Difference between revisions of "OWASP Global AppSec Asia 2011"

Revision as of 07:27, 7 September 2011

Welcome

OWASP Global AppSec Asia Pacific 2011 - Beijing China

OWASP China-Mainland Chapter will host OWASP Global AppSec Asia 2011 in Beijing, China from Nov. 8 to Nov. 11, 2011. The summit will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Asia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Chinese and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 800 people are expected to attend the summit, which will be covered by major news media. Panel discussions, vendor exhibit, and dinners will be held at the summit, providing sufficient networking opportunities.

中文(Chinese)

中文网站

OWASP 中国

OWASP 2011亚太峰会

Registration

请使用RegOnline 链接来注册(中文).

Please use RegOnline link for your registration (English).

Who Should Attend OWASP Global AppSec Asia 2011:

Application Developers
Application Testers and Quality Assurance
Application Project Management and Staff
Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
Security Managers and Staff
Executives, Managers, and Staff Responsible for IT Security Governance
IT Professionals Interesting in Improving IT Security

For student discount, attendees must present proof of enrollment when picking up your badge.

Keynotes

Sebastien Deleersnyder

Seba Deleersnyder, Managing Technical Consultant ICT Security at SAIT Zenitel.

As security project leader and information security officer for multiple customers Sebastien has build up extensive experience in Information Security related disciplines, both at strategic and tactical level. Sebastien specializes in (Web) Application Security,combining both his broad development and information security experience.

Seba is the Belgian OWASP Chapter Leader, member of the influential OWASP Foundation Board and performed several public presentations on Web Application and Web Services Security. He also co-organizes the yearly security & hacker BruCON conference and trainings in Brussels.

Manoranjan Paul

Manoranjan (Mano) Paul is founder and CEO of SecuRisk Solutions and Express Certifications, companies that specialize in security training, consulting and product development. His information security and software assurance experience includes designing and developing security programs from compliance-to-coding, security in the SDLC, writing secure code, risk management, security strategy, and security awareness training and education.

He is the author of the official (ISC)² guide to the Certified Secure Software LifecycleProfessional (CSSLP) book (released June 2011) and has contributed to chapters in the Information Security Management Handbook. His has been interviewed and referenced in several articles including those in CIO.com. Mano has been featured in various domestic and international security conferences and is an invited speaker and panelist, delivering training, talks and keynotes in conferences such as the OWASP, ASIS, CSI, Catalyst, SC World Congress, (ISC)² Security Congress, and TRISC.

Cassio Goldschmidt

Cassio Goldschmidt is a globally recognized application security leader, and senior manager of the product security team at Symantec Corporation (a long time OWASP supporter). In this role Cassio leads the Symantec Product Security team with company-wide responsibility for product security assurance, vulnerability management, security development lifecycle implementation, and oversees the coordination of security certifications and training.

Cassio's contribution to OWASP include:

Co-chair of OWASP AppSec USA 2010
Co-chair of OWASP AppSec Latin America 2011
Member of the conference committee
Major contributions to the revamp of OWASP LA Chapter
Honorary founder of OWASP Porto Alegre Chapter
Board member of OWASP LA Chapter
Speaking engagements at OWASP conferences

Alexander Wang

Wei Zhao

Zhao Wei is the Chief Executive Officer of Knownsec.He worked in Computer Security since 1998.Mr. Zhao was the core member of several earliest Chinese vuluntary security orginazations. Prior to Knowsec, he worked at Venustech, one of the leading security firm in China, for computer system vulnerability research work. In 2005, he joined McAfee Security Lab as a research expert. Mr. Zhao has over ten years' experience in security development and project implementation.

Larry Man

Larry Man is a dynamic-leader in information security, with over 15 years experience in the field. He is Principle Consultant – SZBOWEB Company Limited which provides independent IT Security consulting to arrange of clients in China and Hong Kong. He is an expert in Data Security. He previously led a team in Ottawa Canada to create an embedded software system specialized in digital rights management. He is also the founder of Ironclad System, a software vendor in producing ERM systems. Larry used to work as a computer auditor of HSBC in HK. Larry was graduated from University of Manitoba with two degrees, one in Computer Science and one in Accounting & Finance. He also had a Master Degree in Engineering from CUHK. Larry is based in Hong Kong and has previously lived in Canada, US and China.

CFP and CFT

OWASP APPSEC ASIA 2011

CALL FOR Presentation

OWASP AppSec Asia 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP AppSec Asia 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to 800+ expected participants.

The topics we are seeking include, but are not limited to:

Web Application Security
Mobile Application Security
Cloud Application Security
Software and Architecture Patterns for Application Security
Metrics for Application Security
OWASP Tools and Projects
Secure Coding Practices (J2EE/.NET)
Application Security Testing
New Attacks and Defense
Other subjects related to OWASP and Application Security

To make a submission:

Download and fill out the form available at https://www.owasp.org/images/d/d3/OWASP_AppSec_Asia_2011_CFP_v2.zip
Submit the form through the Easychair conference web site at http://www.easychair.org/conferences/?conf=GlobalAppSecAsia2011

Each talk should be limited to 40 minutes, followed by a 10 minute question session.

Submission deadline: August 22, 2011.
Notification of acceptance: September 9, 2011.
Presentation slides due: October 21, 2011.

CALL FOR Training

OWASP AppSec Asia will begin with two days of training sessions on November 10th and 11th, 2011. Proposals are solicited for the training of either a one-day (6 hours plus breaks) or two-day sessions on all topics of application security with focus on secure application design and development, threat modeling and defense strategy, and secure application testing. Each training session should cover a single topic in detail in order to allow trainees to grasp practical understanding and basic skill in the subject. Submissions should include a cover sheet and an extended abstract. The cover sheet should specify:

The title and length of the training;
The intended audience and prerequisite knowledge or skills, if any;
Complete contact information for the trainer; and
Brief biography (max. 2 paragraphs) for the trainer. The extended abstract should be 1 to 2 pages, and should include an outline of the training plan, along with descriptions of the objectives and course materials.

Training proposals in PDF or Word format must be sent via email by August 22, 2011 to Jack Li (jack.li@owasp.org). The submissions will undergo review and trainings will be selected by the OWASP AppSec Asia 2011 Conference Committee. Notifications will be sent out by September 9, 2011.

For more information, please see the following web pages:

Conference Website: https://www.owasp.org/index.php/OWASP_Global_AppSec_Asia_2011
OWASP Speaker Agreement: http://www.owasp.org/index.php/Speaker_Agreement
OWASP Website: http://www.owasp.org
Easychair conference site: https://www.easychair.org/account/signin.cgi?conf=apac2011 
Presentation proposal form: https://www.owasp.org/images/b/b6/OWASP_AppSec_Asia_2011_CFP.zip

Agenda

Preliminary Program

Tue, November 8, 2011 - Conference. Exhibition(TBD).

Wed, November 9, 2011 - Conference. Exhibition(TBD)

Thu, November 10, 2011 - Training

Fri, November 11, 2011 - Training .

Final Program

The final program will be available before October 2011.

Sponsor US!

We are still soliciting sponsors for the OWASP Global AppSec Asia 2011. An exhibit hall will be held for vendor booths and presentations.

More than 500 people attended the OWASP China conference last year. As a sponsor, you will gain exclusive access to companies in Asia through a limited number of expo floor slots.

New in 2011, we are offering exclusive Global AppSec Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please contact us directly if you have any related question.

To find out more about the different sponsorship opportunities please check the document below:
OWASP_China2011_Sponsorship.pdf

Intented Sponsors:

Team

Contact us

Members (in alphabetical order)

Expense

Registration Fee

It it free for all OWASP members and all OWASP China chapter members.

If you are neither an OWASP member nor an OWASP China chapter member, please feel free to join us!

Accommodation

Please check the local hotel website for detail information.

Logistics

Venue

Beijing International Convention Center

No 8 Beichen Dong Road Chaoyang District, Beijing China 100101

Tel: +86-10-84979768

website: http://www.bicc.com.cn

Hotel

Attendees can enjoy preferred rates in following hotels. Please send email to Ivy before Sep 30th, 2011 and reservation is subject to our confirmation. Hotels will not reserve rooms with preferential prices for us.

1. Beijing North Star Continental Grand Hotel

Add:No.8 Beichen Dong Road, Chaoyang District, Beijing P. R. China 100101

Price for Standard Rooms: RMB 580/day (include Chinese-style breakfast)(Four star)

2. Huiyuan Service Apartment

Address: No. 8 North Star East Road, Chaoyang District, Beijing

Price for Standard Rooms: RMB 390/day (Breakfast: RMB 30/person)--four star

Price for standard Rooms: RMB 290/day (Breakfast: RMB 30/person)--three star

Travel

How to obtain a visa for the event

Invitation letter will be sent out for overseas attendees after registration.
For detailed information on obtaining a business visa for this event, please refer to Chinese embassy

Chapter Leader Workshop

What is the Chapter Leader Workshop?

On Wednesday, November 9, 2011 at 2:30pm-5:30pm the Global Chapter Committee is organizing a chapter leader workshop for all the chapter leaders that attend the conference. Please note that this Workshop will take place on the day before the Conference starts.

Items that will be discussed are:

How to improve the current Chapter Leader Handbook?
How to start and support new chapters within the Asia/Pacific region?
How to support inactive chapters in the Asia/Pacific region?
What Governance model is required for OWASP chapters?
How can the Global Chapters Committee facilitate the Asian OWASP chapters?
...

Additionally we hope to make time and space available to do hands-on work revising the Chapter Leader Handbook, details TBA.

Funding to Attend the Workshop

If you need financial assistance to attend the Chapter Leader Workshop at AppSec Asia, please submit a request to Tin Zaw and Sarah Baso by September 15, 2011.

Funding for your attendance to the workshop should be worked out in the following order.

Ask your employer to fund your trip to AppSec Asia conference.
Utilize your chapter funds.
Ask the chapter committee for funding assistance.

While we wish we could fund every chapter leader, due to the limited amount of budget allocated for this event, we may not be able to fund 100% to all the requests. After September 15, we will make funding decision in a fair and transparent manner. When you apply for funding, please highlight your past contributions to OWASP and your future plans for the local chapter and OWASP.

RSVP and Details

To RSVP and view more details about the Workshop, go to the OWASP Global AppSec Asia 2011 chapters workshop agenda.

Contact

Email Sarah Baso or Tin Zaw for more details.

@@ Line 96: / Line 96: @@
 ----
+{| style="background-color: transparent" class="FCK__ShowTableBorders"
+|-
+! width="200" align="center" | <br>
+! width="1000" align="center" | <br>
+|-
+| align="center" | https://www.owasp.org/images/b/b4/Cassio.jpg
+|
 === Wei Zhao  ===
 ----
-Zhao Wei is the Chief Executive Officer of Knownsec.He worked in Computer Security since 1998.Mr. Zhao was the core member of several earliest Chinese vuluntary security orginazations. Prior to Knowsec, he worked at Venustech, one of the leading security firm in China, for computer system vulnerability research work. In 2005, he joined McAfee Security Lab as a research expert. Mr. Zhao has over ten years' experience in security development and project implementation.
+{| style="background-color: transparent" class="FCK__ShowTableBorders"
+|-
+! width="200" align="center" | <br>
+! width="1000" align="center" | <br>
+|-
+| align="center" | https://www.owasp.org/images/b/b4/Cassio.jpg
+|Zhao Wei is the Chief Executive Officer of Knownsec.He worked in Computer Security since 1998.Mr. Zhao was the core member of several earliest Chinese vuluntary security orginazations. Prior to Knowsec, he worked at Venustech, one of the leading security firm in China, for computer system vulnerability research work. In 2005, he joined McAfee Security Lab as a research expert. Mr. Zhao has over ten years' experience in security development and project implementation.
 === Larry Man ===