This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP AppSec Europe 2009 - Poland ag
Day 1 - May 13, 2009 | |||
---|---|---|---|
Track 1: Alfa 1 | Track 2: Alfa 2 | Track 3: Room 3 | |
08:00-08:50 | Registration and Coffee | ||
08:50-09:00 | Welcome to OWASP AppSec 2009 Conference
Sebastien Deleersnyder, OWASP Foundation | ||
09:00-10:00 | Keynote
Ross Anderson, Professor in Security Engineering, University of Cambridge | ||
10:00-10:45 | OWASP State of the Union
Dinis Cruz & Sebastien Deleersnyder, OWASP Foundation | ||
10:45-11:05 | Break - Expo | CTF Kick-Off
Andrzej | |
11:05-11:50 | OWASP Live CD: An open environment for Web Application Security
Matt Tesauro, Texas Education Agency |
Advanced SQL injection exploitation to operating system full control
Bernardo Damele Assumpcao Guimaraes, lead developer of sqlmap |
Mirage: building an application model made easy (OWASP Orizon v 1.2)
Paolo Perego, Spike Reply |
11:55-12:40 | OWASP Application Security Verification Standard (ASVS) Project
Dave Wichers, Aspect Security |
Tracking the effectiveness of an SDL program: lessons from the gym
Cassio Goldschmidt, Symantec Corporation |
I thought you were my friend Evil Markup, browser issues and other obscurities
Mario Heiderich, Business-IN |
12:40-14:00 | Lunch - Expo - CTF | ||
14:00-14:45 | Threat Modeling
John Steven, Cigital |
Web Application Harvesting
Esteban Ribičić, tbd |
Maturing Beyond Application Security Puberty
Roger Thornton, Fortify |
14:50-15:35 | Exploiting Web 2.0 – Next Generation Vulnerabilities
Shreeraj Shah, Blueinfy |
xx | When Security Isn’t Free: The Myth of Open Source Security
Rob Rachwald, Fortify |
15:35-15:55 | Break - Expo - CTF | ||
15:55-16:40 | The Software Assurance Maturity Model (SAMM)
Pravir Chandra, Cognosticus |
O2 - Advanced Source Code Analysis Toolkit
Dinis Cruz, Ounce Labs |
The Truth about Web Application Firewalls: What the vendors do not want you to know
Wendel Guglielmetti Henrique, Trustwave & Sandro Gauci, EnableSecurity |
16:45-17:45 | Panel: tbd
tbd Moderator: tbd - Panelists: tbd | ||
Day 2 - May 14, 2009 | |||
Track 1: Alfa 1 | Track 2: Alfa 2 | Track 3: Room 3 | |
08:00-09:00 | Registration and Coffee | ||
09:00-09:00 | Fixing Internet Security by Hacking the Business Climate
Bruce Schneier, Chief Security Technology Officer, BT | ||
10:00-10:45 | OWASP Projects
Dave Wichers, OWASP Foundation | ||
10:45-11:05 | Break - Expo - CTF | ||
11:05-11:50 | OWASP "Google Hacking" Project
Christian Heinrich, OWASP "Google Hacking" Project Lead |
Deploying Secure Web Applications with OWASP Resources
Kuai Hinojosa, New York University |
Beyond security principles approximation in software architectures
Bart De Win, Ascure |
11:55-12:40 | OWASP Enterprise Security API (ESAPI) Project
Dave Wichers, Aspect Security |
w3af, A framework to 0wn the web | Brain's hardwiring and its impact on software development and secure software
Alexandru Bolboaca & Maria Diaconu, Mosaic Works |
12:40-14:00 | Lunch - Expo - CTF | ||
14:00-14:45 | OWASP ROI: Optimize Security Spending using OWASP
Matt Tesauro, Texas Education Agency |
CSRF: the nightmare becomes reality?
Lieven Desmet, University Leuven |
The Bank in the Browser - Defending web infrastructures from banking malware
Giorgio Fedon, Minded Security |
14:50-15:35 | HTTP Parameter Pollution
Luca Carettoni, Independent Researcher & Stefano Di Paola, MindedSecurity |
OWASP Source Code Flaws Top 10 Project
Paolo Perego, Spike Reply |
Business Logic Attacks: Bots and Bats
Eldad Chai, Imperva |
15:35-15:55 | Break - Expo - CTF | ||
15:55-16:40 | Factoring malware and organized crime in to Web application security
Gunter Ollmann, Damballa |
Real Time Defenses against Application Worms and Malicious Attackers, Michael Coates, Aspect Security | Can an accessible web application be secure? Assessment issues for security testers, developers and auditors
Colin Watson, Watson Hall Ltd |
16:45-17:45 | Panel discussion
Moderator: tbd, Panelists: tbd | ||
17:45-18:00 | Conference Wrap-Up & CTF Awards
Dave Wichers, OWASP Foundation |