This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OwaspRomaniaConference2014
|
CONFERENCE (Friday 24th of October) | ||
Date | Location | |
Friday 24th of October, 10.00 AM |
Venue Location: University "Politehnica" of Bucharest, AN010 Venue Address: Splaiul Independentei nr. 313, sector 6, Bucuresti, ROMANIA; | |
Price and registration | ||
This event is FREE, you need to register on the link provided below, print your ticket and present it at the entrance. Limited number of seats! Register now! [1] |
Agenda | |||||
Time | Title | Speaker | Description | ||
10:00 - 10:30 (30 mins) |
Registration | ||||
10:30 - 10:45 (15 mins) |
Introduction & Welcome | Oana Cornea | Introduction to OWASP & Bucharest Event, Schedule for the Day | ||
10:45 - 11:30 (45 mins) |
Keynote |
Andrzej Klesnicki | We tend to blame developers for every problem we have with web applications, is it really the case? Nevertheless who is responsible, what if we just do not have security emended in our process. How to deal with security when deployment days is close. Are we doomed or there is still something that we can do? This speech will look for those answers. | ||
11:50 - 12:35 (45 mins) |
OWASP O2 Platform : Automating Security Consultant's Knowledge/Workflows and Allowing non-security experts to access and consume Security Knowledge | Dinis Cruz | This presentation will show how to use the multiple O2 Platform tools and coding environments to perform multiple types of Application security analysis (from black-box browser-automation, to static-analysis code-reviews). A key part of the O2 Platform are the FluentSharp APIs which will be used for the demos (like the interactive creation of a custom Application security tool, which is then packaged as an stand-alone executable/cli-tool) | ||
12:55 - 13:40 (45 mins) |
OWASP WordPress Security Checklist | Dan Catalin Vasile | In last year presentation I focused on breaking the WordPress ecosystem. Meanwhile I finished the OWASP project related to the security checklist every administrator should follow when implementing WordPress. It was an effort of gathering information from various sources and personal experience and setting a security baseline for WordPress. Furthermore, I also focused on the implementation of WordPress in corporate environments with general advises (which applies in general to the adoption of open source software by the business) and specific actions like central management and integration with Active Directory. | ||
13:40 - 14:30 (50 mins) |
Lunch/Coffee Break | ||||
14:30 - 15:15 (45 mins) |
Secure continuous delivery: developer’s immediate connection to what they’re creating | Dinis Cruz | This presentation makes the case that when developers have access to powerful development CI (Continuous Integration) environments and code analysis/execution tools, they are able to: a) understand what their code is doing, b) refactor code with confidence, c) test they code efficiently and d) provide assurance that are writing secure code. This presentation will show real examples of what such environment looks like in .NET and NodeJS | ||
15:20 - 16:05 (45 mins) |
Secure coding with python | Enrico Branca | TBD | ||
16:10 - 16:55 (45 mins) |
Shellshock Vulnerability | Tudor Enache | Discussion of one of the most popular 0-days in recent years. What's shellshock? What are the attack vectors? How do you mitigate it? Additionally we will brainstorm about how to efficiently deal with such bugs and understand the real threat of 0-days. |
Sponsors
Sponshorship opportunities
Why sponsor?
- Join 200+ leaders, security consultants, security architects and developers gathered to share cutting-edge ideas, initiatives and trends in technology.
- OWASP events attract an audience interested in "What's next?" - As a sponsor, you will be promoted as an answer to this question.
- Increase awareness and recognition in Romanian Security IT environment.
- Support and involvement in the world of information security enthusiasts.
Platinum Sponsor |
||||||
Gold Sponsor |
||||||
Event Supporters |
||||||
Educational Supporters |
||||||