This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec Europe 2009 - Poland"

From OWASP
Jump to: navigation, search
Line 77: Line 77:
  
 
====OWASP Meetup====
 
====OWASP Meetup====
 +
  
 
[[Image:Ckbrowar.JPG|thumb|300px|left|C.K.Browar]] <br><br><br><br>We gather for an OWASP meetup at [http://www.ckbrowar.krakow.pl/index_en.html C.K.Browar] on Tuesday evening May 12th.
 
[[Image:Ckbrowar.JPG|thumb|300px|left|C.K.Browar]] <br><br><br><br>We gather for an OWASP meetup at [http://www.ckbrowar.krakow.pl/index_en.html C.K.Browar] on Tuesday evening May 12th.
Line 93: Line 94:
 
====OWASP Dinner====
 
====OWASP Dinner====
  
<br><br><br><br>We hope you are joining us for our Gala Dinner. This year's dinner will be held at [http://www.weselerestauracja.pl/ Wesele], a traditional Polish restaurant.<br>
+
[[Image:Wesele-inside.jpg|thumb|200px|left|Wesele Restaurant]] <br><br><br><br>We hope you are joining us for our Gala Dinner. This year's dinner will be held at [http://www.weselerestauracja.pl/ Wesele], a traditional Polish restaurant.<br>
  
Time: 19h
+
Time: 19h on May 13th (leaving in the Park Inn Lobby at 18h30)
 
<br>
 
<br>
  
 
Place: Wesele, Rynek Główny 10, 31-042 Kraków - Google [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Wesele,+Rynek+G%C5%82%C3%B3wny+10,+31-042+Krak%C3%B3w&sll=37.0625,-95.677068&sspn=47.167389,51.679688&ie=UTF8&ll=50.061024,19.936709&spn=0.008981,0.012617&t=h&z=16&iwloc=A Maps Link]
 
Place: Wesele, Rynek Główny 10, 31-042 Kraków - Google [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Wesele,+Rynek+G%C5%82%C3%B3wny+10,+31-042+Krak%C3%B3w&sll=37.0625,-95.677068&sspn=47.167389,51.679688&ie=UTF8&ll=50.061024,19.936709&spn=0.008981,0.012617&t=h&z=16&iwloc=A Maps Link]
<br>
+
<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
  
 
====Conference - May 13====
 
====Conference - May 13====

Revision as of 22:28, 12 May 2009

Virtual

Poland09.gif

Block your agendas for May 11-14 and join us for which promises to be the Biggest European AppSec event of the year !

May 13th–14th 2009, OWASP will hold its annual European Application Security conference in wonderful Kraków, Poland (Google Maps Link). Not only do we have 2 fantastic key notes (Ross Anderson and Bruce Schneier) but we have 3 tracks stuffed with high quality topics and great speakers and one and two day tutorials. This year we organise the conference together with OWASP Poland and Confidence2009, a conference in Kraków on May 15th-16th.

Twitter Feed (follow me!) <twitter>AppSecEU09</twitter>

Flickr Stream
Follow what's happening on Flickr
Krakow

Help us PROMOTE this event!

Conference Location

This year, the conference will be held at the Park Inn Hotel, in the center of Kraków, Poland. OWASP has negotiated a room block as well (details are in the accommodations section below).
Be FAST to register: we only accept 400 registrations for this event!
Registration via the OWASP Conference Cvent site: CLICK HERE TO REGISTER
If you are registering as a Speaker or Sponsor, use the following link: Speaker-Sponsor Registration


Tutorials - May 11-12

Tutorial Days - May 11th and 12th

OWASP hosts 1 and 2 day tutorial sessions prior to the conference.

2 day tutorials (May 11-12):

  • Web Services Security, by Dave Wichers, Aspect Security
  • Advanced Testing, by Michael Coates, Aspect Security

1 day tutorials (May 11):

  • Web 2.0 Hacking – Attacks & Countermeasures, by Shreeraj Shah, Blueinfy

1 day tutorials (May 12):

  • In-depth Assessment Techniques: Design, Code, and Runtime, by Pravir Chandra, Cognosticus
  • Threat Modeling, by John Steven, Cigital
  • Introduction to ModSecurity, the Apache Security Module, by Christian Folini, Netnea (christian.folini 'at' netnea.com)

To see all tutorial and trainer details click HERE

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

Venue: Park Inn Hotel, Krakow

Timing: 9h-17h

Mini-Summit - May 11-12

Mini-Summit & Working Sessions Schedule: Tuesday 12th , Free one-day OWASP Tutorial: Monday 11th

Free one-day OWASP Tutorial

On Monday May 11th 9h-17h, Matt Tesauro (OWASP Live CD Project) will give a free one-day OWASP tutorial "Hands on application security with the OWASP Live CD and the OWASP Testing Guide" Venue: Park Inn Hotel, Krakow

OWASP Mini-Summit

On the Tuesday before the Conference there will a 1 day mini-summit where the following important OWASP related topics will be debated:

  • 10:00 - 12:00 : Final discussion and presentation of the new OWASP Project and Releases Assessment Criteria V2.0
  • 14:00 - 15:00 : Pre-presentation of the new OWASP Season of Code 2009 (& revision of its marketing materials)
  • 15:00 - 15:30 : OWASP Financials and additional sources for OWASP grants funds (for example government funding or corporate sources)
  • 17:00 - 19:00 - OWASP Projects and Chapters Leaders meeting

Confirmed participants: Dinis Cruz, Sebastien Deleersnyder (OWASP Board), Matt Tesauro (OWASP Global Projects Committee), Paulo Coimbra (remote participant), Colin Watson (OWASP Global Industry Committee)

OWASP Meetup

C.K.Browar




We gather for an OWASP meetup at C.K.Browar on Tuesday evening May 12th.


Time: 20h (we gather in the Park Inn lobby at 19h30)

Place: ul. Podwale 6-7, Kraków - Google Maps Link

This is a microbrewery and you can get 3 or 5 litre tubes of their very own beer that sit on a stand with a tap, on your table. You then help yourself and watch it disappear.








OWASP Dinner

Wesele Restaurant




We hope you are joining us for our Gala Dinner. This year's dinner will be held at Wesele, a traditional Polish restaurant.

Time: 19h on May 13th (leaving in the Park Inn Lobby at 18h30)

Place: Wesele, Rynek Główny 10, 31-042 Kraków - Google Maps Link
















Conference - May 13

Day 1 - May 13, 2009
Track 1: room Alfa 1 Track 2: room Alfa 2 Track 3: room Beta
08:00-08:50 Registration and Coffee
08:50-09:00 Welcome to OWASP AppSec 2009 Conference

Sebastien Deleersnyder, OWASP Foundation

09:00-10:00 Keynote

Ross Anderson, Professor in Security Engineering, University of Cambridge

10:00-10:45 OWASP State of the Union

Dinis Cruz, Dave Wichers & Sebastien Deleersnyder, OWASP Foundation

10:45-11:05 Break - Expo CTF Kick-Off

Andrés Riancho

11:05-11:50 OWASP Live CD: An open environment for Web Application Security

Matt Tesauro, OWASP Live CD Project

Leveraging agile to gain better security

Erlend Oftedal, Bekk Consulting

The OWASP Orizon project: new static analysis in HiFi

Paolo Perego, Spike Reply

11:55-12:40 OWASP Application Security Verification Standard (ASVS) Project

Dave Wichers, Aspect Security

Tracking the effectiveness of an SDL program: lessons from the gym

Cassio Goldschmidt, Symantec Corporation

The Bank in the Browser - Defending web infrastructures from banking malware

Giorgio Fedon, Minded Security

12:40-14:00 Lunch - Expo - CTF
14:00-14:45 Threat Modeling

John Steven, Cigital

Web Application Harvesting

Esteban Ribičić, tbd

Maturing Beyond Application Security Puberty

David Harper, Fortify

14:50-15:35 Exploiting Web 2.0 – Next Generation Vulnerabilities

Shreeraj Shah, Blueinfy

O2 - Advanced Source Code Analysis Toolkit

Dinis Cruz, Ounce Labs

The Truth about Web Application Firewalls: What the vendors do not want you to know

Wendel Guglielmetti Henrique, Trustwave & Sandro Gauci, EnableSecurity

15:35-15:55 Break - Expo - CTF
15:55-16:40 The Software Assurance Maturity Model (SAMM)

Pravir Chandra, Cognosticus

Advanced SQL injection exploitation to operating system full control

Bernardo Damele Assumpcao Guimaraes, lead developer of sqlmap

When Security Isn’t Free: The Myth of Open Source Security

David Harper, Fortify

16:45-17:45 Panel: SDLC: where do they work well, where do they fail?

Moderator: Cassio Goldschmidt - Panelists: Pravir Chandra, Bart De Win, John Steven, Dave Wichers

Conference- May 14

Day 2 - May 14, 2009
Track 1: room Alfa 1 Track 2: room Alfa 2 Track 3: room Beta
08:00-09:00 Registration and Coffee
09:00-09:00 Fixing Internet Security by Hacking the Business Climate

Bruce Schneier, Chief Security Technology Officer, BT

10:00-10:45 OWASP Projects

Dave Wichers & Dinis Cruz, OWASP Foundation

10:45-11:05 Break - Expo - CTF
11:05-11:50 OWASP "Google Hacking" Project

Christian Heinrich, OWASP "Google Hacking" Project Lead

Deploying Secure Web Applications with OWASP Resources

Kuai Hinojosa, New York University

Beyond security principles approximation in software architectures

Bart De Win, Ascure

11:55-12:40 OWASP Enterprise Security API (ESAPI) Project

Dave Wichers, Aspect Security

w3af, A framework to 0wn the web

Andrés Riancho, Bonsai Information Security

Brain's hardwiring and its impact on software development and secure software

Alexandru Bolboaca & Maria Diaconu, Mosaic Works

12:40-14:00 Lunch - Expo - CTF
14:00-14:45 OWASP ROI: Optimize Security Spending using OWASP

Matt Tesauro, OWASP Live CD Project

CSRF: the nightmare becomes reality?

Lieven Desmet, University Leuven

I thought you were my friend Evil Markup, browser issues and other obscurities

Mario Heiderich, Business-IN

14:50-15:35 HTTP Parameter Pollution

Luca Carettoni, Independent Researcher & Stefano Di Paola, MindedSecurity

OWASP Source Code Flaws Top 10 Project

Paolo Perego, Spike Reply

Business Logic Attacks: Bots and Bats

Eldad Chai, Imperva

15:35-15:55 Break - Expo - CTF
15:55-16:40 Factoring malware and organized crime in to Web application security

Gunter Ollmann, Damballa

Real Time Defenses against Application Worms and Malicious Attackers, Michael Coates, Aspect Security Can an accessible web application be secure? Assessment issues for security testers, developers and auditors

Colin Watson, Watson Hall Ltd

16:45-17:45 Panel: The Future of web application security

Moderator: Christian Heinrich, Panelists: tbd

17:45-18:00 Conference Wrap-Up & CTF Awards

Dave Wichers, OWASP Foundation


Venue: Park Inn Hotel, Krakow

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

Accommodations

This year, the conference will be held at the Park Inn Hotel, in the center of Kraków, Poland.

OWASP EU 2009 LOCATION.jpg

Park Inn Hotel
Ul. Monte Cassino 2
30 - 337 Kraków (Google Maps Link)
Poland
tel: 0048 – 12 – 375 – 40 – 02
fax : 0048 – 12 – 375 – 40 – 01
e-mail: joanna.ploskonka <AT> rezidorparkinn.com
For 11-12-14 May OWASP has negotiated special room rates:

  • Single 110 EUR per room/per night
  • Double 120 EUR per room/per night

The above rates include: Super Breakfast buffet, High-speed Internet access and Tax
Be sure to use "OWASP" as reference.

Transportation to the Conference

By plane

Krakow can be reached by commercial aviation through the John Paul II International Airport Krakow-Balice. 21 airlines fly to and from Krakow including British Airways, Alitalia, Germanwings, LOT, Lufthansa and cheap airlines such as SkyEurope, Ryanair, easyJet and centralwings. If you are traveling from outside Europe, you might want to try https://travel.flights-to-europe.com

You can go from the airport to the city centre by:

  • Train
The train stop is located app. 200 m from the passenger terminal ( 5 minute walk)
It will take you 20 minutes and cost 6 PLN (less than 2EU) to get to the Krakow Main Station
  • Bus
The 192 bus stop is located directly at the roundabout, in front of the passenger terminal. The trip to the Main Station takes app. 35 minutes. The ticket can be purchased at the ticket machine on the bus stop for 2,5 PLN (less than 1EU)
  • Taxi
There are always taxis waiting for the passengers in front of the airport. The average price for a ride to the city centre is 50 PLN (around 15EU)

Find out more on John Paul II International Airport Krakow-Balice web page.

By train

You can also travel to Krakow by train from main Polish cities such as Warsow, Wroclaw, Poznan, Gdansk and several cities in Europe. There is direct connection from Berlin, Wien, Prague etc.
Search for your connection here (your destination is Krakow Glowny).

Registration

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

Be fast to register: we only accept 400 registrations for this event!

The conference fee for this conference is :

  • Standard: 350 Euros, OWASP Members: 300 Euros, Students: 225 Euros. (+5% discount for registering by Apr-30)
  • If you also register for CONFidence Poland 2009 you get a 15% reduction.

Other fees are:

  • Conference Dinner: 50 Euros
  • Conference Tutorials: 910 Euros (2 days) - 455 Euros (1 day)

Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accommodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

Conference Committee

OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org

2009 EU Planning Committee Chair: Sebastien Deleersnyder - Telindus - seba 'at' owasp.org

2009 EU Program Committee:

  • Sebastien Deleersnyder - seba 'at' owasp.org
  • Mano Paul - mano.paul 'at' owasp.org
  • Fabio Cerullo - fcerullo 'at' gmail.com
  • Kuai Hinojosa - kuai.hinojosa 'at' owasp.org
  • Andrzej Targosz - andrzej.targosz 'at' proidea.org.pl

Poland Chapter Host: Andrzej Targosz - OWASP Poland - andrzej.targosz 'at' proidea.org.pl

Capture the Flag Chair: Andrzej Targosz - andrzej.targosz 'at' proidea.org.pl

Conference Sponsor

Fortify.jpg

Affiliated Partners

Confidence 120x150.gif In cooperation with:Enisa.jpgMedia Sponsor:Hnsweb-no-url.jpg


If you are interested in sponsoring an OWASP conference, please contact OWASP at: conferences 'at' owasp.org.

<paypal>AppSec EU Sponsorship</paypal>

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_AppSec_Europe_2009_-_Poland&oldid=60659"