This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Mrb Scratchpad"
From OWASP
Mark.bristow (talk | contribs) |
Mark.bristow (talk | contribs) |
||
| Line 55: | Line 55: | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking Oracle From Web Apps]]<br>Sumit Siddharth<br><br> Video | Slides | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking Oracle From Web Apps]]<br>Sumit Siddharth<br><br> Video | Slides | ||
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[GuardRails: A Nearly Painless Solution to Insecure Web Applications|GuardRails: A (Nearly) Painless Solution to Insecure Web Applications]]<br>Jonathan Burket, Patrick Mutchler, Michael Weaver and Muzzammil Zaveri<br><br> Video | Slides | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[GuardRails: A Nearly Painless Solution to Insecure Web Applications|GuardRails: A (Nearly) Painless Solution to Insecure Web Applications]]<br>Jonathan Burket, Patrick Mutchler, Michael Weaver and Muzzammil Zaveri<br><br> Video | Slides | ||
| − | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | | + | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | Securing Frameworks Panel <br><br> Video | Slides |
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" bgcolor="#7b8abd" | 2:55-3:10 | | width="72" valign="middle" bgcolor="#7b8abd" | 2:55-3:10 | ||
Revision as of 20:06, 3 November 2010
| Plenary Day 1 - Nov 10th 2010 | ||||
| Offense (147B) | Defense (147A) | Metrics (145B) | Government (145A) | |
| 07:30-08:50 | Registration | |||
| 08:50-09:00 | Welcome and Opening Remarks | |||
| 09:00-10:00 | Keynote: Neal Ziring National Secuirty Agency Video | Slides | |||
| 10:00-10:30 | All about OWASP OWASP Board Video | Slides | |||
| 10:30-10:45 | Coffee Break sponsored by 
| |||
| 10:45-11:30 | Python Basics for Web App Pentesters Justin Searle Video | Slides |
Drive By Downloads: How To Avoid Getting A Cap Popped In Your App Neil Daswani Video | Slides |
Secure Code Review: Enterprise Metrics Richard Tychansky Video | Slides |
Cyber-Assurance Ecosystem - Automation Activities for Securing the Enterprise Joe Jarzombek Video | Slides |
| 11:30-11:35 | Break | |||
| 11:35-12:20 | White and Black box testing of Lotus Domino Applications Ari Elias-bachrach and Casey Pike Video | Slides |
Protecting Federal Government from Web 2.0 Application Security Risks Sarbari Gupta Video | Slides |
Measuring Security: 5 KPIs for Successful Web App Security Programs Rafal Los Video | Slides |
Security Risk and the Software Supply Chain Karen Goertzel Video | Slides |
| 12:20-1:20 | Lunch | |||
| 1:20-2:05 | Pen Testing with Iron Andrew Wilson Video | Slides |
Providing application-level assurance through DNSSEC Suresh Krishnaswamy, Wes Hardaker and Russ Mundy Video | Slides |
H.....t.....t....p.......p....o....s....t Onn Chee & Tom Brennan Video | Slides |
Understanding How They Attack Your Weaknesses: CAPEC Sean Barnum Video | Slides |
| 2:05-2:10 | Break | Break | ||
| 2:10-2:55 | Hacking Oracle From Web Apps Sumit Siddharth Video | Slides |
GuardRails: A (Nearly) Painless Solution to Insecure Web Applications Jonathan Burket, Patrick Mutchler, Michael Weaver and Muzzammil Zaveri Video | Slides |
Securing Frameworks Panel Video | Slides | |
| 2:55-3:10 | Coffee Break sponsored by 
| |||
| 3:10-3:55 | wXf: Web Exploitation Framework Ken Johnson and Chris Gates Video | Slides] |
The Strengths of Combining Code Review with Application Penetration Testing Dave Wichers Video | Slides |
Dealing with Web Application Security, Regulation Style Andrew Weidenhamer Video | Slides |
Ensuring Software Assurance Process Maturity Edmund Wotring Video | Slides |
| 3:55-4:00 | Break | |||
| 4:00-4:45 | Pen-Test Panel Video | Slides |
Botnet Resistant Coding: Protecting Your Users from Script Kiddies Fabian Rothschild and Peter Greko Video | Slides |
OWASP Broken Web Applications Project Update Chuck Willis Video | Slides |
People, Process, and Technology: OWASP Impact on the SwA Processes and Practices Working Group Michele Moss Video | Slides |
| Smashing WebGoat for Fun and Research: Static Code Scanner Evaluation Joshua Windsor and Joshua Pauli Video | Slides | ||||
| 4:45-4:50 | Break | |||
| 4:50-5:35 | A new approach to preventing injection attacks on the Web Application Stack Ahmed Masud Video | Slides |
Using Misuse Cases to Articulate Vulnerabilities to Stakeholders Scott Mendenhall Video | Slides |
Federal Perspectives on Application Security - Panel Video | Slides | |
| The Web Hacking Incident Database (WHID) Report Ryan Barnett Video | Slides | ||||
| 5:30-7:30 | Cocktails sponsored by 
| |||
