|
|
| (24 intermediate revisions by 2 users not shown) |
| Line 1: |
Line 1: |
| − | __NOTOC__
| + | == Global AppSec Events == |
| | + | {| class="wikitable" |
| | + | |- |
| | + | ! Global AppSec Events |
| | + | ! Date |
| | + | ! Location |
| | + | ! GCC Rep |
| | + | ! OWASP Introduction/Keynote |
| | + | |- |
| | + | | [http://www.owasp.org/index.php/AppSecEU2011 Global AppSec Europe ] |
| | + | | June 6, 2011 - June 10, 2011 |
| | + | | Dublin, Ireland |
| | + | | Ralph Durkee |
| | + | | Entire Board |
| | + | |- |
| | + | | [http://www.appsecusa.org/ Global AppSec North America] |
| | + | | Sept. 20, 2011 - Sept. 23, 2011 |
| | + | | Minneapolis, MN, USA |
| | + | | Neil Matatall |
| | + | | Entire Board |
| | + | |- |
| | + | | [http://www.owasp.org/index.php/AppSec_Brasil_2010 Global AppSec Latin America] |
| | + | | Oct. 11, 2011 - Oct. 14, 2011 |
| | + | | Porto Alegre, Brazil |
| | + | | TBD |
| | + | | Brennan |
| | + | |- |
| | + | | [http://www.owasp.org/index.php/China_AppSec_2011 Global AppSec Asia 2011] |
| | + | | Nov. 3, 2011 - Nov. 5, 2011 |
| | + | | Wuhan, Hubei, China |
| | + | | TBD |
| | + | | TBD |
| | + | |} |
| | | | |
| − | ===[[OWASP AppSec DC 2009|Back to Conference Page]]=== | + | == Regional and Local Events == |
| − | Please note, speaking times are not final, check back regularly for updates.
| + | {| class="wikitable" |
| − | ====Training 11/10====
| + | |- |
| − | {| cellspacing="0" border="2" | + | ! Event |
| − | |- valign="middle" | + | ! Type |
| − | | height="60" align="center" colspan="6" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" | <font size="5">'''Day 1 - Nov 10th 2009'''</font>
| + | ! Date |
| − | |- valign="bottom"
| + | ! Location |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" |
| + | ! GCC Rep |
| − | | width="150" valign="middle" height="40" bgcolor="#c0a0a0" align="center" | '''Room 154A'''
| + | ! OWASP Introduction/Keynote |
| − | | width="150" valign="middle" height="40" bgcolor="#ffdf80" align="center" | '''Room 149B'''
| + | |- |
| − | | width="150" valign="middle" height="40" bgcolor="#a0c0e0" align="center" | '''Room 149A'''
| + | | [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference OWASP Israel 2011 ] |
| − | | width="150" valign="middle" height="40" bgcolor="#b3ff99" align="center" | '''Room 154B'''
| + | | Regional Event |
| − | | width="150" valign="middle" height="40" bgcolor="#BCA57A" align="center" | '''Room 155'''
| + | | Sept. 13, 2011 - Sept. 14, 2011 |
| − | |- valign="bottom"
| + | | Israel |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 09:00-12:00 | + | | TBD |
| − | | width="150" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | Day 1:<br>Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework<br> Justin Searle | + | | TBD |
| − | | width="150" valign="middle" height="120" bgcolor="#ffdf80" align="center" | Day 1:<br>Java EE Secure Code Review<br>Sahba Kazerooni<br>[http://www.securitycompass.com Security Compass]
| + | |- |
| − | | width="150" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | Threat Modeling Express<br>Krishna Raja<br>[http://www.securitycompass.com Security Compass]
| + | | [http://www.lascon.org/ LASCON] |
| − | | width="150" valign="middle" height="120" bgcolor="#b3ff99" align="center" | Foundations of Web Services and XML Security<br>Dave Wichers<br>[http://www.aspectsecurity.com Aspect Security]
| + | | Regional Event |
| − | | width="150" valign="middle" height="120" bgcolor="#BCA57A" align="center" | Live CD<br>Matt Tesauro | + | | Oct. 28, 2011 - Oct. 28, 2011 |
| − | |- valign="bottom" | + | | Austin, TX, USA |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" | 12:00-13:00 | + | | TBD |
| − | | valign="middle" height="40" bgcolor="#909090" align="center" colspan="5" | Lunch | + | | TBD |
| − | |- valign="bottom" | |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 13:00-17:00 | |
| − | | width="150" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework<br> Justin Searle
| |
| − | | width="150" valign="middle" height="120" bgcolor="#ffdf80" align="center" | Java EE Secure Code Review<br>Sahba Kazerooni<br>[http://www.securitycompass.com Security Compass] | |
| − | | width="150" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | Threat Modeling Express<br>Krishna Raja<br>[http://www.securitycompass.com Security Compass] | |
| − | | width="150" valign="middle" height="120" bgcolor="#b3ff99" align="center" | Foundations of Web Services and XML Security<br>Dave Wichers<br>[http://www.aspectsecurity.com Aspect Security] | |
| − | | width="150" valign="middle" height="120" bgcolor="#BCA57A" align="center" | Live CD<br>Matt Tesauro <!-- Day 2 --> | |
| | |} | | |} |
| − | ====Training 11/11==== | + | == Partner and Promotional Events == |
| − | {| cellspacing="0" border="2"
| + | Want to get your event listed here? Be sure to work with the [[Global Conferences Committee]] |
| − | |- valign="middle"
| + | |
| − | | height="60" align="center" colspan="6" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" | <font size="5">'''Day 2 - Nov 11th 2009'''</font>
| + | {| class="wikitable" |
| − | |- valign="bottom"
| + | |- |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" |
| + | ! Event |
| − | | width="150" valign="middle" height="40" bgcolor="#c0a0a0" align="center" | '''Room 154A'''
| + | ! Date |
| − | | width="150" valign="middle" height="40" bgcolor="#ffdf80" align="center" | '''Room 149B'''
| + | ! Location |
| − | | width="150" valign="middle" height="40" bgcolor="#a0c0e0" align="center" | '''Room 149A'''
| + | ! OWASP Participation |
| − | | width="150" valign="middle" height="40" bgcolor="#b3ff99" align="center" | '''Room 154B'''
| + | |- |
| − | |- valign="bottom"
| + | | [http://www.securitybsides.com/w/page/33728032/BSidesAustin2011 BSides Austin 2011] |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 09:00-12:00
| + | | March 11, 2011 - March 11, 2011 |
| − | | width="150" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | Day 2:<br>Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework<br> Justin Searle
| + | | Austin, TX, USA |
| − | | width="150" valign="middle" height="120" bgcolor="#ffdf80" align="center" | Day 2:<br>Java EE Secure Code Review<br>Sahba Kazerooni<br>[http://www.securitycompass.com Security Compass]
| + | | |
| − | | width="150" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | WebAppSec.php: Developing Secure Web Applications<br>Robert Zakon
| + | |- |
| − | | width="150" valign="middle" height="120" bgcolor="#b3ff99" align="center" | Leader and Manager Training - Leading the Development of Secure Applications<br>John Pavone<br>[http://www.aspectsecurity.com Aspect Security]
| + | | [http://uberconf.com/conference/denver/2011/07/home UberConf] |
| − | |- valign="bottom"
| + | | July 12, 2011 - July 15, 2011 |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" | 12:00-13:00
| + | | Denver, CO, USA |
| − | | valign="middle" height="40" bgcolor="#909090" align="center" colspan="4" | Lunch
| + | | |
| − | |- valign="bottom"
| + | |- |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 13:00-17:00
| + | | [http://2011.brucon.org/ BrucCON] |
| − | | width="150" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework<br> Justin Searle
| + | | Sept. 19, 2011 - Sept. 22, 2011 |
| − | | width="150" valign="middle" height="120" bgcolor="#ffdf80" align="center" | Java EE Secure Code Review<br>Sahba Kazerooni<br>[http://www.securitycompass.com Security Compass]
| + | | Brussels |
| − | | width="150" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | WebAppSec.php: Developing Secure Web Applications<br>Robert Zakon
| + | | |
| − | | width="150" valign="middle" height="120" bgcolor="#b3ff99" align="center" | Leader and Manager Training - Leading the Development of Secure Applications<br>John Pavone<br>[http://www.aspectsecurity.com Aspect Security]<!-- Day 2 -->
| |
| − | |}
| |
| − | ====Talks 11/12====
| |
| − | {| cellspacing="0" border="2" | |
| − | |- valign="middle" | |
| − | | height="60" align="center" colspan="5" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" | <font size="5">'''Day 1 - Nov 12th 2009'''</font>
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" |
| |
| − | | width="200" valign="middle" height="40" bgcolor="#c0a0a0" align="center" | '''OWASP (146C)'''
| |
| − | | width="200" valign="middle" height="40" bgcolor="#ffdf80" align="center" | '''Tools (146B)'''
| |
| − | | width="200" valign="middle" height="40" bgcolor="#a0c0e0" align="center" | '''SDLC (146A)'''
| |
| − | | width="200" valign="middle" height="40" bgcolor="#b3ff99" align="center" | '''Web 2.0 (152A)'''
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 07:30-08:50
| |
| − | | valign="middle" bgcolor="#909090" align="center" colspan="4" | Registration
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 08:50-09:00
| |
| − | | valign="middle" height="30" bgcolor="#e0e0e0" align="center" colspan="4" | Welcome and Opening Remarks
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 09:00-10:00
| |
| − | | valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | Keynote: [[AppSecDC Keynote Jarzomnek|Joe Jarzombek]]
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 10:00-10:30
| |
| − | | valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | All about OWASP (The OWASP Board)
| |
| − | |- valign="bottom" | |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 10:30-10:45 | |
| − | | valign="middle" height="30" bgcolor="#909090" align="center" colspan="4" | Coffee Break sponsored by [[Image:AppSecDC2009-Sponsor-denim.gif|link=http://www.denimgroup.com/]]
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 10:45-11:30
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Clubbing WebApps with a Botnet]]<br>Gunter Ollmann
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence|Enterprise Application Security - GE's approach to solving root cause]]<br>Darren Challey
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" | 11:30-12:30
| |
| − | | valign="middle" height="40" bgcolor="#e0e0e0" align="center" colspan="4" | Hosted Lunch
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 12:30-1:20
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Software Assurance Maturity Model (SAMM)]]<br>Pravir Chandra
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security]]<br>Jacob West
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Software Development The Next Security Frontier]]<br>Jim Molini
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Transparent Proxy Abuse]]<br>Robert Auger
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 1:20-2:10
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 2:10-3:00
| |
| − | | width="200" valign="middle" height="60" bgcolor="#c0a0a0" align="center" | [[Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates
| |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Finding the Hotspots: Web-security testing with the Watcher tool]]<br>Chris Weber
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="4" | [[SDLC Panel AppSecDC|SDLC Panel]]<br> <br>Pravir Chandra<br>Dan Cornell<br>Michael Craigue<br>Dennis Hurst<br>Joey Peloquin<br>David Rook<br>Keith Turpin
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="2" | Break (5 Min)
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="3" | 3:00-3:50
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The ESAPI Web Application Firewall (ESAPI WAF)|The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi
| |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[One Click Ownage]]<br>Ferruh Mavituna
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey
| |
| − | |- valign="bottom"
| |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Web Application Security Scanner Evaluation Criteria]]<br>Brian Shura
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="3" | 3:50-4:40
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[OWASP Live CD: An open environment for Web Application Security]]<br>Matt Tesauro / Brad Causey
| |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Learning by Breaking: A New Project Insecure Web Apps]]<br>Chuck Willis
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Vulnerability Management in an Application Security World]]<br>Dan Cornell
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Attacking WCF Web Services]]<br>Brian Holyfield
| |
| − | |- valign="bottom" | |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Synergy! A world where the tools communicate]]<br>
| |
| − | Josh Abraham
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2" | 4:40-5:30
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner
| |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coates
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Threat Modeling by John Steven|Threat Modeling]]<br>John Steven | |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and |When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los
| |
| − | |- valign="bottom" | |
| − | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco
| |
| − | |- valign="bottom" | |
| − | | width="67" valign="middle" height="60" bgcolor="#7b8abd" | 5:45-8:00 | |
| − | | valign="middle" height="60" bgcolor="#c0c0c0" align="center" colspan="4" | Cocktails and hors d'oeuvres in the EXPO Room (151)<br>Sponsored by [[Image:AppSecDC2009-Sponsor-cenzic.gif|link=http://www.cenzic.com/]]<!-- Day 2 -->
| |
| − | |}
| |
| − | ====Talks 11/13====
| |
| − | {| cellspacing="0" border="2"
| |
| − | |- valign="middle" | |
| − | | height="60" align="center" colspan="5" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" | <font size="5">'''Day 2 - Nov 13th 2009'''</font> | |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" |
| |
| − | | width="200" valign="middle" height="40" bgcolor="#c0a0a0" align="center" | '''Attack & Defend (146C)'''
| |
| − | | width="200" valign="middle" height="40" bgcolor="#ffdf80" align="center" | '''Process (146B)'''
| |
| − | | width="200" valign="middle" height="40" bgcolor="#a0c0e0" align="center" | '''Metrics (146A)''' | |
| − | | width="200" valign="middle" height="40" bgcolor="#b3ff99" align="center" | '''Compliance (152A)'''
| |
| − | |- valign="bottom" | |
| − | | width="67" valign="middle" bgcolor="#7b8abd" | 8:00-9:00 | |
| − | | valign="middle" bgcolor="#909090" align="center" colspan="4" | Registration & Coffee sponsored by [[Image:AppSecDC2009-Sponsor-fyrm.gif|link=http://www.fyrmassociates.com/]]
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" bgcolor="#7b8abd" rowspan="2"| 9:00-9:50
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Securing the Core JEE Patterns]]<br>Rohit Sethi/Krishna Raja
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[The Big Picture: Web Risks and Assessments Beyond Scanning]]<br>Matt Fisher
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The Web Hacking Incidents Database]]<br>Ryan C. Barnett | |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Business Logic Automatons: Friend or Foe?]]<br>Ofer Shezaf
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 9:50-10:40
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Unicode Transformations: Finding Elusive Vulnerabilities]]<br>Chris Weber
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Scalable Application Assessments in the Enterprise]]<br>Tom Parker/Lars Ewe
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Application security metrics from the organization on down to the vulnerabilities]]<br>Chris Wysopal
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[SCAP: Automating our way out of the Vulnerability Wheel of Pain]]<br>Ed Bellis
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" | 10:40-11:30
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Malicious Developers and Enterprise Java Rootkits]]<br>Jeff Williams
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Secure Software Updates: Update Like Conficker]]<br>Jeremy Allen
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[OWASP Top 10 2010 AppSecDC|OWASP Top 10 - 2010]]<br>Dave Wichers
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Secure SDLC: The Good, The Bad, and The Ugly]]<br>Joey Peloquin
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="40" bgcolor="#7b8abd" | 11:30-12:30
| |
| − | | valign="middle" height="40" bgcolor="#909090" align="center" colspan="4" | Hosted Lunch
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 12:30-1:20
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[The 10 least-likely and most dangerous people on the Internet]]<br>Robert Hansen
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Improving application security after an incident]]<br>Cory Scott
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Hacking by Numbers]]<br>Tom Brennan
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3" | [[AppSecDC09 Federal CISO Panel|Federal CISO Panel]]
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="3" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 1:20-2:10
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Automated vs. Manual Security: You can't filter The Stupid]]<br>David Byrne/Charles Henderson
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Custom Intrusion Detection Techniques for Monitoring Web Applications]]<br>Matthew Olney
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Building an in-house application security assessment team]]<br>Keith Turpin
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 2:10-3:00
| |
| − | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | TBD
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | TBD
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The OWASP Security Spending Benchmarks Project]]<br>Dr. Boaz Gelbord
| |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Promoting Application Security within Federal Government]]<br>Sarbari Gupta
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="3" | 3:00-3:50
| |
| − | | width="200" valign="middle" height="60" bgcolor="#c0a0a0" align="center" | [[Manipulating Web Application Interfaces, a new approach to input validation]]<br>Felipe Moreno-Strauch
| |
| − | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" rowspan="2" | [[Deploying Secure Web Applications with OWASP Resources]]<br>Kuai Hinojosa
| |
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[SANS Dshield Webhoneypot Project]]<br>Jason Lam | |
| − | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Techniques in Attacking and Defending XML/Web Services]]<br>Mamoon Yunus/Jason Macy | |
| − | |- valign="bottom"
| |
| − | | width="200" valign="middle" height="60" bgcolor="#c0a0a0" align="center" | [[Injectable Exploits: Two New Tools for Pwning Web Apps and Browsers]]<br>Kevin Johnson, Justin Searle, Frank DiMaggio
| |
| − | |- valign="bottom"
| |
| − | | valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break (5 Min)
| |
| − | |- valign="bottom"
| |
| − | | width="67" valign="middle" height="60" bgcolor="#7b8abd" | 3:50-4:00
| |
| − | | valign="middle" height="60" bgcolor="#c0c0c0" align="center" colspan="4" | Closing Remarks (146C) <br> Mark Bristow, Rex Booth, Doug Wilson
| |
| | |} | | |} |
| − | <headertabs />
| |
| − |
| |
| − | ===[[OWASP AppSec DC 2009|Back to Conference Page]]===
| |
| − |
| |
| − | [[Category:OWASP_AppSec_Conference]] [[Category:OWASP_AppSec_DC_09]]
| |
