Difference between revisions of "Mrb Scratchpad"

Revision as of 00:12, 20 August 2009

Day 1 - Nov 12th 2009
	OWASP	Tools	SDLC	Web 2.0
07:30-09:00	Registration
09:00-09:15	Welcome and Opening Remarks
9:15-10:15	Keynote: Joe Jarzombek
10:15-11:30	Coffee Break
11:00-11:50	OWASP ESAPI Jeff Williams	Manipulating Web Application Interfaces, a new approach to input validation Felipe Moreno-Strauch	Development Issues Within AJAX Applications: How to Divert Threats Lars Ewe	Understanding the Implications of Cloud Computing on Application Security Dennis Hurst
12:00-12:50	Software Assurance Maturity Model (SAMM) Pravir Chandra	The Case of Promiscuous Parameters and other Ongoing Capers in Web Security Jacob West	Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence Darren Challey	Transparent Proxy Abuse Robert Auger
13:00-13:50	Lunch
14:00-14:50	DISA's Application Security and Development STIG: How OWASP Can Help You Jason Li	OWASP ModSecurity Core Rule Set Project Ryan C. Barnett	The essential role of infosec in secure software development Kenneth R. van Wyk	Fracturing Flex For Fun- An Alliterative Attackers Approach Jon Rose/Kevin Stadmeyer
15:00-15:50	Defend Yourself: Integrating Real Time Defenses into Online Applications Michael Coates	Finding the Hotspots: Web-security testing with the Watcher tool Chris Weber	SDLC Pannel	Social Zombies: Your Friends Want to Eat Your Brains Tom Eston/Kevin Johnson
16:00-16:50	The ESAPI Web Application Firewall Arshan Dabirsiaghi	One Click Ownage Ferruh Mavituna		Cloudy with a chance of 0-day Jon Rose/Tom Leavey
		Web Application Security Scanner Evaluation Criteria Brian Shura
17:00-17:50	OWASP Live CD: An open environment for Web Application Security Matt Tesauro / Brad Causey	Learning by Breaking: A New Project Insecure Web Apps Chuck Willis	Vulnerability Management in an Application Security World Dan Cornell	Attacking WCF Web Services Brian Holyfield
		Synergy! - A world where the tools communicate Josh Abraham
18:00-18:50	The Entrepreneur's Guide to Career Management Lee Kushner	Advanced SSL: The good, the bad, and the ugly Michael Coats	Threat Modeling John Steven	When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies Rafal Los
		User input piercing for Cross Site Scripting Attacks Matias Blanco
19:00-????	Reception (TBD)

@@ Line 10: / Line 10: @@
 		  <td height="40" align="center" bgcolor="#ff6600" valign="middle" width="200"><b>Web 2.0</b>
 		<tr valign="bottom">
-		  <td bgcolor="#666699" width="67" valign="middle">07:30-08:50
+		  <td bgcolor="#666699" width="67" valign="middle">07:30-09:00
 		  <td colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Registration
 		<tr valign="bottom">
-		  <td bgcolor="#666699" width="67" valign="middle">09:00-09:50
+		  <td bgcolor="#666699" width="67" valign="middle">09:00-09:15
-		  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Welcome and Opening Remarks
+		  <td height="30" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Welcome and Opening Remarks
 		<tr valign="bottom">
-		  <td bgcolor="#666699" width="67" valign="middle">10:00-10:50
+		  <td bgcolor="#666699" width="67" valign="middle">9:15-10:15
 		  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Keynote: Joe Jarzombek
+		<tr valign="bottom">
+		  <td bgcolor="#666699" width="67" valign="middle">10:15-11:30
+		  <td height="30" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Coffee Break
 		<tr valign="bottom">
 		  <td bgcolor="#666699" width="67" valign="middle">11:00-11:50
@@ Line 25: / Line 28: @@
 		  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Understanding the Implications of Cloud Computing on Application Security&nbsp;<br>Dennis Hurst
 		<tr valign="bottom">
-		  <td height="120" bgcolor="#666699" width="67" valign="middle">12:00-13:00
+		  <td height="120" bgcolor="#666699" width="67" valign="middle">12:00-12:50
 		  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">Software Assurance Maturity Model (SAMM)&nbsp;<br>Pravir Chandra
 		  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">The Case of Promiscuous Parameters and other Ongoing Capers in Web Security&nbsp;<br>Jacob West
@@ Line 31: / Line 34: @@
 		  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Transparent Proxy Abuse&nbsp;<br>Robert Auger
 		<tr valign="bottom">
-		  <td height="120" bgcolor="#666699" width="67" valign="middle">12:00-12:50
+		  <td height="60" bgcolor="#666699" width="67" valign="middle">13:00-13:50
+		  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Lunch
+		<tr valign="bottom">
+		  <td height="120" bgcolor="#666699" width="67" valign="middle">14:00-14:50
 		  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">DISA's Application Security and Development STIG: How OWASP Can Help You&nbsp;<br>Jason Li
 		  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">OWASP ModSecurity Core Rule Set Project&nbsp;<br>Ryan C. Barnett
@@ Line 37: / Line 43: @@
 		  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Fracturing Flex For Fun- An Alliterative Attackers Approach&nbsp;<br>Jon Rose/Kevin Stadmeyer
 		<tr valign="bottom">
-		  <td height="60" bgcolor="#666699" width="67" valign="middle">13:00-13:50
+		  <td height="120" bgcolor="#666699" width="67" valign="middle">15:00-15:50
-		  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Lunch
-		<tr valign="bottom">
-		  <td height="120" bgcolor="#666699" width="67" valign="middle">13:00-13:50
 		  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200"> Defend Yourself: Integrating Real Time Defenses into Online Applications&nbsp;<br>Michael Coates
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Finding the Hotspots: Web-security testing  with the Watcher tool&nbsp;<br>Chris Weber
@@ Line 46: / Line 49: @@
 		  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Social Zombies: Your Friends Want to Eat Your Brains &nbsp;<br>Tom Eston/Kevin Johnson
 		<tr valign="bottom">
-		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">14:00-14:50
+		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">16:00-16:50
 		  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">The ESAPI Web Application Firewall&nbsp;<br>Arshan Dabirsiaghi
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">One Click Ownage&nbsp;<br>Ferruh Mavituna
@@ Line 53: / Line 56: @@
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Web Application Security Scanner Evaluation Criteria&nbsp;<br>Brian Shura
 		<tr valign="bottom">
-		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">15:00-15:50
+		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">17:00-17:50
 		  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">OWASP Live CD: An open environment for Web Application Security&nbsp;<br>Matt Tesauro / Brad Causey
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Learning by Breaking: A New Project Insecure Web Apps&nbsp;<br>Chuck Willis
@@ Line 62: / Line 65: @@
 		  Josh Abraham
 		<tr valign="bottom">
-		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">16:00-16:50
+		  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">18:00-18:50
 		  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">The Entrepreneur's Guide to Career Management&nbsp;<br>Lee Kushner
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Advanced SSL: The good, the bad, and the ugly&nbsp;<br>Michael Coats
@@ Line 70: / Line 73: @@
 		  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">User input piercing for Cross Site Scripting Attacks&nbsp;<br>Matias Blanco
 		<tr valign="bottom">
-		  <td height="60" bgcolor="#666699" width="67" valign="middle">18:00-????
+		  <td height="60" bgcolor="#666699" width="67" valign="middle">19:00-????
 		  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Reception (TBD)
 </font>

Difference between revisions of "Mrb Scratchpad"

Revision as of 00:12, 20 August 2009

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools