This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "AppSecAsiaPac2012"
Sarah Baso (talk | contribs) |
|||
Line 45: | Line 45: | ||
− | =Training | + | =Pre-Conference Training= |
The OWASP 2012 Appsec Asia Event has been able to secure world class training sessions for the conference. A number of national and International Trainers are coming along to the event, and you can join up to any of the classes below. | The OWASP 2012 Appsec Asia Event has been able to secure world class training sessions for the conference. A number of national and International Trainers are coming along to the event, and you can join up to any of the classes below. | ||
== Training Available == | == Training Available == | ||
− | |||
− | ''More to be announced over the coming week.'' | + | '''2 Day Course - Assessing & Exploiting Web Applications with Samurai-WTF (Justin Searle)''' - ''[https://www.owasp.org/images/f/f4/Samurai-WTF_Course_Syllabus_v9.pdf Course Details & Instructor Bio]'' |
+ | |||
+ | Come take the official two-day Samurai-WTF training course given by one of the founders and lead developers of the project! You will learn the latest Samurai-WTF open source tools and as well as the latest techniques to perform web application penetration tests. After a quick overview of pen testing methodology, the instructors will lead you through the end-to-end process of testing and exploiting several different web applications, including client side attacks using flaws within the application. Different sets of open source tools will be used on each web application, allowing you to learn first hand the pros and cons of each tool. Primary emphasis of these instructor lead exercises is how to integrate these tools into your own manual testing procedures to improve your overall workflow. After you have gained experience with the Samurai-WTF tools, you will be challenged with a capture the flag event. This final challenge will give you time to practice your new skills at your own pace and experiment with your favorite new tools. This experience will help you gain the confidence and knowledge necessary to perform web application assessments and expose you to the wealth of freely available, open source tools. | ||
+ | |||
+ | |||
+ | ''More training courses to be announced over the coming week.'' | ||
Line 211: | Line 215: | ||
</font> | </font> | ||
− | =Conference | + | = Conference Talks= |
<font size=2pt> | <font size=2pt> |
Revision as of 14:53, 16 February 2012
- Welcome
- Pre-Conference Training
- Conference Talks
- Speakers
- Sponsors
- Venue
- Travel and Accommodations
- Conference Committee
- Call For Papers
- Call for Trainers
- FAQ
Welcome to the OWASP 2012 Appsec Asia Pacific Conference. The event is being held in Sydney, Australia from the 11th to the 14th of April 2012 at the Four Points Sheraton Darling Harbour. The conference consists of 2 days of world class training by OWASP instructor's followed by 2 days of quality presentations and keynotes from industry leaders, OWASP projects and industry consultants. In previous years the OWASP Asia Pacific conference has been rated as one of the "must attend" events of the year, with the conference always filling up quickly. Who should attend this conference:
Conference Highlights:
|
The OWASP 2012 Appsec Asia Event has been able to secure world class training sessions for the conference. A number of national and International Trainers are coming along to the event, and you can join up to any of the classes below.
Training Available
2 Day Course - Assessing & Exploiting Web Applications with Samurai-WTF (Justin Searle) - Course Details & Instructor Bio
Come take the official two-day Samurai-WTF training course given by one of the founders and lead developers of the project! You will learn the latest Samurai-WTF open source tools and as well as the latest techniques to perform web application penetration tests. After a quick overview of pen testing methodology, the instructors will lead you through the end-to-end process of testing and exploiting several different web applications, including client side attacks using flaws within the application. Different sets of open source tools will be used on each web application, allowing you to learn first hand the pros and cons of each tool. Primary emphasis of these instructor lead exercises is how to integrate these tools into your own manual testing procedures to improve your overall workflow. After you have gained experience with the Samurai-WTF tools, you will be challenged with a capture the flag event. This final challenge will give you time to practice your new skills at your own pace and experiment with your favorite new tools. This experience will help you gain the confidence and knowledge necessary to perform web application assessments and expose you to the wealth of freely available, open source tools.
More training courses to be announced over the coming week.
Training Schedule
Training Day 1 - Wednesday - April 11th
| ||||
(Time Allocated) | Training Room (1) - 2 Day Course (Grand Ballroom 1 - Ground Floor) |
Training Room (2) - 2 Day Courses (Grand Ballroom 2 - Ground Floor) |
Training Room (3) - 1 Day Courses (Grand Ballroom 3 - Ground Floor) |
Training Room (4) - 1 Day Courses (Wharf Room - Level 1) |
7:30 - 9:00 AM
|
Conference Registration Open - Coffee & Tea Available | |||
9:00-10:30 AM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1 Day Course Training Session
|
10:30-11:00 AM
|
Break - Morning Tea Coffee & Food to be provided to training. | |||
11:00-1:00 PM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1 Day Course Training Session
|
1:00-1:30 PM
|
Break - Lunch - Provided for attendees in main Expo & Conference Hall - Ground Level | |||
1:30-3:00 PM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1 Day Course Training Session
|
3:00-3:30 PM
|
Break - Afternoon Tea - Coffee & Food to be provided to training | |||
3:30-5:00 PM
|
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1 Day Course Training Session
|
Training Day 2 - Thursday - April 12th
| ||||
(Time Allocated) | Training Room (1) - 2 Day Course (Grand Ballroom 1 - Ground Floor) |
Training Room (2) - 2 Day Courses (Grand Ballroom 2 - Ground Floor) |
Training Room (3) - 1 Day Courses (Grand Ballroom 3 - Ground Floor) |
Training Room (4) - 1 Day Courses (Wharf Room - Level 1) |
7:30 - 9:00 AM
|
Conference Registration Open - Coffee & Tea Available | |||
9:00-10:30 AM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1/2 Day Course Training Session
|
10:30-11:00 AM
|
Break - Morning Tea Coffee & Food to be provided to training. | |||
11:00-1:00 PM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1/2 Day Course Training Session
|
1:00-1:30 PM
|
Break - Lunch - Provided for attendees in main Expo & Conference Hall - Ground Level | |||
1:30-3:00 PM |
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1/2 Day Course Training Session
|
3:00-3:30 PM
|
Break - Afternoon Tea - Coffee & Food to be provided to training | |||
3:30-5:00 PM
|
Assessing & Exploiting Web Applications with Samurai-WTF
Trainer: Justin Searle |
2 Day Course Training Session
|
1 Day Course Training Session
|
1/2 Day Course Training Session
|
Conference Day 1 - Friday - April 13th
| |||
(Time Allocated) | Track 1 - Detect (Grand Ballroom 1 & 2) |
Track 2 - Protect (Grand Ballroom 3) |
Track 3 - Thought Leadership (Wharf & Bridge Rooms Level 1) |
7:30 - 8:30 AM
|
Conference Registration Open - Coffee & Tea Available | ||
8:30-8:40 AM
|
Conference Opening - Appsec Asia 2012
Speakers: Conference Committee Chair - Mr Justin Derry | ||
8:40-9:30 AM
|
KeyNote: Presentation
Speaker: TBA | ||
9:30-9:40 AM | Short Break - Conference Movement | ||
9:40-10:30 AM
|
Presentation: TBA (Session 1A)
Speaker: TBA |
Presentation: TBA (Session 1B)
Speaker: TBA |
Presentation: TBA (Session 1C)
Speaker: TBA |
10:30-11:00 AM
|
Break - Morning Tea - Provided for attendees in main EXPO & Conference Hall - Ground Level | ||
11:00-11:50 AM
|
Presentation: TBA (Session 2A)
Speaker: TBA |
Presentation: TBA (Session 2B)
Speaker: TBA |
Presentation: TBA (Session 2C)
Speaker: TBA |
11:50-12:00 PM | Short Break - Conference Movement | ||
12:00-12:50 PM
|
Presentation: TBA (Session 3A)
Speaker: TBA |
Presentation: TBA (Session 3B)
Speaker: TBA |
Presentation: TBA (Session 3C)
Speaker: TBA |
12:50-1:30 PM
|
Break - Lunch - Provided for attendees in main Expo & Conference Hall - Ground Level | ||
1:30-2:20 PM
|
Presentation: TBA (Session 4A)
Speaker: TBA |
Presentation: TBA (Session 4B)
Speaker: TBA |
Presentation: TBA (Session 4C)
Speaker: TBA |
2:20-2:30 PM | Short Break - Conference Movement | ||
2:30-3:20 PM
|
Presentation: TBA (Session 5A)
Speaker: TBA |
Presentation: TBA (Session 5B)
Speaker: TBA |
Presentation: TBA (Session 5C)
Speaker: TBA |
3:30-4:00 PM
|
Break - Afternoon Tea - Provided for attendees in EXPO & Conference Hall - Ground Level | ||
4:00-4:50 PM
|
Presentation: TBA (Session 6A)
Speaker: TBA |
Presentation: TBA (Session 6B)
Speaker: TBA |
Presentation: TBA (Session 6C)
Speaker: TBA |
4:50-5:00 PM | Short Break - Conference Movement | ||
5:00-5:30 PM
|
Industry Panel - Application Security Trends in 2012
Panelists: TBA | ||
5:30-6:30 PM
|
OWASP - Afternoon Networking Event - TBA | ||
6:30 - 10:00 PM
|
OWASP - Evening Networking Event - TBA |
Conference Day 2 - Saturday- April 14th
| |||
(Time Allocated) | Track 1 - Detect (Grand Ballroom 1 & 2) |
Track 2 - Protect (Grand Ballroom 3) |
Track 3 - Thought Leadership (Wharf & Bridge Rooms Level 1) |
7:30 - 8:30 AM
|
Conference Registration Open - Coffee & Tea Available | ||
8:30-8:40 AM
|
Conference Day 2 Update- Appsec Asia 2012
Speakers: Conference Committee Chair - Mr Justin Derry | ||
8:40-9:30 AM
|
KeyNote: Presentation
Speaker: TBA | ||
9:30-9:40 AM | Short Break - Conference Movement | ||
9:40-10:30 AM
|
KeyNote: Presentation
Speaker: TBA | ||
10:30-11:00 AM
|
Break - Morning Tea - Provided for attendees in main EXPO & Conference Hall - Ground Level | ||
11:00-11:50 AM
|
Presentation: TBA (Session 7A)
Speaker: TBA |
Presentation: TBA (Session 7B)
Speaker: TBA |
Presentation: TBA (Session 7C)
Speaker: TBA |
11:50-12:00 PM | Short Break - Conference Movement | ||
12:00-12:50 PM
|
Presentation: TBA (Session 8A)
Speaker: TBA |
Presentation: TBA (Session 8B)
Speaker: TBA |
Presentation: TBA (Session 8C)
Speaker: TBA |
12:50-1:30 PM
|
Break - Lunch - Provided for attendees in main Expo & Conference Hall - Ground Level | ||
1:30-2:20 PM
|
Presentation: TBA (Session 9A)
Speaker: TBA |
Presentation: TBA (Session 9B)
Speaker: TBA |
Presentation: TBA (Session 9C)
Speaker: TBA |
2:20-2:30 PM | Short Break - Conference Movement | ||
2:30-3:20 PM
|
Presentation: TBA (Session 10A)
Speaker: TBA |
Presentation: TBA (Session 10B)
Speaker: TBA |
Presentation: TBA (Session 10C)
Speaker: TBA |
3:30-3:40 PM | Short Break - Conference Movement | ||
3:40-4:30 PM
|
Presentation: TBA (Session 11A)
Speaker: TBA |
Presentation: TBA (Session 11B)
Speaker: TBA |
Presentation: TBA (Session 11C)
Speaker: TBA |
4:30-4:40 PM | Short Break - Conference Movement | ||
4:40-5:00 PM
|
OWASP Appsec Asia 2012 - Conference Wrap Up
Panelists: TBA | ||
5:00-6:00 PM
|
OWASP Sponsor - Afternoon Networking Event - TBA |
Keynote Speakers
Alistair Mc Givvon -
Cert Australia
Jacob West -
Rafal Los -
The Conference Committee is excited to announce that the conference has been openly supported by the following vendors and associations. Without the great support of these companies and organisations the 2012 event would not be what it is today.
Diamond & Platinum Sponsors
The OWASP Conference 2012, welcomes our sponsors for Diamond and Platinum. There are still spaces available for sponsorship, but it's closing fast.
More information is available on our sponsorship packages by viewing the sponsor pack File:AppSec AsiaPac 2012 Sponsorship.pdf. Contact our Committee for more information.
Gold & Silver Sponsors
The OWASP Conference 2012, welcomes our sponsors for Gold and Silver. The conference still has availability for other Gold and Silver sponsors.
Associations & Supporters
We are proudly supported by the following Industry Associations and Media outlets.
We're excited to announce that the location of the OWASP Conference for Appsec Asia 2012 will be held at the Sydney, Darling Harbour Four Points Sheraton.
The facility provides hotel rooms and conference facilities, OWASP has secured cheap room rates directly in the hotel for the duration of the event.
If you don't know your way around Sydney, here's the Google Maps link to the Hotel.
We are using both the Ground and upper levels. The majority of the event will be held on the ground level, including all breaks etc. Attendees will find the registration and conference desk located at the Ground level near Hotel Reception. (You're not going to get lost, as we take up most of the ground level for this event.)
Further details about venue locations will be posted when they become available.
Accommodation
We've been able to arrange for accommodation within the Hotel for attendees. These rooms have been allocated at a special rate, and available strictly for a limited time. To book these rooms at the special rate, you need to use the booking link shown below. These rooms are available one night either side of the event ensuring that if you are travelling interstate or international it's easy to find a room at a good rate. The room rate allocated for the event is $200 AUD Inclusive per night.
http://www.starwoodmeeting.com/Book/OWASP
Travel Domestic
The OWASP Conference is to be held in Sydney at the Darling Harbour precinct. Hotel Location, http://maps.google.com.au/maps/place?q=Four+Points+by+Sheraton+Sydney,+Sussex+Street,+Sydney,+New+South+Wales&hl=en&cid=7369128618339939693
Any major Airline carrier will fly you into Sydney Airport, from here, you can either take a Taxi (Approx $35-40 AUD). Another option is the train from the Airport, which you can ride all the way into the closest station which is Town Hall. From this stop the hotel is a small downhill walk (no more then 5-10mins) from the station.
International Travel
The Sydney International Airport is located adjacent to the Domestic terminal. Similar taxi fares to the city and hotel venue apply. If you are travelling by train, you can ride the train from the International terminal all the way to the Town Hall station as above.
Driving Instructions
From Sydney Airport (South)
Travel along Southern Cross Drive and take the South Dowling Street exit.
Turn right onto Dacey Avenue.
At the second set of traffic lights turn left onto Anzac Parade.
Follow Anzac Parade past Moore Park on your right; Anzac Parade will become Flinders Street.
Turn left onto Oxford Street and follow to Liverpool Street; Hyde Park will be on your right.
Continue along Liverpool Street and turn right onto Kent Street.
Travel five blocks and turn left onto Erskine Street.
Immediately turn left again onto Sussex Street. The hotel will be on your right.
From East
Proceed along New South Head Road. Continue onto William Street and then onto Park Street; Hyde Park will be on your right.
Proceed along Park Street as it becomes Druitt Street and turn right onto Kent Street.
Travel approximately three blocks and turn left onto Erskine Street.
Immediately turn left again onto Sussex Street. The hotel will be on your right.
From West
Proceed along the Western Distributor towards the city taking the City North exit followed by the Sussex Street South Exit.
Turn right onto Sussex Street, the hotel will be on your right.
From North
Take the Pacific Highway/Warringah Highway and proceed over the Sydney Harbour Bridge.
Take the York street exit off the bridge and continue along before turning right into Erskine Street .
Proceed approximately three blocks before turning left into Sussex Street. The hotel will be on your right.
Justin Derry - Planning Committee Co-Chair
Andrew van der Stock - Planning Committee Co-Chair
Mohd Fazli Azran - Global Conference Committee Liaison
Sarah Baso - OWASP Operational Support
If you are interested in helping out with this conference or have any questions, please contact us at: [email protected]
The OWASP AppSec AsiaPac 2012 Call for Papers (CFP) is now open. Visit the following URL to submit your abstract for the April 13-14, 2012 talks in Sydney Australia:
http://sl.owasp.org/apac2012talks
We will make the first round of selections, based on the CFPs we have received by February 17, 2012. The final closing date for submissions is Friday, March 3, 2012. We look forward to talk submissions over the coming weeks from security practitioners, researchers, thought leaders, and developers in the following content areas:
- Research in Application Security Defense (Defense & Countermeasures)
- Research in Application Security Offense (Vulnerabilities & Exploits)
- Web Application Security
- Critical Infrastructure Security
- Mobile Security
- Government Initiatives & Government Case Studies
- Effective case studies in Policy, Governance, Architecture or Life Cycle
- OWASP Projects (turbo talks)
Speakers will receive free admission (nontransferable) to the conference in return for delivering a 50 minute talk or for delivering a 25 minute OWASP Projects turbo talk.
Speaker Forms
OWASP AppSec AsiaPac 2012 is currently soliciting training providers for the conference. Visit the following URL to submit your training proposal for the April 11-12, 2012 training days in Sydney Australia: http://sl.owasp.org/apac2012training
The following conditions apply for people or organizations that want to provide training at the conference:
- Training provider should provide class syllabus / training materials.
- Proceeds will be split 75/25 (OWASP/Trainer) for the training class.
- OWASP will provide the Venue, Marketing with Conference materials, Registration and basic AV
- Trainers will cover travel and accommodations for the instructor(s) and all course materials for students
- OWASP will reserve up to 2 training slots at no cost and the trainer may reserve up to one slot at no cost
- Price per attendee: 2-Day Class $995/ 1-Day Class $595
- Trainers can brand training materials to increase their exposure
- Classes are to be focused around Application Security but are in no way limited to web application security.
We will make the first round of selections, based on the Training proposals we have received by February 17, 2012. The final closing date for submissions is Friday, March 3, 2012. Submit proposals to http://sl.owasp.org/apac2012training. All trainers will be required to submit a Training Instructor Agreement in order to have their classed scheduled.
Please forward to all interested practitioners and colleagues.
Trainer Forms
Place holder for FAQ