This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Mrb Scratchpad"

From OWASP
Jump to: navigation, search
 
(30 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<div style="">
+
== Global AppSec Events ==
{| cellspacing="0" border="2"
+
{| class="wikitable"
|- valign="middle"
+
|-
| height="60" align="center" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" colspan="5" | <font size="5">'''Day 1 - Nov 12th 2009'''</font>
+
! Global AppSec Events
|- valign="bottom"
+
! Date
| valign="middle" height="40" width="67" bgcolor="#7b8abd" | &nbsp;
+
! Location
| valign="middle" height="40" width="200" bgcolor="#c0a0a0" align="center" | '''OWASP'''
+
! GCC Rep
| valign="middle" height="40" width="200" bgcolor="#ffdf80" align="center" | '''Tools'''
+
! OWASP Introduction/Keynote
| valign="middle" height="40" width="200" bgcolor="#a0c0e0" align="center" | '''SDLC'''
+
|-
| valign="middle" height="40" width="200" bgcolor="#b3ff99" align="center" | '''Web 2.0'''
+
| [http://www.owasp.org/index.php/AppSecEU2011 Global AppSec Europe ]
|- valign="bottom"
+
| June 6, 2011 - June 10, 2011
| valign="middle" width="67" bgcolor="#7b8abd" | 07:30-09:00
+
| Dublin, Ireland
| valign="middle" bgcolor="#909090" align="center" colspan="4" | Registration
+
| Ralph Durkee
|- valign="bottom"
+
| Entire Board
| valign="middle" width="67" bgcolor="#7b8abd" | 08:45-09:00
+
|-
| valign="middle" height="30" bgcolor="#e0e0e0" align="center" colspan="4" | Welcome and Opening Remarks
+
| [http://www.appsecusa.org/ Global AppSec North America]
|- valign="bottom"
+
| Sept. 20, 2011 - Sept. 23, 2011
| valign="middle" width="67" bgcolor="#7b8abd" | 09:00-10:00
+
| Minneapolis, MN, USA
| valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | Keynote: [[AppSecDC Keynote Jarzomnek|Joe Jarzombek]]
+
| Neil Matatall
|- valign="bottom"
+
| Entire Board
| valign="middle" width="67" bgcolor="#7b8abd" | 10:30-10:30
+
|-
| valign="middle" height="30" bgcolor="#909090" align="center" colspan="4" | Coffee Break &amp; Room Change
+
| [http://www.owasp.org/index.php/AppSec_Brasil_2010 Global AppSec Latin America]
|- valign="bottom"
+
| Oct. 11, 2011 - Oct. 14, 2011
| valign="middle" width="67" bgcolor="#7b8abd" | 10:30-11:30
+
| Porto Alegre, Brazil
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams
+
| TBD
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Manipulating Web Application Interfaces, a new approach to input validation]]<br>Felipe Moreno-Strauch
+
| Brennan
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe
+
|-
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst
+
| [http://www.owasp.org/index.php/China_AppSec_2011 Global AppSec Asia 2011]
|- valign="bottom"
+
| Nov. 3, 2011 - Nov. 5, 2011
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 11:30-12:30
+
| Wuhan, Hubei, China
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Software Assurance Maturity Model (SAMM)]]<br>Pravir Chandra
+
| TBD
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security]]<br>Jacob West
+
| TBD
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence|Enterprise Application Security - GE's approach to solving root cause]]<br>Darren Challey
+
|}
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Transparent Proxy Abuse]]<br>Robert Auger
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 12:30-13:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Fracturing Flex For Fun- An Alliterative Attackers Approach]]<br>Jon Rose/Kevin Stadmeyer
 
|- valign="bottom"
 
| valign="middle" height="60" width="67" bgcolor="#7b8abd" | 13:30-14:30
 
| valign="middle" height="60" bgcolor="#909090" align="center" colspan="4" | Lunch
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 14:30-15:30
 
| valign="middle" height="60" width="200" bgcolor="#c0a0a0" align="center" | [[Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[Finding the Hotspots: Web-security testing with the Watcher tool]]<br>Chris Weber
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" rowspan="3" | [[SDLC Pannel AppSecDC|SDLC Panel]]
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" rowspan="2" | 15:30-16:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The ESAPI Web Application Firewall (ESAPI WAF)|The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[One Click Ownage]]<br>Ferruh Mavituna
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" rowspan="2" | [[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey
 
|- valign="bottom"
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[Web Application Security Scanner Evaluation Criteria]]<br>Brian Shura
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" rowspan="2" | 16:30-17:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" rowspan="2" | [[OWASP Live CD: An open environment for Web Application Security]]<br>Matt Tesauro / Brad Causey
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[Learning by Breaking: A New Project Insecure Web Apps]]<br>Chuck Willis
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Vulnerability Management in an Application Security World]]<br>Dan Cornell
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" rowspan="2" | [[Attacking WCF Web Services]]<br>Brian Holyfield
 
|- valign="bottom"
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[Synergy! An intregrated OWASP Audit: A world where the tools communicate|Synergy! - A world where the tools communicate]]<br>
 
Josh Abraham
 
 
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" rowspan="2" | 17:30-18:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coats
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Threat Modeling by John Steven|Threat Modeling]]<br>John Steven
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" rowspan="2" | [[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and |When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los
 
|- valign="bottom"
 
| valign="middle" height="60" width="200" bgcolor="#ffdf80" align="center" | [[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco
 
|- valign="bottom"
 
| valign="middle" height="60" width="67" bgcolor="#7b8abd" | 19:00-????
 
| valign="middle" height="60" bgcolor="#c0c0c0" align="center" colspan="4" | Reception <!-- Day 2 -->
 
|- valign="middle"
 
| height="60" colspan="5" |
 
|- valign="middle"
 
| height="60" align="center" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" colspan="5" | <font size="5">'''Day 2 - Nov 13th 2009'''</font>
 
|- valign="bottom"
 
| valign="middle" height="40" width="67" bgcolor="#7b8abd" | &nbsp;
 
| valign="middle" height="40" width="200" bgcolor="#c0a0a0" align="center" | '''Attack &amp; Defend'''
 
| valign="middle" height="40" width="200" bgcolor="#ffdf80" align="center" | '''Process'''
 
| valign="middle" height="40" width="200" bgcolor="#a0c0e0" align="center" | '''Metrics'''
 
| valign="middle" height="40" width="200" bgcolor="#b3ff99" align="center" | '''Compliance'''
 
|- valign="bottom"
 
| valign="middle" width="67" bgcolor="#7b8abd" | 07:30-09:00
 
| valign="middle" bgcolor="#909090" align="center" colspan="4" | Registration
 
|- valign="bottom"
 
| valign="middle" width="67" bgcolor="#7b8abd" | 09:00-10:00
 
| valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | Keynote: TBA
 
|- valign="bottom"
 
| valign="middle" width="67" bgcolor="#7b8abd" | 10:30-10:30
 
| valign="middle" height="30" bgcolor="#909090" align="center" colspan="4" | Coffee Break &amp; Room Change
 
|- valign="bottom"
 
| valign="middle" width="67" bgcolor="#7b8abd" | 10:30-11:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Securing the Core JEE Patterns]]<br>Rohit Sethi/Krishna Raja
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[The Big Picture: Web Risks and Assessments Beyond Scanning]]<br>Matt Fisher
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[The Web Hacking Incidents Database]]<br>Ryan C. Barnett
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Business Logic Automatons: Friend or Foe?]]<br>Ofer Shezaf
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 11:30-12:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Unicode Transformations: Finding Elusive Vulnerabilities]]<br>Chris Weber
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Scalable Application Assessments in the Enterprise]]<br>Tom Parker/Lars Ewe
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[Application security metrics from the organization on down to the vulnerabilities]]<br>Chris Wysopal
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[SCAP: Automating our way out of the Vulnerability Wheel of Pain]]<br>Ed Bellis
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 12:30-13:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Fox in the Henhouse: Java Rootkits]]<br>Jeff Williams
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Secure Software Updates: Update Like Conficker]]<br>Jeremy Allen
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[OWASP Top 10 2009 AppSecDC|OWASP Top 10 2009]]<br>Dave Wichers
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Secure SDLC: The Good, The Bad, and The Ugly]]<br>Joey Peloquin
 
|- valign="bottom"
 
| valign="middle" height="60" width="67" bgcolor="#7b8abd" | 13:30-14:30
 
| valign="middle" height="60" bgcolor="#909090" align="center" colspan="4" | Lunch
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 14:30-15:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[TBD AppSecDC Robert Hansen|TBA]]<br>Robert Hansen
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Improving application security after an incident]]<br>Cory Scott
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[Hacking by Numbers]]<br>Tom Brennan  
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" rowspan="2" | [[AppSecDC09 Federal CIO Pannel|Federal CIO Pannel]]
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 15:30-16:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Automated vs. Manual Security: You can't filter The Stupid]]<br>David Byrne/Charles Henderson
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Custom Intrusion Detection Techniques for Monitoring Web Applications]]<br>Matthew Olney
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[Building an in-house application security assessment team]]<br>Keith Turpin
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" | 16:30-17:30
 
| valign="middle" height="120" width="200" bgcolor="#c0a0a0" align="center" | [[Advanced SQL Injection]]<br>Joe McCray
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" | [[Is your organization secured against internal threats?]]<br>Lars Ewe
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" | [[The OWASP Security Spending Benchmarks Project]]<br>Dr. Boaz Gelbord
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" | [[Promoting Application Security within Federal Government]]<br>Sarbari Gupta
 
|- valign="bottom"
 
| valign="middle" height="120" width="67" bgcolor="#7b8abd" rowspan="2" | 17:30-18:30
 
| valign="middle" height="60" width="200" bgcolor="#c0a0a0" align="center" | [[Clubbing WebApps with a Botnet]]<br>Gunter Ollmann
 
| valign="middle" height="120" width="200" bgcolor="#ffdf80" align="center" rowspan="2" | [[Deploying Secure Web Applications with OWASP Resources]]<br>Kuai Hinojosa
 
| valign="middle" height="120" width="200" bgcolor="#a0c0e0" align="center" rowspan="2" | [[SANS Dshield Webhoneypot Project]]<br>Jason Lam
 
| valign="middle" height="120" width="200" bgcolor="#b3ff99" align="center" rowspan="2" | [[Techniques in Attacking and Defending XML/Web Services]]<br>Mamoon Yunus/Jason Macy
 
|- valign="bottom"
 
| valign="middle" height="60" width="200" bgcolor="#c0a0a0" align="center" | [[Injectable Exploits: Two New Tools for Pwning Web Apps and Browsers]]<br>Kevin Johnson, Justin Searle, Frank DiMaggio
 
|- valign="bottom"
 
| valign="middle" height="60" width="67" bgcolor="#7b8abd" | 18:30-19:00
 
| valign="middle" height="60" bgcolor="#c0c0c0" align="center" colspan="4" | Closing Remarks
 
  
 +
== Regional and Local Events ==
 +
{| class="wikitable"
 +
|-
 +
! Event
 +
! Type
 +
! Date
 +
! Location
 +
! GCC Rep
 +
! OWASP Introduction/Keynote
 +
|-
 +
| [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference OWASP Israel 2011 ]
 +
| Regional Event
 +
| Sept. 13, 2011 - Sept. 14, 2011
 +
| Israel
 +
| TBD
 +
| TBD
 +
|-
 +
| [http://www.lascon.org/ LASCON]
 +
| Regional Event
 +
| Oct. 28, 2011 - Oct. 28, 2011
 +
| Austin, TX, USA
 +
| TBD
 +
| TBD
 +
|}
 +
== Partner and Promotional Events ==
 +
Want to get your event listed here? Be sure to work with the [[Global Conferences Committee]]
  
 +
{| class="wikitable"
 +
|-
 +
! Event
 +
! Date
 +
! Location
 +
! OWASP Participation
 +
|-
 +
| [http://www.securitybsides.com/w/page/33728032/BSidesAustin2011 BSides Austin 2011]
 +
| March 11, 2011 - March 11, 2011
 +
| Austin, TX, USA
 +
|
 +
|-
 +
| [http://uberconf.com/conference/denver/2011/07/home UberConf]
 +
| July 12, 2011 - July 15, 2011
 +
| Denver, CO, USA
 +
|
 +
|-
 +
| [http://2011.brucon.org/ BrucCON]
 +
| Sept. 19, 2011 - Sept. 22, 2011
 +
| Brussels
 +
|
 
|}
 
|}
</div>
 
[[Category:OWASP_AppSec_DC_09]]
 

Latest revision as of 02:53, 3 March 2011

Global AppSec Events

Global AppSec Events Date Location GCC Rep OWASP Introduction/Keynote
Global AppSec Europe June 6, 2011 - June 10, 2011 Dublin, Ireland Ralph Durkee Entire Board
Global AppSec North America Sept. 20, 2011 - Sept. 23, 2011 Minneapolis, MN, USA Neil Matatall Entire Board
Global AppSec Latin America Oct. 11, 2011 - Oct. 14, 2011 Porto Alegre, Brazil TBD Brennan
Global AppSec Asia 2011 Nov. 3, 2011 - Nov. 5, 2011 Wuhan, Hubei, China TBD TBD

Regional and Local Events

Event Type Date Location GCC Rep OWASP Introduction/Keynote
OWASP Israel 2011 Regional Event Sept. 13, 2011 - Sept. 14, 2011 Israel TBD TBD
LASCON Regional Event Oct. 28, 2011 - Oct. 28, 2011 Austin, TX, USA TBD TBD

Partner and Promotional Events

Want to get your event listed here? Be sure to work with the Global Conferences Committee

Event Date Location OWASP Participation
BSides Austin 2011 March 11, 2011 - March 11, 2011 Austin, TX, USA
UberConf July 12, 2011 - July 15, 2011 Denver, CO, USA
BrucCON Sept. 19, 2011 - Sept. 22, 2011 Brussels
Retrieved from "https://wiki.owasp.org/index.php?title=Mrb_Scratchpad&oldid=106158"