Difference between revisions of "EUTour2013 Bucharest Agenda"

Latest revision as of 15:00, 31 May 2013


	OWASP EUROPE TOUR 2013 Tour Home Page Tour Scheadule Tour Organizers Resources Mailing List

CONFERENCE
OWASP Europe Tour - Bucharest 2013 Wednesday 5th June (Conference)
DESCRIPTION
OWASP Europe TOUR, is an event across the European region that promotes awareness about application security, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. Apart from OWASP's Top 10, most OWASP Projects are not widely used and understood. In most cases this is not due to lack of quality and usefulness of those Document & Tool projects, but due to a lack of understanding of where they fit in an Enterprise's security ecosystem or in the Web Application Development Life-cycle. This event aims to change that by providing a selection of mature and enterprise ready projects together with practical examples of how to use them.
OWASP MEMBERSHIP
During the OWASP Europe Tour you could become a member and support our mission. Become an OWASP member by clicking here

CONFERENCE (Wednesday 5th of June)
Date	Location
Wednesday 5th of June	Venue Location: University "Politehnica" of Bucharest Venue Address: Splaiul Independentei nr. 313, sector 6, Bucuresti, ROMANIA; Rectorship Building, Senate Hall Postal cod: RO-060042 Venue Map: [1]
Price and registration
This event is FREE Registration Link to the Europe Tour: http://owasp-romaniachapter-eorg.eventbrite.com/

Conference Details
Time	Title	Speaker	Description
02:30 pm (30 mins)	Introduction & Welcome	Ionel Chirita, Claudiu Constantinescu	Introduction to OWASP
03:15 pm (45 mins)	Penetration Testing - a way for improving our cyber security	Adrian Furtună	The talk presents a comparison between two internal penetration tests made in consecutive years at the same client. We will see the successful attack scenarios and the techniques used to take control over the network. Furthermore, we will see how and why the security posture of the client improved as a result of the penetration tests.
04:15 pm (45 mins)	Android reverse engineering: understanding third-party applications	Vicente Aguilera	It will present the objectives of the software reverse engineering and the techniques and tools to execute this process in Android applications. It will present, from a security analyst point of view and in a practical manner, the process of analyzing an existing application at Google Play Store.
05:15 pm (45 mins)	The Trouble with Passwords	Mark Goodwin	Many developers still seem unsure of how to deal with passwords and password data. This presentation covers some common mistakes made when storing credentials and introduces some good ways of tackling them.
06:15 pm (45 mins)	Hacking the ViewState in ASP.NET	Ovidiu Diaconescu	The view state is a necessary evil of ASP.NET Web Forms. Without having the proper protection mechanisms in place, it is trivial to exploit. This session will teach you how to take advantage of unsecured web applications and how to tighten-up your own
07:15 pm (45 mins)	Do you "GRANT ALL PRIVILEGES ..." in MySQL/MariaDB/Percona Server?	Gabriel Preda	We discuss (at least) elementary security procedures for MySQL and it's forks. Dive through short information about MySQL forks, replication options and their security implications. Finally some notes on what changes about security when you scale MySQL.

@@ Line 36: / Line 36: @@
 | valign="middle" bgcolor="#EEEEEE" align="center" | ''' Wednesday 5th of June '''
 | valign="middle" bgcolor="#EEEEEE" align="left" | '''Venue Location: University "Politehnica" of Bucharest<br>
-Venue Address: Splaiul Independentei nr. 313, sector 6, Bucuresti,  ROMANIA
+Venue Address: Splaiul Independentei nr. 313, sector 6, Bucuresti,  ROMANIA; Rectorship Building, Senate Hall<br>
 Postal cod: RO-060042'''<br>
-Venue Map: [http://g.co/maps/ajq42 Google Maps]
+Venue Map: [https://plus.google.com/101033585760098377632/about]
 |-
 | align="center" style="background:#CCCCEE;" colspan="2" | '''Price and registration'''
 |-
 | align="center" style="background:#EEEEEE;" colspan="2" | This event is '''FREE''' <br>
-  '''Registration Link to the Europe Tour''': [TBD REGISTER HERE!]'''<br>
+  '''Registration Link to the Europe Tour''': <br>http://owasp-romaniachapter-eorg.eventbrite.com/'''<br>
 <br>
 |-
@@ Line 56: / Line 56: @@
 | style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description'''
 |-
-| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 09:00 am<br>(30 mins)
+| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 02:30 pm<br>(30 mins)
-| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Registration
+| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Introduction & Welcome
-| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" |
+| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Ionel Chirita, Claudiu Constantinescu
-| style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" |
+| style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Introduction to OWASP
 |-
-| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | hour -TBD <br>(45 mins)
+| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 03:15 pm <br>(45 mins)
 | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Penetration Testing - a way for improving our cyber security
 | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Adrian Furtună
-| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | description
+| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | The talk presents a comparison between two internal penetration tests made in consecutive years at the same client. We will see the successful attack scenarios and the techniques used to take control over the network. Furthermore, we will see how and why the security posture of the client improved as a result of the penetration tests.
 |-
-| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | hour -TBD <br>(45 mins)
+| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 04:15 pm<br>(45 mins)
-| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Hacking the ViewState in ASP.NET
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Android reverse engineering: understanding third-party applications
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Vicente Aguilera
+| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | It will present the objectives of the software reverse engineering and the techniques and tools to execute this process in Android applications. It will present, from a security analyst point of view and in a practical manner, the process of analyzing an existing application at Google Play Store.
+|-
+| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 05:15 pm<br>(45 mins)
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | The Trouble with Passwords
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Mark Goodwin
+| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Many developers still seem unsure of how to deal with passwords and password data. This presentation covers some common mistakes made when storing credentials and introduces some good ways of tackling them.
+|-
+| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 06:15 pm <br>(45 mins)
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Hacking the ViewState in ASP.NET
 | style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Ovidiu Diaconescu
-| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | description
+| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | The view state is a necessary evil of ASP.NET Web Forms. Without having the proper protection mechanisms in place, it is trivial to exploit. This session will teach you how to take advantage of unsecured web applications and how to tighten-up your own
+|-
+| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 07:15 pm <br>(45 mins)
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Do you "GRANT ALL PRIVILEGES ..." in MySQL/MariaDB/Percona Server?
+| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Gabriel Preda
+| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | We discuss (at least) elementary security procedures for MySQL and it's forks. Dive through short information about MySQL forks, replication options and their security implications. Finally some notes on what changes about security when you scale MySQL.
 |}

Difference between revisions of "EUTour2013 Bucharest Agenda"

Latest revision as of 15:00, 31 May 2013

OWASP Europe Tour - Bucharest 2013

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools