This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Education Presentation"
From OWASP
(→Chapter Presentations) |
(→Chapter Presentations) |
||
| Line 112: | Line 112: | ||
|-valign="top" | |-valign="top" | ||
| − | |[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05- | + | |[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_Legal_Aspects_Jos_Dumortier.zip Legal Aspects of (Web) Application Security by Jos Dumortier] || Legal Aspects of (Web) Application Security || Intermediate ||May 2007 || [[Belgium|Belgium]] |
|-valign="top" | |-valign="top" | ||
|[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]] | |[http://www.owasp.org/index.php/Image:OWASP_BeLux_2007-05-10_AppSec_Research_Lieven_Desmet.zip AppSec Research (University Leuven Belgium)] || Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet || Expert ||May 2007 || [[Belgium|Belgium]] | ||
Revision as of 07:53, 19 May 2007
This page provide a commented overview of the OWASP presentations available.
Please use the last line of the tables as template.
Presentions can be tracked through:
- the OWASP Presentations Category
- Past OWASP Conference agenda's
- From the chapter pages
Everybody is encouraged to link the presentations and add their findings on this page ! There are currently hundreds of presentations all over the OWASP web site. If you search google with “site:owasp.org filetype:ppt” there are 166 hits. “site:owasp.org filetype:pdf” returns 76. Feel free to “mine” them and add them to the overview.
OWASP Project Presentations
| Title | Comment | Level | Date (yyyy-mm-dd) |
|---|---|---|---|
| The OWASP Testing Guide (Jeff Williams) | Overview of the OWASP Testing Guide | Novice | 2007-01-23 |
| The OWASP Testing Guide v2 EUSecWest07 (Matteo Meucci, Alberto Revelli) | Presentation at EUSecWest07 | Intermediate | 2007-03-01 |
| OWASP Project Overview | High level overview of projects and how OWASP works | Novice | 2006-09-19 |
| The OWASP Application Security Metrics Project (Bob Austin) | Presentation on the Application Security Metrics project | Novice | 2006-10-17 |
| OWASP CLASP Project (Pravir Chandra) | OWASP CLASP project presentation given at the 2006 European AppSec conference | Novice | 2006-05-30 |
| Sprajax (Dan Cornell) | OWASP Sprajax presentation given at the 2006 Seattle AppSec conference | Intermediate | 2006-10-17 |
| Example (include link) | Fill in your comments | Novice/Intermediate/Expert | yyyy-mm-dd |
OWASP Conference Presentations
| Title | Comment | Level | Date (yyyy-mm-dd) |
|---|---|---|---|
| How the Security Development Lifecycle(SDL) Improved Windows Vista (Michael Howard) | Michael Howard's talk on SDL from the OWASP Seattle AppSec Conference in 2006 | Intermediate | 2006-10-18 |
| Bootstrapping the Application Assurance Process (Sebastien Deleersnyder) | Presentation given during the European 2006 AppSec conference on the application assurance process | Novice | 2006-05-30 |
| Inline Approach for Secure SOAP Requests and Early Validation (Mohammad Ashiqur Rahaman, Maartin Rits and Andreas Schaad SAP Research, Sophia Antipolis, France) | Presentation given at the European 2006 AppSec conference about security and soap message structure issues | Intermediate | 2006-05-31 |
| Web Application Firewalls:When Are They Useful? (Ivan Ristic) | Presentation about Web Application Firewalls | Novice | 2006-05-31 |
| HTTP Message Splitting, Smuggling and Other Animals (Amit Klein) | A presentation about Message splitting other attacks around the HTTP protocol | Intermediate | 2006-05-31 |
| Web Application Incident Response & Forensics: A Whole New Ball Game! (Rohyt Belani & Chuck Willis) | Talk about Web Application Security incident handling and forensics given at the OWASP 2006 Seattle AppSec conference | Intermediate | 2006-10-18 |
| Can (Automated) Testing Tools Really Find the OWASP Top 10? (Erwin Geirnaert) | A talk about how automated testing tools stack up against the OWASP top 10 | Intermediate | 2006-05-30 |
| RequestRodeo: Client Side Protection against Session Riding (Martin Johns / Justus Winter) | Presentation given about how Sessions can be hi-jacked, etc... | Novice | 2006-05-31 |
| Security Testing through Automated Software Tests (Stephen de Vries) | Presentation given at the 2006 EuSec conference | Intermediate | 2006-05-31 |
| In the Line of Fire: Defending Highly Visible Targets (Jeremy Poteet) | Conference given at the 2005 DC AppSec conference | Novice | 2005-10-1 |
| Google Hacking and Web Application Worms (Matt Fisher) | Talk given at the 2005 DC AppSec conference | Novice | 2005-10-01 |
| Establishing an Enterprise Application Security Program (Tony Canike) | Talk given at the 2005 DC AppSec Conference | Novice | 2005-10-01 |
| Why AJAX Applications Are Far More Likely To Be Insecure (And What To Do About It) (Dave Wichers) | Dave's talk on AJAX given at the Seattle 2006 AppSec conference | Intermediate | 2006-10-01 |
| Example (include link) | Fill in your comments | Novice/Intermediate/Expert | yyyy-mm-dd |
Web Application Security Presentations
| Title | Comment | Level | Date (yyyy-mm-dd) |
|---|---|---|---|
| [Advanced SQL Injection (Victor Chapela) | Detailed methodology for analyzing applications for SQL injection vulnerabilities | Expert | 2005-11-04 |
| [Advanced Topics on SQL Injection Protection (Sam NG) | 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. | Intermediate | 2006-02-27 |
| [Attacking Web Services (Alex Stamos) | Web Services Introduction and Attacks | Intermediate | 2005-10-11 |
| MMS Spoofing (Matteo Meucci) | A Case-study of a vulnerable web application | Intermediate | |
| Ajax Security (Andrew van der Stock) | Presentation on Ajax security for OWASP AppSec Europe 2006 | Intermediate | 2006-05-30 |
| Advanced Web Services Security & Hacking (Justin Derry) | Presentation given on Webservice security at the Seattle 2006 AppSec conference | Intermediate | 2006-10-18 |
| Integration into the SDLC (Eoin Keary) | A presentation about why and how to integrate the SDLC. | Novice | 2005-04-09 |
| Example (include link) | Fill in your comments | Novice/Intermediate/Expert | yyyy-mm-dd |
Chapter Presentations
| Title | Comment | Level | Month (Mon-yyyy) | Chapter |
|---|---|---|---|---|
| Legal Aspects of (Web) Application Security by Jos Dumortier | Legal Aspects of (Web) Application Security | Intermediate | May 2007 | Belgium |
| AppSec Research (University Leuven Belgium) | Formal absence of implementation bugs in web applications: a case study on indirect data sharing by Lieven Desmet | Expert | May 2007 | Belgium |
| OWASP Update and OWASP BeLux Board Presentation (Seba) | OWASP Update and OWASP BeLux Board Presentation | Novice | May 2007 | Belgium |
| OWASP Update (Seba) | OWASP Update | Novice | Jan 2007 | Belgium |
| XSS Worms (Sven Vetsch) | XSS Worms | Intermediate | Feb 2007 | Switzerland |
| OWASP Update (Seba) | OWASP Update | Novice | Jan 2007 | Belgium |
| WebGoat and Pantera presentation (Philippe Bogaerts) | WebGoat and Pantera presentation | Novice | Jan 2007 | Belgium |
| Security implications of AOP for secure software (Bart De Win) | Security implications of AOP for secure software | Expert | Jan 2007 | Belgium |
| testing for common security flaws (David Byrne) | testing for common security flaws | Intermediate | Nov 2006 | Denver |
| 40-ish slides on analyzing threats (Olli) | Analyzing Threats | Novice | Dec 2006 | Helsinki |
| Attacking the Application (Dave Ferguson) | Vulnerabilities, attacks and coding suggestions | Intermediate | Dec 2006 | Kansas City |
| Ajax Security Concerns (Rohini Sulatycki) | Ajax Security Concerns | Intermediate | Dec 2006 | Kansas City |
| Anatomy of 2 Web Application Testing (Matteo Meucci) | Anatomy of 2 Web Application Testing | Intermediate | Mar 2006 | Italy |
| Example (include link) | Fill in your comments | Novice/Intermediate/Expert | Mon Year | Chapter |
