Difference between revisions of "OWASP Australia AppSec 2008 Conference/Agenda"

Latest revision as of 09:23, 3 April 2008

Welcome to the OWASP Australia Application Security Conference for 2008. Following on from the great success of OWASP Conferences in 2006 and 2007 in the United States and Europe, the first ever Asia Pacific & Australia Security conference will take place in February 2008.

UPDATE: The OWASP Wiki now has an FTP/HTTP Upload server. I am able to put the MP3's online. So the links below can now work. If you simply want to download directly the link to the directory is. http://www.owasp.org/download/owasp_confau_2008/

OWASP Australia 2008 Conference Schedule - February 28th & 29th 2008

Day 1 - Thursday Feb 28, 2007
	Track 1	Track 2
08:00-09:00	Registration and Coffee
09:00-09:15	Welcome to OWASP Australia 2008 Conference - Justin Derry, Australia OWASP Conference Chair and Practice Leader b-sec Consulting
09:15-10:15	Keynote: The Microsoft SLD-IT, The process of Building Secure Applications Mark Curphey (European Practice Manager - ACE Team Microsoft) (MP3)
10:15-10:45	An Introduction to OWASP 2008 & Current Projects - Justin Derry, Australia OWASP Conference Chair and Practice Leader b-sec Consulting
10:45-11:15	Morning Tea/Coffee, Vendor Technology Expo
11:15-12:30	Secure Software Development (OWASP EDU Project) - Martin Knobloch, Technical Specialist, Sogeti Nederland B.V. (MP3) (PPT)	Considerations for application security testing for enterprise projects. - Jean Marie Abighanem, Director Enterprise Risk Services Deloitte Touche Tohmatsu (MP3) (PPT)
12:30-13:30	Lunch, Vendor Technology Expo
13:30-14:30	Automated web application scanning versus manual testing, choosing the best tools for the job. - Matthew Hackling, Enterprise Risk Services Deloitte Touche Tohmatsu (MP3) (PPT)	Business Risk & Compliance for Application Security - Malathi Carthigaser, Principal Consultant Application Security b-sec (MP3) (PPT)
14:45-15:45	Whitelisting & Securing HTML Input - Peter Freiberg, b-sec Consulting Pty Ltd (MP3)	The Next Step in Evolution (Javascript Worms) - Benjamin Mosse, Security Researcher & Analyst Programmer (MP3) (PPT)
15:45-16:15	Afternoon Tea/Coffee, Vendor Technology Expo
16:15-17:00	Three OWASP Projects for Secure Applications - Michael Eddington, Leviathan Security Group (MP3) (PPT)	Hacker Attacks on the Horizon: Understanding the Top Web 2.0 Attack Vectors - Danny Allan, IBM Watchfire (MP3) (PDF)
17:15-18:00	Panel: “Application Security Threats Commonly faced by Organisations!” Moderator: Oliver Binz, Managing Director, b-sec Consulting Pty Ltd Panelists: Jean Marie Abighanem (Deloitte Touche Tohmatsu), Brian Chess (Fortify Software), James Manger (Telstra), Mark Curphey (Microsoft), Christian Heinrich (MP3)
18:30-19:00	OWASP Social Gathering: Pre-Dinner Drinks & Cocktails Location: Conference Facility Foyer @ Gold Coast Convention Center
19:00-21:30	OWASP Social Gathering: Gala Dinner, Entertainment and Networking Opportunity for all registered attendees. Location: Gold Coast Convention Center Main Hall.
Day 2 - Friday Feb 29, 2007
	Track 1	Track 2
08:00-09:00	Registration and Coffee
09:00-9:15	Conference Day 2 Open: Justin Derry, Australia OWASP Conference Chair and Practice Leader b-sec Consulting
09:15-10:15	Keynote2: Static Analysis & Secure Coding for Enterprises - Brian Chess, Fortify Software Ph.D., Founder & Chief Scientist Author of Secure Programming with Static Analysis by Brian Chess and Jacob West (MP3) (PPT/ZIP)
10:15-10:45	OWASP Top Ten, OWASP Guide Project Updates
10:45-11:15	Morning Tea/Coffee, Vendor Technology Expo
11:15-12:30	Google Hacking - Christian Heinrich (MP3)	Scalability and Security — Together - James Manger, Identity and Security team – Chief Technology Office – Telstra (MP3) (PPT)
12:30-13:30	Lunch, Vendor Technology Expo
13:30-14:30	Using WS-SecurityPolicy to Defend Web Services Attacks - Symon Chang, BEA Systems (MP3) (PPT)	PCI Security Standards & Policies for Application Security - Darren Skidmore, Team Lead InfoSec and BCP, FIS Australasia Card Services Pty Ltd (MP3)
14:30-15:30	Dealing with threats to Databases - Sandeep Singh Nain, Security Analyst IBM (MP3) (PPT)	On the job browser exploitation - Mark Piper, Security-Assessment.com (MP3)
15:30-16:00	Afternoon Tea/Coffee, Vendor Technology Expo
16:00-17:00	The detection and analysis of Flash based malware. - Paul Theriault, Senior Associate SIFT (MP3) (PPT)	Web Application Security. - Aidan Clarke F5 Systems Engineer (MP3) (PDF)
17:00-17:30	Conference Close, Justin Derry, Australia OWASP Conference Chair and Practice Leader b-sec Consulting
17:30-19:00	Happy Hour Drinks and Cocktails in Vendor Technology Expo

OWASP Australia 2008 Conference Facilities Map

To assist delegates the following map of the Conference Facilities is provided. The Gold Coast Convention Center has provided OWASP with the entire top floor of the Conference Facility for all services including presentations, meals and the vendor technology expo.

@@ Line 2: / Line 2: @@
 Welcome to the OWASP Australia Application Security Conference for 2008. Following on from the great success of OWASP Conferences in 2006 and 2007 in the United States and Europe, the first ever Asia Pacific & Australia Security conference will take place in February 2008.
+-------------------------------------------------------------------------------
+UPDATE: The OWASP Wiki now has an FTP/HTTP Upload server. I am able to put the
+MP3's online. So the links below can now work. If you simply want to download
+directly the link to the directory is.
+http://www.owasp.org/download/owasp_confau_2008/
+-------------------------------------------------------------------------------
 == OWASP Australia 2008 Conference Schedule - February 28th & 29th 2008 ==
@@ Line 17: / Line 27: @@
   | style="width:10%; background:#7B8ABD" | 09:15-10:15 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Keynote: The Microsoft SLD-IT, The process of Building Secure Applications
 Mark Curphey  (European Practice Manager - ACE Team Microsoft)
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_1_Curphey.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_1_Curphey.mp3 (MP3)]
   |-
@@ Line 25: / Line 35: @@
   |-
   | style="width:10%; background:#7B8ABD" | 11:15-12:30 || style="width:40%; background:#BC857A" align="left" | Secure Software Development (OWASP EDU Project) - Martin Knobloch, Technical Specialist, Sogeti Nederland B.V.
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_2_Knobloch.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_2_Knobloch.mp3 (MP3)]  [http://www.owasp.org/images/8/8d/OWASPAU08_Session_2_Knobloch.ppt (PPT)]
   | style="width:40%; background:#BCA57A" align="left" | Considerations for application security testing for enterprise projects. - Jean Marie Abighanem, Director Enterprise Risk Services Deloitte Touche Tohmatsu
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_3_Abighanem.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_3_Abighanem.mp3 (MP3)]
+[http://www.owasp.org/images/9/97/OWASPAU08_Session_3_Abighanem.ppt (PPT)]
   |-
   | style="width:10%; background:#7B8ABD" | 12:30-13:30 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch, Vendor Technology Expo
   |-
   | style="width:10%; background:#7B8ABD" | 13:30-14:30 || style="width:40%; background:#BC857A" align="left" | Automated web application scanning versus manual testing, choosing the best tools for the job. - Matthew Hackling, Enterprise Risk Services Deloitte Touche Tohmatsu
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_4_Hackling.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_4_Hackling.mp3 (MP3)]
+[http://www.owasp.org/images/4/41/OWASPAU08_Session_4_Hackling.ppt (PPT)]
   | style="width:40%; background:#BCA57A" align="left" | Business Risk & Compliance for Application Security - Malathi Carthigaser, Principal Consultant Application Security b-sec
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_5_Carthigaser.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_5_Carthigaser.mp3 (MP3)]
+[http://www.owasp.org/images/2/20/OWASPAU08_Session_5_Carthigaser.ppt (PPT)]
   |-
   | style="width:10%; background:#7B8ABD" | 14:45-15:45 || style="width:40%; background:#BC857A" align="left" | Whitelisting & Securing HTML Input - Peter Freiberg, b-sec Consulting Pty Ltd
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_6_Freiberg.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_6_Freiberg.mp3 (MP3)]
   | style="width:40%; background:#BCA57A" align="left" | The Next Step in Evolution (Javascript Worms) - Benjamin Mosse, Security Researcher & Analyst Programmer
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_7_Mosse.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_7_Mosse.mp3 (MP3)]
+[http://www.owasp.org/images/1/1a/OWASPAU08_Session_7_Mosse.ppt (PPT)]
   |-
   | style="width:10%; background:#7B8ABD" | 15:45-16:15 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Afternoon Tea/Coffee, Vendor Technology Expo
   |-
   | style="width:10%; background:#7B8ABD" | 16:15-17:00 || style="width:40%; background:#BC857A" align="left" | Three OWASP Projects for Secure Applications - Michael Eddington, Leviathan Security Group
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_8_Eddington.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_8_Eddington.mp3 (MP3)]
+[http://www.owasp.org/images/b/b0/OWASPAU08_Session_8_Eddington.ppt (PPT)]
   | style="width:40%; background:#BCA57A" align="left" | Hacker Attacks on the Horizon: Understanding the Top Web 2.0 Attack Vectors - Danny Allan, IBM Watchfire
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_9_Allan.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_9_Allan.mp3 (MP3)]
+[http://www.owasp.org/images/f/fb/OWASPAU08_Session_9_Allan.pdf (PDF)]
   |-
   | style="width:10%; background:#7B8ABD" | 17:15-18:00 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Panel: “Application Security Threats Commonly faced by Organisations!”
@@ Line 52: / Line 68: @@
 Panelists: Jean Marie Abighanem (Deloitte Touche Tohmatsu), Brian Chess (Fortify Software), James Manger (Telstra), Mark Curphey (Microsoft), Christian Heinrich
-[http://www.appsecure.com/owaspconf2008/OWASPAU08_Session_10_Panel.mp3 (MP3)]
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_10_Panel.mp3 (MP3)]
   |-
   | style="width:10%; background:#7B8ABD" | 18:30-19:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Social Gathering: Pre-Dinner Drinks & Cocktails
@@ Line 72: / Line 88: @@
   | style="width:10%; background:#7B8ABD" | 09:15-10:15 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Keynote2: Static Analysis & Secure Coding for Enterprises - Brian Chess, Fortify Software Ph.D., Founder & Chief Scientist
 Author of Secure Programming with Static Analysis by Brian Chess and Jacob West
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_11_Chess.mp3 (MP3)]
+[http://www.owasp.org/images/4/4a/OWASPAU08_Session_11_Chess.zip (PPT/ZIP)]
   |-
   | style="width:10%; background:#7B8ABD" | 10:15-10:45 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | OWASP Top Ten, OWASP Guide Project Updates
@@ Line 79: / Line 96: @@
   |-
   | style="width:10%; background:#7B8ABD" | 11:15-12:30 || style="width:40%; background:#BC857A" align="left" | Google Hacking - Christian Heinrich
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_12_Heinrich.mp3 (MP3)]
   | style="width:40%; background:#BCA57A" align="left" | Scalability and Security — Together - James Manger, Identity and Security team – Chief Technology Office – Telstra
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_13_Manager.mp3 (MP3)]
+[http://www.owasp.org/images/8/89/OWASPAU08_Session_13_Manger.ppt (PPT)]
   |-
   | style="width:10%; background:#7B8ABD" | 12:30-13:30 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch, Vendor Technology Expo
   |-
   | style="width:10%; background:#7B8ABD" | 13:30-14:30 || style="width:40%; background:#BC857A" align="left" | Using WS-SecurityPolicy to Defend Web Services Attacks - Symon Chang, BEA Systems
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_14_Chang.mp3 (MP3)]
+[http://www.owasp.org/images/1/1d/OWASPAU08_Session_14_Chang.ppt (PPT)]
   | style="width:40%; background:#BCA57A" align="left" | PCI Security Standards & Policies for Application Security - Darren Skidmore, Team Lead InfoSec and BCP, FIS Australasia Card Services Pty Ltd
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_15_Skidmore.mp3 (MP3)]
   |-
   | style="width:10%; background:#7B8ABD" | 14:30-15:30 || style="width:40%; background:#BC857A" align="left" | Dealing with threats to Databases - Sandeep Singh Nain, Security Analyst IBM
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_16_Nain.mp3 (MP3)]
+[http://www.owasp.org/images/a/a3/OWASPAU08_Session_16_Nain.ppt (PPT)]
   | style="width:40%; background:#BCA57A" align="left" | On the job browser exploitation - Mark Piper, Security-Assessment.com
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_17_Mark.mp3 (MP3)]
   |-
   | style="width:10%; background:#7B8ABD" | 15:30-16:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Afternoon Tea/Coffee, Vendor Technology Expo
   |-
   | style="width:10%; background:#7B8ABD" | 16:00-17:00 || style="width:40%; background:#BC857A" align="left" | The detection and analysis of Flash based malware. - Paul Theriault, Senior Associate SIFT
-  | style="width:40%; background:#BCA57A" align="left" | F5 Web Application Security
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_18_Theriault.mp3 (MP3)]
+[http://www.owasp.org/images/7/77/OWASPAU08_Session_18_Theriault.ppt (PPT)]
+  | style="width:40%; background:#BCA57A" align="left" | Web Application Security. - Aidan Clarke F5 Systems Engineer
+[http://www.owasp.org/download/owasp_confau_2008/OWASPAU08_Session_19_Clark.mp3 (MP3)]
+[http://www.owasp.org/images/4/48/OWASPAU08_Session_19_Clark.pdf (PDF)]
   |-
   | style="width:10%; background:#7B8ABD" | 17:00-17:30 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Conference Close, Justin Derry, Australia OWASP Conference Chair and Practice Leader b-sec Consulting

Difference between revisions of "OWASP Australia AppSec 2008 Conference/Agenda"

Latest revision as of 09:23, 3 April 2008

OWASP Australia 2008 Conference Schedule - February 28th & 29th 2008

OWASP Australia 2008 Conference Facilities Map

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools