Difference between revisions of "OWASP NYC AppSec 2008 Conference/altspeaker"
| Line 120: | Line 120: | ||
''Marce Luck & [http://www.linkedin.com/pub/1/507/616 Tom Stracener] ]'' | ''Marce Luck & [http://www.linkedin.com/pub/1/507/616 Tom Stracener] ]'' | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 12:00-13:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | ''LUNCH - Provided by event sponsors @ TechExpo'' | + | | style="width:10%; background:#7B8ABD" | 12:00-13:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference/ctf Capture the Flag] Status & ''LUNCH - Provided by event sponsors @ TechExpo'' |
| + | |||
| + | |||
|- | |- | ||
| style="width:10%; background:#7B8ABD" | 13:00-13:45 || style="width:30%; background:#BC857A" align="left" | Security Research Report | | style="width:10%; background:#7B8ABD" | 13:00-13:45 || style="width:30%; background:#BC857A" align="left" | Security Research Report | ||
Revision as of 21:14, 6 July 2008
7/3 12:00pm ~ Currently I am moving speakers around, making room and adjustments, when done
i will simple REPLACE the agenda currently posted with this one and kill this placeholder page... special requests can be accommodated by calling 973-795-1046 x112 - brennan
2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th
| Day 1 – Sept 24th, 2008 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Track 1: | Track 2: | Track 3: | |||||||
| 07:30-10:00 | Doors Open for Attendee/Speaker Registration & Exhibit/Sponsor Area | ||||||||
| 09:00-09:45 | OWASP Version 3.0 who we are, where we are.. where we are going
OWASP Foundation: Jeff Williams, Dinis Cruz, Dave Wichers, Tom Brennan, Sebastien Deleersnyder, Paolo Perego, Kate Hartmann & Alison Shrader | ||||||||
| 10:00-10:45 | Analysis of the Web Hacking Incidents Database (WHID) | Web Application Security Road Map |
Got Security? | ||||||
| 11:00-11:45 | Web Security Education using Open Source Tools
Prof. Li-Chiou Chen & Chienitng Lin, Pace Univ |
Http Bot Research | MalSpam Research | ||||||
| 12:00-13:00 | Capture the Flag Sign-Up
LUNCH - Provided by event sponsors @ TechExpo | ||||||||
| 13:00-13:45 | Offensive Assessing Financial Applications | WAF ModSecurity | OWASP & NYC | ||||||
| 14:00-14:45 | Logic Attacks and Inefficiencies of Robotic Detection
Robert "RSnake" Hansen, CEO SecTheory |
Reverse Engineering .NET
Adam Boulton |
JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web | ||||||
| 15:00-15:45 | Industry Panel w/ Jennifer Bayuk CISO Bear Stearns, Mark Clancy EVP CitiGroup, Jim Routh CISO DTCC, Sunil Seshadri CISO NYSE-Euronet, Warren Axelrod SVP Bank of America, Joe Bernik Royal Bank of Scotland & Philip Venables CIRO, Goldman, Sachs | Wild Wild Web on Security Planet
Mano Paul CEO Express Certifications |
Multidisciplinary Bank Attacks
Gunter Ollmann | ||||||
| 16:00-16:45 | OWASP Enterprise Security API (ESAPI) Project | Shootout @ Blackbox Corral
Larry Suto |
80% 10% 10%
Andy Steingruebl, Security @ PayPal | ||||||
| 17:00-17:45 | Threading the Needle:
Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks Arian Evans |
Shhhh Don’t Tell Anybody | W3AF Open Source App Scanner
Andres Riancho | ||||||
| 18:00-18:45 | OWASP Live CD | Coding Secure w/PHP | Payment Card Data Security and the new Enterprise Java
Dr. B. V. Kumar & Mr. Abhay Bhargav | ||||||
| 20:00-23:00 | OWASP NYC AppSec 2008 VIP Party
Location: TBD | ||||||||
| Day 2 – Sept 25th, 2008 | |||||||||
| 08:00-10:00 | BREAKFAST - Provided by event sponsors @ TechExpo | ||||||||
| 0800-08:45 | Prof. Howard A. Schmidt, CISSP, CISM (Hon.) |
Current (ISC)² Security Strategist and Former White House Cyber Security Advisor | ||||||||
| 09:00-09:45 | Good vs. Evil JavaScript | OWASP V2 Testing Guide 4.2.3 Spidering and Googling in depth | Web Security Education using Open Source Tools
Prof. Li-Chiou Chen & Chienitng Lin of Pace Univ. | ||||||
| 10:00-10:45 | OWASP Update
Dinis Cruz/Jeff Williams + Surprise Guest |
OWASP Topic
SPEAKER TBD |
OWASP Topic
Speaker TBD | ||||||
| 11:00-11:45 | CLASP (Comprehensive, Lightweight Application Security Process)
Pravir Chandra |
Next Generation Cross Site Scripting Worms | Secure Software Impact | ||||||
| 12:00-12:45 | Security in Agile Development | Security of Software-as-a-Service (SaaS) | Open Reverse Benchmarking Project
Marce Luck & Tom Stracener ] | ||||||
| 12:00-13:00 | Capture the Flag Status & LUNCH - Provided by event sponsors @ TechExpo
| ||||||||
| 13:00-13:45 | Security Research Report | Pantera Advances | Lotus Notes Insecurity
Jian Hui Wang | ||||||
| 14:00-14:45 | Practical Advanced Threat Modeling
John Steven |
Owasp Orizon
Paolo Perego |
Building Usable Security
Zed Abbadi | ||||||
| 15:00-15:45 | Input validation: the Good, the Bad and the Ugly
Johan Peeters |
Offshoring Application Development? Security is Still Your Problem
Rohyt Belani |
NIST SAMATE Static Analysis Tool Exposition (SATE)
Vadim Okun | ||||||
| 16:00-16:45 | TOPIC
SPEAKER |
Flash Parameter Injection (FPI)
Ayal Yogev & Yuval Baror |
Cross-Site Scripting Filter Evasion
Alexios Fakos | ||||||
| 17:00-17:45 | Wizdom of Crowds / CTF Awards & Raffles | ||||||||
| 18:30-19:30 | OWASP Foundation, Chapter Leader Meeting | ||||||||
More information below
