Difference between revisions of "OWASP AppSec Europe 2009 - Poland"

Latest revision as of 14:06, 24 October 2009

Virtual

Flickr Photo Stream
Photo's Giorgio Fedon - Owasp Appsec 2009 - After party
Photo's Giorgio Fedon - Owasp Appsec 2009 - Conference

Blip Owasp Video's

Blog/Press Coverage
Twitter

OWASP Podcast: Ross Anderson Interview from AppSec EU
AppSecLive Blog: Some personal notables from AppSecEU 2009
Imperva Blog: Business Logic Attacks and Practical Security at OWASP
The H Open: OWASP conference: web hacking and defensive methods
Enable Security: Web Application Firewalls and VoIP on the intertubes
Heise: OWASP-Konferenz: Web-Hacking und Abwehr (German)
Heise: "OWASP Live CD" sattelt auf Ubuntu um (German)
Imperva Blog: @OWASP AppSec EU2009, Day 1
Imperva Blog: @OWASP AppSec EU2009, Poland
NibbleSecurity: Making OWASP AppSec 2009 virtual
Dark Reading: Researchers Hack Web Application Firewalls
CN Labs Blog-Przemyslaw Skowron: OWASP AppSec Europe 2009 - Poland (Polish)
Bonsai-Andrés Riancho: TOP 5 talks @ OWASP Poland
shreeraj's security blog: OWASP Event at Poland
Michael Coates: My Picks for OWASP AppSec Europe
Michael Coates: Application Worms at OWASP Europe
Technical Info - Gunter Ollmann: OWASP AppSec Europe 2009 - Krakow
Ivan Ristić: ModSecurity training at OWASP AppSec Europe 2009
Lifedork: CALL FOR PRESENTATIONS - OWASP AppSec Europe 2009 Poland
Infosecurity.US: OWASP Europe 2009 Kraków, Polska
Web Security, Usability and Design: The OWASP Application Security European Conference is in May

May 13th–14th 2009, OWASP is holding its annual European Application Security conference in wonderful Kraków, Poland (Google Maps Link). Not only do we have 2 fantastic key notes (Ross Anderson and Bruce Schneier), we also have 3 tracks stuffed with high quality topics and great speakers.

Use #OWASPEU2K9 hashtag for your tweets (What are hashtags?)

Realtime results for #OWASPEU2K9

AppSecEU09 Twitter Feed (follow me!)

<twitter>AppSecEU09</twitter>

Help us PROMOTE this event!

Conference - May 13

Day 1 - May 13, 2009
	Track 1: room Alfa 1	Track 2: room Alfa 2	Track 3: room Beta
08:00-08:50	Registration and Coffee
08:50-09:00	Welcome to OWASP AppSec 2009 Conference (PPT) Sebastien Deleersnyder, OWASP Foundation
09:00-10:00	Web App Security – The Good, the Bad and the Ugly (PPT) Ross Anderson, Professor in Security Engineering, University of Cambridge
10:00-10:45	OWASP State of the Union (PPT\|video) Dinis Cruz, Dave Wichers & Sebastien Deleersnyder, OWASP Foundation
10:45-11:05	Break - Expo		CTF Kick-Off Andrés Riancho
11:05-11:50	OWASP Live CD: An open environment for Web Application Security (PPT) Matt Tesauro, OWASP Live CD Project	Leveraging agile to gain better security (PPT\|video) Erlend Oftedal, Bekk Consulting	The OWASP Orizon project: new static analysis in HiFi (PPT\|video) Paolo Perego, Spike Reply
11:55-12:40	OWASP Application Security Verification Standard (ASVS) Project (PPT) Dave Wichers, Aspect Security	Tracking the effectiveness of an SDL program: lessons from the gym (PPT\|video) Cassio Goldschmidt, Symantec Corporation	The Bank in the Browser - Defending web infrastructures from banking malware (PDF\|video) Giorgio Fedon, Minded Security
12:40-14:00	Lunch - Expo - CTF
14:00-14:45	Threat Modeling (PPT) John Steven, Cigital	Web Application Harvesting (PPT\|video) Esteban Ribičić, tbd	Maturing Beyond Application Security Puberty (PPT) David Harper, Fortify
14:50-15:35	Exploiting Web 2.0 – Next Generation Vulnerabilities (PDF) Shreeraj Shah, Blueinfy	O2 - Advanced Source Code Analysis Toolkit (video) Dinis Cruz, Ounce Labs	The Truth about Web Application Firewalls: What the vendors do not want you to know (PPT) Wendel Guglielmetti Henrique, Trustwave & Sandro Gauci, EnableSecurity
15:35-15:55	Break - Expo - CTF
15:55-16:40	The Software Assurance Maturity Model (SAMM) (PPT) Pravir Chandra, Cognosticus	Advanced SQL injection exploitation to operating system full control (PDF\|video) Bernardo Damele Assumpcao Guimaraes, lead developer of sqlmap	When Security Isn’t Free: The Myth of Open Source Security (PPT\|video) David Harper, Fortify
16:45-17:45	Panel: SDLC: where do they work well, where do they fail? (PPT) Moderator: Cassio Goldschmidt - Panelists: Pravir Chandra, Bart De Win, John Steven, Dave Wichers

Conference- May 14

Day 2 - May 14, 2009
	Track 1: room Alfa 1	Track 2: room Alfa 2	Track 3: room Beta
08:00-09:00	Registration and Coffee
09:00-09:00	Fixing Internet Security by Hacking the Business Climate Bruce Schneier, Chief Security Technology Officer, BT
10:00-10:45	OWASP Projects (PPT\|video) Dave Wichers & Dinis Cruz, OWASP Foundation
10:45-11:05	Break - Expo - CTF
11:05-11:50	OWASP "Google Hacking" Project (video) Christian Heinrich, OWASP "Google Hacking" Project Lead	Deploying Secure Web Applications with OWASP Resources Kuai Hinojosa, New York University (video)	Beyond security principles approximation in software architectures (PPT\|video) Bart De Win, Ascure
11:55-12:40	OWASP Enterprise Security API (ESAPI) Project (PPT\|video) Dave Wichers, Aspect Security	w3af, A framework to 0wn the web (PPT\|Video) Andrés Riancho, Bonsai Information Security	Brain's hardwiring and its impact on software development and secure software (PDF\|video) Alexandru Bolboaca & Maria Diaconu, Mosaic Works
12:40-14:00	Lunch - Expo - CTF
14:00-14:45	OWASP ROI: Optimize Security Spending using OWASP (PPT) Matt Tesauro, OWASP Live CD Project	CSRF: the nightmare becomes reality? (PPT\|video) Lieven Desmet, University Leuven	I thought you were my friend Evil Markup, browser issues and other obscurities (PDF / PPT\|video) Mario Heiderich, Business-IN
14:50-15:35	HTTP Parameter Pollution (PDF\|video) Luca Carettoni, Independent Researcher & Stefano Di Paola, MindedSecurity	OWASP Source Code Flaws Top 10 Project (PPT\|video) Paolo Perego, Spike Reply	Business Logic Attacks: Bots and Bats (PPT\|video) Eldad Chai, Imperva
15:35-15:55	Break - Expo - CTF
15:55-16:40	Factoring malware and organized crime in to Web application security (PDF1-PDF2\|video) Gunter Ollmann, Damballa	Real Time Defenses against Application Worms and Malicious Attackers (PPT\|video), Michael Coates, Aspect Security	Can an accessible web application be secure? Assessment issues for security testers, developers and auditors (PPT\|video) Colin Watson, Watson Hall Ltd
16:45-17:45	Panel: The Future of web application security (video) Moderator: Christian Heinrich, Panelists: tbd
17:45-18:00	Conference Wrap-Up & CTF Awards Dave Wichers, OWASP Foundation

Venue: Park Inn Hotel, Krakow

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

OWASP Dinner & Band

Wesele Restaurant

We hope you are joining us for our Gala Dinner. This year's dinner will be held at Wesele, a traditional Polish restaurant.

Time: 19h on May 13th (leaving in the Park Inn Lobby at 18h30)

Place: Wesele, Rynek Główny 10, 31-042 Kraków - Google Maps Link

Afterwards the OWASP Band will play together with a local band (Mojitos)

Place: Bar Showteim, Rynek Glowny 28 (1 st floor) - Google Maps Link

Tutorials - May 11-12

Tutorial Days - May 11th and 12th

OWASP hosts 1 and 2 day tutorial sessions prior to the conference.

2 day tutorials (May 11-12):

Web Services Security, by Dave Wichers, Aspect Security
Advanced Testing, by Michael Coates, Aspect Security

1 day tutorials (May 11):

Web 2.0 Hacking – Attacks & Countermeasures, by Shreeraj Shah, Blueinfy

1 day tutorials (May 12):

In-depth Assessment Techniques: Design, Code, and Runtime, by Pravir Chandra, Cognosticus
Threat Modeling, by John Steven, Cigital
Introduction to ModSecurity, the Apache Security Module, by Christian Folini, Netnea (christian.folini 'at' netnea.com)

To see all tutorial and trainer details click HERE

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

Venue: Park Inn Hotel, Krakow

Timing: 9h-17h

Mini-Summit - May 11-12

Mini-Summit & Working Sessions Schedule: Tuesday 12th , Free one-day OWASP Tutorial: Monday 11th

Free one-day OWASP Tutorial

On Monday May 11th 9h-17h, Matt Tesauro (OWASP Live CD Project) will give a free one-day OWASP tutorial "Hands on application security with the OWASP Live CD and the OWASP Testing Guide" Venue: Park Inn Hotel, Krakow

OWASP Mini-Summit

On the Tuesday before the Conference there will a 1 day mini-summit where the following important OWASP related topics will be debated:

10:00 - 12:00 : Final discussion and presentation of the new OWASP Project and Releases Assessment Criteria V2.0
14:00 - 15:00 : Pre-presentation of the new OWASP Season of Code 2009 (& revision of its marketing materials)
15:00 - 15:30 : OWASP Financials and additional sources for OWASP grants funds (for example government funding or corporate sources)
17:00 - 19:00 - OWASP Projects and Chapters Leaders meeting (video)

Confirmed participants: Dinis Cruz, Sebastien Deleersnyder (OWASP Board), Matt Tesauro (OWASP Global Projects Committee), Paulo Coimbra (remote participant), Colin Watson (OWASP Global Industry Committee)

OWASP Meetup

C.K.Browar

We gather for an OWASP meetup at C.K.Browar on Tuesday evening May 12th.

Time: 20h (we gather in the Park Inn lobby at 19h30)

Place: ul. Podwale 6-7, Kraków - Google Maps Link

This is a microbrewery and you can get 3 or 5 litre tubes of their very own beer that sit on a stand with a tap, on your table. You then help yourself and watch it disappear.

Accommodations

This year, the conference will be held at the Park Inn Hotel, in the center of Kraków, Poland.

Park Inn Hotel
Ul. Monte Cassino 2
30 - 337 Kraków (Google Maps Link)
Poland
tel: 0048 – 12 – 375 – 40 – 02
fax : 0048 – 12 – 375 – 40 – 01
e-mail: joanna.ploskonka <AT> rezidorparkinn.com
For 11-12-14 May OWASP has negotiated special room rates:

Single 110 EUR per room/per night
Double 120 EUR per room/per night

The above rates include: Super Breakfast buffet, High-speed Internet access and Tax
Be sure to use "OWASP" as reference.

Transportation to the Conference

By plane

Krakow can be reached by commercial aviation through the John Paul II International Airport Krakow-Balice. 21 airlines fly to and from Krakow including British Airways, Alitalia, Germanwings, LOT, Lufthansa and cheap airlines such as SkyEurope, Ryanair, easyJet and centralwings. If you are traveling from outside Europe, you might want to try https://travel.flights-to-europe.com

You can go from the airport to the city centre by:

Train

The train stop is located app. 200 m from the passenger terminal ( 5 minute walk)

It will take you 20 minutes and cost 6 PLN (less than 2EU) to get to the Krakow Main Station

Bus

The 192 bus stop is located directly at the roundabout, in front of the passenger terminal. The trip to the Main Station takes app. 35 minutes. The ticket can be purchased at the ticket machine on the bus stop for 2,5 PLN (less than 1EU)

Taxi

There are always taxis waiting for the passengers in front of the airport. The average price for a ride to the city centre is 50 PLN (around 15EU)

Find out more on John Paul II International Airport Krakow-Balice web page.

By train

You can also travel to Krakow by train from main Polish cities such as Warsow, Wroclaw, Poznan, Gdansk and several cities in Europe. There is direct connection from Berlin, Wien, Prague etc.
Search for your connection here (your destination is Krakow Glowny).

Registration

Registration is available via the OWASP Conference Cvent site: CLICK HERE TO REGISTER

Be fast to register: we only accept 400 registrations for this event!

The conference fee for this conference is :

Standard: 350 Euros, OWASP Members: 300 Euros, Students: 225 Euros. (+5% discount for registering by Apr-30)
If you also register for CONFidence Poland 2009 you get a 15% reduction.

Other fees are:

Conference Dinner: 50 Euros
Conference Tutorials: 910 Euros (2 days) - 455 Euros (1 day)

Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accommodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

Conference Committee

OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org

2009 EU Planning Committee Chair: Sebastien Deleersnyder - Telindus - seba 'at' owasp.org

2009 EU Program Committee:

Sebastien Deleersnyder - seba 'at' owasp.org
Mano Paul - mano.paul 'at' owasp.org
Fabio Cerullo - fcerullo 'at' gmail.com
Kuai Hinojosa - kuai.hinojosa 'at' owasp.org
Andrzej Targosz - andrzej.targosz 'at' proidea.org.pl

Poland Chapter Host: Andrzej Targosz - OWASP Poland - andrzej.targosz 'at' proidea.org.pl

Capture the Flag Chair: Andrzej Targosz - andrzej.targosz 'at' proidea.org.pl

Difference between revisions of "OWASP AppSec Europe 2009 - Poland"

Latest revision as of 14:06, 24 October 2009

Virtual

Conference - May 13

Conference- May 14

OWASP Dinner & Band

Tutorials - May 11-12

Tutorial Days - May 11th and 12th

Mini-Summit - May 11-12

Mini-Summit & Working Sessions Schedule: Tuesday 12th , Free one-day OWASP Tutorial: Monday 11th

OWASP Meetup

Accommodations

Transportation to the Conference

By plane

By train

Registration

Conference Committee

Conference Sponsor

Affiliated Partners

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools

@@ Line 1: / Line 1: @@
 __NOTOC__
+====Virtual====
 <!-- Header -->
 {|style="width:100%"
-|style="width:56%;color:#000"|
+|style="width:100%;color:#000"|
-{|style="width:280px;border:solid 0px;background:none"
+{|style="width:100%;border:solid 0px;background:none"
 |-
-|style="width:468px;color:#000" |
+|style="width:100%;color:#000" |
-[[Image:Poland09.gif]]
+'''Flickr Photo [http://www.flickr.com/photos/appseceu09/ Stream]'''<br>
+Photo's Giorgio Fedon - [http://www.facebook.com/album.php?aid=15671&id=1617842456&l=fa92e388c6 Owasp Appsec 2009 - After party]<br>
+Photo's Giorgio Fedon - [http://www.facebook.com/album.php?aid=15670&id=1617842456&l=d9925d6b8a Owasp Appsec 2009 - Conference]
+'''Blip Owasp [http://owasp.blip.tv/ Video's]'''
-Block your agendas for May 11-14 and join us for which promises to be the Biggest European AppSec event of the year !
+=Blog/Press Coverage=
+* '''OWASP Podcast''': [http://www.owasp.org/index.php/Podcast_28 Ross Anderson Interview from AppSec EU]
+* '''AppSecLive Blog''': [http://appseclive.org/content/talks-interest-some-personal-notables-appseceu-2009 Some personal notables from AppSecEU 2009]
+*'''Imperva Blog''': [http://blog.imperva.com/2009/05/business-logic-attacks-and-pra.html Business Logic Attacks and Practical Security at OWASP]
+*'''The H Open''': [http://www.h-online.com/open/OWASP-conference-web-hacking-and-defensive-methods--/news/113306 OWASP conference: web hacking and defensive methods]
+*'''Enable Security''': [http://enablesecurity.com/2009/05/15/web-application-firewalls-and-voip-on-the-intertubes/ Web Application Firewalls and VoIP on the intertubes]
+*'''Heise''': [http://www.heise.de/developer/OWASP-Konferenz-Web-Hacking-und-Abwehr--/news/meldung/137934  OWASP-Konferenz: Web-Hacking und Abwehr] ([http://translate.google.com/translate?js=n&prev=_t&hl=nl&ie=UTF-8&u=http://www.heise.de/developer/OWASP-Konferenz-Web-Hacking-und-Abwehr--/news/meldung/137934&sl=de&tl=en&history_state0= German])
+*'''Heise''': [http://www.heise.de/developer/OWASP-Live-CD-sattelt-auf-Ubuntu-um--/news/meldung/137888 "OWASP Live CD" sattelt auf Ubuntu um] ([http://translate.google.com/translate?js=n&prev=_t&hl=nl&ie=UTF-8&u=http://www.heise.de/developer/OWASP-Live-CD-sattelt-auf-Ubuntu-um--/news/meldung/137888&sl=de&tl=en&history_state0= German])
+*'''Imperva Blog''': [http://blog.imperva.com/2009/05/owasp-appsec-eu2009-day-1.html @OWASP AppSec EU2009, Day 1]
+*'''Imperva Blog''': [http://blog.imperva.com/2009/05/owasp-appsec-eu2009-poland.html @OWASP AppSec EU2009, Poland]
+*'''NibbleSecurity''': [http://blog.nibblesec.org/2009/05/making-owasp-appsec-2009-virtual.html Making OWASP AppSec 2009 virtual]
+*'''Dark Reading''': [http://www.darkreading.com/security/app-security/showArticle.jhtml?articleID=217400819 Researchers Hack Web Application Firewalls]
+*'''CN Labs Blog-Przemyslaw Skowron''': [http://blog.codeninja.pl/2009/05/owasp-appsec-europe-2009-poland.html OWASP AppSec Europe 2009 - Poland] (Polish)
+*'''Bonsai-Andrés Riancho''': [http://www.bonsai-sec.com/blog/index.php/top-5-talks-owasp-poland/ TOP 5 talks @ OWASP Poland]
+*'''shreeraj's security blog''': [http://shreeraj.blogspot.com/2009/04/owasp-event-at-poland.html OWASP Event at Poland]
+*'''Michael Coates''': [http://michael-coates.blogspot.com/2009/05/my-picks-for-owasp-appsec-europe.html My Picks for OWASP AppSec Europe]
+*'''Michael Coates''': [http://michael-coates.blogspot.com/2009/05/application-worms-at-owasp-europe.html Application Worms at OWASP Europe]
+*'''Technical Info - Gunter Ollmann''': [http://technicalinfodotnet.blogspot.com/2009/05/owasp-appsec-europe-2009-krakow.html OWASP AppSec Europe 2009 - Krakow]
+* '''Ivan Ristić''': [http://blog.ivanristic.com/2009/03/modsecurity-training-at-owasp-appsec-europe-2009.html ModSecurity training at OWASP AppSec Europe 2009]
+* '''Lifedork''': [http://www.lifedork.com/call-for-presentations-owasp-appsec-europe-2009-poland.html CALL FOR PRESENTATIONS - OWASP AppSec Europe 2009 Poland]
+* '''Infosecurity.US''': [http://infosecurity.us/?p=5382 OWASP Europe 2009 Kraków, Polska]
+* '''Web Security, Usability and Design''': [http://www.clerkendweller.com/2009/1/24/OWASP-Application-Security-European-Conference-is-in-May The OWASP Application Security European Conference is in May]
-May 13th–14th 2009, OWASP will hold its annual European Application Security conference in wonderful Kraków, Poland ([http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=krakow+poland&sll=50.047811,19.92965&sspn=0.019704,0.043774&ie=UTF8&ll=50.069922,19.944992&spn=0.30454,0.700378&z=11&iwloc=addr Google Maps Link]). Not only do we have 2 fantastic key notes (Ross Anderson and Bruce Schneier) but we have 3 tracks stuffed with high quality topics and great speakers and one and two day tutorials. This year we organise the conference together with OWASP Poland and [http://2009.confidence.org.pl/lang-pref/en/ Confidence2009], a conference in Kraków on May 15th-16th.
 |}
 <!-- Twitter Box -->
-|style="width:100%;font-size:95%;color:#000;background-color:#ececec;border:1px solid #ccc"|
+|style="width:100%;font-size:95%;color:#000;border:0px solid #ccc"|
-'''Twitter Feed ([http://www.twitter.com/AppSecEU09 follow me!])'''
-<twitter>AppSecEU09</twitter>
+[[Image:Poland09.gif]]
-|style="width:110px;font-size:95%;color:#000"|
-|} <!-- End Banner -->
-Help us [[OWASP AppSec Europe 2009 - Poland Promotion|PROMOTE]] this event!
+May 13th–14th 2009, OWASP is holding its annual European Application Security conference in wonderful Kraków, Poland ([http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=krakow+poland&sll=50.047811,19.92965&sspn=0.019704,0.043774&ie=UTF8&ll=50.069922,19.944992&spn=0.30454,0.700378&z=11&iwloc=addr Google Maps Link]). Not only do we have 2 fantastic key notes (Ross Anderson and Bruce Schneier), we also have 3 tracks stuffed with high quality topics and great speakers.
-==Conference Location==
+=Twitter=
-[[Image:AppSecEU09 Cracow.JPG]]
+Use '''#OWASPEU2K9 hashtag''' for your tweets (What are [http://hashtags.org/ hashtags]?)
-This year, the conference will be held at the Park Inn Hotel, in the center of [http://en.wikipedia.org/wiki/Krak%C3%B3w Kraków], Poland. OWASP has negotiated a room block as well (details are in the accommodations section below).
+'''[http://search.twitter.com/search?q=%23OWASPEU2K9 Realtime results]''' for #OWASPEU2K9
-'''Be FAST to register: we only accept 400 registrations for this event!'''
+'''AppSecEU09 Twitter Feed ([http://www.twitter.com/AppSecEU09 follow me!])'''
-'''Registration via the OWASP Conference Cvent site: [http://guest.cvent.com/i.aspx?4W,M3,887f27a2-13e0-47dc-9220-76ed22ab0546 CLICK HERE TO REGISTER]'''
+<twitter>AppSecEU09</twitter>
+|style="width:110px;font-size:95%;color:#000"|
+|}
+<!-- End Banner -->
-'''If you are registering as a Speaker or Sponsor, use the following link: [http://guest.cvent.com/i.aspx?4W,M3,a99f854a-a4db-4886-8bdf-ecb21cb62036 Speaker-Sponsor Registration]'''
-==Conference Agenda - May 13-14==
+Help us '''[[OWASP AppSec Europe 2009 - Poland Promotion|PROMOTE]]''' this event!
-This year we extended the program to three tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing panel discussions back in the main auditorium both days.
+====Conference - May 13====
 {| style="width:80%" border="0" align="center"
   ! colspan="4" align="center" style="background:#4058A0; color:white" | Day 1 - May 13, 2009
   |-
-  | style="width:10%; background:#7B8ABD" | || style="width:30%; background:#BC857A" | Track 1: Room 1
+  | style="width:10%; background:#7B8ABD" | || style="width:30%; background:#BC857A" | Track 1: room Alfa 1
-  | style="width:30%; background:#BCA57A" | Track 2: Room 2
+  | style="width:30%; background:#BCA57A" | Track 2: room Alfa 2
-  | style="width:30%; background:#99FF99" | Track 3: Room 3
+  | style="width:30%; background:#99FF99" | Track 3: room Beta
   |-
   | style="width:10%; background:#7B8ABD" | 08:00-08:50 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Coffee
   |-
-  | style="width:10%; background:#7B8ABD" | 08:50-09:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to OWASP AppSec 2009 Conference
+  | style="width:10%; background:#7B8ABD" | 08:50-09:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to OWASP AppSec 2009 Conference ([http://www.owasp.org/images/a/af/AppSecEU09_Welcome.ppt PPT])
 ''Sebastien Deleersnyder, OWASP Foundation''
   |-
-  | style="width:10%; background:#7B8ABD" | 09:00-09:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Keynote
+  | style="width:10%; background:#7B8ABD" | 09:00-10:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Web App Security – The Good, the Bad and the Ugly ([http://www.owasp.org/images/2/22/AppSecEU09-owasp09-econsec_ross_anderson.ppt PPT])
 ''Ross Anderson, Professor in Security Engineering, University of Cambridge''
   |-
-  | style="width:10%; background:#7B8ABD" | 09:45-10:30|| colspan="3" style="width:80%; background:#F2F2F2" align="center" | OWASP State of the Union
+  | style="width:10%; background:#7B8ABD" | 10:00-10:45|| colspan="3" style="width:80%; background:#F2F2F2" align="center" | OWASP State of the Union ([http://www.owasp.org/images/2/21/AppSecEU09_OWASP_State_of_the_Union_v3.ppt PPT]|[http://blip.tv/file/2268183 video])
-''Dinis Cruz & Sebastien Deleersnyder, OWASP Foundation''
+''Dinis Cruz, Dave Wichers & Sebastien Deleersnyder, OWASP Foundation''
   |-
-  | style="width:10%; background:#7B8ABD" | 10:30-10:45 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 10:45-11:05 || colspan="2" style="width:90%; background:#C2C2C2" align="left" | Break - Expo
+ | style="width:30%; background:#99FF99" align="left" | CTF Kick-Off
+''[http://www.linkedin.com/in/ariancho Andrés Riancho]''
   |-
-  | style="width:10%; background:#7B8ABD" | 10:45-11:25 || style="width:30%; background:#BC857A" align="left" | Deploying Secure Web Applications with OWASP Resources
+  | style="width:10%; background:#7B8ABD" | 11:05-11:50 || style="width:30%; background:#BC857A" align="left" | [[LiveCD|OWASP Live CD: An open environment for Web Application Security]] ([http://www.owasp.org/images/4/46/AppSecEU09_OWASP_Live_CD-mtesauro.ppt PPT])
-''Kuai Hinojosa, New York University''
+''Matt Tesauro, OWASP Live CD Project''
-  | style="width:30%; background:#BCA57A" align="left" | Secure Applications for PCI DSS
+  | style="width:30%; background:#BCA57A" align="left" | Leveraging agile to gain better security ([http://www.owasp.org/images/c/c2/AppSecEU09_-_Agile_Security_-_Erlend_Oftedal.ppt PPT]|[http://blip.tv/file/2267301 video])
-''Tim Holman, CTO, Blackfoot''
+''Erlend Oftedal, Bekk Consulting''
-  | style="width:30%; background:#99FF99" align="left" | Mirage: building an application model made easy (OWASP Orizon v 1.2)
+  | style="width:30%; background:#99FF99" align="left" | [[:Category:OWASP_Orizon_Project|The OWASP Orizon project: new static analysis in HiFi]] ([http://www.owasp.org/images/6/64/AppsecEU09_owasp_orizon_new_static_analysis_in_HiFi_.ppt PPT]|[http://blip.tv/file/2196766 video])
 ''Paolo Perego, Spike Reply''
   |-
-  | style="width:10%; background:#7B8ABD" | 11:30-12:10 || style="width:30%; background:#BC857A" align="left" | OWASP Application Security Verification Standard (ASVS) Project
+  | style="width:10%; background:#7B8ABD" | 11:55-12:40 || style="width:30%; background:#BC857A" align="left" | [[ASVS|OWASP Application Security Verification Standard (ASVS) Project]] ([http://www.owasp.org/images/7/78/AppsecEU09_OWASP_ASVS_WebApp_Standard.ppt PPT])
-''Dave Wichers, Aspect Security''
+''[[User:wichers|Dave Wichers]], Aspect Security''
-  | style="width:30%; background:#BCA57A" align="left" | When Security Isn’t Free: The Myth of Open Source Security
+  | style="width:30%; background:#BCA57A" align="left" | Tracking the effectiveness of an SDL program: lessons from the gym ([http://www.owasp.org/images/a/a4/AppSecEU09_Tracking_the_progress_of_an_SDL_program_-_lessons_from_the_gym_final.pptx PPT]|[http://blip.tv/file/2197113 video])
-''Rob Rachwald, Fortify''
+''Cassio Goldschmidt, Symantec Corporation''
-   | style="width:30%; background:#99FF99" align="left" | I thought you were my friend  Evil Markup, browser issues and other obscurities
+   | style="width:30%; background:#99FF99" align="left" | The Bank in the Browser - Defending web infrastructures from banking malware ([http://www.owasp.org/images/e/e4/AppsecEU09_The_Bank_in_The_Browser_Presentation_v1.1.pdf PDF]|[http://blip.tv/file/2196936 video])
-''Mario Heiderich, Business-IN''
+''Giorgio Fedon, Minded Security''
   |-
-  | style="width:10%; background:#7B8ABD" | 12:10-13:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 12:40-14:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
   |-
-  | style="width:10%; background:#7B8ABD" | 13:30-14:10 || style="width:30%; background:#BC857A" align="left" | Threat Modeling
+  | style="width:10%; background:#7B8ABD" | 14:00-14:45 || style="width:30%; background:#BC857A" align="left" | Threat Modeling ([http://www.owasp.org/images/7/79/AppSecEU09_OWASP_EU_Threat_Modeling.ppt PPT])
 ''John Steven, Cigital''
-  | style="width:30%; background:#BCA57A" align="left" | Web Application Harvesting
+  | style="width:30%; background:#BCA57A" align="left" | Web Application Harvesting ([http://www.owasp.org/images/8/83/AppsecEU09_Web_Application_Harvesting.ppt PPT]|[http://blip.tv/file/2199118 video])
 ''Esteban Ribičić, tbd''
-   | style="width:30%; background:#99FF99" align="left" | Maturing Beyond Application Security Puberty
+   | style="width:30%; background:#99FF99" align="left" | Maturing Beyond Application Security Puberty ([http://www.owasp.org/images/a/ab/AppSecEU09_Maturing_Beyond_Application_Security.ppt PPT])
-''Roger Thornton, Fortify''
+''David Harper, Fortify''
   |-
-  | style="width:10%; background:#7B8ABD" | 14:15-14:45 || style="width:30%; background:#BC857A" align="left" | Exploiting Web 2.0 – Next Generation Vulnerabilities
+  | style="width:10%; background:#7B8ABD" | 14:50-15:35 || style="width:30%; background:#BC857A" align="left" | Exploiting Web 2.0 – Next Generation Vulnerabilities ([http://www.owasp.org/images/a/ab/AppsecEU09_Shreeraj_Shah.pdf PDF])
 ''Shreeraj Shah, Blueinfy''
-  | style="width:30%; background:#BCA57A" align="left" | OWASP Live CD: An open environment for Web Application Security
+  | style="width:30%; background:#BCA57A" align="left" | O2 - Advanced Source Code Analysis Toolkit ([http://blip.tv/file/2193865 video])
-''Matt Tesauro, Texas Education Agency''
+''Dinis Cruz, Ounce Labs''
-   | style="width:30%; background:#99FF99" align="left" | The Truth about Web Application Firewalls: What the vendors do not want you to know
+   | style="width:30%; background:#99FF99" align="left" | The Truth about Web Application Firewalls: What the vendors do not want you to know ([http://www.owasp.org/images/0/0a/Appseceu09-Web_Application_Firewalls.pdf PPT])
 ''Wendel Guglielmetti Henrique, Trustwave & Sandro Gauci, EnableSecurity''
   |-
-  | style="width:10%; background:#7B8ABD" | 14:50-15:30 || style="width:30%; background:#BC857A" align="left" | Advanced SQL injection exploitation to operating system full control
+  | style="width:10%; background:#7B8ABD" | 15:35-15:55|| colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
+ |-
+ | style="width:10%; background:#7B8ABD" | 15:55-16:40|| style="width:30%; background:#BC857A" align="left" | [[SAMM|The Software Assurance Maturity Model (SAMM)]] ([http://www.owasp.org/images/4/49/AppSecEU09_OpenSAMM-1.0.ppt PPT])
+''Pravir Chandra, Cognosticus''
+ | style="width:30%; background:#BCA57A" align="left" | Advanced SQL injection exploitation to operating system full control ([http://www.owasp.org/images/d/dc/AppsecEU09-Damele-A-G-Advanced-SQL-injection-slides.pdf PDF]|[http://blip.tv/file/2264307 video])
 ''Bernardo Damele Assumpcao Guimaraes, lead developer of sqlmap''
- | style="width:30%; background:#BCA57A" align="left" | Tracking the effectiveness of an SDL program: lessons from the gym
+  | style="width:30%; background:#99FF99" align="left" | When Security Isn’t Free: The Myth of Open Source Security ([http://www.owasp.org/images/8/8d/AppSecEU09_The_Myth_of_Open_Source_Security.ppt PPT]|[http://blip.tv/file/2284020 video])
-''Cassio Goldschmidt, Symantec Corporation''
+''David Harper, Fortify''
-  | style="width:30%; background:#99FF99" align="left" | -
   |-
-  | style="width:10%; background:#7B8ABD" | 15:30-15:45 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 16:45-17:45 || colspan="3" style="width:90%; background:#F2F2F2" align="center" | Panel: SDLC: where do they work well, where do they fail? ([http://www.owasp.org/images/1/12/AppsecEU09_SDLC_where_do_they_work_well%2C_where_do_they_fail.ppt PPT])
+''Moderator: Cassio Goldschmidt - Panelists: Pravir Chandra, Bart De Win, John Steven, Dave Wichers''
   |-
-  | style="width:10%; background:#7B8ABD" | 15:45-16:25 || style="width:30%; background:#BC857A" align="left" | [[SAMM|The Software Assurance Maturity Model (SAMM)]]
+  |}
-''Pravir Chandra, Cognosticus''
- | style="width:30%; background:#BCA57A" align="left" | O2 - Advanced Source Code Analysis Toolkit
+====Conference- May 14====
-''Dinis Cruz, Ounce Labs''
-  | style="width:30%; background:#99FF99" align="left" | -
- |-
- | style="width:10%; background:#7B8ABD" | 16:30-17:30 || colspan="3" style="width:90%; background:#F2F2F2" align="center" | Panel: Queer Eye for the Security Guy
-They call themselves the Fierce Four. They are black-box badass, a source code super hero, an architecture authority and someone we like to call the proctor of process. In the spirit of NBC's Emmy award-winning reality television series, our four security experts will bring their combined decades of experience to bear on a contributor to an open source project ([http://drupal.org/security Drupal]) that wants to get security right.
-''Moderator: Jacob West - Panelists: Pravir Chandra, Roger Thornton and John Steven''
+{| style="width:80%" border="0" align="center"
- |-
- | style="width:10%; background:#7B8ABD" | 17:30-19:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | [[AppSecEU09 Leader Meeting | OWASP Leader Meeting ]] Organized by tbd
- |-
- | style="width:10%; background:#7B8ABD" | 19:00-? || colspan="3" style="width:80%; background:#C2C2C2" align="left" | OWASP Dinner
- |-
   ! colspan="4" align="center" style="background:#4058A0; color:white" | Day 2 - May 14, 2009
   |-
-  | style="width:10%; background:#7B8ABD" | || style="width:30%; background:#BC857A" | Track 1: Room 1
+  | style="width:10%; background:#7B8ABD" | || style="width:30%; background:#BC857A" | Track 1: room Alfa 1
-  | style="width:30%; background:#BCA57A" | Track 2: Room 2
+  | style="width:30%; background:#BCA57A" | Track 2: room Alfa 2
-  | style="width:30%; background:#99FF99" | Track 3: Room 3
+  | style="width:30%; background:#99FF99" | Track 3: room Beta
   |-
   | style="width:10%; background:#7B8ABD" | 08:00-09:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Coffee
   |-
-  | style="width:10%; background:#7B8ABD" | 09:00-09:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Fixing Internet Security by Hacking the Business Climate
+  | style="width:10%; background:#7B8ABD" | 09:00-09:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Fixing Internet Security by Hacking the Business Climate
 ''Bruce Schneier, Chief Security Technology Officer, BT''
   |-
-  | style="width:10%; background:#7B8ABD" | 09:45-10:30|| colspan="3" style="width:80%; background:#F2F2F2" align="center" | OWASP Projects
+  | style="width:10%; background:#7B8ABD" | 10:00-10:45|| colspan="3" style="width:80%; background:#F2F2F2" align="center" | OWASP Projects ([http://www.owasp.org/images/c/c1/AppsecEU09Poland_ProjectsStatus.pptx PPT]|[http://blip.tv/file/2214117 video])
-''Dave Wichers, OWASP Foundation''
+''Dave Wichers & Dinis Cruz, OWASP Foundation''
   |-
-  | style="width:10%; background:#7B8ABD" | 10:30-10:45 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 10:45-11:05 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
   |-
-  | style="width:10%; background:#7B8ABD" | 10:45-11:25 || style="width:30%; background:#BC857A" align="left" | OWASP "Google Hacking" Project
+  | style="width:10%; background:#7B8ABD" | 11:05-11:50 || style="width:30%; background:#BC857A" align="left" | OWASP "Google Hacking" Project ([http://blip.tv/file/2267433 video])
 ''Christian Heinrich, OWASP "Google Hacking" Project Lead''
-  | style="width:30%; background:#BCA57A" align="left" | Leveraging agile to gain better secuity
+  | style="width:30%; background:#BCA57A" align="left" | Deploying Secure Web Applications with OWASP Resources
-''Erlend Oftedal, Bekk Consulting''
+''Kuai Hinojosa, New York University'' ([http://blip.tv/file/2284036 video])
-  | style="width:30%; background:#99FF99" align="left" | Beyond security principles approximation in software architectures
+  | style="width:30%; background:#99FF99" align="left" | Beyond security principles approximation in software architectures ([http://www.owasp.org/images/5/5e/AppSec09_presentationBDW_nonotes.pptx PPT]|[http://blip.tv/file/2193859 video])
 ''Bart De Win, Ascure''
   |-
-  | style="width:10%; background:#7B8ABD" | 11:30-12:10 || style="width:30%; background:#BC857A" align="left" | OWASP Enterprise Security API (ESAPI) Project
+  | style="width:10%; background:#7B8ABD" | 11:55-12:40 || style="width:30%; background:#BC857A" align="left" | [[ESAPI|OWASP Enterprise Security API (ESAPI) Project]] ([http://www.owasp.org/images/1/11/AppSecEU09Poland_ESAPI.pptx PPT]|[http://blip.tv/file/2215191 video])
-''Dave Wichers, Aspect Security''
+''[[User:wichers|Dave Wichers]], Aspect Security''
-  | style="width:30%; background:#BCA57A" align="left" | ''[http://w3af.sf.net/ w3af]'', A framework to 0wn the web
+  | style="width:30%; background:#BCA57A" align="left" | ''[http://w3af.sf.net/ w3af]'', A framework to 0wn the web ([http://www.owasp.org/images/8/8e/AppSecEU09_w3af-_A_framework_to_0wn_the_Web_-_v2.ppt PPT]|[http://blip.tv/file/2303864 Video])
 '''[http://www.linkedin.com/in/ariancho Andrés Riancho]'', ''[http://www.bonsai-sec.com/ Bonsai Information Security]'' ''
-   | style="width:30%; background:#99FF99" align="left" | Brain's hardwiring and its impact on software development and secure software
+   | style="width:30%; background:#99FF99" align="left" | Brain's hardwiring and its impact on software development and secure software ([http://www.owasp.org/images/b/bd/AppSecEU09_Brain%27s_Hardwiring_AppSec09.pdf PDF]|[http://blip.tv/file/2194148 video])
 ''Alexandru Bolboaca & Maria Diaconu, Mosaic Works''
   |-
-  | style="width:10%; background:#7B8ABD" | 12:10-13:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 12:40-14:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF
   |-
-  | style="width:10%; background:#7B8ABD" | 13:30-14:10 || style="width:30%; background:#BC857A" align="left" | OWASP ROI: Optimize Security Spending using OWASP
+  | style="width:10%; background:#7B8ABD" | 14:00-14:45 || style="width:30%; background:#BC857A" align="left" | OWASP ROI: Optimize Security Spending using OWASP ([http://www.owasp.org/images/0/06/AppSecEU09_OWASP_ROI-mtesauro.ppt PPT])
-''Matt Tesauro, Texas Education Agency''
+''Matt Tesauro, OWASP Live CD Project''
-  | style="width:30%; background:#BCA57A" align="left" | CSRF: the nightmare becomes reality?
+  | style="width:30%; background:#BCA57A" align="left" | CSRF: the nightmare becomes reality? ([http://www.owasp.org/images/b/be/AppsecEU09_Desmet_Lieven.pptx PPT]|[http://blip.tv/file/2199105 video])
 ''Lieven Desmet, University Leuven''
-   | style="width:30%; background:#99FF99" align="left" | The Bank in the Browser - Defending web infrastructures from banking malware
+   | style="width:30%; background:#99FF99" align="left" | I thought you were my friend  Evil Markup, browser issues and other obscurities ([http://www.owasp.org/images/2/23/AppSecEU09_maliciousmarkup_final_3.pdf PDF] / [http://www.owasp.org/images/2/2a/AppsecEU09_malicious-markup.ppt PPT]|[http://blip.tv/file/2193594 video])
-''Giorgio Fedon, Minded Security''
+''Mario Heiderich, Business-IN''
   |-
-  | style="width:10%; background:#7B8ABD" | 14:15-14:45 || style="width:30%; background:#BC857A" align="left" | HTTP Parameter Pollution
+  | style="width:10%; background:#7B8ABD" | 14:50-15:35 || style="width:30%; background:#BC857A" align="left" | HTTP Parameter Pollution ([http://www.owasp.org/images/b/ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf PDF]|[http://blip.tv/file/2214473 video])
 ''Luca Carettoni, Independent Researcher & Stefano Di Paola, MindedSecurity''
-  | style="width:30%; background:#BCA57A" align="left" | OWASP Source Code Flaws Top 10 Project
+  | style="width:30%; background:#BCA57A" align="left" | OWASP Source Code Flaws Top 10 Project ([http://www.owasp.org/images/3/35/AppSecEU09_owasp_source_code_flaws_top_10.ppt PPT]|[http://blip.tv/file/2199096 video])
 ''Paolo Perego, Spike Reply''
-   | style="width:30%; background:#99FF99" align="left" | Advanced Code Review Techniques - How to Find Needles in the Haystack Efficiently
+   | style="width:30%; background:#99FF99" align="left" | Business Logic Attacks: Bots and Bats ([http://www.owasp.org/images/9/96/AppSecEU09_BusinessLogicAttacks_EldadChai.ppt PPT]|[http://blip.tv/file/2165301 video])
-''Siddharth Anbalahan, Plynt & Jaideep Jha, Plynt''
- |-
- | style="width:10%; background:#7B8ABD" | 14:50-15:30 || style="width:30%; background:#BC857A" align="left" | Business Logic Attacks: Bots and Bats
 ''Eldad Chai, Imperva''
- | style="width:30%; background:#BCA57A" align="left" | [http://michael-coates.blogspot.com/2009/05/application-worms-at-owasp-europe.html Real Time Defenses against Application Worms and Malicious Attackers],  [http://www.linkedin.com/in/mcoates ''Michael Coates''], ''Aspect Security''
-  | style="width:30%; background:#99FF99" align="left" | -
   |-
-  | style="width:10%; background:#7B8ABD" | 15:30-15:45 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
+  | style="width:10%; background:#7B8ABD" | 15:35-15:55 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
   |-
-  | style="width:10%; background:#7B8ABD" | 15:45-16:25 || style="width:30%; background:#BC857A" align="left" | Factoring malware and organized crime in to Web application security
+  | style="width:10%; background:#7B8ABD" | 15:55-16:40 || style="width:30%; background:#BC857A" align="left" | Factoring malware and organized crime in to Web application security ([http://www.owasp.org/images/1/16/AppSecEU09_OWASP2009_EU_GunterOllmann_v03-1.pdf PDF1]-[http://www.owasp.org/images/1/1d/AppSecEU09_OWASP2009_EU_GunterOllmann_v03-2.pdf PDF2]|[http://blip.tv/file/2292180 video])
 ''Gunter Ollmann, Damballa''
-  | style="width:30%; background:#BCA57A" align="left" | Can an accessible web application be secure? Assessment issues for security testers, developers and auditors
+  | style="width:30%; background:#BCA57A" align="left" | [http://michael-coates.blogspot.com/2009/05/application-worms-at-owasp-europe.html Real Time Defenses against Application Worms and Malicious Attackers] ([http://www.owasp.org/images/b/b7/AppsecEU09_MichaelCoates.pptx PPT]|[http://blip.tv/file/2198771 video]),  [http://www.linkedin.com/in/mcoates ''Michael Coates''], ''Aspect Security''
+  | style="width:30%; background:#99FF99" align="left" | Can an accessible web application be secure? Assessment issues for security testers, developers and auditors ([http://www.owasp.org/images/2/22/AppSecEU09_owasp_appsec_eu09_colin_watson_2.ppt PPT]|[http://blip.tv/file/2194674 video])
 ''Colin Watson, Watson Hall Ltd''
-  | style="width:30%; background:#99FF99" align="left" | -
   |-
-  | style="width:10%; background:#7B8ABD" | 16:30-17:30 || colspan="3" style="width:90%; background:#F2F2F2" align="center" | Panel discussion
+  | style="width:10%; background:#7B8ABD" | 16:45-17:45 || colspan="3" style="width:90%; background:#F2F2F2" align="center" | Panel: The Future of web application security ([http://blip.tv/file/2268291 video])
-''Moderator: tbd, Panelists: tbd''
+''Moderator: Christian Heinrich, Panelists: tbd''
   |-
-  | style="width:10%; background:#7B8ABD" | 17:30-17:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Conference Wrap-Up & CTF Awards
+  | style="width:10%; background:#7B8ABD" | 17:45-18:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Conference Wrap-Up & CTF Awards
 ''Dave Wichers, OWASP Foundation''
   |-
@@ Line 183: / Line 203: @@
 Registration is available via the OWASP Conference Cvent site: [http://guest.cvent.com/i.aspx?4W,M3,887f27a2-13e0-47dc-9220-76ed22ab0546 CLICK HERE TO REGISTER]
+====OWASP Dinner & Band====
+[[Image:Wesele-inside.jpg|thumb|200px|left|Wesele Restaurant]] <br><br><br><br>We hope you are joining us for our '''Gala Dinner'''. This year's dinner will be held at [http://www.weselerestauracja.pl/ Wesele], a traditional Polish restaurant.<br>
+Time: 19h on May 13th (leaving in the Park Inn Lobby at 18h30)
+<br>
+Place: Wesele, Rynek Główny 10, 31-042 Kraków - Google [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Wesele,+Rynek+G%C5%82%C3%B3wny+10,+31-042+Krak%C3%B3w&sll=37.0625,-95.677068&sspn=47.167389,51.679688&ie=UTF8&ll=50.061024,19.936709&spn=0.008981,0.012617&t=h&z=16&iwloc=A Maps Link]
+<br><br>
+Afterwards the '''OWASP Band''' will play together with a local band (Mojitos)
+Place: Bar Showteim, Rynek Glowny 28 (1 st floor) - Google [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Rynek+Glowny+28,+krakow&sll=37.0625,-95.677068&sspn=49.357162,89.648437&ie=UTF8&z=16 Maps Link]
+<br><br><br><br><br><br><br><br><br>
+====Tutorials - May 11-12====
 ==[[AppSecEU09Tutorials|Tutorial Days]] - May 11th and 12th==
 OWASP hosts 1 and 2 day [[AppSecEU09Tutorials|tutorial sessions]] prior to the conference.
-day tutorials:
+day tutorials (May 11-12):
-* Web Services Security, ''by Dave Wichers, Aspect Security''
+* '''Web Services Security''', ''by Dave Wichers, Aspect Security''
-* Advanced Testing, ''by Michael Coates, Aspect Security''
+* '''Advanced Testing''', ''by Michael Coates, Aspect Security''
-day tutorials:
+day tutorials (May 11):
-* Introduction to ModSecurity, the Apache Security Module, ''by Christian Folini, Netnea (christian.folini 'at' netnea.com) ''
+* '''Web 2.0 Hacking – Attacks & Countermeasures''', ''by Shreeraj Shah, Blueinfy''
-* Web 2.0 Hacking – Attacks & Countermeasures, ''by Shreeraj Shah, Blueinfy''
+day tutorials (May 12):
-* Threat Modeling, ''by John Steven, Cigital''
+* '''In-depth Assessment Techniques: Design, Code, and Runtime''', ''by Pravir Chandra, Cognosticus''
-* In-depth Assessment Techniques: Design, Code, and Runtime, ''by Pravir Chandra, Cognosticus''
+* '''Threat Modeling''', ''by John Steven, Cigital''
+* '''Introduction to ModSecurity, the Apache Security Module''', ''by Christian Folini, Netnea (christian.folini 'at' netnea.com) ''
 To see all tutorial and trainer details click [[AppSecEU09Tutorials|HERE]]
@@ Line 200: / Line 238: @@
 Registration is available via the OWASP Conference Cvent site: [http://guest.cvent.com/i.aspx?4W,M3,887f27a2-13e0-47dc-9220-76ed22ab0546 CLICK HERE TO REGISTER]
-==OWASP EU Summit - May 11th and 12th==
+Venue: Park Inn Hotel, Krakow
-Details to follow.
-* Hands on application security with the OWASP Live CD and the OWASP Testing Guide, ''by Matt Tesauro, OWASP Live CD Project Lead, Texas Education Agency''
+Timing: 9h-17h
+====Mini-Summit - May 11-12====
+==Mini-Summit & Working Sessions Schedule: Tuesday 12th , Free one-day OWASP Tutorial: Monday 11th==
+'''Free one-day OWASP Tutorial'''
+On Monday May 11th 9h-17h, Matt Tesauro (OWASP Live CD Project) will give a free one-day OWASP tutorial "Hands on application security with the OWASP Live CD and the OWASP Testing Guide"
+Venue: Park Inn Hotel, Krakow
+'''OWASP Mini-Summit'''
+On the Tuesday before the Conference there will a 1 day mini-summit where the following important OWASP related topics will be debated:
+* 10:00 - 12:00 : Final discussion and presentation of the new OWASP Project and Releases Assessment Criteria V2.0
+* 14:00 - 15:00 : Pre-presentation of the new OWASP Season of Code 2009 (& revision of its marketing materials)
+* 15:00 - 15:30 :  OWASP Financials and additional sources for OWASP grants funds (for example [http://ec.europa.eu/research/fp7/pdf/fp7-inbrief_en.pdf government funding] or corporate sources)
+* 17:00 - 19:00 - OWASP Projects and Chapters Leaders meeting ([http://blip.tv/file/2165301 video])
+Confirmed participants: Dinis Cruz, Sebastien Deleersnyder (OWASP Board), Matt Tesauro (OWASP Global Projects Committee), Paulo Coimbra (remote participant), Colin Watson (OWASP Global Industry Committee)
+====OWASP Meetup====
-==Accommodations==
+[[Image:Ckbrowar.JPG|thumb|300px|left|C.K.Browar]] <br><br><br><br>We gather for an OWASP meetup at [http://www.ckbrowar.krakow.pl/index_en.html C.K.Browar] on Tuesday evening May 12th.
+<br>
+Time: 20h (we gather in the Park Inn lobby at 19h30)
+<br>
+Place: ul. Podwale 6-7, Kraków - Google [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=ul.+Podwale+6-7,+Krak%C3%B3w&sll=37.0625,-95.677068&sspn=49.357162,89.648437&ie=UTF8&z=16&iwloc=A Maps Link]
+<br>
+This is a microbrewery and you can get 3 or 5 litre tubes of their very own beer that sit on a stand with a tap, on your table. You then help yourself and watch it disappear.
+<br><br><br><br><br><br><br>
+====Accommodations====
 This year, the conference will be held at the Park Inn Hotel, in the center of [http://en.wikipedia.org/wiki/Krak%C3%B3w Kraków], Poland. <br>
 [[Image:OWASP_EU_2009_LOCATION.jpg]]
-Park Inn Hotel<br>
+[http://www.krakow.parkinnhotel.pl/ Park Inn Hotel]<br>
 Ul. Monte Cassino 2<br>
 - 337 Kraków ([http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=krakow+poland&sll=50.047811,19.92965&sspn=0.019704,0.043774&ie=UTF8&ll=50.069922,19.944992&spn=0.30454,0.700378&z=11&iwloc=addr Google Maps Link])<br>
@@ Line 239: / Line 313: @@
 You can also travel to Krakow by train from main Polish cities such as Warsow, Wroclaw, Poznan, Gdansk and several cities in Europe. There is direct connection from Berlin, Wien, Prague etc.<br>
 Search for your connection [http://rozklad.pkp.pl/bin/query.exe/en? here] (your destination is Krakow Glowny).
-===How to get to the venue?===
-tbd
-==Registration and Conference Fees==
+====Registration====
 Registration is available via the OWASP Conference Cvent site: [http://guest.cvent.com/i.aspx?4W,M3,887f27a2-13e0-47dc-9220-76ed22ab0546 CLICK HERE TO REGISTER]
@@ Line 257: / Line 329: @@
 Note: To save on processing expenses, all fees paid for the OWASP conference are non-refundable. OWASP can accommodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
-==Conference Committee==
+====Conference Committee====
 OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org
@@ Line 274: / Line 346: @@
 Capture the Flag Chair: Andrzej Targosz - andrzej.targosz 'at' proidea.org.pl
+<headertabs/>
+==Conference Sponsor==
+[http://www.fortify.com https://www.owasp.org/images/a/ac/Fortify.jpg]
 == Affiliated Partners ==
-We are glad to have the support of:
+[[Image:Confidence 120x150.gif|link=http://2009.confidence.org.pl/]] In cooperation with:[http://www.enisa.europa.eu/ http://www.owasp.org/images/0/05/Enisa.jpg]Media Sponsor:[http://www.net-security.org http://www.owasp.org/images/c/ca/Hnsweb-no-url.jpg]
-[http://2009.confidence.org.pl/ CONFidence Poland 2009]
-In cooperation with:
+If you are interested in sponsoring an OWASP conference, please contact OWASP at: conferences 'at' owasp.org.
-[http://www.enisa.europa.eu/ http://www.owasp.org/images/0/05/Enisa.jpg]
+<paypal>AppSec EU Sponsorship</paypal>
-==Conference Sponsors==
-The following organizations are sponsors for this conference. If you are interested in sponsoring an OWASP conference, please contact OWASP at: conferences 'at' owasp.org.
-[http://www.fortify.com https://www.owasp.org/images/a/ac/Fortify.jpg]
-More information about conference sponsorship is available [https://www.owasp.org/images/b/b0/AppSecEU09_Sponsorship.pdf online].
 [[Category:OWASP AppSec Conference]]
-<paypal>AppSec EU Sponsorship</paypal>
-'''If you are registering as a Sponsor, use the following link: [http://guest.cvent.com/i.aspx?4W,M3,a99f854a-a4db-4886-8bdf-ecb21cb62036 Sponsor Registration]'''