This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP NYC AppSec 2008 Conference"
m |
|||
Line 147: | Line 147: | ||
[http://video.google.com/videoplay?docid=-4419524791864555496&hl=en VIDEO] / SLIDES | [http://video.google.com/videoplay?docid=-4419524791864555496&hl=en VIDEO] / SLIDES | ||
| style="width:30%; background:#BCA57A" align="center" | | | style="width:30%; background:#BCA57A" align="center" | | ||
− | '''Coding Secure w/PHP'''<br> | + | '''Phundamental Security - Coding Secure w/PHP'''<br> |
''[http://www.linkedin.com/in/zaunere Hans Zaunere]''<br> | ''[http://www.linkedin.com/in/zaunere Hans Zaunere]''<br> | ||
[http://video.google.com/videoplay?docid=3477751371038020741&hl=en VIDEO] / SLIDES | [http://video.google.com/videoplay?docid=3477751371038020741&hl=en VIDEO] / SLIDES |
Revision as of 03:05, 18 October 2008
2008 OWASP USA, NYC
Last Update: 10/18/2008
Our mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work. OWASP is like "public radio" so support our efforts join today as a corporate or individual member learn more CLICK HERE
SEE BELOW FOR VIDEO AND SLIDES - CLICK HERE FOR PHOTOS
2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th VIDEOS
Day 1 – Sept 24th, 2008 | |||||||||
---|---|---|---|---|---|---|---|---|---|
Track 1: BALLROOM | Track 2: SKYLINE | Track 3: TIMESQUARE | |||||||
07:30-08:50 | Doors Open for Attendee/Speaker Registration
avoid lines come early get your caffeine fix and use free wifi | ||||||||
09:00-09:45 | OWASP Version 3.0 who we are, how we got here and where we are going? OWASP Foundation: Jeff Williams, Dinis Cruz, Dave Wichers, Tom Brennan, Sebastien Deleersnyder | ||||||||
10:00-10:45 | Analysis of the Web Hacking Incidents Database (WHID) Ofer Shezaf |
DHS Software Assurance Initiatives | |||||||
11:00-11:45 |
Http Bot Research |
OWASP "Google Hacking" Project |
MalSpam Research | ||||||
12:00-13:00 | Capture the Flag Sign-Up
LUNCH - Provided by event sponsors @ TechExpo | ||||||||
12:00-12:45 |
Get Rich or Die Trying - Making Money on The Web, The Black Hat Way |
Framework-level Threat Analysis: Adding Science to the Art of Source-code review |
Automated Web-based Malware Behavioral Analysis | ||||||
13:00-13:45 |
New 0-Day Browser Exploits: Clickjacking - yea, this is bad... |
Web Intrusion Detection with ModSecurity |
Using Layer 8 and OWASP to Secure Web Applications | ||||||
14:00-14:45 | Industry Outlook Panel: Mark Clancy EVP CitiGroup, |
Security Assessing Java RMI |
JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web | ||||||
15:00-15:45 |
OWASP Testing Guide - Offensive Assessing Financial Applications |
Flash Parameter Injection (FPI) |
w3af - A Framework to own the web | ||||||
16:00-16:45 |
OWASP Enterprise Security API (ESAPI) Project |
Cross-Site Scripting Filter Evasion |
Multidisciplinary Bank Attacks | ||||||
17:00-17:45 |
Open Discussion On Application Security |
Mastering PCI Section 6.6 |
Case Studies: Exploiting application testing tool deficiencies via "out of band" injection | ||||||
18:00-18:45 |
Spearfishing and the OWASP Live CD |
Phundamental Security - Coding Secure w/PHP |
Payment Card Data Security and the new Enterprise Java | ||||||
19:00-20:00 |
OWASP Chapter Leader / Project Leader working session |
(ISC)2 Cocktail Hour |
Technology Movie Night | ||||||
20:00-23:00+ | OWASP Event Party/Reception Event badge required for admission Food, Drinks w/ New & Old Friends - break out the laptop and play capture the flag for fun and prizes. Location: HOTEL BALLROOM
| ||||||||
Day 2 – Sept 25th, 2008 | |||||||||
08:00-10:00 | BREAKFAST - Provided by event sponsors @ TechExpo | ||||||||
08:00-08:45 |
Software Development: The Last Security Frontier |
Best Practices Guide: Web Application Firewalls |
The Good The Bad and The Ugly - Pen Testing VS. Source Code Analysis
| ||||||
09:00-09:45 |
OWASP Web Services Top Ten |
OpenSource Tools | |||||||
10:00-10:45 |
Building a tool for Security consultants: A story of a customized source code scanner |
"Help Wanted" 7 Things You Need to Know APPSEC/INFOSEC Employment |
Industry Analyst with Forrester Research | ||||||
11:00-11:45 |
CLASP (Comprehensive, Lightweight Application Security Process) |
Security in Agile Development |
Secure Software Impact | ||||||
12:00-12:45 |
Next Generation Cross Site Scripting Worms |
Security of Software-as-a-Service (SaaS) |
Open Reverse Benchmarking Project | ||||||
12:00-13:00 | Capture the Flag Status
LUNCH - Provided @ TechExpo | ||||||||
13:00-13:45 |
NIST SAMATE Static Analysis Tool Exposition (SATE) |
Lotus Notes/Domino Web Application Security |
Shootout @ Blackbox Corral | ||||||
14:00-14:45 |
Practical Advanced Threat Modeling |
The OWASP Orizon Project: towards version 1.0 |
Building Usable Security | ||||||
15:00-15:45 |
Off-shoring Application Development? Security is Still Your Problem |
OWASP EU Summit Portugal |
A Security Architecture Case Study | ||||||
16:00-16:45 |
Vulnerabilities in application interpreters and runtimes |
Cryptography For Penetration Testers |
Memory Corruption and Buffer Overflows | ||||||
17:00-17:45 | Event Wrap-Up / Speaker & CTF Awards and Sponsor Raffles | ||||||||
18:30-19:30 | OWASP Foundation, Chapter Leader Meeting - to collect ideas to make OWASP better! |
If you could not find it above... check HERE FOR VIDEOS
Video content produced, processed and posted by www.MediaArchives.com