This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Mrb Scratchpad"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
== Register [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Here]  ==
+
{| cellspacing="0" border="2"
 
+
|- valign="middle"
 
+
| height="60" align="center" colspan="5" style="background: rgb(64, 88, 160) none repeat scroll 0% 0%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous; color: white;" | <font size="5">'''Plenary Day 2 - Nov 11th 2010'''</font>
Registration is now '''<span style="color:#0f0">OPEN</span>'''.<br>
+
|- valign="bottom"
You can register via OWASP's CVENT tool '''[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a here.]'''
+
| width="72" valign="middle" height="40" bgcolor="#7b8abd" | &nbsp;
 
+
| width="200" valign="middle" height="40" bgcolor="#c0a0a0" align="center" | '''Offense (147B)'''
===Registration Fees===
+
| width="200" valign="middle" height="40" bgcolor="#ffdf80" align="center" | '''New Frontiers (147A)'''  
{| class="wikitable"
+
| width="200" valign="middle" height="40" bgcolor="#a0c0e0" align="center" | '''OWASP (145B)'''  
|-
+
| width="200" valign="middle" height="40" bgcolor="#b3ff99" align="center" | '''Process (145A)'''
! Ticket Type
+
|- valign="bottom"
! Before 8/15
+
| width="72" valign="middle" bgcolor="#7b8abd" | 07:30-08:55
! Regular Price
+
| valign="middle" bgcolor="#e0e0e0" align="center" colspan="4" | Registration
! After 10/15
+
|- valign="bottom"
|-
+
| width="72" valign="middle" bgcolor="#7b8abd" | 08:55-09:00
| Non-Member
+
| valign="middle" height="30" bgcolor="#e0e0e0" align="center" colspan="4" | Day 2 Opening Remarks
| style="background: #cef2e0;" | $445.00
+
|- valign="bottom"
| $495.00
+
| width="72" valign="middle" bgcolor="#7b8abd" | 09:00-10:00
| $545.00
+
| valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | [[AppSec DC 2010 Keynote Ron Ross|Keynote: Ron Ross]]<br>National Institute of Standards and Technology<br>Video | Slides
|-
+
|- valign="bottom"
| Active OWASP Member
+
| width="72" valign="middle" bgcolor="#7b8abd" | 10:00-10:15
| style="background: #cef2e0;" | $395.00
+
| valign="middle" height="30" bgcolor="#e0e0e0" align="center" colspan="4" | Coffee Break sponsored by [[Image:Trustwave30x150.png|link=https://www.trustwave.com/‎‎]]
| $445.00
+
|- valign="bottom"
| $495.00
+
| width="72" valign="middle" bgcolor="#7b8abd" | 10:15-11:00
|-
+
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking SAP BusinessObjects]]<br>Joshua Abraham and Will Vandevanter<br><br> Video | Slides
| Student
+
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Cloudy with a chance of hack!]]<br>Lars Ewe<br><br> Video | Slides
| style="background: #cef2e0;" | $195.00
+
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Dont Judge a Website by its GUI Read the Label!|Don’t Judge a Website by its GUI – Read the Label!]]<br>Jeff Williams<br><br>Video | Slides
| $195.00
+
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers]]<br>Dan Cornell<br><br> Video | Slides
| $245.00
+
|- valign="bottom"
 +
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 11:00-11:05
 +
| valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break
 +
|- valign="bottom"
 +
| width="72" valign="middle" bgcolor="#7b8abd" | 11:05-11:50
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Deconstructing ColdFusion ]]<br>Chris Eng and Brandon Creighton<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Declarative Web Security]]<br>Mozilla Foundation<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The Secure Coding Practices Quick Reference Guide]]<br>Keith Turpin<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Code Reviewing Strategies]]<br>Andrew Wilson and John Hoopes<br><br> Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 11:50-11:55
 +
| valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break
 +
|- valign="bottom"
 +
| width="72" valign="middle" bgcolor="#7b8abd" | 11:55-12:40
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Friendly Traitor 2 Features are hot but giving up our secrets is not!]]<br>Kevin Johnson and Mike Poor<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Exploiting the media for fun and profit. Analysis of a new type of web application attacks through media files]]<br>Aleksandr Yampolskiy<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Open Source Web Entry Firewall]]<br>Ivan Buetler<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Microsoft's Security Development Lifecycle for Agile Development]]<br>Nick Coblentz<br><br> Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="40" bgcolor="#7b8abd" | 12:40-1:40
 +
| valign="middle" height="40" bgcolor="#e0e0e0" align="center" colspan="4" | Lunch
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 1:40-2:25
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking .NET Applications at Runtime: A Dynamic Attack]]<br>Jon McCoy<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Life in the Clouds: a Service Provider's View]]<br>Michael Smith<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Solving Real World Problems with ESAPI]]<br>Chris Schmidt<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3"| [[Financial Services Panel]]<br><br>Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 2:25-2:30
 +
| valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="3" | Break
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 2:30-3:15  
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[JavaSnoop: How to hack anything written in Java]]<br>Arshan Dabirsiaghi<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Social Zombies Gone Wild: Totally Exposed and Uncensored]]<br>Kevin Johnson and Tom Eston<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Attack Detection and Prevention with OWASP AppSensor]]<br>Colin Watson<br><br> Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" bgcolor="#7b8abd" | 3:15-3:30
 +
| valign="middle" height="30" bgcolor="#e0e0e0" align="center" colspan="4" | Coffee Break sponsored by [[Image:AppSecDC-2010-Syngress75x30.gif‎‎|link=http://www.syngress.com/]]
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="120" bgcolor="#7b8abd" | 3:30-4:15
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Unlocking the Toolkit: Attacking Google Web Toolkit]]<br>Ron Gutierrez<br><br> Video | Slides]
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications]]<br>Dan Cornell<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[OWASP ModSecurity Core Rule Set]]<br>Ryan Barnett<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Implementing a Secure Software Development Program]]<br>Darren Death<br><br> Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 4:15-4:20
 +
| valign="middle" height="5" bgcolor="#e0e0e0" align="center" colspan="4" | Break
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="120" bgcolor="#7b8abd" | 4:20-5:05
 +
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Constricting the Web: Offensive Python for Web Hackers]]<br>Marcin Wielgoszewski and Nathan Hamiel<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Threats from Economical Improvement]]<br>Eduardo Neves<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[OWASP ESAPI SwingSet]]<br>Fabio Cerullo<br><br> Video | Slides
 +
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform]]<br>Benjamin Tomhave<br><br> Video | Slides
 +
|- valign="bottom"
 +
| width="72" valign="middle" height="60" bgcolor="#7b8abd" | 5:05-5:30
 +
| valign="middle" height="60" bgcolor="#e0e0e0" align="center" colspan="4" | Closing Remarks/Prizes<br>The OWASP AppSec DC Team<!-- Day 2 -->
 
|}
 
|}
'''ATTENTION FEDERAL EMPLOYEES:  Enter code ASDC10FED for $100 off, limited time only!''' (must register with your .gov or .mil email address)
 
<br> For student discount, attendees must present proof of enrollment when picking up your badge.
 
 
===Who Should Attend AppSec DC 2010===
 
 
*Application Developers
 
*Application Testers and Quality Assurance
 
*Application Project Management and Staff
 
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
 
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
 
*Security Managers and Staff
 
*Executives, Managers, and Staff Responsible for IT Security Governance
 
*IT Professionals Interesting in Improving IT Security
 
*Anyone interested in learning about or promoting Web Application Security<br>
 
<br>
 
 
[http://guest.cvent.com/EVENTS/Info/Summary.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a AppSec DC 2010 CVENT Info Page]
 

Revision as of 18:34, 3 November 2010

Plenary Day 2 - Nov 11th 2010
  Offense (147B) New Frontiers (147A) OWASP (145B) Process (145A)
07:30-08:55 Registration
08:55-09:00 Day 2 Opening Remarks
09:00-10:00 Keynote: Ron Ross
National Institute of Standards and Technology
Video | Slides
10:00-10:15 Coffee Break sponsored by Trustwave30x150.png
10:15-11:00 Hacking SAP BusinessObjects
Joshua Abraham and Will Vandevanter

Video | Slides 		Cloudy with a chance of hack!
Lars Ewe

Video | Slides 		Don’t Judge a Website by its GUI – Read the Label!
Jeff Williams

Video | Slides 		Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers
Dan Cornell

Video | Slides
11:00-11:05 Break
11:05-11:50 Deconstructing ColdFusion
Chris Eng and Brandon Creighton

Video | Slides 		Declarative Web Security
Mozilla Foundation

Video | Slides 		The Secure Coding Practices Quick Reference Guide
Keith Turpin

Video | Slides 		Code Reviewing Strategies
Andrew Wilson and John Hoopes

Video | Slides
11:50-11:55 Break
11:55-12:40 Friendly Traitor 2 Features are hot but giving up our secrets is not!
Kevin Johnson and Mike Poor

Video | Slides 		Exploiting the media for fun and profit. Analysis of a new type of web application attacks through media files
Aleksandr Yampolskiy

Video | Slides 		Open Source Web Entry Firewall
Ivan Buetler

Video | Slides 		Microsoft's Security Development Lifecycle for Agile Development
Nick Coblentz

Video | Slides
12:40-1:40 Lunch
1:40-2:25 Hacking .NET Applications at Runtime: A Dynamic Attack
Jon McCoy

Video | Slides 		Life in the Clouds: a Service Provider's View
Michael Smith

Video | Slides 		Solving Real World Problems with ESAPI
Chris Schmidt

Video | Slides 		Financial Services Panel

Video | Slides
2:25-2:30 Break
2:30-3:15 JavaSnoop: How to hack anything written in Java
Arshan Dabirsiaghi

Video | Slides 		Social Zombies Gone Wild: Totally Exposed and Uncensored
Kevin Johnson and Tom Eston

Video | Slides 		Attack Detection and Prevention with OWASP AppSensor
Colin Watson

Video | Slides
3:15-3:30 Coffee Break sponsored by AppSecDC-2010-Syngress75x30.gif
3:30-4:15 Unlocking the Toolkit: Attacking Google Web Toolkit
Ron Gutierrez

Video | Slides] 		Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications
Dan Cornell

Video | Slides 		OWASP ModSecurity Core Rule Set
Ryan Barnett

Video | Slides 		Implementing a Secure Software Development Program
Darren Death

Video | Slides
4:15-4:20 Break
4:20-5:05 Constricting the Web: Offensive Python for Web Hackers
Marcin Wielgoszewski and Nathan Hamiel

Video | Slides 		Threats from Economical Improvement
Eduardo Neves

Video | Slides 		OWASP ESAPI SwingSet
Fabio Cerullo

Video | Slides 		The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform
Benjamin Tomhave

Video | Slides
5:05-5:30 Closing Remarks/Prizes
The OWASP AppSec DC Team
Retrieved from "https://wiki.owasp.org/index.php?title=Mrb_Scratchpad&oldid=92288"