This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP China Summit 2010"

From OWASP
Jump to: navigation, search
Line 154: Line 154:
  
 
== Application Security Market Trend 应用安全市场动态 ==
 
== Application Security Market Trend 应用安全市场动态 ==
 +
= Chenxi Wang, PhD =
 
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态,并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例 ,看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序,并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
 
应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态,并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例 ,看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序,并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。
 
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
 
== Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? ==
 +
= Wong Onn Chee =
 
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
 
Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.
  

Revision as of 07:24, 8 October 2010

OWASP China logo.jpg

Welcome

OWASP China Summit 2010 - Beijing China

OWASP China-Mainland Chapterwill host OWASP China Summit 2010 in Beijing China on Oct 20-23, 2010, with two days of training followed by two days of conference. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from China and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

Press Release: OWASP China Summit 2010 Announcement

中文(Chinese)

中文网站

本次会议设有专门的中文网站: OWASP 2010 中国峰会中文网站

Registration

Please register yourself to attend the OWASP China Summit. General admission is FREE.

Who Should Attend OWASP China Summit 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security

For student discount, attendees must present proof of enrollment when picking up your badge.

Questions, please contact: OWASP China Summit 2010 Organization Team

Training: Oct 20 - 21


Training Agenda
Training Oct 20 - Oct 21
Time Trainer Topic Language Price (Before Oct.10) Price (After Oct.10)
AM Oct 20 Yuezhong Bao, Microsoft Secure Development Lifecycle Chinese RMB 1000 ($150) RMB 1500 ($230)
PM Oct 20 Benson Wu, Armorize Security Code Review Chinese RMB 1000 ($150) RMB 1500 ($230)
AM Oct 21 Xin Fang, VulnHunt Security Testing Chinese RMB 1000 ($150) RMB 1500 ($230)
PM Oct 21 Aaron, DBAppSecurity Security Testing Chinese RMB 1000 ($150) RMB 1500 ($230)

Enrollment & Questions:

Trainer Bios & Course Abstracts

Agenda: Oct 22

Conference Day 1 - Oct 22, 2010 Tentative
Time Speaker Presentation Language
08:30-09:00 Registration and Networking
09:00-09:10 Rip Torn, OWASP China Chapter and Tom Brennan OWASP Board Opening Statement: Welcome to OWASP China Summit 2010 Chinese/English
09:10-10:00 Keynote: Chenxi Wang, PhD, Forrester Research #Application Security Market Trend 应用安全市场动态 Chinese
10:10-10:40 Weilin Zhong, OWASP OWASP TOP 10 Chinese
10:50-11:20 Frank Fan, DBAppSecurity Web Attack and Defense Trends Chinese
11:30-12:00 Wong Onn Chee, OWASP Singapore Chapter #Outbound Monitoring of Web Servers: a Forgotten Child in Information Security? Chinese/English
12:00-13:30 Lunch Break
13:30-14:10 Mark Goudie, Verizon Business 2010 Data Breach Investigation Report English with real-time Chinese translation
14:20-15:00 Pravir Chandra, OWASP OWASP OpenSAMM Project English with real-time Chinese translation
15:10-15:40 Helen Gao, OWASP Long Island Chapter OWASP and OWASP Projects Chinese
16:00-17:00 Panel Round Table: Web App Security - State of Art Chinese

Application Security Market Trend 应用安全市场动态

应用安全是很多企业安全部门的重要运行目标。在这个报告中我们将分析全球应用安全市场动态,并看一下世界的一些领先机构是怎样在内部推广和运行应用安全产品。我们将分析一些金融界和保险行业的成功案例 ,看一下这些公司是怎样把应用安全产品分门别类融进他们的日常运行程序,并怎样克服运行中遇到的困难。最后我们还将讨论应用安全产品的发展和研究趋势。

Outbound Monitoring of Web Servers: a Forgotten Child in Information Security?

Outbound monitoring of enterprise web servers is an oft-neglected aspect in the overall security of an enterprise web infrastructure.When outbound monitoring is missing, risks from information leakage and transmission of malware are ever present. Onn Chee will walk through the most common causes of information leakage and malware transmission from web servers. Anonymised case studies of major US and Chinese organisations will be presented for the audience to have a better understanding.

Sponsors


Diamond Sponsors:

Dbappsecurity_logo.gif 安恒信息 Armorize.png


Platinum Sponsors:


Gold Sponsors:

VenusTech_logo.gif ankkilog.png深圳昂楷科技有限公司


Supporting Sponsors:

Huawei_Logo.gif 华为


Logo_microsoft.jpg       微软中国


南京翰海源



Educational Sponsors:

ISCAS_logo.gif中国科学院软件研究所 InfoSec_Lab_PKU_logo.gif


Organizing Partners:

logo2009.gif logo.png toplogo.gif


Media Partners:

OWASP media resources and China mainstream IT Medias publicize this web application security summit in every rolling stage. Participated Medias include:

  • Print Media:CIW, CNW, 365master, TTM, CCW, CISMAG, CBINEWS, etc
  • Network Media: logo.gif,logo.gifLogo.gif, top_logo.jpg, CTOCIO, etc.

We are still soliciting sponsors for the OWASP China Summit. An exhibit hall will be held for vendor booths and presentations. For more details, please see the OWASP China Summit 2010 Investment Guide [English][Chinese]

Slots are going fast so contact OWASP China Summit 2010 Organization Team to sponsor today!


Conference Committee

Contact

Organizers

Conference Committee

  • Rip Torn 万振华,Chair of OWASP China Mainland chapter
  • Frank Fan 范渊,Vice President of OWASP China Mainland chapter, President of DBAPPSecurity Ltd.
  • Weilin Zhong 钟卫林,Lead of OWASP Chinese Project and Honeycomb Project, Senior Info Sec Eng at Wells Fargo, CISSP
  • Helen Gao 高雯,Lead of OWASP Long Island Chapter and OWASP Chinese Project, CISSP
  • Zhendong Yu 于振东, OWASP Chinese Project, co-founder of Innovative Query Inc, CISSP
  • Eric Chio 趙嘉言, Lead of OWASP Shanghai Chapter, Microsoft.
  • Jianchun Jiang 蒋建春 - Lead of OWASP Beijing Chapter, Associate Professor, The Software Institute, Chinese Academy of Sciences, 中科院软件所副研究员. NSACE 负责人
  • Jie Wang 王颉 - High Speed Network Group, Dept of Electronic and Electrical Engineering, Loughborough Univ.,UK.
  • Wayne Huang 黃耀文 - OWASP conference committee, OWASP Taiwan Chapter Chair, Founder and CEO of Armorize Technology.


Volunteer

Volunteers Needed!

Get involved! We will take all the help we can get to pull off the best Web Application Security Conference of the year! E-mail the OWASP China Summit 2010 Organization Team.


Logistics

Venue

Hotel Nikko New Century Beijing Conference Center

Hotel

Hotel Nikko New Century Beijing 北京新世纪日航酒店 北京市海淀区首体南路6号

hotel.jpg

Hotel Booking

Travel

How to obtain a visa for the event

  • Invitation letter will be sent out for overseas attendees after registration.
  • For detailed information on obtaining a business visa for this event, please refer to Chinese embassy
  • More questions, please contact Helen Gao