This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "AppSecDC Schedule 09"

From OWASP
Jump to: navigation, search
(Created page with '<div style=" font-size:2; font:Verdana"> <table border="2" cellspacing="0"> <tr valign="middle"> <td height="60" colspan="5" align="center" bgcolor="#333399"><font size="5…')
 
(Redirected page to OWASP AppSec DC 2009 Schedule)
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<div style=" font-size:2; font:Verdana">
+
#REDIRECT [[OWASP AppSec DC 2009 Schedule]]
<table border="2" cellspacing="0">
 
<tr valign="middle">
 
  <td height="60" colspan="5" align="center" bgcolor="#333399"><font size="5"><b>Day 1 - Nov 12th 2009</b>
 
<tr valign="bottom">
 
  <td height="40" bgcolor="#666699" width="67" valign="middle">&nbsp;
 
  <td height="40" align="center" bgcolor="#ff0000" valign="middle" width="200"><b>OWASP</b>
 
  <td height="40" align="center" bgcolor="#808000" valign="middle" width="200"><b>Tools</b>
 
  <td height="40" align="center" bgcolor="#ccffcc" valign="middle" width="200"><b>SDLC</b>
 
  <td height="40" align="center" bgcolor="#ff6600" valign="middle" width="200"><b>Web 2.0</b>
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">07:30-09:00
 
  <td colspan="4" align="center" bgcolor="#909090" valign="middle">Registration
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">08:45-09:00
 
  <td height="30" colspan="4" align="center" bgcolor="#e0e0e0" valign="middle">Welcome and Opening Remarks
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">09:00-10:00
 
  <td height="60" colspan="4" align="center" bgcolor="#e0e0e0" valign="middle">Keynote: [[AppSecDC Keynote Jarzomnek|Joe Jarzombek]]
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">10:30-10:30
 
  <td height="30" colspan="4" align="center" bgcolor="#909090" valign="middle">Coffee Break & Room Change
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">10:30-11:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Manipulating Web Application Interfaces, a new approach to input validation]]<br>Felipe Moreno-Strauch
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">11:30-12:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Software Assurance Maturity Model (SAMM)]]<br>Pravir Chandra
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security]]<br>Jacob West
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence | Enterprise Application Security - GE's approach to solving root cause]]<br>Darren Challey
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Transparent Proxy Abuse]]<br>Robert Auger
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">12:30-13:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Fracturing Flex For Fun- An Alliterative Attackers Approach]]<br>Jon Rose/Kevin Stadmeyer
 
<tr valign="bottom">
 
  <td height="60" bgcolor="#666699" width="67" valign="middle">13:30-14:30
 
  <td height="60" colspan="4" align="center" bgcolor="#909090" valign="middle">Lunch
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">14:30-15:30
 
  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[ Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Finding the Hotspots: Web-security testing  with the Watcher tool]]<br>Chris Weber
 
  <td height="120" rowspan="3" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[SDLC Pannel AppSecDC | SDLC Panel]]
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson
 
<tr valign="bottom">
 
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">15:30-16:30
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[The ESAPI Web Application Firewall (ESAPI WAF)|The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[One Click Ownage]]<br>Ferruh Mavituna
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey
 
<tr valign="bottom">
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Web Application Security Scanner Evaluation Criteria]]<br>Brian Shura
 
<tr valign="bottom">
 
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">16:30-17:30
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[OWASP Live CD: An open environment for Web Application Security]]<br>Matt Tesauro / Brad Causey
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Learning by Breaking: A New Project Insecure Web Apps]]<br>Chuck Willis
 
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Vulnerability Management in an Application Security World]]<br>Dan Cornell
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Attacking WCF Web Services]]<br>Brian Holyfield
 
<tr valign="bottom">
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Synergy! An intregrated OWASP Audit: A world where the tools communicate|Synergy! - A world where the tools communicate]]<br>
 
  Josh Abraham
 
<tr valign="bottom">
 
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">17:30-18:30
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coats
 
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Threat Modeling by John Steven|Threat Modeling]]<br>John Steven
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los
 
<tr valign="bottom">
 
  <td height="60" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco
 
<tr valign="bottom">
 
  <td height="60" bgcolor="#666699" width="67" valign="middle">19:00-????
 
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Reception
 
<!-- Day 2 -->
 
<tr valign="middle">
 
  <td height="60" colspan="5">
 
<tr valign="middle">
 
  <td height="60" colspan="5" align="center" bgcolor="#333399"><font size="5"><b>Day 2 - Nov 13th 2009</b>
 
<tr valign="bottom">
 
  <td height="40" bgcolor="#666699" width="67" valign="middle">&nbsp;
 
  <td height="40" align="center" bgcolor="#ff0000" valign="middle" width="200"><b>Attack & Defend</b>
 
  <td height="40" align="center" bgcolor="#808000" valign="middle" width="200"><b>Process</b>
 
  <td height="40" align="center" bgcolor="#ccffcc" valign="middle" width="200"><b>Metrics</b>
 
  <td height="40" align="center" bgcolor="#ff6600" valign="middle" width="200"><b>Compliance</b>
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">07:30-09:00
 
  <td colspan="4" align="center" bgcolor="#909090" valign="middle">Registration
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">09:00-10:00
 
  <td height="60" colspan="4" align="center" bgcolor="#e0e0e0" valign="middle">Keynote: TBA
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">10:30-10:30
 
  <td height="30" colspan="4" align="center" bgcolor="#909090" valign="middle">Coffee Break & Room Change
 
<tr valign="bottom">
 
  <td bgcolor="#666699" width="67" valign="middle">10:30-11:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Securing the Core JEE Patterns]]<br>Rohit Sethi/Krishna Raja
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[The Big Picture: Web Risks and Assessments Beyond Scanning]]<br>Matt Fisher
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[The Web Hacking Incidents Database]]<br>Ryan C. Barnett
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Business Logic Automatons: Friend or Foe?]]<br>Ofer Shezaf
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">11:30-12:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Unicode Transformations: Finding Elusive Vulnerabilities]]<br>Chris Weber
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Scalable Application Assessments in the Enterprise]]<br>Tom Parker/Lars Ewe
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Application security metrics from the organization on down to the vulnerabilities]]<br>Chris Wysopal
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[SCAP: Automating our way out of the Vulnerability Wheel of Pain ]]<br>Ed Bellis
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">12:30-13:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Fox in the Henhouse: Java Rootkits]]<br>Jeff Williams
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Secure Software Updates: Update Like Conficker]]<br>Jeremy Allen
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[OWASP Top 10 2009 AppSecDC|OWASP Top 10 2009]]<br>Dave Wichers
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Secure SDLC: The Good, The Bad, and The Ugly]]<br>Joey Peloquin
 
<tr valign="bottom">
 
  <td height="60" bgcolor="#666699" width="67" valign="middle">13:30-14:30
 
  <td height="60" colspan="4" align="center" bgcolor="#909090" valign="middle">Lunch
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">14:30-15:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[TBD AppSecDC Robert Hansen|TBA]]<br>Robert Hansen
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Improving application security after an incident]]<br>Cory Scott
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Hacking by Numbers]]<br>Tom Brennan
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[AppSecDC09 Federal CIO Pannel|Federal CIO Pannel]]
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">15:30-16:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Automated vs. Manual Security: You can't filter The Stupid]]<br>David Byrne/Charles Henderson
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Custom Intrusion Detection Techniques for Monitoring Web Applications]]<br>Matthew Olney
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[Building an in-house application security assessment team]]<br>Keith Turpin
 
<tr valign="bottom">
 
  <td height="120" bgcolor="#666699" width="67" valign="middle">16:30-17:30
 
  <td height="120" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Advanced SQL Injection]]<br>Joe McCray
 
  <td height="120" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Is your organization secured against internal threats?]]<br>Lars Ewe
 
  <td height="120" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[The OWASP Security Spending Benchmarks Project]]<br>Dr. Boaz Gelbord
 
  <td height="120" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Promoting Application Security within Federal Government]]<br>Sarbari Gupta
 
<tr valign="bottom">
 
  <td height="120" rowspan="2" bgcolor="#666699" width="67" valign="middle">17:30-18:30
 
  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Clubbing WebApps with a Botnet ]]<br>Gunter Ollmann
 
  <td height="120" rowspan="2" align="center" bgcolor="#808000" width="200" valign="middle" width="200">[[Deploying Secure Web Applications with OWASP Resources]]<br>Kuai Hinojosa
 
  <td height="120" rowspan="2" align="center" bgcolor="#ccffcc" width="200" valign="middle" width="200">[[SANS Dshield Webhoneypot Project]]<br>Jason Lamn
 
  <td height="120" rowspan="2" align="center" bgcolor="#ff6600" width="200" valign="middle" width="200">[[Techniques in Attacking and Defending XML/Web Services]]<br>Mamoon Yunus/Jason Macy
 
<tr valign="bottom">
 
  <td height="60" align="center" bgcolor="#ff0000" width="200" valign="middle" width="200">[[Injectable Exploits: Two New Tools for Pwning Web Apps and Browsers]]<br>Kevin Johnson, Justin Searle, Frank DiMaggio
 
<tr valign="bottom">
 
  <td height="60" bgcolor="#666699" width="67" valign="middle">18:30-19:00
 
  <td height="60" colspan="4" align="center" bgcolor="#c0c0c0" valign="middle">Closing Remarks
 
</div>
 
 
 
 
 
[[Category:OWASP_AppSec_DC_09]]
 

Latest revision as of 16:53, 29 September 2009

Redirect to:

Retrieved from "https://wiki.owasp.org/index.php?title=AppSecDC_Schedule_09&oldid=70057"