Difference between revisions of "AppSecUSA 2012.com"

Revision as of 03:37, 18 November 2012 (view source) Nishi (talk | contribs) ← Older edit		Revision as of 03:54, 18 November 2012 (view source) Nishi (talk | contribs) Newer edit →
Line 135:		Line 135:
	==== Unbreakable Oracle ERPs? Attacks on Siebel & JD Edwards ====		==== Unbreakable Oracle ERPs? Attacks on Siebel & JD Edwards ====
	*'''Juan Perez-Etchegoyen, Jordan Santarsieri''' | Case Studies		*'''Juan Perez-Etchegoyen, Jordan Santarsieri''' | Case Studies
		+
		+	=== 1:00 pm - 1:45 pm ===
		+
		+	----
		+
		+	==== Builders Vs. Breakers ====
		+	*'''Brett Hardin, Matt Konda, Jon Rose''' | Developer
		+
		+	==== Real World Cloud Application Security ====
		+	*'''Jason Chan''' | Cloud
		+
		+	==== NoSQL, no security? ====
		+	*'''Will Urbanski''' | Architecture
		+
		+	==== SQL Server Exploitation, Escalation, and Pilfering ====
		+	*'''Antti Rantasaari, Scott Sutherland''' | Attack
		+
		+	==== Iran's real life cyberwar ====
		+	*'''Phillip Hallam-Baker''' | Case Studies
	<br>		<br>

---

Revision as of 03:54, 18 November 2012

• AppSecUSA Presentations and Talks

Thursday 25th Oct

10:00 am - 10:45 am

---

Building Predictable Systems using Behavioral Security Modeling: |Functional Security Requirements

• John Benninghoff | Developer

Top Ten Web Defenses

• Jim Manico | Mobile

Mobile Applications & Proxy Shenanigans

• Dan Amodio | Mobile

Reverse Engineering “Secure” HTTP APIs With An SSL Proxy

• Alejandro Caceres | Reverse Engineering

Gauntlt: Rugged by Example

• Jeremiah Shirk | Rugged devops

11:00 am - 11:45 am

---

Building a Web Attacker Dashboard with ModSecurity and BeEF

• Ryan Barnett | Attack

Secure Code Reviews Magic or Art? A Simplified Approach to Secure Code Reviews

• Sherif Koussa | Developer

Cracking the Code of Mobile Application

• Sreenarayan Ashokkumar | Mobile

Hacking .NET Application: Reverse Engineering 101

• Jon Mccoy | Reverse Engineering

Doing the unstuck: How Rugged cultures drive Biz & AppSec Value

• Josh Corman | Rugged devops

2:00 pm - 2:45 pm

---

Hacking with WebSockets

• Vaagn Toukharian | Attack

Bug Bounty Programs

• Michael Coates, Chris Evans, Jeremiah Grossman, Adam Mein, Alex Rice | Developer

How we tear into that little green man

• Mathew Rowley | Mobile

AppSec Training, Securing the SDLC, WebGoat.NET and the Meaning of Life

• Jerry Hoff | Developer

Put your robots to work: security automation at Twitter

• Justin Collins, Neil Matatall, Alex Smolen | Rugged devops

3:00 pm - 3:45 pm

---

Exploiting Internal Network Vulns via the Browser using BeEF Bind

• Michele Orru | Attack

The Diviner - Digital Clairvoyance Breakthrough - Gaining Access to the Source Code & Server Side Memory Structure of ANY Application (OWASP ZAP extension)

• Shay Chen | Developer

Demystifying Security in the Cloud: AWS Scout

• Jonathan Chittenden | Cloud

I>S+D! - Interactive Application Security Testing (IAST), Beyond SAST/DAST

• Ofer Maor | Developer

Rebooting (secure) software development with continuous deployment

• Nick Galbreath | Rugged devops

4:00 pm - 4:45 pm

---

Cross Site Port Scanning

• Riyaz Walikar | Attack

Analyzing and Fixing Password Protection Schemes

• John Steven | Developer

Static Analysis of Java Class Files for Quickly and Accurately Detecting Web-Language Encoding Methods

• Arshan Dabirsiaghi, Alex Emsellem, Matthew Paisner | Attack

WTF - WAF Testing Framework

• Yaniv Azaria, Amichai Shulman | Architecture

DevOps Distilled: The DevOps Panel at AppSec USA

• Josh Corman, Nick Galbreath, Gene Kim, David Mortman, James Wickett | Rugged devops

Friday 26th Oct

10:00 am - 10:45 am

---

Effective approaches to web application security

• Zane Lackey | Developer

Why Web Security Is Fundamentally Broken

• Jeremiah Grossman | Developer

Payback on Web Attackers: Web Honeypots

• Simon Roses Femerling | Architecture

Spin the bottle: Coupling technology and SE for one awesome hack

• David Kennedy | Attack

Incident Response: Security After Compromise

• Richard Bejtlich | Case Studies

11:00 am - 11:45 am

---

The Same-Origin Saga

• Brendan Eich | Developer

Hack your way to a degree: a new direction in teaching application security at universities

• Konstantinos Papapanagiotou | Developer

The Magic of Symbiotic Security: Creating an Ecosystem of Security Systems

• Dan Cornell, Josh Sokol | Architecture

Blended Threats and JavaScript: A Plan for Permanent Network Compromise

• Phil Purviance | Attack

Unbreakable Oracle ERPs? Attacks on Siebel & JD Edwards

• Juan Perez-Etchegoyen, Jordan Santarsieri | Case Studies

1:00 pm - 1:45 pm

---

Builders Vs. Breakers

• Brett Hardin, Matt Konda, Jon Rose | Developer

Real World Cloud Application Security

• Jason Chan | Cloud

NoSQL, no security?

• Will Urbanski | Architecture

SQL Server Exploitation, Escalation, and Pilfering

• Antti Rantasaari, Scott Sutherland | Attack

Iran's real life cyberwar

• Phillip Hallam-Baker | Case Studies