This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Italy OWASP Day Udine 2019"
Marco-cincy (talk | contribs) m |
|||
(21 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
<center> | <center> | ||
[[File:Screen Shot 2019-01-31 at 10.23.04 PM.png|frameless|616x616px]] | [[File:Screen Shot 2019-01-31 at 10.23.04 PM.png|frameless|616x616px]] | ||
− | </center>Following on from the great successes of [https://www.owasp.org/index.php/Italy_OWASP_Day_Cagliari_2018 last year] OWASP Italy day conference | + | </center>Following on from the great successes of [https://www.owasp.org/index.php/Italy_OWASP_Day_Cagliari_2018 last year] OWASP Italy day conference the 2019 OWASP Italy conference has been held at the University of Udine on December 14th, 2019. |
The [http://www.owasp.org Open Web Application Security Project], or OWASP, is an international non-profit organization dedicated to web and application security. OWASP is organized as an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. Many standards, books, tools, and organizations reference the Top OWASP 10 project, including MITRE, PCI DSS, the Defense Information Systems Agency (DISA-STIG), the United States Federal Trade Commission (FTC) and many more. The OWASP Testing Guide includes a "best practice" penetration testing framework that users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues. | The [http://www.owasp.org Open Web Application Security Project], or OWASP, is an international non-profit organization dedicated to web and application security. OWASP is organized as an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. Many standards, books, tools, and organizations reference the Top OWASP 10 project, including MITRE, PCI DSS, the Defense Information Systems Agency (DISA-STIG), the United States Federal Trade Commission (FTC) and many more. The OWASP Testing Guide includes a "best practice" penetration testing framework that users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues. | ||
Line 9: | Line 9: | ||
[http://www.esnnaseudine.it/?q=blog/universitaUdine The University of Udine] The University of Udine is a young and dynamic university, whose mission, since its foundation in 1978, has been to promote higher education through generation of new ideas and worldwide connections. It is situated in Udine, a town in Friuli Venezia Giulia Region, which historically has been a meeting place and crossroads of different worlds and cultures. The University of Udine is ranked eighth among Universities in Italy in terms of education quality and research and it has just celebrated its 40th birthday last year. | [http://www.esnnaseudine.it/?q=blog/universitaUdine The University of Udine] The University of Udine is a young and dynamic university, whose mission, since its foundation in 1978, has been to promote higher education through generation of new ideas and worldwide connections. It is situated in Udine, a town in Friuli Venezia Giulia Region, which historically has been a meeting place and crossroads of different worlds and cultures. The University of Udine is ranked eighth among Universities in Italy in terms of education quality and research and it has just celebrated its 40th birthday last year. | ||
− | OWASP Italy Day is a one-day conference focused on web application and software security, application security testing tools and technologies | + | OWASP Italy Day is a one-day conference focused on web application and software security, application security testing tools and technologies. This year special topic of interest is threat modeling. |
− | This conference | + | This conference provided a unique opportunity to learn about application security topics and to network with application security professionals/managers, software engineers, software quality engineers/testers and computer science students. |
− | + | = Presentations = | |
+ | <center> | ||
+ | <gallery> | ||
+ | Morana2020.jpg|Marco Morana: [https://drive.google.com/open?id=1Ak8lne8_Fzw9NozjS0GKF2WIhMU5pBhm "Introduction to Threat Modeling and the Process for Attack Simulation and Threat Analysis"] | ||
+ | Calligaris2020.jpg|David Calligaris: [https://drive.google.com/open?id=1-s81HxzTSjTh8IPZvyexMsfEFH2LCy1C "SSRF present and future"] | ||
+ | Calzavara2020.jpg|Stefano Calzavara: [https://drive.google.com/open?id=1-skFH-BeyMiMOF-7ZxR1LJ3nDL5CFVIH "Testing for integrity flaws in web sessions"] | ||
+ | </gallery> | ||
+ | </center> | ||
= Agenda = | = Agenda = | ||
− | + | <font size="2pt"><center><font size="2pt"> | |
− | |||
− | |||
− | |||
− | |||
− | <font size=2pt> | ||
− | <center> | ||
<table width="80%"> | <table width="80%"> | ||
<tr> | <tr> | ||
− | <td valign=top>9: | + | <td valign="top">9:00h</td><td bgcolor="#b9c2dc"><b>"Registration of the participants"</b><br></td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td valign=top>9: | + | <td valign="top">9:30h</td><td bgcolor="#eeeeee"><b>"Welcome and opening of the works"</b><br>Prof. Marino Miculan,- Università degli Studi di Udine, Matteo Meucci OWASP Italy<br></td> |
</tr> | </tr> | ||
− | |||
<tr> | <tr> | ||
− | <td valign=top> | + | <td valign="top">9:45h</td><td bgcolor="#b9c2dc"><b>"Keynote: Introduction to Threat Modeling and the Process for Attack SImulation and Threat Analysis"</b><br> Marco Morana, SVP Cyber Security Citi<br></td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td valign=top> | + | <td valign="top">10:45h</td><td bgcolor="#eeeeee"><b>"SSRF present and future"</b><br>David Calligaris, Director of Vulnerability Research & Security Testing Automation Huawei Technologies GMBH<br></td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td valign=top>11 | + | <td valign="top">11.30h</td><td bgcolor="#b9c2dc"><b>"Coffee Break"</b><br><br></td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td valign=top>12. | + | <td valign="top">12.15h</td><td bgcolor="#b9c2dc"><b>"Testing for integrity flaws in web sessions"</b><br>Stefano Calzavara, Assistant professor - Università Ca' Foscari Venezia<br></td> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td valign=top>13: | + | <td valign="top">13:00h</td><td bgcolor="#eeeeee"><b>"End of the OWASP day"</b><br></td> |
</tr> | </tr> | ||
</table> | </table> | ||
− | < | + | <font size="2pt"> |
<br><br> | <br><br> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
__NOTOC__ | __NOTOC__ | ||
[[Category:Italy]] | [[Category:Italy]] |
Latest revision as of 09:05, 8 January 2020
The Open Web Application Security Project, or OWASP, is an international non-profit organization dedicated to web and application security. OWASP is organized as an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. Many standards, books, tools, and organizations reference the Top OWASP 10 project, including MITRE, PCI DSS, the Defense Information Systems Agency (DISA-STIG), the United States Federal Trade Commission (FTC) and many more. The OWASP Testing Guide includes a "best practice" penetration testing framework that users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
The University of Udine The University of Udine is a young and dynamic university, whose mission, since its foundation in 1978, has been to promote higher education through generation of new ideas and worldwide connections. It is situated in Udine, a town in Friuli Venezia Giulia Region, which historically has been a meeting place and crossroads of different worlds and cultures. The University of Udine is ranked eighth among Universities in Italy in terms of education quality and research and it has just celebrated its 40th birthday last year.
OWASP Italy Day is a one-day conference focused on web application and software security, application security testing tools and technologies. This year special topic of interest is threat modeling.
This conference provided a unique opportunity to learn about application security topics and to network with application security professionals/managers, software engineers, software quality engineers/testers and computer science students.
Presentations
David Calligaris: "SSRF present and future"
Stefano Calzavara: "Testing for integrity flaws in web sessions"
Agenda
9:00h | "Registration of the participants" |
9:30h | "Welcome and opening of the works" Prof. Marino Miculan,- Università degli Studi di Udine, Matteo Meucci OWASP Italy |
9:45h | "Keynote: Introduction to Threat Modeling and the Process for Attack SImulation and Threat Analysis" Marco Morana, SVP Cyber Security Citi |
10:45h | "SSRF present and future" David Calligaris, Director of Vulnerability Research & Security Testing Automation Huawei Technologies GMBH |
11.30h | "Coffee Break" |
12.15h | "Testing for integrity flaws in web sessions" Stefano Calzavara, Assistant professor - Università Ca' Foscari Venezia |
13:00h | "End of the OWASP day" |