This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Asia 2007"

From OWASP
Jump to: navigation, search
(陳振楠 (中華軟協資安促進會會長、關貿網路總經理))
 
(80 intermediate revisions by 5 users not shown)
Line 1: Line 1:
== 第一屆OWASP台灣分會高峰會議 Security 3.0 in Web 2.0 Age — Practices and Challenges of Web 2.0 Security ==
+
== 第一屆OWASP亞洲年會 (OWASP Asia 2007) (完全免費)==
 +
'''First OWASP Asia Conference 2007'''
  
 +
[[Image:owasp_appsec_asia_2007.jpg|800px]]
  
OWASP將於台灣召開第一屆的台灣分會高峰會議,將邀請國內外重量級專家齊聚一堂與會員分享與交流最新資安趨勢與實務案例。
+
OWASP破天荒將於台灣召開第一屆亞洲年會,將邀請國內外重量級專家齊聚一堂與會員分享與交流最新資安趨勢與實務案例。
  
 
「Web 2.0時代之Security 3.0 — 從實務經驗看Web資安防護之挑戰
 
「Web 2.0時代之Security 3.0 — 從實務經驗看Web資安防護之挑戰
  
* 2007年5月11日起,Google開始監控遭駭網站,並貼上危險網站之標籤,政府及企業該如何應對?
+
* 2007年5月11日,Google開始監控遭駭網站,並貼上危險網站之標籤,政府及企業該如何應對?
* 2007年5月15日月OWASP公佈2007年最新的十大Web弱點,跨站腳本攻擊(XSS)登上榜首,對台灣及全球的含意為何?
+
* 2007年5月15日,OWASP公佈2007年最新的十大Web弱點,跨站腳本攻擊(XSS)登上榜首,對台灣及全球的含意為何?
* 2007年6月6日IBM購併Watchfire,HP隨即於6月19日購併SPI Dynamics?為何在短短一個月內,重量級資訊巨人跨足資安產業?而僅存的Cenzic以滲透測試技術於6月18日甫獲美國專利,又將對產業有何影響?
+
* 2007年6月6日,IBM購併Watchfire,HP隨即於6月19日購併SPI Dynamics?為何在短短一個月內,重量級資訊巨人跨足資安產業?而僅存的Cenzic以滲透測試技術於6月18日甫獲美國專利,又將對產業有何影響?
 
* Web 2.0面臨哪些新的資安威脅?其因應之道是什麼? 什麼是Security 3.0?又有哪些成功的實務案例?
 
* Web 2.0面臨哪些新的資安威脅?其因應之道是什麼? 什麼是Security 3.0?又有哪些成功的實務案例?
 +
<hr>
 +
第一屆OWASP亞洲年會暨會員大會將在9月27日(週四)下午1點於台大醫院國際會議中心201室(台北市中正區徐州路二號)舉辦,由國內外知名專家一同與您探討Web安全,目前規劃演講者包含任職於國內外產、官、學的資安專家。
  
第一屆OWASP台灣分會高峰會議暨會員大會將於2007年7月20日(週五)下午1點至5點舉行,會議地點定於國立臺灣科技大學公館校區-國際廳,將由國內外知名專家一同與您探討探討,目前規劃演講者包含:
+
'''OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次。'''
 +
 
 +
'''然由於場地限制,請儘速來信報名,會場僅可容納500人,還請包涵。'''
 +
 
 +
'''請各位欲參加之會員朋友,務必儘速來信報名參加。報名方式請見頁尾。'''
 +
 
 +
 
 +
 
 +
===OWASP台灣分會會長致詞===
 +
====黃耀文(Wayne Huang) ([http://www.armorize.com/?utm_source=HIT&utm_medium=web 阿碼科技]創辦人兼執行長)====
 +
[[Image:owasp_taiwan_wayne.jpg|100px]]
 +
 
 +
'''簡介''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
 +
<hr>
 +
 
 +
===資策會貴賓致詞===
 +
====許清琦 (資策會副執行長)====
 +
[[Image:Hsu_III_VP.jpg|120px]]
 +
 
 +
'''簡介''': Dr. Hsu was a professor of the [http://www.csie.ntu.edu.tw/ Department of Information Engineering] of [http://www.ntu.edu.tw National Taiwan University] for several years and became the Chairman of the Department in 2000.  After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of [http://www.knu.edu.tw/ Kai Nan University].  Nowadays, Dr. Hsu is the Executive Vice President of the [http://www.iii.org/ Institute for Information Industry], which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.
 +
<hr>
 +
 
 +
====張國鴻 ([http://www.cisanet.org.tw 中華民國資訊軟體協會]秘書長)====
 +
 
 +
'''Bio''': N/A
 +
<hr>
  
 
===第一場時段講者(1:00pm-3:30pm)===
 
===第一場時段講者(1:00pm-3:30pm)===
====Yen-Ming Chen (McAfee資安諮詢部門主任、前Foundstone首席資安顧問)====
+
====Jeremiah Grossman (WhiteHat Security創辦人兼技術長、InfoWorld 2007年最傑出25位技術長)====
[[Image:owasp_taiwan_yenming.jpg|100px]]
+
 
*題目: Trends in Web Application Security
+
'''英文題目''': '''''The Next Challenge to Web Security: Business Logic Flaws'''''
*國際演說:PACSEC.JP, HITB, HACK.LU, HIT, CSI, MISTI, CERT, ICST
+
 
*暢銷書籍:四本暢銷資安書籍之作者包括
+
'''中文題目''': '''''未來Web資安之大挑戰:邏輯漏洞 (此演講於本會議做第一次公開!) '''''
[[Image:owasp_taiwan_yenming1.jpg|100px]][[Image:owasp_taiwan_yenming2.jpg|100px]][[Image:owasp_taiwan_yenming3.jpg|100px]][[Image:owasp_taiwan_yenming4.jpg|100px]]
+
 
*講者簡介: Yen-Ming leads Foundstone consultants to provide strategic security consulting services to the clients. His duties include managing all consulting and training activities, ranging from sales support to project execution. Yen-Ming joined Foundstone as a consultant in 2000. Yen-Ming brings extensive knowledge in both business and technology to his clients. He focuses primarily on generic security assessment. In client engagements, Yen-Ming helps clients align their security strategies with their business goals. He served as a Lead Instructor for Foundstone’s Ultimate Hacking, Ultimate Hacking Expert, Ultimate Web Hacking and Ultimate Hacking: Incident Response classes. Yen-Ming is a published author and sought-after speaker in both North America and the Pacific Rim. His articles have been published by SecurityFocus, SysAdmin, UnixReview, DevX, PCWeek, CNET Taiwan, ITHome, and other technology magazines in both North America and Asia Pacific. Yen-Ming has been interviewed by BBC and other media across the globe, and he has been a featured presenter at conferences, including PACSEC.JP, HITB, HACK.LU, HIT, CSI, MISTI, APAC Regional Conference on Electronic Safety and Soundness for Financial Services, Hong Kong CERT, and ICST conferences. Yen-Ming has contributed to several books, including: Hacking Exposed, 3rd ed., Hacking Exposed for Web Applications, Windows XP Professional Security, and HackNotes: Web Application Security.
+
'''國際演說''':BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA
 +
 
 +
'''暢銷書籍''':XSS Attacks
 +
 
 +
'''講者簡介''': N/A
 +
<hr>
 +
 
 +
====Daniel Hsu, 徐子文 (美國運通全球安全部東北亞區安全經理、美國產業安全學會ASIS International台灣分會會長、亞洲危機暨安全合作組織執行委員會委員)====
 +
[http://www.owasp.org/images/d/dc/Daniel_Hsu.jpg http://www.owasp.org/images/d/dc/Daniel_Hsu.jpg]
 +
 
 +
'''英文題目''': '''''From a user perspective, what are CSOs' real concerns?'''''
 +
 
 +
'''中文題目''': '''''從使用者的角度出發,企業的安全長要的是什麼?'''''
 +
 
 +
'''國際演說''': 亞洲安全週、國際安全科技博覽會(SecuTech Expo)
 +
 
 +
'''暢銷書籍''': 企業安全管理完全手冊
 +
 
 +
'''講者簡介''': N/A
 +
<hr>
 +
 
 +
====Jack Yu, 余俊賢 (資安人雜誌主編)/Jeremy Chou, 邱銘彰 (艾克索夫實驗室創辦人兼技術長)====
 +
 
 +
'''英文題目''': '''''Live in Battle:  The NetArmy and Cross-Straight Digital Warfare'''''
 +
 
 +
'''中文題目''': '''''決戰實況: 中國網軍與海峽兩岸資訊戰'''''
 +
 
 +
'''講者簡介''': N/A
 +
<hr>
 +
 
 +
===第二場時段講者(3:30pm-5:00pm)===
 
==== Mike Shema (Qualys首席資安研究員)====
 
==== Mike Shema (Qualys首席資安研究員)====
 
[[Image:owasp_taiwan_mike.jpg|100px]]
 
[[Image:owasp_taiwan_mike.jpg|100px]]
*題目: Web 2.0 Security
+
 
*國際演說:BlackHat and Defcon
+
此場為英文演說,大會沒有提供同步口譯,還請見諒
*暢銷書籍:九本資安暢銷書籍之作者包括
+
 
 +
'''英文題目''': '''''Automated Tools: Are They Any Good for Enterprises?'''''
 +
 
 +
'''中文題目''': '''''Web資安--企業如何有效利用自動工具?"'''''
 +
 
 +
'''國際演說''':BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe
 +
 
 +
'''暢銷書籍''':九本資安暢銷書籍之作者包括
 +
 
 
[[Image:owasp_taiwan_mike1.jpg|100px]][[Image:owasp_taiwan_mike2.jpg|100px]][[Image:owasp_taiwan_mike3.jpg|100px]][[Image:owasp_taiwan_mike4.jpg|100px]][[Image:owasp_taiwan_mike5.jpg|100px]][[Image:owasp_taiwan_mike6.jpg|100px]][[Image:owasp_taiwan_mike7.png|100px]][[Image:owasp_taiwan_mike8.jpg|100px]][[Image:owasp_taiwan_mike9.jpg|100px]]
 
[[Image:owasp_taiwan_mike1.jpg|100px]][[Image:owasp_taiwan_mike2.jpg|100px]][[Image:owasp_taiwan_mike3.jpg|100px]][[Image:owasp_taiwan_mike4.jpg|100px]][[Image:owasp_taiwan_mike5.jpg|100px]][[Image:owasp_taiwan_mike6.jpg|100px]][[Image:owasp_taiwan_mike7.png|100px]][[Image:owasp_taiwan_mike8.jpg|100px]][[Image:owasp_taiwan_mike9.jpg|100px]]
*講者簡介: Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
+
 
==== 何全德處長 (行政院研考會資訊處) ====
+
'''講者簡介''': Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
[[Image:owasp_taiwan_ho.gif|100px]]
+
<hr>
*題目: Security in Taiwan
+
 
*講者簡介: N/A
+
====Wayne Huang, 黃耀文 (OWASP台灣分會會長、[http://www.armorize.com/?utm_source=HIT&utm_medium=web 阿碼科技]創辦人兼執行長)====
====吳怡芳主任 (中華電信資安專案辦公室)====
 
*題目: From Internet Service Provider to Internet Security Provider
 
*講者簡介: N/A
 
===第二場時段講者(3:30pm-5:00pm)===
 
====Wayne Huang (OWASP台灣分會會長、阿碼科技創辦人兼執行長)====
 
 
[[Image:owasp_taiwan_wayne.jpg|100px]]
 
[[Image:owasp_taiwan_wayne.jpg|100px]]
*題目: Security 3.0 in Web 2.0 Age—Practices and Challenges of Web 2.0 Security
+
 
*國際演說:RSA 2007, HITCon 2007, Zend PHP 2006, HITCon 2006, WWW 2004 and WWW 2003
+
'''英文題目''': '''''Secure Web Developing using Static Analysis'''''
*暢銷書籍:
+
 
 +
'''中文題目''': '''''利用靜態檢測做好安全Web應用程式開發'''''
 +
 
 +
'''國際演說''': RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan
 +
 
 +
'''暢銷書籍''': Security in the 21st Century, 多篇頂尖IEEE/ACM國際論文
 +
 
 
[[Image:owasp_taiwan_wayne1.jpg|100px]]
 
[[Image:owasp_taiwan_wayne1.jpg|100px]]
*簡介: Wayne Huang is the first author of two award-winning security papers in the International WWW Conference (2003, 2004). He is the co-author of "Computer Security in the 21st Century". He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
 
====Ricardo Jenez (Google軟體工程部門主任)====
 
*題目: Engineering Simplicity
 
*講者簡介: Mr. Jenez brings over 14 years of industry experience to eTime Capital , leveraging the latest technology to create highly effective business solutions for industry leaders. He also focuses on developing eTime Capital's strategic technology partnerships. Mr. Jenez was most recently at Netscape Communications as the Senior Development Manager responsible for the creation of a variety of e-commerce applications. Mr. Jenez was part of the core team that defined and implemented the architecture on which Netscape's B-to-B e-commerce applications - SellerXpert and BuyerXpert - were built. Prior to Netscape , Mr. Jenez held positions at General Magic , Tenfold , and Oracle Corporation. He also was the cofounder of Portacom Technologies , which manufactured some of the first Windows Accelerator graphics cards. His Eclipse II product was the recipient of the PC Magazine's Editor's Choice Award and ranked Number 74 on PC Computing's Top 200 PC Products of 1992". Prior to working at Oracle , Mr. Jenez was on the technical research staff of the MIT Laboratory for Computer Science , working on both hardware and software systems for multiprocessor computers. Mr. Jenez has two Bachelor of Science degrees from MIT , one in Computer Science and the other in Electrical Engineering.
 
====Ben Livshits (MSR微軟研究中心研究員、史丹佛大學博士候選人)====
 
[[Image:owasp_taiwan_ben.jpg|100px]]
 
*題目: SDL (Secure Development Lifecycle) in Microsoft
 
*講者簡介: Benjamin Livshits is currently a Ph.D. candidate in computer science at Stanford University. Benjamin graduated summa cum laude with a B.A. degree in computer science and math from Cornell University in 1999. He obtained an M.S. from Stanford University in 2002. Benjamin's general research area is compilers and program analysis. His research interests include application of sophisticated static and dynamic analysis techniques to finding errors in programs. Lately he has focused on approaches to finding buffer overruns in C programs and a variety of security vulnerabilities (SQL injections, cross-site scriping, etc.) in Web-based applications. Benjamin has authored more than a dozen papers on program analysis for security and other uses, including finding memory errors, violations of API-specific patterns, software pattern mining, garbage collection, etc. Benjamin is a winner of the NSF graduate fellowship. His industrial experience involves working for companies including Yahoo!, Netscape, and Intel.
 
====Jim Roskind (AOL副總裁暨技術長、前Netscape副總裁暨首席科學家、創辦Infoseek)====
 
*題目: Ajax Security
 
*講者簡介: During 8 years at Netscape/AOL/TW, Dr. Jim Roskind had titles including VP/CTO of System Infrastructure for America Online, VP/Chief Scientist Netscape, Netscape/Netcenter Security Architect, and Netscape's Java Security Architect. Jim's time as the Java Security Architect in Netscape's Client Product Division, placed him in the near the epicenter of almost all security related problems that appeared in the browser. In addition to tasks involved with technically reconciling issues, he was also a common liaison with contributors that reported security issues (both real and imagined). His notable technical accomplishments at Netscape included the architecture and deployment of signed Java. Before joining Netscape in 1995, Jim was a co-founder of Infoseek Corporation, and later Chief Scientist. Dr. Roskind holds an SB Electrical Engineering, SB Computer Science, SM EECS (1980), and PhD EECS (1983), all from Massachusetts Institute of Technology. His current research and development focus is on his daughter Brianna and son Dylan, all studied in collaboration with his wife Melinda.
 
  
OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次,然由於場地限制,席次僅提供前200名額登錄者,還請包涵。請各位欲參加之會員朋友,務必儘速報名參加。
+
'''簡介''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
*交通資訊請參考:[http://www.ntust.edu.tw/front/bin/ptlist.phtml?Category=16 http://www.ntust.edu.tw/front/bin/ptlist.phtml?Category=16]。
+
<hr>
*[[Image:owasp_taiwan_2007venue0.gif]][[Image:owasp_taiwan_2007venue2.jpg|800px]][[Image:owasp_taiwan_2007venue1.jpg|800px]]
+
 
 +
'''以上內容可能改變,請至OWASP台灣分會網頁獲得最新之詳盡會議資訊'''
 +
 
 +
'''OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次(200名)。'''
 +
 
 +
'''然由於場地大小限制,席次僅提供來信報名者,同時請報名者於活動當天提早前往入席,還請包涵。'''
 +
 
 +
'''請各位欲參加之會員朋友,務必儘速來信報名參加。'''
 +
 
 +
===來信報名===
 +
請email至[mailto:info@owasp.org.tw?subject=OWASP_Taiwan_Registration [email protected]],並註明下列資訊。
 +
#中文姓名:
 +
#英文姓名:
 +
#單位:
 +
#職稱:
 +
#電子郵件:
 +
#聯絡電話:
 +
#免費加入OWASP台灣分會:(空白為願意加入,若不欲加入請填否)
 +
 
 +
'''鑑於報名人數踴躍,提醒各位務必準時報到以提早入席,目前大會仍並不強制安排座位,從12:30pm開始接受報到。'''
 +
 
 +
===會場位置===
 +
台大醫院國際會議中心201廳
  
 
== 有關OWASP (About OWASP) ==
 
== 有關OWASP (About OWASP) ==

Latest revision as of 06:52, 20 September 2007

第一屆OWASP亞洲年會 (OWASP Asia 2007) (完全免費)

First OWASP Asia Conference 2007

Owasp appsec asia 2007.jpg

OWASP破天荒將於台灣召開第一屆亞洲年會,將邀請國內外重量級專家齊聚一堂與會員分享與交流最新資安趨勢與實務案例。

「Web 2.0時代之Security 3.0 — 從實務經驗看Web資安防護之挑戰

  • 2007年5月11日,Google開始監控遭駭網站,並貼上危險網站之標籤,政府及企業該如何應對?
  • 2007年5月15日,OWASP公佈2007年最新的十大Web弱點,跨站腳本攻擊(XSS)登上榜首,對台灣及全球的含意為何?
  • 2007年6月6日,IBM購併Watchfire,HP隨即於6月19日購併SPI Dynamics?為何在短短一個月內,重量級資訊巨人跨足資安產業?而僅存的Cenzic以滲透測試技術於6月18日甫獲美國專利,又將對產業有何影響?
  • Web 2.0面臨哪些新的資安威脅?其因應之道是什麼? 什麼是Security 3.0?又有哪些成功的實務案例?

第一屆OWASP亞洲年會暨會員大會將在9月27日(週四)下午1點於台大醫院國際會議中心201室(台北市中正區徐州路二號)舉辦,由國內外知名專家一同與您探討Web安全,目前規劃演講者包含任職於國內外產、官、學的資安專家。

OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次。

然由於場地限制,請儘速來信報名,會場僅可容納500人,還請包涵。

請各位欲參加之會員朋友,務必儘速來信報名參加。報名方式請見頁尾。


OWASP台灣分會會長致詞

黃耀文(Wayne Huang) (阿碼科技創辦人兼執行長)

Owasp taiwan wayne.jpg

簡介: Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.


資策會貴賓致詞

許清琦 (資策會副執行長)

Hsu III VP.jpg

簡介: Dr. Hsu was a professor of the Department of Information Engineering of National Taiwan University for several years and became the Chairman of the Department in 2000. After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of Kai Nan University. Nowadays, Dr. Hsu is the Executive Vice President of the Institute for Information Industry, which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.


張國鴻 (中華民國資訊軟體協會秘書長)

Bio: N/A


第一場時段講者(1:00pm-3:30pm)

Jeremiah Grossman (WhiteHat Security創辦人兼技術長、InfoWorld 2007年最傑出25位技術長)

英文題目: The Next Challenge to Web Security: Business Logic Flaws

中文題目: 未來Web資安之大挑戰:邏輯漏洞 (此演講於本會議做第一次公開!)

國際演說:BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA

暢銷書籍:XSS Attacks

講者簡介: N/A


Daniel Hsu, 徐子文 (美國運通全球安全部東北亞區安全經理、美國產業安全學會ASIS International台灣分會會長、亞洲危機暨安全合作組織執行委員會委員)

Daniel_Hsu.jpg

英文題目: From a user perspective, what are CSOs' real concerns?

中文題目: 從使用者的角度出發,企業的安全長要的是什麼?

國際演說: 亞洲安全週、國際安全科技博覽會(SecuTech Expo)

暢銷書籍: 企業安全管理完全手冊

講者簡介: N/A


Jack Yu, 余俊賢 (資安人雜誌主編)/Jeremy Chou, 邱銘彰 (艾克索夫實驗室創辦人兼技術長)

英文題目: Live in Battle: The NetArmy and Cross-Straight Digital Warfare

中文題目: 決戰實況: 中國網軍與海峽兩岸資訊戰

講者簡介: N/A


第二場時段講者(3:30pm-5:00pm)

Mike Shema (Qualys首席資安研究員)

Owasp taiwan mike.jpg

此場為英文演說,大會沒有提供同步口譯,還請見諒

英文題目: Automated Tools: Are They Any Good for Enterprises?

中文題目: Web資安--企業如何有效利用自動工具?"

國際演說:BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe

暢銷書籍:九本資安暢銷書籍之作者包括

Owasp taiwan mike1.jpgOwasp taiwan mike2.jpgOwasp taiwan mike3.jpgOwasp taiwan mike4.jpgOwasp taiwan mike5.jpgOwasp taiwan mike6.jpgOwasp taiwan mike7.pngOwasp taiwan mike8.jpgOwasp taiwan mike9.jpg

講者簡介: Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.


Wayne Huang, 黃耀文 (OWASP台灣分會會長、阿碼科技創辦人兼執行長)

Owasp taiwan wayne.jpg

英文題目: Secure Web Developing using Static Analysis

中文題目: 利用靜態檢測做好安全Web應用程式開發

國際演說: RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan

暢銷書籍: Security in the 21st Century, 多篇頂尖IEEE/ACM國際論文

Owasp taiwan wayne1.jpg

簡介: Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.


以上內容可能改變,請至OWASP台灣分會網頁獲得最新之詳盡會議資訊

OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次(200名)。

然由於場地大小限制,席次僅提供來信報名者,同時請報名者於活動當天提早前往入席,還請包涵。

請各位欲參加之會員朋友,務必儘速來信報名參加。

來信報名

請email至[email protected],並註明下列資訊。

  1. 中文姓名:
  2. 英文姓名:
  3. 單位:
  4. 職稱:
  5. 電子郵件:
  6. 聯絡電話:
  7. 免費加入OWASP台灣分會:(空白為願意加入,若不欲加入請填否)

鑑於報名人數踴躍,提醒各位務必準時報到以提早入席,目前大會仍並不強制安排座位,從12:30pm開始接受報到。

會場位置

台大醫院國際會議中心201廳

有關OWASP (About OWASP)

OWASP(開放Web軟體安全計畫 - Open Web Application Security Project)是一個開放社群、非營利性組織,目前全球有82個分會近萬名會員,其主要目標是研議協助解決Web軟體安全之標準、工具與技術文件,長期致力於協助政府或企業瞭解並改善網頁應用程式與網頁服務的安全性。由於應用範圍日廣,網頁應用安全已經逐漸的受到重視,並漸漸成為在安全領域的一個熱門話題,在此同時,駭客們也悄悄的將焦點轉移到網頁應用程式開發時所會產生的弱點來進行攻擊與破壞。

OWASP 台灣分會 (OWASP Taiwan Chapter)