This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec India Conference 2008"

From OWASP
Jump to: navigation, search
(OWASP AppSec India Conference 2008 Schedule – August 20th - August 21st)
(OWASP AppSec India Conference 2008 Schedule – August 20th - August 21st)
Line 14: Line 14:
 
{| style="width:80%" border="0" align="center"
 
{| style="width:80%" border="0" align="center"
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | Day 1 – August 20th, 2008
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | Day 1 – August 20th, 2008
|-
 
| style="width:10%; background:#7B8ABD" | || style="width:30%; background:#BC857A" | Track 1:
 
 
  |-
 
  |-
 
  | style="width:10%; background:#7B8ABD" | 08:15 hrs - 9:00 hrs || colspan="3" style="width:80%; background:#C2C2C2" align="center" | '''Registrations and Welcome Tea / Coffee'''
 
  | style="width:10%; background:#7B8ABD" | 08:15 hrs - 9:00 hrs || colspan="3" style="width:80%; background:#C2C2C2" align="center" | '''Registrations and Welcome Tea / Coffee'''

Revision as of 19:01, 3 June 2008

OWASP Delhi Appsec conference-heading.gif

OWASP AppSec India Conference 2008 - August 20th-21st 2008

Delhi Chapter invites you to (1) day of Conferences with theme as "Application Security - Trends and Challenges" and Technology from the world's most regarded application security leaders and experts, (1) day of extensive hands-on multi-tracked workshop, all to be held at Hotel Intercontinental EROS, New Delhi.

Event Fees:
INR. 5,000 (approx. USD 125) for 1 day of conference
INR. 10,000 (approx. USD 250) for 1-day hands-on workshop.



Event Sponsors

Please contact OWASP Delhi chapter board for sponsorship opportunities.



OWASP AppSec India Conference 2008 Schedule – August 20th - August 21st

Day 1 – August 20th, 2008
08:15 hrs - 9:00 hrs Registrations and Welcome Tea / Coffee
09:15-10:15 Introduction, OWASP Version 3.0 where we are.. where we are going

OWASP Foundation Board Jeff Williams, Tom Brennan, Dinis Cruz, Sebastien Deleersnyder & Dave Wichers

10:30-11:30 Logic Attacks and Inefficiencies of Robotic Detection

Robert "RSnake" Hansen CEO SecTheory

Offensive Assessing Financial Apps

Daniel Cuthbert

Web Intrusion Detection with ModSecurity

Ivan Ristic

11:30-12:30 Reverse Engineering .NET

Adam Boulton

JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web

Yiannis Pavlosoglou - Senior Director - Ounce Labs

OWASP LIVE CD

Joshua Perrymon - CEO Packetfocus

12:30-13:30 Multidisciplinary Bank Attacks

Gunter Ollmann, Director Security Strategy, IBM Internet Security Systems

OWASP CLASP

Pravir Chandra

Shootout at the Blackbox Corral

Dinis Cruz & Larry Suto

13:30-14:30 Collective Intelligence - Jennifer Bayuk-CISO Bear Stearns, Mark Clancy EVP CitiGroup, Jim Routh CISO DTCC, Sunil Seshadri CISO NYSE-Euronet, Warren Axelrod SVP Bank of America, Joe Bernik Royal Bank of Scotland & Philip Venables CIRO, Goldman, Sachs

Moderator: Mahi Dontamsetti

14:30-15:30 w3af, a framework to own the web -

Andres Riancho, Cybsec

Trends in Web Hacking: What's hot in 2008
Analysis of the Web Hacking Incidents Database (WHID)

Ofer Shezaf, Breach

Security in Agile Development

Dave Wichers, COO Aspect Security

15:30-16:30 OWASP Enterprise Security API (ESAPI) Project

Jeff Williams, CEO Aspect Security

Next Generation Cross Site Scripting Worms

Arshan Dabirsiaghi, Director of Research Aspect Security

"Threading the Needle:

Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks." Arian Evans, Director of Operations WhiteHat Security

16:30-17:30 Shhhh Don’t Tell Anybody

Petko D. Petkov, a.k.a. pdp

Secure PHP

Hans Zaunere, CEO NYCPHP

Payment Card Data Security and the new Enterprise Java

Dr. B. V. Kumar & Mr. Abhay

17:30-18:30 Notes Security

Jian Hui Wang

Mastering PCI Section 6.6

Taylor McKinley and Jacob West

AppSec Techniques

JD Glaser, CEO NTO Objectives

18:30 Web Application Capture the Flag - Polytechnic University
20:00 Speaker/Attendee Reception
Day 2 – Sept 25th, 2008
8:00-10:00 Breakfast @ Tech-Expo
0900-10:00 '"We have all the tools, policies, frameworks, documents, community support available what works... what does not?" ' Industry Panel: Arian J. Evans, Jeremiah Grossman, Gunter Ollmann, Ofer Shezaf, Moderator: Daniel Cuthbert
10:00-11:00 Practical Advanced Threat Modeling

John Steven

Open Reverse Benchmarking Project

Marce Luck & Tom Stracener

Building Usable Security

Zed Abbadi

11:00-12:00 Offshoring Application Development? Security is Still Your Problem

Rohyt Belani

OWASP Orizon Project

Paolo Perego

NIST SAMATE Static Analysis Tool Exposition (SATE)

Vadim Okun

12:00-13:00 The Art and Nature of Web Application Security

Mano Paul CEO Express Certifications

Software Liability

Jack Danahy

Cross-Site Scripting Filter Evasion

Alexios Fakos

13:00-14:00 OWASP Projects "Dinis Cruz & OWASP Project Leaders"
14:00-15:00 Projects with OWASP

Steve Malson

OWASP Pantera Advances

Simon Roses Femerling

Software-as-a-Service (SaaS)

James Landis

15:00-16:00 "Out of Band" Injection

Vijay Akasapu & Marshall Heilman

OWASP V2 Testing Guide 4.2.3 Spidering and Googling in depth

Christian Heinrich

Caution, Java ahead

Jeremiah Grossman CTO WhiteHat Security

16:00-17:00 Input validation: the Good, the Bad and the Ugly

Johan Peeters

Flash Parameter Injection (FPI)

Ayal Yogev & Yuval Baror

Learning the .Net Debugging API

Kevin Spett

17:00-18:00 Secure System Development Life Cycle (SSDLC) Methodology for SOA

Ken Huang

Web Security Education using Open Source Tools

Prof. Li-Chiou Chen & Chienitng Lin

Friend or Foe: Penetration Testing VS Source Code Analysis

Tom Ryan

18:30 Closing Remarks / CTF Awards / Raffles
21:00 Farewell dinner.. Go secure the world