This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP NYC AppSec 2008 Conference"
| Line 17: | Line 17: | ||
<tr><th>1000</th><td>TOPICS<br><i>SPEAKERS</i></td> | <tr><th>1000</th><td>TOPICS<br><i>SPEAKERS</i></td> | ||
<td>TOPICS<br><i>SPEAKERS</i></td> | <td>TOPICS<br><i>SPEAKERS</i></td> | ||
| − | <td> | + | <td>TOPIC: |
| + | Web Intrusion Detection with ModSecurity | ||
| + | |||
| + | Summary:Intrusion detection is a well-known network security technique. By | ||
| + | employing network monitoring security personnel observe network traffic, | ||
| + | detecting attacks and anomalies in real-time. Web intrusion detection | ||
| + | applies the same techniques to the HTTP protocol, making them suitable | ||
| + | to tackle the complex security issues so common in today's web | ||
| + | applications. This session will start with an overview of web intrusion | ||
| + | detection and web application firewalls, discussing their place in the | ||
| + | overall protection strategy. In the second part of the talk Ivan will | ||
| + | discuss ModSecurity, the open source web application firewall. | ||
| + | ModSecurity is, in the nutshell, an effective real-time HTTP traffic | ||
| + | analyser. It can be deployed either embedded, in the Apache HTTP server, | ||
| + | or standalone in reverse proxy mode. Now in its fifth year of | ||
| + | development, ModSecurity is mature, robust and flexible. It is by far | ||
| + | the most widely deployed web application firewall and a de-facto | ||
| + | standard in this space. | ||
| + | <br><i>SPEAKER:Ivan Ristic</i></td></tr> | ||
<tr><th>1100</th><td>TOPIC<br><I>SPEAKERS</i></td> | <tr><th>1100</th><td>TOPIC<br><I>SPEAKERS</i></td> | ||
Revision as of 16:29, 14 February 2008
NYC Cyber Security 2008 Conference - October 7th - 10th 2008
In Association with: WASC, NYM InfraGard, A.I.T. Global, ISACA, ISSA and Pace University
Two days of Seminars from the world's best technology minds, 2 days of hardcore hands-on training in the Big Apple at Pace University, located at One Pace Plaza
New York, NY 10038.
Tuesday - October 7th
- Check Back Soon| Time | Code it! | Break it! | Secure it! |
|---|---|---|---|
| 0800 | Registration Opens & TechExpo | ||
| 0930 | Keynote: OWASP Foundation | ||
| 1000 | TOPICS SPEAKERS |
TOPICS SPEAKERS |
TOPIC:
Web Intrusion Detection with ModSecurity Summary:Intrusion detection is a well-known network security technique. By employing network monitoring security personnel observe network traffic, detecting attacks and anomalies in real-time. Web intrusion detection applies the same techniques to the HTTP protocol, making them suitable to tackle the complex security issues so common in today's web applications. This session will start with an overview of web intrusion detection and web application firewalls, discussing their place in the overall protection strategy. In the second part of the talk Ivan will discuss ModSecurity, the open source web application firewall. ModSecurity is, in the nutshell, an effective real-time HTTP traffic analyser. It can be deployed either embedded, in the Apache HTTP server, or standalone in reverse proxy mode. Now in its fifth year of development, ModSecurity is mature, robust and flexible. It is by far the most widely deployed web application firewall and a de-facto standard in this space. SPEAKER:Ivan Ristic |
| 1100 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1200 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1300 | TECH-EXPO LUNCH | ||
| 1400 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1500 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1600 | TOPICS SPEAKERS |
TOPICS SPEAKERS |
TOPICS SPEAKER |
| 1700 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1830 | Web Application Capture the Flag | ||
| 2100 | Tuesday Night Event @ TBD | ||
Wednesday - October 8th
- Check Back Soon| Time | Code it! | Break it! | Secure it! |
|---|---|---|---|
| 0800 | Registration Opens & TechExpo | ||
| 0930 | Keynote: Industry Keynote | ||
| 1000 | TOPIC SPEAKERS |
TOPICS SPEAKERS |
TOPICS SPEAKERS |
| 1100 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1200 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1300 | TECH-EXPO LUNCH | ||
| 1400 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1500 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1600 | TOPICS SPEAKERS |
TOPICS SPEAKERS |
TOPICS SPEAKER |
| 1700 | TOPIC SPEAKERS |
TOPIC SPEAKERS |
TOPIC SPEAKERS |
| 1830 | TBD | ||
| 2100 | TBD | ||
Technology Expo - October 7th - 8th
Want to see the latest offerings from best of breed technology firms? For 2 days, Product/Service vendors worldwide will demonstrate their ability to conference attendees.
Click here for more info: SPEAKERS, TRAINERS and SPONSORS
OWASP AppSec 2008 Training Courses - October 9th and 10th 2008
| T1. Building and Testing Secure Web Applications |
|---|
| This powerful two-day course focuses on the most common web application security problems, including the OWASP Top Ten. The course will introduce and demonstrate hacking techniques, illustrating how easily application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities into their code.
Lecturer: Rogan Dawes, Project Lead OWASP WebScarab Project, Consultant, Aspect Security |
| T2. Application Security Forensics |
| How would you respond to a application security hack? This course will provide insight into the world or forensics with a focus on Web Application Security |
| T3. Defensive Programming |
| This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software
Lecturer: Pravir Chandra, Project Lead OWASP CLASP Project, Principal Consultant, Cigital |
| T4. TBD |
| Trainers Wanted |
| T5. TBD |
| Trainers Wanted |
Click here for more info: SPEAKERS, TRAINERS and SPONSORS
