This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "AppSecEU2011"
(→Schedule) |
|||
| (45 intermediate revisions by 5 users not shown) | |||
| Line 7: | Line 7: | ||
| align="center" | [[Image:Banner-trinity-web.jpg]] | | align="center" | [[Image:Banner-trinity-web.jpg]] | ||
| align="center" | | | align="center" | | ||
| + | *[http://www.appseceu.org AppSec EU Website] | ||
*[http://www.owasp.org/images/1/19/AppSecEU_2011_Announcement.pdf Press Release] | *[http://www.owasp.org/images/1/19/AppSecEU_2011_Announcement.pdf Press Release] | ||
*[[AppSecEU2011/Media Mentions|Media Mentions]] | *[[AppSecEU2011/Media Mentions|Media Mentions]] | ||
| Line 44: | Line 45: | ||
*IT Professionals Interested in Improving IT Security<br> | *IT Professionals Interested in Improving IT Security<br> | ||
<br> | <br> | ||
| − | '''AppSec EU Conference Location | + | '''How to get to AppSec EU?''' |
| + | |||
| + | The OWASP AppSec EU Conference takes place in the Arts Building in the grounds of Trinity College, Dublin 2. You could find a copy of the Trinity College grounds and some directions on how to get to the Arts Building in the URL below. | ||
| + | |||
| + | [http://www.appseceu.org/?page_id=817 AppSec EU Venue Location] | ||
| + | |||
| + | |||
| + | |||
| + | '''Are you an exhibitor and need to load/offload materials at Trinity College? | ||
| + | ''' | ||
| + | Below is the map to the Arts Building Loading Bay: | ||
[https://www.owasp.org/images/c/ce/Campus_map_with_Arts_Building_Loading_Bay_vehicular_route.pdf Campus Map] | [https://www.owasp.org/images/c/ce/Campus_map_with_Arts_Building_Loading_Bay_vehicular_route.pdf Campus Map] | ||
| − | <br> | + | <br><br> |
| − | '''Have you visited our conference website?''' | + | |
| + | '''Have you visited our AppSec EU conference website?''' | ||
[http://www.appseceu.org AppSec EU Conference Website] | [http://www.appseceu.org AppSec EU Conference Website] | ||
| + | <br><br> | ||
| + | |||
| + | |||
| + | '''Sponsorship Options''' | ||
| + | |||
| + | To find out more about the different sponsorship opportunities please check the document below: | ||
| + | |||
| + | [http://www.appseceu.org/wp-content/uploads/2011/03/AppSecEU_Sponsorship_Packages.pdf AppSec EU Sponsorship Packages] | ||
| Line 218: | Line 238: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-10:00 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-10:00 | ||
| − | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Brad Arkin, Adobe Corp. | + | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Brad Arkin, Adobe Corp | [http://www.appseceu.org/wp-content/presentations/Brad%20Arkin%20-%20Adobe%20Product%20Security%20Lifecycle.pdf SLIDES] |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:00-10:30 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:00-10:30 | ||
| − | |align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | OWASP Global Board Update - Tom Brennan, Eoin Keary, Seba Deleersnyder | + | |align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | [https://www.owasp.org/images/8/8e/OWASP_Global_Board_Update_AppSecEU11_consolidated_-v3.pptx OWASP Global Board Update] - Tom Brennan, Eoin Keary, Seba Deleersnyder |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:30-10:45 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:30-10:45 | ||
| Line 227: | Line 247: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:45-11:30 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:45-11:30 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Practical Browser Sandboxing on Windows with Chromium, ''Tom Keetch, Verizon Business''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Practical Browser Sandboxing on Windows with Chromium, ''Tom Keetch, Verizon Business'' <br> [http://www.appseceu.org/wp-content/presentations/Tom%20Keetch%20-%20Practical%20Sandboxing%20with%20Chromium.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Building a Robust Security Plan, ''Narainder Chandwani, Foundstone''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Building a Robust Security Plan, ''Narainder Chandwani, Foundstone'' <br> [http://www.appseceu.org/wp-content/presentations/Narainder%20Chandwani%20-%20Building%20a%20Robust%20Application%20Security%20Plan.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | APT in a Nutshell, "David Stubley, 7 Elements Ltd" <br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | APT in a Nutshell, "David Stubley, 7 Elements Ltd" <br> [http://www.appseceu.org/wp-content/presentations/David%20Stubley%20-%20APT%20in%20a%20Nutshell.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-11:40 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-11:40 | ||
| Line 235: | Line 255: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:40-12:25 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:40-12:25 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | How to become Twitter's admin: An introduction to Modern Web Service Attacks, ''Andreas Falkenberg, RUB''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | How to become Twitter's admin: An introduction to Modern Web Service Attacks, ''Andreas Falkenberg, RUB''<br>[http://www.appseceu.org/wp-content/presentations/Andreas%20Falkenberg%20-%20How%20to%20become%20twitter%20admin.pdf SLIDES]<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | The missing link: Turning Securable apps into secure installations using SCAP, ''Charles Schmidt, MITRE Corp.''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | The missing link: Turning Securable apps into secure installations using SCAP, ''Charles Schmidt, MITRE Corp.'' <br> [http://www.appseceu.org/wp-content/presentations/Charles%20Schmidt%20-%20The%20Missing%20Link.pdf SLIDES]<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | The Buzz about Fuzz: An enhanced approach to finding vulnerabilities, ''Joe Basirico, Security Innovation''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | The Buzz about Fuzz: An enhanced approach to finding vulnerabilities, ''Joe Basirico, Security Innovation'' <br> [http://www.appseceu.org/wp-content/presentations/Joe%20Basirico%20-%20Whats%20the%20Buzz%20About%20Fuzz.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:25-13:25 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:25-13:25 | ||
| Line 247: | Line 267: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:25-14:25 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:25-14:25 | ||
| − | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Giles Hogben, ENISA | + | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Giles Hogben, ENISA | [https://www.owasp.org/index.php/File:Giles_Hogben_-_Smartphones,_App-stores_and_HTML_5.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:25-14:40 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:25-14:40 | ||
| Line 253: | Line 273: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:40-15:25 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:40-15:25 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | OWASP Secure Coding Practices Quick Reference Guide, ''Keith Turpin, The Boeing Company''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | OWASP Secure Coding Practices Quick Reference Guide, ''Keith Turpin, The Boeing Company'' <br> [http://www.appseceu.org/wp-content/presentations/Keith%20Turpin%20-%20Secure%20Coding%20Practices%20Quick%20Ref%20Guide.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Integrating security testing into a SDLC: what we learned and have the scars to prove it, ''Mark Crosbie, IBM''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Integrating security testing into a SDLC: what we learned and have the scars to prove it, ''Mark Crosbie, IBM'' <br> [http://www.appseceu.org/wp-content/presentations/Mark%20Crosbie%20-%20Integrating%20Security%20Testing%20into%20a%20SDLC.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Intranet Footprinting: Discovering Resources from outside, ''Javier Marcos de Prado & Juan Galiana Lara, IBM'' | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Intranet Footprinting: Discovering Resources from outside, ''Javier Marcos de Prado & Juan Galiana Lara, IBM'' <br> [http://www.appseceu.org/wp-content/presentations/JM%20del%20Prado%20%26%20JG%20Lara%20-%20Intranet%20Footprinting.pdf SLIDES] |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:25-15:40 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:25-15:40 | ||
| Line 261: | Line 281: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:40-16:25 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:40-16:25 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Building Large Scale Detectors for Web-based Malware, ''Marco Balduzzi & Davide Canali, EURECOM''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Building Large Scale Detectors for Web-based Malware, ''Marco Balduzzi & Davide Canali, EURECOM''<br>[http://www.appseceu.org/wp-content/presentations/Marco%20Cova%20%26%20Davide%20Canali%20-%20Building%20Large%20Scale%20Detectors%20for%20Web%20Based%20Malware.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Infosec Stats: Reading between the lines, ''Chris Eng, Veracode''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Infosec Stats: Reading between the lines, ''Chris Eng, Veracode''<br> [http://www.appseceu.org/wp-content/presentations/Chris%20Eng%20-%20Reading%20Between%20the%20Lines.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Python Basics for Web App Pentesters, ''Justin Searle, InGuardians Inc'' | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Python Basics for Web App Pentesters, ''Justin Searle, InGuardians Inc'' <br>[http://www.appseceu.org/wp-content/presentations/Justin%20Searle%20-%20Python%20Basics%20for%20Web%20App%20Pentesters.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:25-16:35 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:25-16:35 | ||
| Line 269: | Line 289: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:35-17:20 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:35-17:20 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | OWASP AppSensor Project, ''Colin Watson, Watson Hall Ltd''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | OWASP AppSensor Project, ''Colin Watson, Watson Hall Ltd''<br> [http://www.appseceu.org/wp-content/presentations/Colin%20Watson%20-%20OWASP%20AppSensor%20Project.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | A buffer overflow Story: From Responsible Disclosure to Closure, ''Douglas Held, Fortify (HP)''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | A buffer overflow Story: From Responsible Disclosure to Closure, ''Douglas Held, Fortify (HP)''<br> [http://www.appseceu.org/wp-content/presentations/Doug%20Held%20-%20A%20Buffer%20Overflow%20Story.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | CTF: Bringing back more than sexy!, ''Mark Hillick, | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | CTF: Bringing back more than sexy!, ''Mark Hillick, KTF'' <br>[http://www.appseceu.org/wp-content/presentations/Mark%20Hillick%20-%20CTF%20Bring%20back%20more%20than%20sexy.pdf SLIDES] |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | | ||
| Line 303: | Line 323: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-10:00 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 09:00-10:00 | ||
| − | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Janne Uusilehto, Nokia. | + | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Janne Uusilehto, Nokia | [http://www.appseceu.org/wp-content/presentations/Janne%20Uusilehto%20-%20Is%20SW%20Security%20just%20coding%3f.pdf SLIDES] |
|- | |- | ||
| − | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:00-10: | + | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:00-10:10 |
| − | |align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | | + | |align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break |
|- | |- | ||
| − | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10: | + | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:10-10:55 |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Software Security: Is OK Good Enough?, ''John Dickson, Denim Group Ltd.''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Software Security: Is OK Good Enough?, ''John Dickson, Denim Group Ltd.''<br> [http://www.appseceu.org/wp-content/presentations/John%20Dickson%20-%20Software%20Security%20Is%20OK%20Good%20Enough.pdf SLIDES] <br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | An Overview of Threat Modeling, ''Paco Hope, Cigital Inc.''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | An Overview of Threat Modeling, ''Paco Hope, Cigital Inc.''<br> [http://www.appseceu.org/wp-content/presentations/Paco%20Hope%20-%20Threat%20Modeling%20Overview.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | An Introduction to the OWASP Zed Attack Proxy, "Simon Bennetts, OWASP" <br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | An Introduction to the OWASP Zed Attack Proxy, "Simon Bennetts, OWASP" <br>[http://www.appseceu.org/wp-content/presentations/Simon%20Bennetts%20-%20OWASP%20Zed%20Attack%20Proxy.pdf SLIDES]<br> |
|- | |- | ||
| − | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | | + | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:55-11:10 |
| − | | align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break | + | | align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Coffee Break |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:10-11:55 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:10-11:55 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | New standards and upcoming technologies in browser security, ''Tobias Gondrom, IETF WG''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | New standards and upcoming technologies in browser security, ''Tobias Gondrom, IETF WG''<br> [http://www.appseceu.org/wp-content/presentations/Tobias%20Gondrom%20-%20New%20standards%20and%20upcoming%20technologies%20in%20browser%20security.pdf SLIDES]<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Simple Approach to Sepcifying Security Requirements for Online Developments, ''Alexis Fitzgerald, RITS''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Simple Approach to Sepcifying Security Requirements for Online Developments, ''Alexis Fitzgerald, RITS''<br>[http://www.appseceu.org/wp-content/presentations/Alexis%20FitzGerald%20-%20Simple%20Approach%20to%20Specifying%20Security%20Requirements.pdf SLIDES]<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | A Case Study on Enterprise E-mail (in) Security Solutions, ''Marian Ventuneac, Genworth Financial''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | A Case Study on Enterprise E-mail (in) Security Solutions, ''Marian Ventuneac, Genworth Financial''<br>[http://www.appseceu.org/wp-content/presentations/Marian%20Ventuneac%20-%20Case%20Study%20on%20Enterprise%20E-mail%20(in)Security%20Solutions.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:55-12:05 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:55-12:05 | ||
| Line 329: | Line 349: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:05-12:50 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:05-12:50 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Empty Slot<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | A Critical Look at the Classification Schemes for Privacy Risks, ''Elke Roth-Mandutz and Georg Simon, Ohm University''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | A Critical Look at the Classification Schemes for Privacy Risks, ''Elke Roth-Mandutz and Georg Simon, Ohm University''<br> [http://www.appseceu.org/wp-content/presentations/Elke%20Roth-Mandutz%20-%20A%20Critical%20Look%20at%20Classification%20Schemes%20for%20Privacy%20Risks.pdf SLIDES]<br> |
<br> | <br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Testing Security Testing: Evaluating Quality of Security Testing, ''Ofer Maor, Seeker Security''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Testing Security Testing: Evaluating Quality of Security Testing, ''Ofer Maor, Seeker Security''<br>[http://www.appseceu.org/wp-content/presentations/Ofer%20Maor%20-%20Testing%20Security%20Testing.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:50-13:50 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:50-13:50 | ||
| Line 342: | Line 362: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:50-14:50 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:50-14:50 | ||
| − | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Alex Lucas, Microsoft | + | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Alex Lucas, Microsoft | [http://www.appseceu.org/wp-content/presentations/Alex%20Lucas%20-%20Security%20Science,%20The%20SDL%20and%20Openness.pdf SLIDES] |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:50-15:00 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:50-15:00 | ||
| Line 348: | Line 368: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:00-15:45 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:00-15:45 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Putting the Smart into Smartphones: Security Testing Mobile Applications, ''Dan Cornell, Denim Group''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Putting the Smart into Smartphones: Security Testing Mobile Applications, ''Dan Cornell, Denim Group''<br> [http://www.appseceu.org/wp-content/presentations/Dan%20Cornell%20-%20Putting%20the%20Smart%20in%20Smartphones-Security%20Testing%20Mobile%20Applications.pdf SLIDES]<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Security | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Wordpress Security, ''Steve Lord, Mandalorian Security Ltd.''<br> |
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | The Dark Side: Measuring and Analyzing Malicious Activity On Twitter, ''Daniel Peck, Barracuda Networks'' | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | The Dark Side: Measuring and Analyzing Malicious Activity On Twitter, ''Daniel Peck, Barracuda Networks''<br>[http://www.appseceu.org/wp-content/presentations/Daniel%20Peck%20-%20The%20Dark%20Side%20of%20Social%20Networking.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:45-16:00 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:45-16:00 | ||
| Line 356: | Line 376: | ||
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-16:45 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:00-16:45 | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Threat modeling of banking malware-based attacks using the P.A.S.T.A. framework, ''Marco Morana, Cincinnati Chapter Lead & Tony UcedaVelez, VerSprite''<br> | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Threat modeling of banking malware-based attacks using the P.A.S.T.A. framework, ''Marco Morana, Cincinnati Chapter Lead & Tony UcedaVelez, VerSprite''<br> [https://www.owasp.org/index.php/File:Marco_Morana_and_Tony_UV_-_Threat_Modeling_of_Banking_Malware.pdf SLIDES]<br> |
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | PCI DSS v2.0: a new challenge for web application security testing?, ''Laurent Benameur Sauvaire, Espion, Ltd.''<br> | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | PCI DSS v2.0: a new challenge for web application security testing?, ''Laurent Benameur Sauvaire, Espion, Ltd.''<br> | ||
| − | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Practical Crypto Attacks Against Web Applications, ''Justin Clarke, Gotham Digital Science'' | + | | align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Practical Crypto Attacks Against Web Applications, ''Justin Clarke, Gotham Digital Science'' <br>[http://www.appseceu.org/wp-content/presentations/Justin%20Clarke%20-%20Practical%20Crypto%20Attacks%20against%20Web%20Apps.pdf SLIDES]<br> |
|- | |- | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:45-16:55 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:45-16:55 | ||
| Line 365: | Line 385: | ||
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:55-17:40 | | style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:55-17:40 | ||
| − | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: | + | | align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Keynote: Arian Evans, Whitehat Security |
|- | |- | ||
| Line 448: | Line 468: | ||
==== Team ==== | ==== Team ==== | ||
| − | ''' | + | '''AppSec EU Conference Team''' |
| − | + | ||
| − | + | '''Chairs''' | |
| − | ''' | + | |
| − | ''' | + | Eoin Keary<br> |
| + | Fabio Cerullo<br> | ||
| + | Fiona Walsh<br> | ||
| + | |||
| + | '''Operations''' | ||
| + | |||
| + | Kate Hartmann<br> | ||
| + | Lorna Alamri<br> | ||
| + | Sarah Baso<br> | ||
| + | Ana Loza<br> | ||
| + | Ralph Durkee<br> | ||
| + | |||
| + | '''Volunteers''' | ||
| + | |||
| + | Owen Pendlebury<br> | ||
| + | Niall Jordan<br> | ||
| + | Ronan O'Mullane<br> | ||
| + | Federico Feraboli<br> | ||
| + | |||
==== Chapters Workshop ==== | ==== Chapters Workshop ==== | ||
| − | On June 9, 14h30-18h we organize a chapter leader workshop for all the chapter leaders that attend the conference. | + | On June 9, 14h30-18h in Trinity College - Arts Building room 3126, we organize a chapter leader workshop for all the chapter leaders that attend the conference. |
| − | Items that | + | Items that will be discussed are: |
* How to improve the current Chapter Leader Handbook? | * How to improve the current Chapter Leader Handbook? | ||
| − | * How to start new chapters within Europe? | + | * How to start and support new chapters within Europe? |
* How to support inactive chapters within Europe? | * How to support inactive chapters within Europe? | ||
* What Governance model is required for OWASP chapters? | * What Governance model is required for OWASP chapters? | ||
| Line 465: | Line 503: | ||
* ... | * ... | ||
| − | Agenda and room | + | Agenda and room details are online at [[AppSecEU 2011 chapters workshop agenda]]. |
| − | + | Contact [mailto:[email protected] Seba] for more details. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | '''[https://docs.google.com/a/owasp.org/document/d/1PrGmwy1pxs2cb4LyewXS4TonbzAY7nORWvj-NJYaEnk/edit?hl=en_US Minutes from Workshop]''' | |
| Line 491: | Line 514: | ||
{{:AppSecEU2011/Industry_Outreach}} | {{:AppSecEU2011/Industry_Outreach}} | ||
| + | ==== Sponsorship Options ==== | ||
| + | |||
| + | OWASP is providing sponsors exclusive access to its audience in Trinity College Dublin, Ireland through a limited number of Expo floor slots, providing a focused setting for potential customers.Attendees will be pushed through the Expo floor for breakfast, lunch and coffee breaks giving them direct access to sponsors’ booths and technology. | ||
| + | |||
| + | The conference is expected to draw over 400 international attendees; all with budgets dedicated to web application security initiatives. Financial Services, Media, Pharmaceuticals, Government, Healthcare, Technology, and many other verticals will be represented. | ||
| + | |||
| + | Sponsorship opportunities are filling up rapidly. All proceeds from sponsorship support the conference and the mission of the OWASP Foundation (501c3 Not-For-Profit), driving funding for research grants, tools and documents, local chapters, and more. | ||
| + | |||
| + | All sponsorship opportunities feature significant discounts to OWASP members, allowing you year-round access the web application security’s top thinkers as well as use of OWASP materials in product and service delivery. | ||
| + | |||
| + | To find out more about the different sponsorship opportunities please check the document below: | ||
| + | |||
| + | http://www.appseceu.org/wp-content/uploads/2011/03/AppSecEU_Sponsorship_Packages.pdf | ||
| + | |||
| + | ==== SoccerCon EU ==== | ||
| + | |||
| + | We are organizing a Futbol (Soccer) friendly in Ireland for AppSec EU. For those that partook in the friendly in Portugal, the event was a big success | ||
| + | despite the fact we played at 8am, inebriated, with a semi-deflated ball, on a slick concrete court - all of such conditions which allow me to continue my personal denial for the loss we experienced against the Portuguese/ Brazilian Chapter leads. All that aside, I would like to know if there are | ||
| + | any members interest to relive this in much better fashion while in Dublin. | ||
| + | |||
| + | Date: 10th June at 7:00PM - Trinity College Sports Centre | ||
| + | |||
| + | Proud Soccer Field Sponsor: | ||
| + | |||
| + | [[File:Trustwave.png]] | ||
| + | |||
| + | Bring your shorts and show us your Messi skills. ;-) | ||
| + | |||
| + | If you plan to attend, please fill in your name below: | ||
| + | |||
| + | * Tony UcedaVelez | ||
| + | * Tom Brennan | ||
| + | * Fabio Cerullo | ||
| + | * Dan Cornell | ||
| + | * Frederick Donovan | ||
| + | * ... | ||
| + | |||
| + | Contact [mailto:[email protected] Tony] for more details. | ||
<headertabs /> | <headertabs /> | ||
| + | [[Category:OWASP AppSec Conference]] | ||
Latest revision as of 20:36, 2 October 2011
|
|
Welcome
|
|
Registration
Registration is now open!
Registration Fees
| Ticket Type | Before 6th April | After 6th April | After 6th May |
|---|---|---|---|
| Non-Member | €250 | €300 | €350 |
| Active OWASP Member | €200 | €250 | €300 |
| Student | €150 | €200 | €250 |
| Course | Fee |
|---|---|
| 1 Day Training | €495 |
| 2 Day Training | €990 |
Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accommodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
* We need some kind of proof of your full-time student status. Either ask your local OWASP chapter leader to vouch for you by email to [email protected], or email Kate a scanned image of your student ID (please compress the file size :).
June 7th-8th (Training)
Schedule
| T1. Threat Modeling and Architecture Review - 2-Days (June 7-8) - 990 Euro |
|---|
| Threat Modeling and Architecture Review are the cornerstones of a preventative approach to Application Security. By combining these topics into single comprehensive course attendees can get a complete understanding of how to understand the threat an application faces and how the application will handle those potential threats. This enables the risk to be accurately assessed and appropriate changes or mitigating controls recommended. |
| Instructor: Pravir Chandra, Fortify |
| Learn More About the Threat Modeling and Architecture Review Class |
| Click here to register |
| T2. Assessing and Exploiting Web Applications with Samurai - WTF - 2-Days (June 7-8) - 990 Euros |
|---|
|
Come take the official Samurai-WTF training course given by one of the founders and lead developers of the project! You will learn how to use the latest Samurai-WTF open source tools and the be shown the latest techniques to perform web application assessments. After a quick overview of pen testing methodology, the instructor will lead you through the penetration and exploitation of three different web applications, and the browsers connecting to them. Different sets of open source tools will be used on each web application, allow you to learn first hand the pros and cons of each tool. After you have gained experience with the Samurai-WTF tools, you will be challenged with a fourth web application that contains keys you must find and collect. This final challenge will give you time to practice your new skills at your own pace and experiment with your favorite new tools. This experience will help you gain the confidence necessary to perform web application assessments and expose you to the wealth of freely available open source tools. |
|
Instructor: Justin Searle: InGuardians |
| Learn More About the Assessing and Exploiting Web Applications with Samurai - WTF |
| Click here to register |
| T3. Tactical Defense with ModSecurity - 2-Days - 990 Euros |
| While application flaws should ideally be fixed in the source code, this is often not a feasible task for various reasons. Web application firewalls are often deployed as an additional layer of security that can monitor, detect and prevent attacks before they reach the web application. ModSecurity, an extremely popular open source web application firewall, is often used to help protect web applications against known and unknown vulnerabilities alike.
This two-day boot-camp training is designed for people who want to quickly learn how to configure and deploy ModSecurity in the most effective manner possible. The course will cover topics such as the powerful ModSecurity rules language, extending functionality via the embedded Lua engine and managing suspicious events via AuditConsole. Documented hands-on labs help students understand the inner workings of ModSecurity and how to deploy ModSecurity securely. By leveraging the flexibility within ModSecurity, attendees will be able to write effective rules to mitigate complex web vulnerabilities |
| Instructor: Christian Bockermann, PhD University of Dortmund |
| Learn More about the Tactical Defense With Mod Security Class |
| Click here to register |
| T4. Secure Application Development: Writing secure code (and testing it) 1-Day - June 7th- 495 Euros |
| Writing Secure code is the most effective method to securing your web applications. Writing secure code takes skill and know-how but results in a more stable and robust application and assists in protecting an organisations brand.
Application security is not commonly a part of many computer science curricula today and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training efforts. This intensive one-day course focuses on the most common web application security problems, including aspects of both the OWASP Top Ten (2010) and the MITRE Top 25. The course will introduce and demonstrate application assessment techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities in their code Instructor: Eoin Keary, OWASP |
| Learn More About the Secure Application Development Class |
| Click here to register |
| T5. Designing, Building and Testing Secure Application on Mobile Devices 1-Day - June 8th- 495 Euros |
|---|
| This course provides an introduction to security for mobile and smartphone applications. It walks through a basic threat model for a smartphone application. This threat model is then used as a framework for making good decisions about designing and building applications as well as for testing the security of existing applications. Examples are provided for both iOS (iPhone and iPad) and Android platforms and sample code is provided to demonstrate mobile security assessment techniques. Particular emphasis will be on the unique security challenges that developing software for mobile devices represent, comparing mobile software security concepts to those in the web application world
|
| Learn More About the Designing, Building and Testing Secure Application on Mobile Devices Class |
| Click here to register |
June 9th
Schedule
| Conference Day 1 - June 9, 2011
| |||
| |
Track 1 - Defend | Track 2 - Prevent | Track 3 - Attack |
| 0800-08:50 | Registration and Breakfast + Coffee | ||
| 08:50-09:00 | Welcome by AppSec EU Board | ||
| 09:00-10:00 | Keynote: Brad Arkin, Adobe Corp | SLIDES | ||
| 10:00-10:30 | OWASP Global Board Update - Tom Brennan, Eoin Keary, Seba Deleersnyder | ||
| 10:30-10:45 | Coffee Break | ||
| 10:45-11:30 | Practical Browser Sandboxing on Windows with Chromium, Tom Keetch, Verizon Business SLIDES |
Building a Robust Security Plan, Narainder Chandwani, Foundstone SLIDES |
APT in a Nutshell, "David Stubley, 7 Elements Ltd" SLIDES |
| 11:30-11:40 | Break | ||
| 11:40-12:25 | How to become Twitter's admin: An introduction to Modern Web Service Attacks, Andreas Falkenberg, RUB SLIDES
|
The missing link: Turning Securable apps into secure installations using SCAP, Charles Schmidt, MITRE Corp. SLIDES
|
The Buzz about Fuzz: An enhanced approach to finding vulnerabilities, Joe Basirico, Security Innovation SLIDES |
| 12:25-13:25 | Lunch | ||
| 13:25-14:25 | Keynote: Giles Hogben, ENISA | SLIDES | ||
| 14:25-14:40 | Break | ||
| 14:40-15:25 | OWASP Secure Coding Practices Quick Reference Guide, Keith Turpin, The Boeing Company SLIDES |
Integrating security testing into a SDLC: what we learned and have the scars to prove it, Mark Crosbie, IBM SLIDES |
Intranet Footprinting: Discovering Resources from outside, Javier Marcos de Prado & Juan Galiana Lara, IBM SLIDES |
| 15:25-15:40 | Coffee Break | ||
| 15:40-16:25 | Building Large Scale Detectors for Web-based Malware, Marco Balduzzi & Davide Canali, EURECOM SLIDES |
Infosec Stats: Reading between the lines, Chris Eng, Veracode SLIDES |
Python Basics for Web App Pentesters, Justin Searle, InGuardians Inc SLIDES |
| 16:25-16:35 | Break | ||
| 16:35-17:20 | OWASP AppSensor Project, Colin Watson, Watson Hall Ltd SLIDES |
A buffer overflow Story: From Responsible Disclosure to Closure, Douglas Held, Fortify (HP) SLIDES |
CTF: Bringing back more than sexy!, Mark Hillick, KTF SLIDES |
| 19:00-23:00 | Networking Event - Drinks at the Church Bar | ||
June 10th
Schedule
| Conference Day 2 - June 10, 2011
| |||
| |
Track 1 - Defend | Track 2 - Prevent | Track 3 - Attack |
| 08:00-08:50 | Registration | ||
| 08:50-09:00 | Day 2 Opening Remarks | ||
| 09:00-10:00 | Keynote: Janne Uusilehto, Nokia | SLIDES | ||
| 10:00-10:10 | Break | ||
| 10:10-10:55 | Software Security: Is OK Good Enough?, John Dickson, Denim Group Ltd. SLIDES |
An Overview of Threat Modeling, Paco Hope, Cigital Inc. SLIDES |
An Introduction to the OWASP Zed Attack Proxy, "Simon Bennetts, OWASP" SLIDES |
| 10:55-11:10 | Coffee Break | ||
| 11:10-11:55 | New standards and upcoming technologies in browser security, Tobias Gondrom, IETF WG SLIDES
|
Simple Approach to Sepcifying Security Requirements for Online Developments, Alexis Fitzgerald, RITS SLIDES
|
A Case Study on Enterprise E-mail (in) Security Solutions, Marian Ventuneac, Genworth Financial SLIDES |
| 11:55-12:05 | Break | ||
| 12:05-12:50 | Empty Slot
|
A Critical Look at the Classification Schemes for Privacy Risks, Elke Roth-Mandutz and Georg Simon, Ohm University SLIDES
|
Testing Security Testing: Evaluating Quality of Security Testing, Ofer Maor, Seeker Security SLIDES |
| 12:50-13:50 | Lunch | ||
| 13:50-14:50 | Keynote: Alex Lucas, Microsoft | SLIDES | ||
| 14:50-15:00 | Break | ||
| 15:00-15:45 | Putting the Smart into Smartphones: Security Testing Mobile Applications, Dan Cornell, Denim Group SLIDES |
Wordpress Security, Steve Lord, Mandalorian Security Ltd. |
The Dark Side: Measuring and Analyzing Malicious Activity On Twitter, Daniel Peck, Barracuda Networks SLIDES |
| 15:45-16:00 | Coffee Break | ||
| 16:00-16:45 | Threat modeling of banking malware-based attacks using the P.A.S.T.A. framework, Marco Morana, Cincinnati Chapter Lead & Tony UcedaVelez, VerSprite SLIDES |
PCI DSS v2.0: a new challenge for web application security testing?, Laurent Benameur Sauvaire, Espion, Ltd. |
Practical Crypto Attacks Against Web Applications, Justin Clarke, Gotham Digital Science SLIDES |
| 16:45-16:55 | Break | ||
| 16:55-17:40 | Keynote: Arian Evans, Whitehat Security | ||
| 17:40-18:00 | Conference Closure and Raffle | ||
Accommodation
The Morgan Hotel:
Stay in one of the best luxury hotels in Dublin, The Morgan, Design hotel is located in Temple Bar. This 4 star Hotel Dublin offers an oasis of calm in a central location. The hotel’s cool modern interiors, chic design and boutique luxury hotel rooms are all part of an experience designed to pamper guests and breathe new life and style into hotel living.
This city centre Dublin hotel is just a few blocks away from Trinity College, Grafton Street, the main shopping thoroughfare, theatres, shopping, music and nightlife along with proximity to the IFSC, Dublin’s main business district. There is no other 4 star hotel Dublin quite like it!
Stay in the heart of the conference action at a hotel specially discounted for its attendees.
Rooms can be booked by emailing [email protected] and quoting OWASP.
The contact in reservations is Bernadette Doyle and you could contact her for special requests at the following number: +353 1 643 7000
Special Rates: €130 Bed & Full Irish Breakfast – Single Occupancy €140 Bed & Full Irish Breakfast – Double Occupancy
Special rate deadline: 6 May 2011
The Morgan Hotel 10 Fleet st, Temple Bar, Dublin 2 Phone: +353 1 6437000 Fax: +353 1 6437060 http://www.themorgan.ie
Trinity College:
Accommodation is also available on the historic campus at Trinity College Dublin, located right in the centre of the city. The bedrooms, many of which have been recently renovated, are excellent value with prices ranging from Euro 55.00 to Euro 100.00 per night. Rooms are serviced daily and continental breakfast is included in room rates.
For more information visite: https://accommodation.tcd.ie/kxHotel/
KartCon EU
It was about time for Europe to host this adrenaline fueled event!
Kylemore Karting, Ireland’s largest indoor Karting arena, has a choice of three 360 mtr tracks with flyovers, underpasses, hills and banked corners waiting for you.
Race for best time – Race for best crash – Race for fun
This is your chance to sit down, strap in and race for the finish line to “Rev Up” for APPSEC EU 2011.
The doors open Wednesday 8th June at 7:30pm and there will be transportation available from Dublin city centre.
More info could be found here:
Kylemore Karting Unit 1A, Kylemore Industrial Estate, Killeen Road, Kylemore, Dublin 10 http://www.kylemore-karting.com
REGISTRATION IS OPEN. Please visit URL below to register:
http://www.regonline.com/owasp_appsec_eu_2011
Challenges
Countdown Challenges -- Free Tickets to Win!
You could check all challenges here: http://www.appseceu.org/?page_id=197
Team
AppSec EU Conference Team
Chairs
Eoin Keary
Fabio Cerullo
Fiona Walsh
Operations
Kate Hartmann
Lorna Alamri
Sarah Baso
Ana Loza
Ralph Durkee
Volunteers
Owen Pendlebury
Niall Jordan
Ronan O'Mullane
Federico Feraboli
Chapters Workshop
On June 9, 14h30-18h in Trinity College - Arts Building room 3126, we organize a chapter leader workshop for all the chapter leaders that attend the conference.
Items that will be discussed are:
- How to improve the current Chapter Leader Handbook?
- How to start and support new chapters within Europe?
- How to support inactive chapters within Europe?
- What Governance model is required for OWASP chapters?
- How can the global chapters committee facilitate the European chapters?
- ...
Agenda and room details are online at AppSecEU 2011 chapters workshop agenda.
Contact Seba for more details.
Industry Outreach Sessions
For more information about any of the sessions or to R.S.V.P. contact Sarah Baso
Security for Managers and Executives
10:15-11:00 AM, Conference Day 2, 10 June 2011
Location: Arts Building room 3106
The purpose for this session is to help organizations understand why application security is important and how OWASP can help in making their applications more secure. It will give them an opportunity to learn what documentation, training, architecture, tools and infrastructure is available. The best part is all these materials are free. OWSAP provides the solution for their application security needs. We are also looking to improve collaboration by helping get more organization participating in OWASP projects. This will help us ensure that we account for the various needs of industry and develop well vetted best practices.
Security For Managers and Executives - Industry Outreach Presentation
Presented by: Nishi Kumar, IT Architect Specialist, FIS
View Presenter's Bio
CISO Survey
12:05-12:50 PM, Conference Day 2, 10 June 2011
Location: Arts Building room 3106
The objective of this session is to solicit feedback from industry leaders to help inform the content of the upcoming OWASP CISO survey. Specifically, we are interested in what they would like to see in a survey of their peers and leaders and how they think such a survey should be executed. The session will provide participants an opportunity to meet with peers in a vendor-free environment and discuss their problems with and solutions to information security. It will also allow them to shape the focus of the upcoming survey to maximize the return value to them.
Presented by: Rex Booth, Senior Manager, Grant Thornton
View Presenter's Bio
Global Industry Roundtable
15:00-15:45 PM, Conference Day 2, 10 June 2011
Location: Arts Building room 3106
This roundtable session will involve a series of questions aimed at driving discussion to determine: How can the OWASP Global Industry Committee become more relevant and work to achieve a better working relationship with industry verticals? What would types of OWASP resources (if none are currently available) would your company find value in? If you are not currently an OWASP member or corporate supporter, why not?
The outcomes of this session, as well as similar sessions that we hope to host at the other OWASP global appsec conferences this year, will be used determine whether a new membership model (esp. for corporate supporters) is needed within OWASP as well as where committee resources should be focused in the upcoming year(s).
Facilitated by: Sarah Baso, Operations Manager for the OWASP Global Industry Committee
With remote participation from: Joe Bernik, Chief Information Security Officer for Fifth Third Bank and OWASP GIC Committee Chair
View Presenters' Bios
Sponsorship Options
OWASP is providing sponsors exclusive access to its audience in Trinity College Dublin, Ireland through a limited number of Expo floor slots, providing a focused setting for potential customers.Attendees will be pushed through the Expo floor for breakfast, lunch and coffee breaks giving them direct access to sponsors’ booths and technology.
The conference is expected to draw over 400 international attendees; all with budgets dedicated to web application security initiatives. Financial Services, Media, Pharmaceuticals, Government, Healthcare, Technology, and many other verticals will be represented.
Sponsorship opportunities are filling up rapidly. All proceeds from sponsorship support the conference and the mission of the OWASP Foundation (501c3 Not-For-Profit), driving funding for research grants, tools and documents, local chapters, and more.
All sponsorship opportunities feature significant discounts to OWASP members, allowing you year-round access the web application security’s top thinkers as well as use of OWASP materials in product and service delivery.
To find out more about the different sponsorship opportunities please check the document below:
http://www.appseceu.org/wp-content/uploads/2011/03/AppSecEU_Sponsorship_Packages.pdf
SoccerCon EU
We are organizing a Futbol (Soccer) friendly in Ireland for AppSec EU. For those that partook in the friendly in Portugal, the event was a big success despite the fact we played at 8am, inebriated, with a semi-deflated ball, on a slick concrete court - all of such conditions which allow me to continue my personal denial for the loss we experienced against the Portuguese/ Brazilian Chapter leads. All that aside, I would like to know if there are any members interest to relive this in much better fashion while in Dublin.
Date: 10th June at 7:00PM - Trinity College Sports Centre
Proud Soccer Field Sponsor:
Bring your shorts and show us your Messi skills. ;-)
If you plan to attend, please fill in your name below:
- Tony UcedaVelez
- Tom Brennan
- Fabio Cerullo
- Dan Cornell
- Frederick Donovan
- ...
Contact Tony for more details.
