This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP EU Summit 2008 Former Agenda

Jump to: navigation, search

TRAINING COURSES - November 3rd & 4th (Mon, Tue)

OWASP is bringing together the world’s best application security experts to teach you on OWASP tools, methodologies and how to build secure web software. The OWASP creators of tools will bring you up to speed on how to disect, test, improve and construct secure software.

Training Courses
Monday, November 3, 2008 Tuesday, November 4, 2008
Advanced Web Application Security Testing (day 1 of 2) Advanced Web Application Security Testing (day 2 of 2)
Building Secure Web Services (day 1 of 2) Building Secure Web Services (day 2 of 2)
WebAppSec for Managers and Executives - The Road Less Travelled (1 day) The Art and Science of Threat Modeling Web Applications (1 day)
Uncovering WebScarab's Secret Treasures (1 day) Ajax Security (0,5 day AM)
Secure Programming with Java (1 day) --
Building Secure Web Applications with OWASP's Enterprise Security API (ESAPI) (1 day) Securing WebGoat with ModSecurity (1/2 day PM)
Building Secure Web 2.0 Applications (1 day) Flash Player Security (1/2 day AM)
Web server/services hardening using SELinux (1 day) Auditing Flash Applications (1/2 day PM)
Web Application Assessments (1/2 day PM) OWASP Top 10 - What Developers Should Know on Web Application Security (1/2 day)
Hacking OWASP Orizon Project v1.0 (1/2 day PM) OWASP Testing Guide (1/2 day PM)
Classic ASP Security using OWASP tools (1 day) Offensive Web Application Hacking (1 day)

WORKING SESSIONS - November 4th & 5th (Tue, Wed)

If you're interested in adding a Working Session for the 2008 Summit, there still is time. This list will be finalized a couple of days before the actual Summit, so get in touch with us soon. Contact Mark Roxberry for more information.

Please review the Working Session methodology for Working Session rules.

Working Sessions
Tuesday, November 4, 2008 Wednesday, November 5, 2008
Working Sessions Operational Model - ALL to attend [1h] OWASP Top 10 2009 [3h]
OWASP Strategic Planning for 2009 [3h] OWASP Education Project [2h]
OWASP Tools Projects [3h] OWASP Enterprise Security API Project [4h]
ISWG: Browser Security [7h] OWASP Code Review Guide 2009 [2h]
OWASP Documentation Projects [3h] OWASP Testing Guide Next Version [2h]
OWASP Winter Of Code 2009 [4h] OWASP Certification [2h]
OWASP .NET Project [2h] Application Security Desk Reference (ASDR) [4h]
Two-way Internationalization of OWASP Content [2h] OWASP Intra Governmental Affairs [2h]
PASSWD : Metrics and Vulnerabilities [2h] OWASP Awards [2h]
OWASP and Portuguese Public & Private Organizations [2h] OWASP Website [2h]
Software Assurance Maturity Model [4h] ISWG:Web Application Framework Security [4h]
OWASP Live CD&DVD [2h]
Best Practices for OWASP Chapter Leaders [2h]
Working Sessions Wrap Up [1h]

TECHNICAL TRACK AGENDA - November 6th & 7th (Thu,Fri)

Thursday, November 6, 2008
Tracks Track 1 & 3 Track 2 & 4
08:00-09:00 Registration and Coffee
09:00-09:45 Keynote
09:45-10:00 About OWASP
10:00-10:20 ESAPI Keynote
10:20-10:40 Break - Expo - CTF
TRACKS Track 1: Secure Design & Defensive Strategies Track 2: OWASP Internals
10:40-10:55 OWASP Enigform and mod_Openpgp (SoC 08)

Arturo Alberto Busleiman (a.k.a Buanzo)

OWASP Internationalization Guidelines (SoC 08)

Juan Carlos Calderon

11:00-11:15 OWASP OpenSign Server Project (SoC 08)

Mark Roxberry

OWASP Spanish Project (SoC 08)

Juan Carlos Calderon

11:20-11:35 OWASP AntiSamy (SoC 08)

Arshan Dabirsiaghi

OWASP Positive Security (SoC 08)

Eduardo Vianna de Camargo Neves

11:40-11:55 OWASP AppSensor (SoC 08)

Michael Coates

OWASP Source Code Review OWASP Projects (SoC 08)

James Walden

12:00-12:15 OWASP Securing WebGoat using ModSecurity (SoC 08)

Stephen Craig Evans, Christian Folini

OWASP Education (SoC 08 Working Session)

Sebastien Deleersnyder, Martin Knobloch

12:20-12:35 Pending
12:35-14:00 Lunch - Expo - CTF
TRACKS Track 3: Cutting Edge Tools Track 4: Security Guidance and Knowledge
14:00-14:15 OWASP Access Control Rules Tester Project (SoC 08)

Andrew Petukhov

OWASP Classic ASP Security Project (SoC 08)

Juan Carlos Calderon

14:20-14:35 OWASP Skavenger Project (SoC 08)

Matthias Rohr

OWASP .NET Project (SoC 08 & Working Session)

Mark Roxberry

14:40-14:55 OWASP JSP Testing Tool (SoC 08)

Jason Li

15:00-15:15 WebScarab-NG (SoC 08)

Rogan Dawes

15:20-15:35 OWASP Webslayer Project

Christian Martorella

OWASP Code Review Guide (SoC 08 & Working Session)

Eoin Keary

15:40-15:55 OWASP Live CD 2008 (SoC 08)

Matt Tesauro

16:00-16:15 OWASP Teachable Static Analysis Workbench (SoC 08)

Dmitry Kozlov

OWASP Backend Security Project (SoC 08)

Carlo Pelliccioni

16:20-16:35 OWASP Code Crawler (SoC 08)

Alessio Marziali

OWASP Application Security Desk Reference (ASDR) (SoC 08 & Working Session)

Leonardo Cavallari Militelli

16:40-16:55 OWASP Orizon Project (SoC 08)

Paolo Perego (aka thesp0nge)

17:00-17:15 OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project (SoC 08)

Dmitry Kozlov

OWASP Ruby on Rails Security Project (SoC 08)

Heiko Webers

17:20-17:35 Open Review Project

Dan Cornell

OWASP Testing Guide (SoC 08 & Working Session)

Matteo Meucci

17:40-17:55 OWASP Application Security Verification Standard Project (SoC 08)

Jeff Williams

19:00 OWASP Gala Dinner

Friday, November 7, 2008
Track Track
09:00-10:00 Coffee
10:00-10:15 ISWG: Browser Security (Working Session) Certification (Working Session)
10:20-10:35 Enterprise Security API Project (Working Session) Awards (Working Session)
10:40-10:35 Tools Projects (Working Session) OWASP Website (Working Session) [2h]
11:00-11:15 ISWG:Web Application Framework Security (Working Session) Winter Of Code 2009 (Working Session)
11:20-11:35 Documentation Projects (Working Session) Strategic Planning for 2009 (Working Session)
11:40-11:55 OWASP Top 10 2009 (Working Session) Board Meeting (public session)
12:00-12:15 Intra Governmental Affairs (Working Session) OWASP Live CD&DVD (Working Session)
14:00-17:00 Board Meeting
17:00 Cocktail Party

Corrections or Updates: Contact michael.coates{at}

BUSINESS TRACK AGENDA - November 6th & 7th (Thu,Fri)

Thursday, November 6, 2008
09:45 About OWASP
11:00 Real World Usage of OWASP Material
12:00 OWASP Projects: Top 10, Legal Contract, Testing Guide, Developer Guide, Code Review, Webgoat
14:00 OWASP Intergovernmental Activities and Compliance
15:00 Panel: Security Threats Landscape and Future Trends
16:00 OWASP Projects: Internationalization, Education, Certification and OWASP Books
19:00 OWASP Gala Dinner

Friday, November 7, 2008
10:00 OWASP Projects: ESAPI, ASDR, CLASP, ISWG Browser Security and Web Application Security Framework
11:00 OWASP Roadmap for 2009
12:00 Panel: What do you want from OWASP?
14:00 OWASP Board Meeting over Working Session
15:00 Panel: Security Threats Landscape and Future Trends
19:00 Cocktail Party