This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP AppSec DC 2010 Schedule"
From OWASP
(More vimeo video links) |
(Add new video releases) |
||
(One intermediate revision by one other user not shown) | |||
Line 118: | Line 118: | ||
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Providing application-level assurance through DNSSEC]]<br>Suresh Krishnaswamy, Wes Hardaker and Russ Mundy<br><br> Video | [[Media: Providing-Application-level-Assurance-through-DNSSEC-final.ppt | Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Providing application-level assurance through DNSSEC]]<br>Suresh Krishnaswamy, Wes Hardaker and Russ Mundy<br><br> Video | [[Media: Providing-Application-level-Assurance-through-DNSSEC-final.ppt | Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[H.....t.....t....p.......p....o....s....t]]<br>Onn Chee & Tom Brennan <br><br>[http://vimeo.com/groups/asdc10/videos/18818757 Video] | [http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf Slides] | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[H.....t.....t....p.......p....o....s....t]]<br>Onn Chee & Tom Brennan <br><br>[http://vimeo.com/groups/asdc10/videos/18818757 Video] | [http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf Slides] | ||
− | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3"| [[Understanding How They Attack Your Weaknesses: CAPEC]]<br>Sean Barnum<br><br><br><br>Making Security Measurable<br>Video | [[Media:Making_Security_Measurable_-_CWE_-_OWASP_AppSec_DC_2010_(Barnum).pdf|Slides]]<br><br><br>Understanding How They Attack Your Weaknesses<br>Video | [[Media:Understanding_How_They_Attack_Your_Weaknesses-CAPEC_-_OWASP_AppSec_DC_2010_(Barnum).pdf|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3"| [[Understanding How They Attack Your Weaknesses: CAPEC]]<br>Sean Barnum<br><br><br><br>Making Security Measurable<br>[http://vimeo.com/groups/asdc10/videos/19618464 Video] | [[Media:Making_Security_Measurable_-_CWE_-_OWASP_AppSec_DC_2010_(Barnum).pdf|Slides]]<br><br><br>Understanding How They Attack Your Weaknesses<br>[http://vimeo.com/groups/asdc10/videos/19629525 Video] | [[Media:Understanding_How_They_Attack_Your_Weaknesses-CAPEC_-_OWASP_AppSec_DC_2010_(Barnum).pdf|Slides]] |
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 2:05-2:10 | | width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 2:05-2:10 | ||
Line 135: | Line 135: | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[wXf: Web Exploitation Framework]]<br>Ken Johnson and Chris Gates<br><br>[http://vimeo.com/groups/asdc10/videos/19104630 Video] | [[Media: WXf_ASDC_Presentation.odp.zip | Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[wXf: Web Exploitation Framework]]<br>Ken Johnson and Chris Gates<br><br>[http://vimeo.com/groups/asdc10/videos/19104630 Video] | [[Media: WXf_ASDC_Presentation.odp.zip | Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[The Strengths of Combining Code Review with Application Penetration Testing]]<br>Dave Wichers<br><br>[http://vimeo.com/groups/asdc10/videos/19104928 Video] | [[Media: 2010-DC_The_Power_of_Code_Review.pptx|Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[The Strengths of Combining Code Review with Application Penetration Testing]]<br>Dave Wichers<br><br>[http://vimeo.com/groups/asdc10/videos/19104928 Video] | [[Media: 2010-DC_The_Power_of_Code_Review.pptx|Slides]] | ||
− | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Dealing with Web Application Security, Regulation Style]]<br>Andrew Weidenhamer<br><br> Video | [[Media: Andrew_Weidenhamer_AppSecDC_Presentation.ppt|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Dealing with Web Application Security, Regulation Style]]<br>Andrew Weidenhamer<br><br> [http://vimeo.com/groups/asdc10/videos/19629938 Video] | [[Media: Andrew_Weidenhamer_AppSecDC_Presentation.ppt|Slides]] |
− | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Ensuring Software Assurance Process Maturity]]<br>Edmund Wotring<br><br> Video | [[Media:20101110_-_Ensuring_Software_Assurance_Process_Maturity_-_Final.pptx|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Ensuring Software Assurance Process Maturity]]<br>Edmund Wotring<br><br> [http://vimeo.com/groups/asdc10/videos/19914698 Video] | [[Media:20101110_-_Ensuring_Software_Assurance_Process_Maturity_-_Final.pptx|Slides]] |
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 3:55-4:00 | | width="72" valign="middle" height="5" bgcolor="#7b8abd" rowspan="1"| 3:55-4:00 | ||
Line 142: | Line 142: | ||
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 4:00-4:45 | | width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 4:00-4:45 | ||
− | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="5" | [[Pen-Test Panel]] | + | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="5" | [[Pen-Test Panel]]<br> [http://vimeo.com/groups/asdc10/videos/19908268 Video] |
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" rowspan="2" | [[Botnet Resistant Coding: Protecting Your Users from Script Kiddies]]<br>Fabian Rothschild and Peter Greko<br><br> Video | [[Media:OWASP_Bot_res_enc.pptx|Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" rowspan="2" | [[Botnet Resistant Coding: Protecting Your Users from Script Kiddies]]<br>Fabian Rothschild and Peter Greko<br><br> Video | [[Media:OWASP_Bot_res_enc.pptx|Slides]] | ||
| width="200" valign="middle" height="90" bgcolor="#a0c0e0" align="center" rowspan="1" | [[OWASP Broken Web Applications Project Update]]<br>Chuck Willis<br>[http://vimeo.com/groups/asdc10/videos/19331937 Video] | [[Media:Chuck_Willis_OWASPBWA_for_OWASP_AppSecDC_2010-11-10.pdf|Slides]] | | width="200" valign="middle" height="90" bgcolor="#a0c0e0" align="center" rowspan="1" | [[OWASP Broken Web Applications Project Update]]<br>Chuck Willis<br>[http://vimeo.com/groups/asdc10/videos/19331937 Video] | [[Media:Chuck_Willis_OWASPBWA_for_OWASP_AppSecDC_2010-11-10.pdf|Slides]] | ||
Line 187: | Line 187: | ||
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" bgcolor="#7b8abd" | 10:15-11:00 | | width="72" valign="middle" bgcolor="#7b8abd" | 10:15-11:00 | ||
− | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking SAP BusinessObjects]]<br>Joshua Abraham and Will Vandevanter<br><br> Video | Slides | + | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Hacking SAP BusinessObjects]]<br>Joshua Abraham and Will Vandevanter<br><br> [http://vimeo.com/groups/asdc10/videos/19891280 Video] | Slides |
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Cloudy with a chance of hack!]]<br>Lars Ewe<br><br> Video | [[Media:OWASP_Cloudy_with_a_chance_of_hack_Nov_2010.pdf|Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Cloudy with a chance of hack!]]<br>Lars Ewe<br><br> Video | [[Media:OWASP_Cloudy_with_a_chance_of_hack_Nov_2010.pdf|Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Don't Judge a Website by its Icon - Read the Label!|Don’t Judge a Website by its Icon – Read the Label!]]<br>Jeff Williams<br><br>Video | [[Media:2010-11_OWASP_Software_Labels.pptx|Slides]] | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Don't Judge a Website by its Icon - Read the Label!|Don’t Judge a Website by its Icon – Read the Label!]]<br>Jeff Williams<br><br>Video | [[Media:2010-11_OWASP_Software_Labels.pptx|Slides]] | ||
Line 196: | Line 196: | ||
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" bgcolor="#7b8abd" | 11:05-11:50 | | width="72" valign="middle" bgcolor="#7b8abd" | 11:05-11:50 | ||
− | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Deconstructing ColdFusion ]]<br>Chris Eng and Brandon Creighton<br><br> Video | [[Media: OWASP_AppSec_DC_2010_-_Deconstructing_ColdFusion.pdf|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Deconstructing ColdFusion ]]<br>Chris Eng and Brandon Creighton<br><br> [http://vimeo.com/groups/asdc10/videos/19912816 Video] | [[Media: OWASP_AppSec_DC_2010_-_Deconstructing_ColdFusion.pdf|Slides]] |
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Declarative Web Security]]<br>Brandon Sterne<br><br> [http://vimeo.com/groups/asdc10/videos/18984410 Video] | [[Media: Mozilla_OWASP_AppSec_2010_DC.pdf|Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Declarative Web Security]]<br>Brandon Sterne<br><br> [http://vimeo.com/groups/asdc10/videos/18984410 Video] | [[Media: Mozilla_OWASP_AppSec_2010_DC.pdf|Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The Secure Coding Practices Quick Reference Guide]]<br>Keith Turpin<br><br>[http://vimeo.com/groups/asdc10/videos/19105173 Video] | [[Media: Secure_Coding_Practices_Quick_Ref_4.ppt|Slides]] | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[The Secure Coding Practices Quick Reference Guide]]<br>Keith Turpin<br><br>[http://vimeo.com/groups/asdc10/videos/19105173 Video] | [[Media: Secure_Coding_Practices_Quick_Ref_4.ppt|Slides]] | ||
Line 225: | Line 225: | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[JavaSnoop: How to hack anything written in Java]]<br>Arshan Dabirsiaghi<br><br>[http://vimeo.com/groups/asdc10/videos/19051012 Video] | [[Media:JavaSnoop_-_OWASP_AppSec_DC_2010.pptx|Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[JavaSnoop: How to hack anything written in Java]]<br>Arshan Dabirsiaghi<br><br>[http://vimeo.com/groups/asdc10/videos/19051012 Video] | [[Media:JavaSnoop_-_OWASP_AppSec_DC_2010.pptx|Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Social Zombies Gone Wild: Totally Exposed and Uncensored]]<br>Kevin Johnson and Tom Eston<br><br>[http://vimeo.com/groups/asdc10/videos/18827316 Video] | Slides | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Social Zombies Gone Wild: Totally Exposed and Uncensored]]<br>Kevin Johnson and Tom Eston<br><br>[http://vimeo.com/groups/asdc10/videos/18827316 Video] | Slides | ||
− | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Attack Detection and Prevention with OWASP AppSensor]]<br>Colin Watson<br><br> Video | [[Media:AppSecDC-colin-watson-appsensor.ppt|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Attack Detection and Prevention with OWASP AppSensor]]<br>Colin Watson<br><br> [http://vimeo.com/groups/asdc10/videos/19631724 Video] | [[Media:AppSecDC-colin-watson-appsensor.ppt|Slides]] |
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" bgcolor="#7b8abd" | 3:15-3:30 | | width="72" valign="middle" bgcolor="#7b8abd" | 3:15-3:30 | ||
Line 240: | Line 240: | ||
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="120" bgcolor="#7b8abd" | 4:20-5:05 | | width="72" valign="middle" height="120" bgcolor="#7b8abd" | 4:20-5:05 | ||
− | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Constricting the Web: Offensive Python for Web Hackers]]<br>Marcin Wielgoszewski and Nathan Hamiel<br><br> Video | Slides | + | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[Constricting the Web: Offensive Python for Web Hackers]]<br>Marcin Wielgoszewski and Nathan Hamiel<br><br> [http://vimeo.com/groups/asdc10/videos/19632487 Video] | Slides |
| width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Threats from Economical Improvement]]<br>Eduardo Neves<br><br> Video | [[Media: Threats_from_Economical_Improvement_OWASP_AppSec_2010_LR.key.zip | Slides]] | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Threats from Economical Improvement]]<br>Eduardo Neves<br><br> Video | [[Media: Threats_from_Economical_Improvement_OWASP_AppSec_2010_LR.key.zip | Slides]] | ||
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[OWASP ESAPI SwingSet]]<br>Fabio Cerullo<br><br> Video | [[Media:Esapi_swingset_talk_dc.ppt|Slides]] | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[OWASP ESAPI SwingSet]]<br>Fabio Cerullo<br><br> Video | [[Media:Esapi_swingset_talk_dc.ppt|Slides]] | ||
− | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform]]<br>Benjamin Tomhave<br><br> Video | [[Media: Carrot-stick-consequences-AppSecDC-2010.key.zip|Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform]]<br>Benjamin Tomhave<br><br> [http://vimeo.com/groups/asdc10/videos/19908922 Video] | [[Media: Carrot-stick-consequences-AppSecDC-2010.key.zip|Slides]] |
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="60" bgcolor="#7b8abd" | 5:05-5:30 | | width="72" valign="middle" height="60" bgcolor="#7b8abd" | 5:05-5:30 |
Latest revision as of 14:21, 4 March 2011
Registration | Hotel | Walter E. Washington Convention Center
Main Conference Page | Presentations Page | Training Page
Training 11/08
Training Day 1 - Nov 8th 2010 | |||||||
149A | 149B | 154A | 155 | 154B | |||
09:00-12:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle, InGuardians |
Day 1: Leading an AppSec Initiative Jeff Williams, Aspect Security |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades, Maven Security |
The Art of Exploiting SQL Injections Sumit Siddharth, 7Safe Limited |
WebAppSec.php: Developing Secure Web Applications Robert Zakon | ||
12:00-13:00 | Lunch | ||||||
13:00-17:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle, InGuardians |
Day 1: Leading an AppSec Initiative Jeff Williams, Aspect Security |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades, Maven Security |
The Art of Exploiting SQL Injections Sumit Siddharth, 7Safe Limited |
WebAppSec.php: Developing Secure Web Applications Robert Zakon |