This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Mrb Scratchpad"

From OWASP
Jump to: navigation, search
Line 11: Line 11:
 
<tr valign="bottom">
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">07:30-09:00
 
  <td bgcolor="#666699" width="67" valign="middle">07:30-09:00
  <td colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Registration
+
  <td colspan="4" align="center" bgcolor="#909090" valign="middle">Registration
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td bgcolor="#666699" width="67" valign="middle">09:00-09:15
+
  <td bgcolor="#666699" width="67" valign="middle">08:45-09:00
  <td height="30" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Welcome and Opening Remarks
+
  <td height="30" colspan="4" align="center" bgcolor="#e0e0e0" valign="middle">Welcome and Opening Remarks
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td bgcolor="#666699" width="67" valign="middle">9:15-10:15
+
  <td bgcolor="#666699" width="67" valign="middle">09:00-10:00
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Keynote: Joe Jarzombek
+
  <td height="60" colspan="4" align="center" bgcolor="#e0e0e0" valign="middle">Keynote: Joe Jarzombek
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td bgcolor="#666699" width="67" valign="middle">10:15-11:30
+
  <td bgcolor="#666699" width="67" valign="middle">10:30-10:30
  <td height="30" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Coffee Break
+
  <td height="30" colspan="4" align="center" bgcolor="#909090" valign="middle">Coffee Break & Room Change
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td bgcolor="#666699" width="67" valign="middle">11:00-11:50
+
  <td bgcolor="#666699" width="67" valign="middle">10:30-11:30
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">OWASP ESAPI&nbsp;<br>Jeff Williams
+
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Manipulating Web Application Interfaces, a new approach to input validation&nbsp;<br>Felipe Moreno-Strauch
+
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Manipulating Web Application Interfaces, a new approach to input validation]]<br>Felipe Moreno-Strauch
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">Development Issues Within AJAX Applications: How to Divert Threats&nbsp;<br>Lars Ewe
+
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Understanding the Implications of Cloud Computing on Application Security&nbsp;<br>Dennis Hurst
+
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" bgcolor="#666699" width="67" valign="middle">12:00-12:50
+
  <td height="120" bgcolor="#666699" width="67" valign="middle">11:30-12:30
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">Software Assurance Maturity Model (SAMM)&nbsp;<br>Pravir Chandra
+
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Software Assurance Maturity Model (SAMM)]]<br>Pravir Chandra
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">The Case of Promiscuous Parameters and other Ongoing Capers in Web Security&nbsp;<br>Jacob West
+
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security]]<br>Jacob West
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence&nbsp;<br>Darren Challey
+
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence]]<br>Darren Challey
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Transparent Proxy Abuse&nbsp;<br>Robert Auger
+
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Transparent Proxy Abuse]]<br>Robert Auger
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="60" bgcolor="#666699" width="67" valign="middle">13:00-13:50
+
  <td height="120" bgcolor="#666699" width="67" valign="middle">12:30-13:30
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Lunch
+
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li
 +
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett
 +
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk
 +
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Fracturing Flex For Fun- An Alliterative Attackers Approach]]<br>Jon Rose/Kevin Stadmeyer
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" bgcolor="#666699" width="67" valign="middle">14:00-14:50
+
  <td height="60" bgcolor="#666699" width="67" valign="middle">13:30-14:30
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">DISA's Application Security and Development STIG: How OWASP Can Help You&nbsp;<br>Jason Li
+
  <td height="60" colspan="4" align="center" bgcolor="#909090" valign="middle">Lunch
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">OWASP ModSecurity Core Rule Set Project&nbsp;<br>Ryan C. Barnett
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">The essential role of infosec in secure software development&nbsp;<br>Kenneth R. van Wyk
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Fracturing Flex For Fun- An Alliterative Attackers Approach&nbsp;<br>Jon Rose/Kevin Stadmeyer
 
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" bgcolor="#666699" width="67" valign="middle">15:00-15:50
+
  <td height="120" bgcolor="#666699" width="67" valign="middle">15:30-16:30
  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200"> Defend Yourself: Integrating Real Time Defenses into Online Applications&nbsp;<br>Michael Coates
+
  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[ Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Finding the Hotspots: Web-security testing  with the Watcher tool&nbsp;<br>Chris Weber
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Finding the Hotspots: Web-security testing  with the Watcher tool]]<br>Chris Weber
  <td height="120" rowspan="3" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">SDLC Pannel
+
  <td height="120" rowspan="3" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[SDLC Pannel AppSecDC | SDLC Panel]]
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Social Zombies: Your Friends Want to Eat Your Brains &nbsp;<br>Tom Eston/Kevin Johnson
+
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">16:00-16:50
+
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">16:30-17:30
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">The ESAPI Web Application Firewall&nbsp;<br>Arshan Dabirsiaghi
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">One Click Ownage&nbsp;<br>Ferruh Mavituna
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[One Click Ownage]]<br>Ferruh Mavituna
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Cloudy with a chance of 0-day&nbsp;<br>Jon Rose/Tom Leavey
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Web Application Security Scanner Evaluation Criteria&nbsp;<br>Brian Shura
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Web Application Security Scanner Evaluation Criteria]]<br>Brian Shura
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">17:00-17:50
+
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">17:30-17:30
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">OWASP Live CD: An open environment for Web Application Security&nbsp;<br>Matt Tesauro / Brad Causey
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[OWASP Live CD: An open environment for Web Application Security]]<br>Matt Tesauro / Brad Causey
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Learning by Breaking: A New Project Insecure Web Apps&nbsp;<br>Chuck Willis
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Learning by Breaking: A New Project Insecure Web Apps]]<br>Chuck Willis
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">Vulnerability Management in an Application Security World&nbsp;<br>Dan Cornell
+
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Vulnerability Management in an Application Security World]]<br>Dan Cornell
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">Attacking WCF Web Services&nbsp;<br>Brian Holyfield
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Attacking WCF Web Services]]<br>Brian Holyfield
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Synergy! - A world where the tools communicate&nbsp;<br>
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Synergy! - A world where the tools communicate]]<br>
 
  Josh Abraham
 
  Josh Abraham
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">18:00-18:50
+
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">18:30-19:30
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">The Entrepreneur's Guide to Career Management&nbsp;<br>Lee Kushner
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">Advanced SSL: The good, the bad, and the ugly&nbsp;<br>Michael Coats
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coats
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">Threat Modeling&nbsp;<br>John Steven
+
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Threat Modeling]]<br>John Steven
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies&nbsp;<br>Rafal Los
+
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">User input piercing for Cross Site Scripting Attacks&nbsp;<br>Matias Blanco
+
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco
 
<tr valign="bottom">
 
<tr valign="bottom">
  <td height="60" bgcolor="#666699" width="67" valign="middle">19:00-????
+
  <td height="60" bgcolor="#666699" width="67" valign="middle">19:30-????
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Reception (TBD)
+
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Reception
 
</font>
 
</font>

Revision as of 00:43, 20 August 2009

Day 1 - Nov 12th 2009
  OWASP Tools SDLC Web 2.0
07:30-09:00 Registration
08:45-09:00 Welcome and Opening Remarks
09:00-10:00 Keynote: Joe Jarzombek
10:30-10:30 Coffee Break & Room Change
10:30-11:30 OWASP ESAPI
Jeff Williams 		Manipulating Web Application Interfaces, a new approach to input validation
Felipe Moreno-Strauch 		Development Issues Within AJAX Applications: How to Divert Threats
Lars Ewe 		Understanding the Implications of Cloud Computing on Application Security
Dennis Hurst
11:30-12:30 Software Assurance Maturity Model (SAMM)
Pravir Chandra 		The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security
Jacob West 		Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence
Darren Challey 		Transparent Proxy Abuse
Robert Auger
12:30-13:30 DISA's Application Security and Development STIG: How OWASP Can Help You
Jason Li 		OWASP ModSecurity Core Rule Set Project
Ryan C. Barnett 		The essential role of infosec in secure software development
Kenneth R. van Wyk 		Fracturing Flex For Fun- An Alliterative Attackers Approach
Jon Rose/Kevin Stadmeyer
13:30-14:30 Lunch
15:30-16:30 Defend Yourself: Integrating Real Time Defenses into Online Applications
Michael Coates 		Finding the Hotspots: Web-security testing with the Watcher tool
Chris Weber 		SDLC Panel Social Zombies: Your Friends Want to Eat Your Brains
Tom Eston/Kevin Johnson
16:30-17:30 The ESAPI Web Application Firewall
Arshan Dabirsiaghi 		One Click Ownage
Ferruh Mavituna 		Cloudy with a chance of 0-day
Jon Rose/Tom Leavey
Web Application Security Scanner Evaluation Criteria
Brian Shura
17:30-17:30 OWASP Live CD: An open environment for Web Application Security
Matt Tesauro / Brad Causey 		Learning by Breaking: A New Project Insecure Web Apps
Chuck Willis 		Vulnerability Management in an Application Security World
Dan Cornell 		Attacking WCF Web Services
Brian Holyfield
Synergy! - A world where the tools communicate

Josh Abraham

18:30-19:30 The Entrepreneur's Guide to Career Management
Lee Kushner 		Advanced SSL: The good, the bad, and the ugly
Michael Coats 		Threat Modeling
John Steven 		When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies
Rafal Los
User input piercing for Cross Site Scripting Attacks
Matias Blanco
19:30-???? Reception

Retrieved from "https://wiki.owasp.org/index.php?title=Mrb_Scratchpad&oldid=67710"