference/OWASP_2011 OWASP 2011亚太峰会]
==== Registration ====
Please use [http://www.regonline.com/appsecasia2011 RegOnline link] for your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/d/d3/OWASP_AppSec_Asia_2011_CFP_v2.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 10th and 11th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

'''Beijing International Convention Center'''

No 8 Beichen Dong Road
Chaoyang District, Beijing
China 100101

Tel: +86-10-84979768

website: http://www.bicc.com.cn

=== Hotel ===
Beijing Continental Grand Hotel

Tel: +86-10-84980105

website: http://www.bcghotel.com
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-26T15:14:07Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia_2.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 8-11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚太峰会]
==== Registration ====
Please use regonline for your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 4th and 5th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

'''Beijing International Convention Center'''

No 8 Beichen Dong Road
Chaoyang District, Beijing
China 100101

Tel: +86-10-84979768

website: http://www.bicc.com.cn

=== Hotel ===
Beijing Continental Grand Hotel

Tel: +86-10-84980105

website: http://www.bcghotel.com
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-26T15:13:38Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia_2.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 8-11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚太峰会]
==== Registration ====
Please use regonline for your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 4th and 5th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

'''Beijing International Convention Center'''

No 8 Beichen Dong Road
Chaoyang District, Beijing
China 100101

Tel: +86-10-84979768
website: http://www.bicc.com.cn

=== Hotel ===
Beijing Continental Grand Hotel

Tel: +86-10-84980105
website: http://www.bcghotel.com
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-24T15:42:02Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_2011_AppSec_Asia_2.jpg‎]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP 中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚太峰会]
==== Registration ====
Please use regonline for your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== CFP and CFT ====

===OWASP APPSEC ASIA 2011===
===CALL FOR Presentation===

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:
# Web Application Security
# Mobile Application Security
# Cloud Application Security
# Software and Architecture Patterns for Application Security
# Metrics for Application Security
# OWASP Tools and Projects
# Secure Coding Practices (J2EE/.NET)
# Application Security Testing
# New Attacks and Defense
# Other subjects related to OWASP and Application Security

To make a submission:
# Download and fill out the form available at https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip
# Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=apac2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

* Submission deadline: August 22, 2011.
* Notification of acceptance: September 9, 2011.
* Presentation slides due: October 21, 2011.

===CALL FOR Training===

OWASP AppSec Asia will begin with two days of training sessions on November 4th and 5th, 2011.
Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject.
Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:
# The title and length of the training;
# The intended audience and prerequisite knowledge or skills, if any;
# Complete contact information for the trainer; and
# Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.
Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.og). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:
Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: http://www.easychair.org/conferences/?conf=appsecasia2011
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====
More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please [mailto:heleng@owasp.org contact us] directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
 
[https://www.owasp.org/images/2/24/OWASP_China2011_Sponsorship.pdf OWASP_China2011_Sponsorship.pdf]

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Team ====
*[mailto:heleng@owasp.org Contact us]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao 高雯]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu 于振东]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T14:04:42Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecAppSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚太峰会]
==== Registration ====
Please use [http://owasp2011.eventbrite.com/ the eventbrite link] to your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:55:37Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecAppSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
Please use [http://owasp2011.eventbrite.com/ the eventbrite link] to your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]
*[mailto:zhendong.yu@owasp.org Zhendong Yu]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:55:03Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecAppSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
Please use [http://owasp2011.eventbrite.com/ the eventbrite link] to your registration.

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:46:31Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecAppSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:45:59Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_china_logo.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:45:06Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:42:57Z

Zhendong Yu:

__NOTOC__
[[File:OWASPApecSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter] will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-05-17T02:42:03Z

Zhendong Yu:

__NOTOC__
[[File:OWASPApecSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia Pacific 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP Global AppSec Asia Pacific 2011''' in Beijing, China in Nov 4-7, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

File:OWASPApecAppSec2011.jpg

2011-05-17T02:40:11Z

Zhendong Yu: uploaded a new version of "File:OWASPApecAppSec2011.jpg": OWASP AppSec Asia Pacific 2011

Logo for OWASP Apec AppSec 2011

OWASP Global AppSec Asia 2011

2011-05-17T02:33:15Z

Zhendong Yu:

__NOTOC__
[[Image:OWASPApecSec2011.jpg]]

====Welcome====

===OWASP Global AppSec Asia 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP Global AppSec Asia 2011''' in Beijing, China in Nov, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

[http://www.owasp.org.cn OWASP中国]

[http://www.owasp.org.cn/owasp5cf04f1a/owasp20114e2d56fd5cf04f1a OWASP 2011亚洲峰会]
==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Call for Paper ====

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Sponsors ====

=== Sponsors ===

* 中国计算机学会计算机安全专委会
* 中国信息安全测评中心

==== Contacts ====

*[mailto:heleng@owasp.org Mailing List]

=== Members (in alphabetical order) ===
*[mailto:frank.fan@dbappsecurity.com.cn Frank Fan 范渊]
*[mailto:heleng@owasp.org Helen Gao]
*[mailto:nsace2009@gmail.com Jianchun Jiang 蒋建春]
*[mailto:helen.gao@owasp.org Jack Li 李江宏]
*[mailto:rip@owasp.org.cn Rip Torn 万振華]
*[mailto:wangjie8578@yahoo.com.cn Jie Wang 王颉]
*[mailto:ivy@owasp.org.cn Ivy Zhang 张平]

==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

File:OWASPApecAppSec2011.jpg

2011-05-17T02:31:22Z

Zhendong Yu: Logo for OWASP Apec AppSec 2011

Logo for OWASP Apec AppSec 2011

OWASP Global AppSec Asia 2011

2011-04-28T14:40:37Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP Global AppSec Asia 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP Global AppSec Asia 2011''' in Beijing, China in Nov, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站

==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Training: ====
----
===== Training Agenda =====
----

===== Enrollment & Questions: =====
----
===== Trainer Bios & Course Abstracts =====

----

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Conference Committee ====

===Contact===

===Organizers===
TBD
===Conference Committee===
TBD
==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-04-28T14:40:22Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP Global AppSec Asia 2011 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP Global AppSec Asia 2011''' in Wuhan China in Nov, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站

==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Training: ====
----
===== Training Agenda =====
----

===== Enrollment & Questions: =====
----
===== Trainer Bios & Course Abstracts =====

----

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Conference Committee ====

===Contact===

===Organizers===
TBD
===Conference Committee===
TBD
==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP Global AppSec Asia 2011

2011-03-14T15:44:06Z

Zhendong Yu: moved OWASP AppSec Asia 2011 to OWASP Global AppSec Asia 2011

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP Global AppSec Asia 2011 - Wuhan China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP Global AppSec Asia 2011''' in Wuhan China in Nov, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站

==== Registration ====
TBD

'''Who Should Attend OWASP Global AppSec Asia 2011:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

==== Training: ====
----
===== Training Agenda =====
----

===== Enrollment & Questions: =====
----
===== Trainer Bios & Course Abstracts =====

----

==== Agenda ====

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.
----

==== Conference Committee ====

===Contact===

===Organizers===
TBD
===Conference Committee===
TBD
==== Expense ====

==== Logistics====

=== Venue ===

TBD
=== Hotel ===
TBD
=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_AppSec_Asia_Summit_2011]][[Category:China]]

OWASP AppSec Asia 2011

2011-03-14T15:44:06Z

Zhendong Yu: moved OWASP AppSec Asia 2011 to OWASP Global AppSec Asia 2011

#REDIRECT [[OWASP Global AppSec Asia 2011]]

OWASP Global AppSec Asia 2011

2011-03-14T15:42:17Z

Zhendong Yu: Created page with "__NOTOC__ Image:OWASP_China_logo.jpg ====Welcome==== ===OWASP Global AppSec Asia 2011 - Wuhan China=== [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland ..."

China AppSec 2011 Budget

2011-03-01T15:33:11Z

Zhendong Yu: Created page with "Place Holder for China AppSec 2011 Budget"

Place Holder for China AppSec 2011 Budget

Global Conferences Committee - Application 8

2011-02-16T15:48:39Z

Zhendong Yu:

[[How to Join a Committee|Click here to return to 'How to Join a Committee' page]]

----
{| style="width:100%" border="0" align="center"
! colspan="2" align="center" style="background:#4058A0; color:white"|'''COMMITTEE APPLICATION FORM'''
|-
| style="width:25%; background:#7B8ABD" align="center"|'''Applicant's Name'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|Zhendong Yu
|-
| style="width:25%; background:#7B8ABD" align="center"| '''Current and past OWASP Roles'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|One of the early OWASP DC chapter members, leader of OWASP Chinese project, organizer for OWASP China Summit 2010.
|-
| style="width:25%; background:#7B8ABD" align="center"| '''Committee Applying for'''
| colspan="1" style="width:85%; background:#cccccc" align="left"|Global Conferences Committee
|}
----

----
Please be aware that for an application to be considered by the board, '''you MUST have 5 recommendations'''.
An incomplete application will not be considered for vote.
----

----
{| style="width:100%" border="0" align="center"
! colspan="8" align="center" style="background:#4058A0; color:white"|'''COMMITTEE RECOMMENDATIONS'''
|-
! align="center" style="background:white; color:white"|
! align="center" style="background:#7B8ABD; color:white"|'''Who Recommends/Name'''
! align="center" style="background:#7B8ABD; color:white"|'''Role in OWASP'''
! align="center" style="background:#7B8ABD; color:white"|'''Recommendation Content'''
|-
| style="width:3%; background:#cccccc" align="center"|'''1'''
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:57%; background:#cccccc" align="center"|
|-
| style="width:3%; background:#cccccc" align="center"|'''2'''
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:57%; background:#cccccc" align="center"|
|-
| style="width:3%; background:#cccccc" align="center"|'''3'''
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:57%; background:#cccccc" align="center"|
|-
| style="width:3%; background:#cccccc" align="center"|'''4'''
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:57%; background:#cccccc" align="center"|
|-
| style="width:3%; background:#cccccc" align="center"|'''5'''
| style="width:20%; background:#cccccc" align="center"|
| style="width:20%; background:#cccccc" align="center"|
| style="width:57%; background:#cccccc" align="center"|
|}
----

OWASP China Summit 2010

2010-10-15T04:43:24Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/OWASPTop10-2010-PressRelease OWASP TOP 10]
[http://www.owasp.org/images/a/a7/OWASP_Top_10_PR_Chinese.pdf OWASP十大风险]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/5/58/Bio_-_Kenny_Lee_2010.pdf Kenny Lee], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#2010 Data Breach Investigation Report]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Building an effective SSA program in measurable iterations]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
== 2010 Data Breach Investigation Report ==
===== Kenny Lee =====
This presentation is based on the Verizon Business Data Breach Investigations Report1 (DBIR) and will be delivered by Kenny Lee, one of the contributors of the report. The DBIR is a collaborative effort between the United States Secret Service Cyber Intelligence Section and Verizon Business to collect and analyse what we believe to be the world’s largest study of data breaches consisting of over 900 cases and 900 million compromised records across six years of first hand forensic investigations.
We have learned a great deal from this journey and we’re glad to have the opportunity to share these findings with you. As always, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of the audience. Many of the lessons learnt from this study strongly indicated the need for improvements in web application security. Data breaches are often a series of simple oversights that culminate in a significant event where huge amounts of data are stolen. We will discuss the most common issues through the use of statistics, war stories and case studies. Key recommendations will be discussed that we believe will help your organisation not be the next victim of a data breach.
More information can be found at [http://www.verizonbusiness.com/databreach/ Verizon Business website].
== Building an effective SSA program in measurable iterations ==
===== Pravir Chandra =====
Integrating security activities into the software development process remains a challenge for most organizations despite the existence of several secure SDLC models. We've learned from experience that the hard questions of "what", "when", and "how much" require answers customized to each organization and there are no simple, one-size-fits-all answers.
To help organizations find their own answers, this session will introduce the Open Software Assurance Maturity Model (OpenSAMM), a flexible framework for building a balanced software security assurance (SSA) program. Using the framework, attendees will learn how to self-assess their security activities and use roadmap templates to improve in small and measurable iterations. We'll also talk about several real-world case studies that demonstrate the framework in action. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/.
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
[http://www.honkwin.com/ http://www.honkwin.com/images/demo_03.gif]红科网安(北京)科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif]
[http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/1/17/OWASP_China_Summit_2010_Investment_Guide.pdf English]][[http://www.owasp.org/images/6/66/OWASP_China_Summit_2010_Investment_Guide_Chinese.pdf Chinese]]. Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter Chair]
**[mailto:Ivy@owasp.org.cn Ivy Zhang] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter Summit Secretary]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]
** [mailto:ggf.ish@gmail.com Zhendong Yu]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggf.ish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, Co-Founder, VP Engineering, Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.
* [mailto:ivy@owasp.org.cn, Ivy Zhang] 张小姐 - OWASP China Summit Secretary, OWASP China-Mainland Chapter, 会务秘书

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-11T16:53:51Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/OWASPTop10-2010-PressRelease OWASP TOP 10]
[http://www.owasp.org/images/a/a7/OWASP_Top_10_PR_Chinese.pdf OWASP十大风险]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/5/58/Bio_-_Kenny_Lee_2010.pdf Kenny Lee], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#2010 Data Breach Investigation Report]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Building an effective SSA program in measurable iterations]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
== 2010 Data Breach Investigation Report ==
===== Kenny Lee =====
This presentation is based on the Verizon Business Data Breach Investigations Report1 (DBIR) and will be delivered by Mark Goudie, one of the co‐authors of the report. The DBIR is a collaborative effort between the United States Secret Service Cyber Intelligence Section and Verizon Business to collect and analyse what we believe to be the world’s largest study of data breaches consisting of over 900 cases and 900 million compromised records across six years of first hand forensic investigations.
We have learned a great deal from this journey and we’re glad to have the opportunity to share these findings with you. As always, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of the audience. Many of the lessons learnt from this study strongly indicated the need for improvements in web application security. Data breaches are often a series of simple oversights that culminate in a significant event where huge amounts of data are stolen. We will discuss the most common issues through the use of statistics, war stories and case studies. Key recommendations will be discussed that we believe will help your organisation not be the next victim of a data breach.
More information can be found at [http://www.verizonbusiness.com/databreach/ Verizon Business website].
== Building an effective SSA program in measurable iterations ==
===== Pravir Chandra =====
Integrating security activities into the software development process remains a challenge for most organizations despite the existence of several secure SDLC models. We've learned from experience that the hard questions of "what", "when", and "how much" require answers customized to each organization and there are no simple, one-size-fits-all answers.
To help organizations find their own answers, this session will introduce the Open Software Assurance Maturity Model (OpenSAMM), a flexible framework for building a balanced software security assurance (SSA) program. Using the framework, attendees will learn how to self-assess their security activities and use roadmap templates to improve in small and measurable iterations. We'll also talk about several real-world case studies that demonstrate the framework in action. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/.
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
[http://www.honkwin.com/ http://www.honkwin.com/images/demo_03.gif]红科网安(北京)科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif]
[http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/1/17/OWASP_China_Summit_2010_Investment_Guide.pdf English]][[http://www.owasp.org/images/6/66/OWASP_China_Summit_2010_Investment_Guide_Chinese.pdf Chinese]]. Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggf.ish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, Co-Founder, VP Engineering, Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-11T16:53:13Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/OWASPTop10-2010-PressRelease OWASP TOP 10]
[http://www.owasp.org/images/a/a7/OWASP_Top_10_PR_Chinese.pdf OWASP十大风险]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/5/58/Bio_-_Kenny_Lee_2010.pdf Kenny Lee], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#2010 Data Breach Investigation Report]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Building an effective SSA program in measurable iterations]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
== 2010 Data Breach Investigation Report ==
===== Kenny Lee =====
This presentation is based on the Verizon Business Data Breach Investigations Report1 (DBIR) and will be delivered by Mark Goudie, one of the co‐authors of the report. The DBIR is a collaborative effort between the United States Secret Service Cyber Intelligence Section and Verizon Business to collect and analyse what we believe to be the world’s largest study of data breaches consisting of over 900 cases and 900 million compromised records across six years of first hand forensic investigations.
We have learned a great deal from this journey and we’re glad to have the opportunity to share these findings with you. As always, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of the audience. Many of the lessons learnt from this study strongly indicated the need for improvements in web application security. Data breaches are often a series of simple oversights that culminate in a significant event where huge amounts of data are stolen. We will discuss the most common issues through the use of statistics, war stories and case studies. Key recommendations will be discussed that we believe will help your organisation not be the next victim of a data breach.
More information can be found at [http://www.verizonbusiness.com/databreach/ Verizon Business website].
== Building an effective SSA program in measurable iterations ==
===== Pravir Chandra =====
Integrating security activities into the software development process remains a challenge for most organizations despite the existence of several secure SDLC models. We've learned from experience that the hard questions of "what", "when", and "how much" require answers customized to each organization and there are no simple, one-size-fits-all answers.
To help organizations find their own answers, this session will introduce the Open Software Assurance Maturity Model (OpenSAMM), a flexible framework for building a balanced software security assurance (SSA) program. Using the framework, attendees will learn how to self-assess their security activities and use roadmap templates to improve in small and measurable iterations. We'll also talk about several real-world case studies that demonstrate the framework in action. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/.
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
[http://www.honkwin.com/ http://www.honkwin.com/images/demo_03.gif]红科网安(北京)科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif]
[http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/1/17/OWASP_China_Summit_2010_Investment_Guide.pdf English]][[http://www.owasp.org/images/6/66/OWASP_China_Summit_2010_Investment_Guide_Chinese.pdf Chinese]]. Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, Co-Founder, VP Engineering, Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T08:02:40Z

Zhendong Yu: Added presenter's name

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/6/65/Mark_goudie.pdf Mark Goudie], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#2010 Data Breach Investigation Report]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
== 2010 Data Breach Investigation Report ==
===== Mark Goudie =====
This presentation is based on the Verizon Business Data Breach Investigations Report1 (DBIR) and will be delivered by Mark Goudie, one of the co‐authors of the report. The DBIR is a collaborative effort between the United States Secret Service Cyber Intelligence Section and Verizon Business to collect and analyse what we believe to be the world’s largest study of data breaches consisting of over 900 cases and 900 million compromised records across six years of first hand forensic investigations.
We have learned a great deal from this journey and we’re glad to have the opportunity to share these findings with you. As always, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of the audience. Many of the lessons learnt from this study strongly indicated the need for improvements in web application security. Data breaches are often a series of simple oversights that culminate in a significant event where huge amounts of data are stolen. We will discuss the most common issues through the use of statistics, war stories and case studies. Key recommendations will be discussed that we believe will help your organisation not be the next victim of a data breach.
More information can be found at [http://www.verizonbusiness.com/databreach/ Verizon Business website].
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T08:01:35Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/6/65/Mark_goudie.pdf Mark Goudie], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#2010 Data Breach Investigation Report]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
== 2010 Data Breach Investigation Report ==
This presentation is based on the Verizon Business Data Breach Investigations Report1 (DBIR) and will be delivered by Mark Goudie, one of the co‐authors of the report. The DBIR is a collaborative effort between the United States Secret Service Cyber Intelligence Section and Verizon Business to collect and analyse what we believe to be the world’s largest study of data breaches consisting of over 900 cases and 900 million compromised records across six years of first hand forensic investigations.
We have learned a great deal from this journey and we’re glad to have the opportunity to share these findings with you. As always, our goal is that the data and analysis presented in this report prove helpful to the planning and security efforts of the audience. Many of the lessons learnt from this study strongly indicated the need for improvements in web application security. Data breaches are often a series of simple oversights that culminate in a significant event where huge amounts of data are stolen. We will discuss the most common issues through the use of statistics, war stories and case studies. Key recommendations will be discussed that we believe will help your organisation not be the next victim of a data breach.
More information can be found at [http://www.verizonbusiness.com/databreach/ Verizon Business website].
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T07:25:11Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/6/65/Mark_goudie.pdf Mark Goudie], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.verizonbusiness.com/databreach/ 2010 Data Breach Investigation Report]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
=====Chenxi Wang, PhD=====
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
===== Wong Onn Chee =====
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.

==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T07:24:03Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/6/65/Mark_goudie.pdf Mark Goudie], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.verizonbusiness.com/databreach/ 2010 Data Breach Investigation Report]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
= Chenxi Wang, PhD =
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
= Wong Onn Chee =
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.

==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T07:18:29Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/6/65/Mark_goudie.pdf Mark Goudie], Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.verizonbusiness.com/databreach/ 2010 Data Breach Investigation Report]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.

==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

File:Mark goudie.pdf

2010-10-08T07:16:29Z

Zhendong Yu: Mark Goudie's bio.

Mark Goudie's bio.

OWASP China Summit 2010

2010-10-08T06:53:48Z

Zhendong Yu:

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Mark Goudie, Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.verizonbusiness.com/databreach/ 2010 Data Breach Investigation Report]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.

==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-08T06:51:53Z

Zhendong Yu: updated talk content

__NOTOC__
[[Image:OWASP_China_logo.jpg]]

====Welcome====

===OWASP China Summit 2010 - Beijing China===

[http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]will host '''OWASP China Summit 2010''' in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

'''Press Release: [http://www.owasp.org/images/d/d8/OWASP_China_Summit_2010_Announcement.pdf OWASP China Summit 2010 Announcement]'''

====中文(Chinese)====

===中文网站===

本次会议设有专门的中文网站： [http://www.owasp.org.cn/ OWASP 2010 中国峰会中文网站]。

==== Registration ====

Please [http://www.eventbrite.com/event/735697491 register] yourself to attend the OWASP China Summit. General admission is FREE.

'''Who Should Attend OWASP China Summit 2010:'''

*Application Developers
*Application Testers and Quality Assurance
*Application Project Management and Staff
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
*Security Managers and Staff
*Executives, Managers, and Staff Responsible for IT Security Governance
*IT Professionals Interesting in Improving IT Security
For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

==== Training: Oct 20 - 21 ====
----
===== Training Agenda =====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="6" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Training Oct 20 - Oct 21'''

|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Trainer
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Topic
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (Before Oct.10)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Price (After Oct.10)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Yuezhong Bao, Microsoft
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Secure Development Lifecycle
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 20
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Benson Wu, Armorize
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Code Review
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | AM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Xin Fang, VulnHunt
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|-
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | PM Oct 21
| style="width: 20%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Aaron, DBAppSecurity
| align="center" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Security Testing
| style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1000 ($150)
| style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | RMB 1500 ($230)
|}

----

===== Enrollment & Questions: =====
* Ivy: 13510601178, Ivy@owasp.org.cn
* Rip: 13699898080, rip@owasp.org.cn

----
===== Trainer Bios & Course Abstracts =====
* More details, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=57&Itemid=83 summit Chinese website (详情请见峰会中文网站）].

----

==== Agenda: Oct 22 ====
{| border="0" align="center" style="width: 80%;"
|-
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - Oct 22, 2010 Tentative'''

|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | Time
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Speaker
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Presentation
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Language
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-09:00
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Networking
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-09:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/China-Mainland Rip Torn], OWASP China Chapter and [http://www.owasp.org/index.php/User:Brennan Tom Brennan] OWASP Board
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Opening Statement: Welcome to OWASP China Summit 2010
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:10-10:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Keynote: [http://www.owasp.org/index.php/Chenxi_Wang,_Ph.D._(Forrester_Research) Chenxi Wang], PhD, Forrester Research
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [[#Application Security Market Trend 应用安全市场动态]]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Weilin_Zhong Weilin Zhong], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP TOP 10]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:50-11:20
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/Frank_Yuan_Fan,_OWASP_China_Chapter Frank Fan], DBAppSecurity
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Web Attack and Defense Trends
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/e/e4/WongOnnChee_Biodata.pdf Wong Onn Chee], [http://www.owasp.org/index.php/Singapore OWASP Singapore Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese/English
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:00-13:30
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch Break
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:10
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Mark Goudie, Verizon Business
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.verizonbusiness.com/databreach/ 2010 Data Breach Investigation Report]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:20-15:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/index.php/User:Pravir_Chandra Pravir Chandra], OWASP
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | [http://www.owasp.org/index.php/SAMM OWASP OpenSAMM Project]
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | English with real-time Chinese translation
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:40
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | [http://www.owasp.org/images/8/81/BioGaoWenInfoSec.pdf Helen Gao], [http://www.owasp.org/index.php/Long_Island OWASP Long Island Chapter]
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP and OWASP Projects
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|-
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-17:00
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Panel
| align="center" style="width: 40%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Round Table: Web App Security - State of Art
| align="center" style="width: 10%; background: none repeat scroll 0% 0% rgb(92, 121, 187);" | Chinese
|}

== Application Security Market Trend 应用安全市场动态 ==
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态，并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例，看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序，并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
==== Sponsors ====
----
=== Diamond Sponsors: ===
[http://www.dbappsecurity.com.cn/ http://www.owasp.org/images/2/27/Dbappsecurity_logo.gif] 安恒信息 [http://www.armorize.com https://www.owasp.org/images/9/98/Armorize.png]
----

=== Platinum Sponsors: ===
----

=== Gold Sponsors: ===
[http://www.venustech.com.cn/ http://www.owasp.org/images/4/4d/VenusTech_logo.gif]
[http://www.ankki.com/ http://www.owasp.org.cn/images/stories/ankkilog.png]深圳昂楷科技有限公司
----

=== Supporting Sponsors: ===
[http://www.huawei.com/ http://www.owasp.org/images/f/ff/Huawei_Logo.gif] 华为

{{MemberLinks|link=http://www.microsoft.com|logo=Logo_microsoft.jpg}}微软中国

[http://www.vulnhunt.com/ '''南京翰海源''']

----

=== Educational Sponsors: ===
[http://www.is.cas.cn/ http://www.owasp.org/images/1/15/ISCAS_logo.gif]中国科学院软件研究所 [http://www.infosec.pku.edu.cn/ http://www.owasp.org/images/2/21/InfoSec_Lab_PKU_logo.gif]
----

=== Organizing Partners: ===
[http://www.idcquan.com/ http://www.idcquan.com/images/logo2009.gif] [http://www.seczone.org http://www.seczone.org/templates/jsn_epic_pro/images/logo.png]
[http://www.nsace.org.cn http://www.nsace.org.cn/templets/images/toplogo.gif]

----

=== Media Partners: ===
OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:
* Print Media：CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
* Network Media: [http://www.chinabyte.com/ http://image.chinabyte.com/w/pic/logo.gif],[http://www.it168.com/ http://www.it168.com/himages/logo.gif][http://www.51cto.com http://images.51cto.com/images/index/Images/Logo.gif], [http://www.cww.net.cn/ http://www.cww.net.cn/images/top_logo.jpg], CTOCIO, etc.
----

=== Sponsor US! ===
We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [[http://www.owasp.org/images/d/df/OWASP_China_Summit_2010_Investment_Guide.doc English]][[http://www.owasp.org/images/5/53/OWASP_China_Summit_2010_Investment_Guide_Chinese.doc Chinese]]

Slots are going fast so contact [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team] to sponsor today!
----

==== Conference Committee ====

===Contact===
* [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team]

===Organizers===
* Local host:
**[mailto:rip@owasp.org Rip Torn] [http://www.owasp.org/index.php/China-Mainland OWASP China-Mainland Chapter]
* Overseas:
** [mailto:weilin.zhong@owasp.org Weilin Zhong]
** [mailto:heleng@owasp.org Helen Gao]

===Conference Committee===
* [mailto:rip@owasp.org Rip Torn] 万振华，Chair of OWASP China Mainland chapter
* [mailto:frank.fan@dbappsecurity.com.cn Frank Fan] 范渊，Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
* [mailto:weilin.zhong@owasp.org Weilin Zhong] 钟卫林，Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
* [mailto:heleng@owasp.org Helen Gao] 高雯，Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
* [mailto:ggfish@gmail.com Zhendong Yu] 于振东， OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
* [mailto:eric@owasp.org.cn Eric Chio] 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
* [mailto:nsace2009@gmail.com Jianchun Jiang] 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
* [mailto:wangjie8578@yahoo.com.cn Jie Wang] 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
* [mailto:wayne@armorize.com Wayne Huang] 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.

==== Volunteer ====

=== Volunteers Needed! ===

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year!
E-mail the [mailto:weilin.zhong@owasp.org OWASP China Summit 2010 Organization Team].

==== Logistics====

=== Venue ===

Hotel Nikko New Century Beijing Conference Center

=== Hotel ===

Hotel Nikko New Century Beijing
北京新世纪日航酒店北京市海淀区首体南路6号

* Add: No.6 Southern Road, Capital Gym, Haidian District, Beijing 100044
* Tel: 86-10-6849 2001
* Fax: 86-10-6849 1103
* http://www.newcenturyhotel.com.cn

[http://www.newcenturyhotel.com.cn http://www.owasp.org.cn/images/stories/hotel.jpg]

=== Hotel Booking ===
* Mention attending the "OWASP China Summit", you can get the discount prices.
* The summit local team is happy to book the hotel for you, please contact:
** Peter Zhang
** Email: market02@owasp.org.cn
** Tel: 010-85655622
** Fax: +86-10-85653108
* For more detail information, please see the [http://www.owasp.org.cn/index.php?option=com_content&view=article&id=58&Itemid=85 summit Chinese website (详情请见峰会中文网站）].

=== Travel ===

How to obtain a visa for the event
* Invitation letter will be sent out for overseas attendees after registration.
* For detailed information on obtaining a business visa for this event, please refer to [http://www.china-embassy.org/eng/hzqz/zgqz/t84247.htm Chinese embassy]
* More questions, please contact [mailto:heleng@owasp.org Helen Gao]

<headertabs />

[[Category:OWASP AppSec Conference]][[Category:OWASP_China_Summit_2010]][[Category:China]]

OWASP China Summit 2010

2010-10-05T10:11:10Z

Zhendong Yu:

OWASP China Summit 2010

2010-10-05T09:56:37Z

Zhendong Yu:

OWASP China Summit 2010

2010-10-05T09:56:06Z

Zhendong Yu: Removed CFP/CFT

OWASP China Summit 2010

2010-10-05T09:55:04Z

Zhendong Yu:

OWASP China Summit 2010

2010-10-05T09:53:08Z

Zhendong Yu: updated agenda

OWASP China Summit 2010

2010-09-03T18:08:43Z

Zhendong Yu:

OWASP China Summit 2010

2010-06-18T01:16:06Z

Zhendong Yu:

OWASP China Summit 2010

2010-06-08T15:03:21Z

Zhendong Yu: /* Conference Committee */

OWASP China Summit 2010

2010-06-08T15:02:48Z

Zhendong Yu: /* Organization Team */

OWASP China Summit 2010

2010-06-08T15:02:31Z

Zhendong Yu: /* Contact */

OWASP China Summit 2010

2010-06-08T15:02:10Z

Zhendong Yu: /* Contact */

OWASP China Summit 2010

2010-06-08T04:29:11Z

Zhendong Yu:

OWASP China Summit 2010

2010-06-08T04:27:33Z

Zhendong Yu: /* 中文网站 */

OWASP China Summit 2010

2010-06-08T03:56:35Z

Zhendong Yu: /* OWASP China Summit 2010 - Beijing China */