This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP AppSec Asia 2007"
(→Daniel Hsu (Manager Security Service - North East Asia, Global Security, American Express) (2:30pm-3:00pm)) |
(→OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007)) |
||
| (91 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | [[Image:MG_0476.jpg|733px]] | |
| − | + | == OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)== | |
| + | [[Image:owasp_appsec_asia_2007.jpg|733px]] | ||
| + | |||
| + | = OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007) = | ||
| + | {| style="width:80%" border="0" align="center" | ||
| + | ! colspan="4" align="center" style="background:#4F81BD; color:white" | | ||
| + | |||
| + | |- | ||
| + | | align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION''' | ||
| + | | style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER''' | ||
| + | |||
| + | |- | ||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 hrs - 13:40 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Keynote <BR>Opening Keynote]<BR><br>''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang Wayne Huang<br>Chair, OWASP Taiwan Chapter]<br>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''13:40 hrs - 13:50 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark]<BR><br>''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Dr._Ching-Chi_Hsu Dr. Ching-Chi Hsu <br>Vice President, III Taiwan]<br>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''13:50 hrs - 14:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark II]<BR><br>''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#David_Chang David Chang<br>Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan]<br><br>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''Talk Session I''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Changing Faces in Web Attacks''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''14:00 hrs - 14:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman The Next Challenge to Web Security: Business Logic Flaws]<br>''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman_.28Founder_and_CTO.2C_WhiteHat_Security.29_.282:00pm-2:30pm.29 Jeremiah Grossman <br>Founder and CTO, WhiteHat Security]<br><BR>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 hrs - 15:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Daniel_Hsu_.28Manager_Security_Service_-_North_East_Asia.2C_Global_Security.2C_American_Express.29_.282:30pm-3:00pm.29 From a user perspective, what are CSOs' real concerns?]''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Daniel_Hsu_.28Manager_Security_Service_-_North_East_Asia.2C_Global_Security.2C_American_Express.29_.282:30pm-3:00pm.29 Daniel Hsu <br>Manager Security Service - North East Asia, Global Security, American Express]<br><BR>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''15:00 hrs - 15:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jack_Yu_.28Editor-In-Chief.2C_InfoSecurity_Magazine_Taiwan.29_.283:00pm-3:30pm.29 Live in Battle: The NetArmy and Cross-Straight Digital Warfare]''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jack_Yu_.28Editor-In-Chief.2C_InfoSecurity_Magazine_Taiwan.29_.283:00pm-3:30pm.29 Jack Yu <br>Editor-In-Chief, InfoSecurity Magazine Taiwan]<br><BR>''' | ||
| + | |- | ||
| + | |||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''Talk Session II''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Current Best Practices and Solutions''' | ||
| + | |- | ||
| + | |||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''16:00 hrs - 16:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Mike_Shema_.28Lead_Security_Researcher.2C_Qualys.29_.284:00pm-4:30pm.29 Automated Tools: Are They Any Good for Enterprises?]''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Mike_Shema_.28Lead_Security_Researcher.2C_Qualys.29_.284:00pm-4:30pm.29 Mike Shema <br>Lead Security Researcher, Qualys]<BR><BR>''' | ||
| + | |- | ||
| + | |||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''16:30 hrs - 17:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang.2C_.28Founder_and_CEO.2C_Armorize_Technologies.29.284:30pm-5:00pm.29 Secure Web Developing using Static Analysis]''' | ||
| + | | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang.2C_.28Founder_and_CEO.2C_Armorize_Technologies.29.284:30pm-5:00pm.29 Wayne Huang,<br>Founder and CEO, Armorize Technologies]<BR><BR>''' | ||
| + | |- | ||
| + | |||
| + | | align="center" style="width:20%; background:#4F81BD; color:white" | '''17:00 hrs - 17:30 hrs''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Round Table Panel Discussion''' | ||
| + | |- | ||
| + | |||
| + | |||
| + | |} | ||
===Opening Keynote=== | ===Opening Keynote=== | ||
| − | |||
| − | |||
| − | ''' | + | ---- |
| − | + | ||
| + | ---- | ||
| + | |||
| + | ====Wayne Huang==== | ||
| + | '''Chair, OWASP Taiwan Chapter''' | ||
| + | |||
| + | Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security. | ||
| + | |||
| + | |||
| + | ---- | ||
===Opening Remark=== | ===Opening Remark=== | ||
| − | |||
| − | |||
| − | ''' | + | ---- |
| − | + | ||
| + | ---- | ||
| + | |||
| + | ====Dr. Ching-Chi Hsu==== | ||
| + | '''Vice President, [http://www.iii.org/ Insurance Information Institute], Taiwan''' | ||
| + | |||
| + | Dr. Hsu was a professor of the [http://www.csie.ntu.edu.tw/ Department of Information Engineering] of [http://www.ntu.edu.tw National Taiwan University] for several years and became the Chairman of the Department in 2000. After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of [http://www.knu.edu.tw/ Kai Nan University]. Nowadays, Dr. Hsu is the Executive Vice President of the [http://www.iii.org/ Institute for Information Industry], which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry. | ||
| + | |||
| + | |||
| + | ====David Chang==== | ||
| + | '''Secretary General, [http://www.cisanet.org.tw/ Information Service Industry Association of R.O.C (CISA)] Taiwan''' | ||
| + | |||
| + | |||
| + | ---- | ||
===Talk Session I: Changing Faces in Web Attacks=== | ===Talk Session I: Changing Faces in Web Attacks=== | ||
| − | ====Jeremiah Grossman | + | |
| + | ---- | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ====Jeremiah Grossman==== | ||
| + | '''Founder and CTO, WhiteHat Security ''' | ||
'''Talk Title''': '''''The Next Challenge to Web Security: Business Logic Flaws''''' | '''Talk Title''': '''''The Next Challenge to Web Security: Business Logic Flaws''''' | ||
| Line 26: | Line 107: | ||
'''Publications''':XSS Attacks | '''Publications''':XSS Attacks | ||
| − | |||
| − | |||
| − | ====Daniel Hsu | + | ====Daniel Hsu==== |
| − | + | '''Manager Security Service - North East Asia, Global Security, American Express''' | |
'''Talk Title''': '''''From a user perspective, what are CSOs' real concerns?''''' | '''Talk Title''': '''''From a user perspective, what are CSOs' real concerns?''''' | ||
| Line 36: | Line 115: | ||
'''Previous Talks''': Asia Security Weeks, SecuTech Expo | '''Previous Talks''': Asia Security Weeks, SecuTech Expo | ||
| − | + | Daniel Hsu have been in corporate security professional field for over a decade. After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's ''Information Security Management'' magazine, and is the editor of the Chinese version ''Introduction to Security Management'' book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot. | |
| − | |||
| − | ====Jack Yu | + | |
| + | ====Jack Yu==== | ||
| + | '''Editor-In-Chief, InfoSecurity Magazine Taiwan''' | ||
'''Talk Title''': '''''Live in Battle: The NetArmy and Cross-Straight Digital Warfare''''' | '''Talk Title''': '''''Live in Battle: The NetArmy and Cross-Straight Digital Warfare''''' | ||
| − | |||
| − | |||
| + | ---- | ||
===Talk Session II: Current Best Practices and Solutions=== | ===Talk Session II: Current Best Practices and Solutions=== | ||
| − | ==== Mike Shema | + | |
| − | + | ---- | |
| + | |||
| + | ---- | ||
| + | |||
| + | ==== Mike Shema==== | ||
| + | '''Lead Security Researcher, Qualys | ||
| + | ''' | ||
'''Talk Title''': '''''Automated Tools: Are They Any Good for Enterprises?''''' | '''Talk Title''': '''''Automated Tools: Are They Any Good for Enterprises?''''' | ||
| Line 56: | Line 141: | ||
'''Publications''':Author of 9 best-selling books | '''Publications''':Author of 9 best-selling books | ||
| − | + | Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process. | |
| − | |||
| − | |||
| − | ====Wayne Huang | + | ====Wayne Huang==== |
| − | + | '''Founder and CEO, [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies Inc.]''' | |
'''Talk Title''': '''''Secure Web Developing using Static Analysis''''' | '''Talk Title''': '''''Secure Web Developing using Static Analysis''''' | ||
| Line 70: | Line 153: | ||
'''Publications''': Security in the 21st Century, Several IEEE/ACM papers | '''Publications''': Security in the 21st Century, Several IEEE/ACM papers | ||
| − | [ | + | Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security. |
| + | |||
| + | |||
| + | ---- | ||
| − | + | ===Round Table Panel Discussion (5:00pm-5:30pm)=== | |
| − | |||
| − | + | ---- | |
| − | + | ---- | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | ===Venue | + | =Registration= |
| + | |||
| + | This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon. | ||
| + | |||
| + | =Venue= | ||
[http://www.thcc.net.tw/ NTUH International Convention Center], Taipei, Taiwan | [http://www.thcc.net.tw/ NTUH International Convention Center], Taipei, Taiwan | ||
| + | |||
| + | =Sponsors= | ||
| + | |||
| + | [http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/f/f0/OWASP_Taiwan.png] | ||
| + | [http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png] | ||
| + | [http://web.cisanet.org.tw/ https://www.owasp.org/images/6/64/CISA.png] | ||
| + | [http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/2/2b/Infosec2.png] | ||
Latest revision as of 11:12, 30 September 2008
- 1 OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)
- 2 OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007)
- 3 Registration
- 4 Venue
- 5 Sponsors
OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)
OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007)
Opening Keynote
Wayne Huang
Chair, OWASP Taiwan Chapter
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
Opening Remark
Dr. Ching-Chi Hsu
Vice President, Insurance Information Institute, Taiwan
Dr. Hsu was a professor of the Department of Information Engineering of National Taiwan University for several years and became the Chairman of the Department in 2000. After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of Kai Nan University. Nowadays, Dr. Hsu is the Executive Vice President of the Institute for Information Industry, which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.
David Chang
Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan
Talk Session I: Changing Faces in Web Attacks
Jeremiah Grossman
Founder and CTO, WhiteHat Security
Talk Title: The Next Challenge to Web Security: Business Logic Flaws
Previous Talks:BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA
Publications:XSS Attacks
Daniel Hsu
Manager Security Service - North East Asia, Global Security, American Express
Talk Title: From a user perspective, what are CSOs' real concerns?
Previous Talks: Asia Security Weeks, SecuTech Expo
Daniel Hsu have been in corporate security professional field for over a decade. After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's Information Security Management magazine, and is the editor of the Chinese version Introduction to Security Management book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.
Jack Yu
Editor-In-Chief, InfoSecurity Magazine Taiwan
Talk Title: Live in Battle: The NetArmy and Cross-Straight Digital Warfare
Talk Session II: Current Best Practices and Solutions
Mike Shema
Lead Security Researcher, Qualys
Talk Title: Automated Tools: Are They Any Good for Enterprises?
Previous Talks:BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe
Publications:Author of 9 best-selling books
Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
Wayne Huang
Founder and CEO, Armorize Technologies Inc.
Talk Title: Secure Web Developing using Static Analysis
Previous Talks: RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan
Publications: Security in the 21st Century, Several IEEE/ACM papers
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
Round Table Panel Discussion (5:00pm-5:30pm)
Registration
This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon.
Venue
NTUH International Convention Center, Taipei, Taiwan
Sponsors
