This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Italy OWASP Day 2017"

From OWASP
Jump to: navigation, search
m
(day)
 
(40 intermediate revisions by the same user not shown)
Line 9: Line 9:
 
'''Introduction'''
 
'''Introduction'''
  
Welcome to the OWASP Day 2017 Italy Conference. Following on from the great successes of last OWASP Days, the new conference will take place next 20th October 2017 at the University of Cagliari.
+
Welcome to the OWASP Day 2017 Italy Conference. Following on from the great successes of last OWASP Days, the new conference will take place next '''20th October 2017 at the University of Cagliari'''.  
 +
Address: Auditorium of the Faculty of Engineering and Architecture, Piazza d'Armi, Cagliari.
 +
 
 +
The Conference will be in ITALIAN language except the Gary McGraw one that will be in english.
 +
 
 +
The event sponsors:
 +
<center>
 +
<br>
 +
[[File:LOGO NUMERA.png | www.numera.it]]
 +
[[File:LBL_TCOGROUPSRL_LOGO.png | www.tcoproject.com]]
 +
[[File:Pluribus One 20-10-15.png | www.pluribus-one.it]]
 +
</center>
  
 
[https://www.owasp.org/images/5/5f/OWASP-Italy2017Cfp.pdf Official Inviation]
 
[https://www.owasp.org/images/5/5f/OWASP-Italy2017Cfp.pdf Official Inviation]
Line 23: Line 34:
 
! width="1000" align="center" | <br>
 
! width="1000" align="center" | <br>
 
|-
 
|-
| align="center" | [[Image:McGraw.png|250px]] [[Image:yy-hats.jpg|100px]]
+
| align="center" | [[Image:McGraw2015.jpg|200px]] [[Image:yy-hats.jpg|100px]]
| align="justify" | '''""'''.
+
|
  
Gary McGraw is Vice President Security Technology, Synopsys. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include
+
Gary McGraw is the Vice President Security Technology of Synopsys (SNPS), a silicon valley company headquartered in Mountain View, CA. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series.  Dr. McGraw has also written over 100 peer-reviewed scientific publications, authors a periodic security column for SearchSecurity, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Max Financial, NTrepid, and Ravenwhite.  He has also served as a Board member of Cigital (acquired by Synopsys) and as Advisor to Dasient (acquired by Twitter), Fortify Software (acquired by HP), and Invotas (acquired by FireEye). His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the School of Informatics.  Gary produces the monthly Silver Bullet Security Podcast for Synopsys and IEEE Security & Privacy magazine (syndicated by SearchSecurity).
Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series.  Dr. McGraw has also written over 100 peer-reviewed scientific publications, authors a monthly security
 
column for SearchSecurity and Information Security Magazine, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Dasient (acquired by Twitter), Fortify Software (acquired by HP), Raven White, Max Financial, and Wall+Main. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the School of Informatics.  Gary served on the IEEE
 
Computer Society Board of Governors and produces the monthly Silver Bullet
 
Security Podcast for IEEE Security & Privacy magazine (syndicated by
 
SearchSecurity).
 
 
    
 
    
 
|}
 
|}
 
<br>
 
<br>
  
 +
= Agenda =
 +
The Conference will be in ITALIAN language except the Gary McGraw one that will be in english.
 +
 +
The schedule will be as follow:
 +
 +
<font size=2pt>
 +
<center>
 +
<table width="80%">
 +
<tr>
 +
<td valign=top>10:00h</td><td bgcolor="#eeeeee"><b>"Welcome and opening of the works"</b><br>Prof. Giorgio Giacinto, Ing. Davide Ariu - Università di Cagliari, Matteo Meucci OWASP Italy<br></td>
 +
</tr>
 +
<tr>
 +
<td valign=top>10.15h</td><td bgcolor="#b9c2dc"><b>"Seven Things: Frank Zappa, T. Coraghasen Boyle, and Twenty-one Years in Security"</b><br> Ph.D. Gary McGraw, Synopsys<br></td>
 +
</tr>
 +
 +
<tr>
 +
<td valign=top>11:15h</td><td bgcolor="#eeeeee"><b>"Software Protection: fighting reverse engineering in the ASPIRE project"</b><br>Dr. Paolo Falcarin, University of East London<br></td>
 +
</tr>
  
'''Organization and goals:'''
+
<tr>
 +
<td valign=top>11.45h</td><td bgcolor="#b9c2dc"><b>"Coffee Break"</b><br><br></td>
 +
</tr>
  
* The event will show several points of discussion: we will present the state of the art of the Secure Software Initiatives and technical speeches about the new researches in Application Security.
+
<tr>
* We will organize a round table regarding women in Application Security.
+
<td valign=top>12:00h</td><td bgcolor="#eeeeee"><b>"The OWASP Top 10 Proactive Controls v2"</b><br>Federico Fazzi, Minded Security<br></td>
* As conclusion of the day, we organize a round table discussing the most interesting subjects came out during the event.
+
</tr>
* Conference goal is creating a debate on which will be the evolution of the research for the Web Application Security, and how to start a secure software initiative.
 
  
'''Call For Paper:'''
+
<tr>
 +
<td valign=top>12.30h</td><td bgcolor="#b9c2dc"><b>"Gestione delle vulnerabilità delle applicazioni software: un caso concreto di successo"</b><br>Dr. Roberto Obialero, Dr. Fabio Bucciarelli - Regione Emilia Romagna<br></td>
 +
</tr>
  
OWASP solicits contributions on the above topics, or general matters
+
<tr>
of interest to the community. Those who are interested in
+
<td valign=top>13:00h</td><td bgcolor="#eeeeee"><b>"Women In Security "</b><br>Dott.ssa Loredana Mancini, Vice Presidente WIA Committee (OWASP)<br>Annalisa Bonfiglio, Professore Ordinario e Presidente CRS4<br>Monica Pellegrino, Senior Research Analyst, ABILab<br>Maria Katiuscia Zedda, R&D&I Programme Manager - Abissi S.r.l./Abinsula S.r.l.</td>
participating as speakers to the conference can submit an abstract of
+
</tr>
the speech to the OWASP-Italy Board by email at:
 
owasp-italy <at> owasp.org.
 
The email subject must be “OWASP Day 2017: CFP” and  the email body must
 
contains the following information/sections:
 
  
* Name and Surname
+
<tr>
* Email address
+
<td valign=top>13.30h</td><td bgcolor="#b9c2dc"><b>"Premiazione Concorso "Pixelettere di Contrabbando”, organizzato nell’ambito del progetto Europeo Dogana (https://www.dogana-project.eu/<br>Premiazione Concorso “Usa la Scienza con Coscienza”, organizzato dal PRALab dell'Università di Cagliari (https://pralab.diee.unica.it/it/UsaLaScienzaConCoscienza)<br></b>Ing. Davide Ariu</td>
* Telephone number
+
</tr>
* Company name and role
 
* Short biography(max 100 words)
 
* List of the author’s previous papers/articles/speeches on the same topics
 
* Title of the contribution
 
* Type of contribution: Technical or Informative
 
* Abstract (max one A4 style page)
 
* Why the contribution is relevant for OWASP-Italy Day
 
  
The submission will be reviewed by the OWASP-Italy Board and the 8-9
+
<tr>
most interesting ones will be selected and invited for presentation
+
<td valign=top>14:00h</td><td bgcolor="#eeeeee"><b>"Light lunch"</b><br></td>
 +
</tr>
  
'''Important dates:'''
+
</table>
 +
</center>
  
* Contributions submission deadline: 5th August 2017
+
<br><br>
  
* Communication of acceptance for contributions: 30th August 2017
 
  
 +
= Registration =
 +
<br><br>
 +
The Conference is entrance free but you need to register to participate.<br>
 +
Please use the following form:<br>
  
'''References:'''
 
----
 
  
"Avete finito di imbottire le vostre reti di firewall e altre diavolerie simili? Allora è tempo di cambiare prospettiva e rendersi conto che oggi, dopo aver messo in sicurezza il perimetro dei nostri sistemi informativi, le minacce più serie provengono dalle nostre stesse applicazioni che, a volte, non sono progettate ed implementate, tenendo conto delle migliori pratiche di sviluppo di software sicuro. In questo campo l’OWASP rappresenta un punto di riferimento costante ed una miniera di informazioni e strumenti, ed al Ministero dell’Istruzione, Università e Ricerca abbiamo imparato ad apprezzarne i materiali e le informazioni disponibili sul suo sito web, nell’ambito del nostro gruppo che si occupa di sicurezza del sistema informativo. Per conoscere le iniziative dell’OWASP, avere un’anteprima delle principali novità in tema di sicurezza del software, incontrare i maggiori esperti in questo settore, partecipate all’OWASP DAY – ITALY IV il 6 novembre prossimo a Milano, sarà un’occasione utilissima di approfondimento."<br>
 
'''Paolo De Santis – Dirigente della Direzione Generale per gli Studi, la Statistica ed i Sistemi Informativi del MIUR'''<br><br>
 
  
“L’OWASP Day è il luogo e il momento per incontrare altri professionisti e appassionati del settore. E’ un’opportunità per conoscere direttamente dai protagonisti le metodologie, le tecniche e gli ambiti di ricerca nel mondo della sicurezza applicativa divenuto ormai il fattore principale, insieme a quello umano, nel campo dell’Information Security. “<br>
 
'''Massimo Trevisani—CSO  IWBank'''<br><br>
 
  
"Le conferenze OWASP in Italia rappresentano un momento importante di awareness sulla sicurezza applicativa. L'evento rappresenta un punto di riferimento in cui i professionisti dell'IT possono valutare nuovi approcci allo sviluppo sicuro del software e alla difesa delle proprie applicazioni on-line"<br>
 
'''Marco Bavazzano—CISO Telecom Italia'''<br><br>
 
  
'''Key Speakers:'''
+
= Organization and goals =
----
 
  
 +
* The event will show several points of discussion: we will present the state of the art of the Secure Software Initiatives and technical speeches about the new researches in Application Security.
 +
* Conference goal is creating a debate on which will be the evolution of the research for the Web Application Security, and how to start a secure software initiative.
  
  
 +
'''References:'''
 +
----
  
  
  
==== Sponsors====
 
  
If you want to become a Sponsor of the Initiative, please drop an email to:  [mailto:[email protected] Matteo Meucci]
+
= Sponsors =
  
'''Gold Sponsors:'''
+
Thank you to our sponsors:
 
<center>
 
<center>
 +
<br>
 +
 
</center>
 
</center>
 
'''Silver Sponsors:'''
 
 
==== Agenda & Presentations ====
 
TBD
 
  
  

Latest revision as of 14:18, 30 March 2018

Back to the Italian Chapter

OWASP-Italy.PNG

WELCOME

Introduction

Welcome to the OWASP Day 2017 Italy Conference. Following on from the great successes of last OWASP Days, the new conference will take place next 20th October 2017 at the University of Cagliari. Address: Auditorium of the Faculty of Engineering and Architecture, Piazza d'Armi, Cagliari.

The Conference will be in ITALIAN language except the Gary McGraw one that will be in english.

The event sponsors:


www.numera.it www.tcoproject.com www.pluribus-one.it

Official Inviation

Gary McGraw

Ph.D. Vice President Security Technology, Synopsys



McGraw2015.jpg Yy-hats.jpg

Gary McGraw is the Vice President Security Technology of Synopsys (SNPS), a silicon valley company headquartered in Mountain View, CA. He is a globally recognized authority on software security and the author of eight best selling books on this topic. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games, and 6 other books; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 100 peer-reviewed scientific publications, authors a periodic security column for SearchSecurity, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Max Financial, NTrepid, and Ravenwhite. He has also served as a Board member of Cigital (acquired by Synopsys) and as Advisor to Dasient (acquired by Twitter), Fortify Software (acquired by HP), and Invotas (acquired by FireEye). His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the School of Informatics. Gary produces the monthly Silver Bullet Security Podcast for Synopsys and IEEE Security & Privacy magazine (syndicated by SearchSecurity).


The Conference will be in ITALIAN language except the Gary McGraw one that will be in english.

The schedule will be as follow:

10:00h"Welcome and opening of the works"
Prof. Giorgio Giacinto, Ing. Davide Ariu - Università di Cagliari, Matteo Meucci OWASP Italy
10.15h"Seven Things: Frank Zappa, T. Coraghasen Boyle, and Twenty-one Years in Security"
Ph.D. Gary McGraw, Synopsys
11:15h"Software Protection: fighting reverse engineering in the ASPIRE project"
Dr. Paolo Falcarin, University of East London
11.45h"Coffee Break"
12:00h"The OWASP Top 10 Proactive Controls v2"
Federico Fazzi, Minded Security
12.30h"Gestione delle vulnerabilità delle applicazioni software: un caso concreto di successo"
Dr. Roberto Obialero, Dr. Fabio Bucciarelli - Regione Emilia Romagna
13:00h"Women In Security "
Dott.ssa Loredana Mancini, Vice Presidente WIA Committee (OWASP)
Annalisa Bonfiglio, Professore Ordinario e Presidente CRS4
Monica Pellegrino, Senior Research Analyst, ABILab
Maria Katiuscia Zedda, R&D&I Programme Manager - Abissi S.r.l./Abinsula S.r.l.
13.30h"Premiazione Concorso "Pixelettere di Contrabbando”, organizzato nell’ambito del progetto Europeo Dogana (https://www.dogana-project.eu/
Premiazione Concorso “Usa la Scienza con Coscienza”, organizzato dal PRALab dell'Università di Cagliari (https://pralab.diee.unica.it/it/UsaLaScienzaConCoscienza)
Ing. Davide Ariu
14:00h"Light lunch"






The Conference is entrance free but you need to register to participate.
Please use the following form:



  • The event will show several points of discussion: we will present the state of the art of the Secure Software Initiatives and technical speeches about the new researches in Application Security.
  • Conference goal is creating a debate on which will be the evolution of the research for the Web Application Security, and how to start a secure software initiative.


References:



Thank you to our sponsors:



Retrieved from "https://wiki.owasp.org/index.php?title=Italy_OWASP_Day_2017&oldid=239170"