This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP NYC AppSec 2008 Conference"
From OWASP
| Line 4: | Line 4: | ||
<center>[http://www.owasp.org/index.php?title=OWASP_NYC_AppSec_2008_Conference http://www.owasp.org/images/6/61/Banner2_irfan.jpg]</center> | <center>[http://www.owasp.org/index.php?title=OWASP_NYC_AppSec_2008_Conference http://www.owasp.org/images/6/61/Banner2_irfan.jpg]</center> | ||
<br> | <br> | ||
| − | In association with: [http://www.webappsec.org WASC], [http://www.nym-infragard.us NYM InfraGard], [http://aitglobal.com AITGlobal], [http://nyphp.org/index.php NYC PHP], [http://www.nycbug.org NYCBUG], [http://www.isacany.net ISACA], [http://www.issa.org ISSA] and [http://www.pace.edu Pace University] you're invited to (2) days of Seminars and Technology Pavilion from the world's best application security technology minds, (2) days of hardcore hands-on training, all held at <b>[http://www.pace.edu/page.cfm?doc_id=16157 Pace University]</b>, located in downtown New York City at <b>One Pace Plaza New York, NY 10038.</b> Event Fees: $350 Members / $400 Non-Members / $200 for Students for 2 days of seminars & [ | + | In association with: [http://www.webappsec.org WASC], [http://www.nym-infragard.us NYM InfraGard], [http://aitglobal.com AITGlobal], [http://nyphp.org/index.php NYC PHP], [http://www.nycbug.org NYCBUG], [http://www.isacany.net ISACA], [http://www.issa.org ISSA] and [http://www.pace.edu Pace University] you're invited to (2) days of Seminars and Technology Pavilion from the world's best application security technology minds, (2) days of hardcore hands-on training, all held at <b>[http://www.pace.edu/page.cfm?doc_id=16157 Pace University]</b>, located in downtown New York City at <b>One Pace Plaza New York, NY 10038.</b> Event Fees: $350 Members / $400 Non-Members / $200 for Students for 2 days of seminars & [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference#OWASP_NYC_AppSec_2008_Training_Courses_-_September_22nd_and_23rd.2C_2008 2 days of hands on training classes] are also available. |
| − | <center>[http://guest.cvent.com/i.aspx?4W,M3,828ca6d1-1b60-4105-8034-d344700e6956 | + | <center>[http://guest.cvent.com/i.aspx?4W,M3,828ca6d1-1b60-4105-8034-d344700e6956 http://www.owasp.org/images/7/7f/Register.gif] |
| − | To Get more involved and discuss this upcoming event [http://owaspfoundation.ning.com click here for forums] or visit other OWASP [ | + | To Get more involved and discuss this upcoming event [http://owaspfoundation.ning.com click here for forums] or visit other OWASP [http://www.owasp.org/index.php/Member_Offers member offers] |
</center> | </center> | ||
== 2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th == | == 2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th == | ||
| Line 16: | Line 16: | ||
| style="width:30%; background:#7B8ABD" | Track 3: | | style="width:30%; background:#7B8ABD" | Track 3: | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 08:00-09:30 || colspan="3" style="width:80%; background:#C2C2C2" align="center" | '''Doors Open for Badge Registration, [ | + | | style="width:10%; background:#7B8ABD" | 08:00-09:30 || colspan="3" style="width:80%; background:#C2C2C2" align="center" | '''Doors Open for Badge Registration, [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference/ctf Capture the Flag] Sign-Up & [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference#Technology_Pavilion_-_September_24th_and_25th Exhibit/Sponsor Area]''' |
|- | |- | ||
| style="width:10%; background:#7B8ABD" | 09:15-10:15 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Introduction, OWASP Version 3.0 where we are.. where we are going | | style="width:10%; background:#7B8ABD" | 09:15-10:15 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Introduction, OWASP Version 3.0 where we are.. where we are going | ||
| Line 24: | Line 24: | ||
''Robert "RSnake" Hansen CEO [http://www.sectheory.com SecTheory]'' | ''Robert "RSnake" Hansen CEO [http://www.sectheory.com SecTheory]'' | ||
| style="width:30%; background:#BCA57A" align="left" | Offensive Assessing Financial Apps | | style="width:30%; background:#BCA57A" align="left" | Offensive Assessing Financial Apps | ||
| − | ''[ | + | ''[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-daniel-cuthbert Daniel Cuthbert]'' |
| style="width:30%; background:#7B8ABD" align="left" | Web Intrusion Detection with ModSecurity | | style="width:30%; background:#7B8ABD" align="left" | Web Intrusion Detection with ModSecurity | ||
''Ivan Ristic'' | ''Ivan Ristic'' | ||
| Line 30: | Line 30: | ||
| style="width:10%; background:#7B8ABD" | 11:30-12:30 || style="width:30%; background:#BC857A" align="left" | Reverse Engineering .NET | | style="width:10%; background:#7B8ABD" | 11:30-12:30 || style="width:30%; background:#BC857A" align="left" | Reverse Engineering .NET | ||
''Adam Boulton'' | ''Adam Boulton'' | ||
| − | | style="width:30%; background:#BCA57A" align="left" | [http://www.owasp.org/index.php/Category:OWASP_JBroFuzz JBroFuzz] 0.1 - 1.1: [ | + | | style="width:30%; background:#BCA57A" align="left" | [http://www.owasp.org/index.php/Category:OWASP_JBroFuzz JBroFuzz] 0.1 - 1.1: [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Yiannis_Pavlosoglou Building a Java Fuzzer for the Web] |
| − | ''[ | + | ''[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Yiannis_Pavlosoglou Yiannis Pavlosoglou] - Senior Director - [http://www.ouncelabs.com Ounce Labs] '' |
| style="width:30%; background:#7B8ABD" align="left" | [http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project OWASP LIVE CD] | | style="width:30%; background:#7B8ABD" align="left" | [http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project OWASP LIVE CD] | ||
''Joshua Perrymon - CEO [http://www.packetfocus.com Packetfocus]'' | ''Joshua Perrymon - CEO [http://www.packetfocus.com Packetfocus]'' | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 12:30-13:30 || style="width:30%; background:#BC857A" align="left" | [ | + | | style="width:10%; background:#7B8ABD" | 12:30-13:30 || style="width:30%; background:#BC857A" align="left" | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-GunterOllmann Multidisciplinary Bank Attacks] |
''Gunter Ollmann, Director Security Strategy, [http://www.iss.net IBM Internet Security Systems]'' | ''Gunter Ollmann, Director Security Strategy, [http://www.iss.net IBM Internet Security Systems]'' | ||
| style="width:30%; background:#BCA57A" align="left" | OWASP CLASP | | style="width:30%; background:#BCA57A" align="left" | OWASP CLASP | ||
| Line 45: | Line 45: | ||
Moderator: Mahi Dontamsetti | Moderator: Mahi Dontamsetti | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 14:30-15:30 || style="width:30%; background:#BC857A" align="left" | [ | + | | style="width:10%; background:#7B8ABD" | 14:30-15:30 || style="width:30%; background:#BC857A" align="left" | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Andres_Riancho w3af, a framework to own the web] - |
| − | [ | + | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Andres_Riancho ''Andres Riancho''], [http://www.cybsec.com/ Cybsec] |
| style="width:30%; background:#BCA57A" align="left" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What's_hot_for_2008 | Trends in Web Hacking: What's hot in 2008<br/>Analysis of the Web Hacking Incidents Database (WHID)]] | | style="width:30%; background:#BCA57A" align="left" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What's_hot_for_2008 | Trends in Web Hacking: What's hot in 2008<br/>Analysis of the Web Hacking Incidents Database (WHID)]] | ||
| Line 100: | Line 100: | ||
''Vadim Okun'' | ''Vadim Okun'' | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 12:00-13:00 || style="width:30%; background:#BC857A" align="left" | [ | + | | style="width:10%; background:#7B8ABD" | 12:00-13:00 || style="width:30%; background:#BC857A" align="left" | [http://www.owasp.org/index.php/Wild_Wild_Web_on_Security_Planet Wild Wild Web on Security Planet] |
''[http://www.expresscertifications.com/company/execmgt.aspx Mano Paul] CEO [http://www.expresscertifications.com Express Certifications]'' | ''[http://www.expresscertifications.com/company/execmgt.aspx Mano Paul] CEO [http://www.expresscertifications.com Express Certifications]'' | ||
| style="width:30%; background:#BCA57A" align="left" | Software Liability | | style="width:30%; background:#BCA57A" align="left" | Software Liability | ||
| Line 142: | Line 142: | ||
|} | |} | ||
| − | <center>[http://guest.cvent.com/i.aspx?4W,M3,828ca6d1-1b60-4105-8034-d344700e6956 | + | <center>[http://guest.cvent.com/i.aspx?4W,M3,828ca6d1-1b60-4105-8034-d344700e6956 http://www.owasp.org/images/7/7f/Register.gif]</center> |
== Technology Pavilion - September 24th and 25th == | == Technology Pavilion - September 24th and 25th == | ||
| Line 151: | Line 151: | ||
<hr> | <hr> | ||
| − | <center>[ | + | <center>[http://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Diamond Sponsor] - [http://www.imperva.com http://www.owasp.org/images/d/de/Imperva_2color_RGB.jpg]<br> |
| − | <br>[https://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Platinum Sponsor] - [http://www.cenzic.com/ https://www.owasp.org/images/b/bf/CenzicLogo_RGB.gif] - [ | + | <br>[https://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Platinum Sponsor] - [http://www.cenzic.com/ https://www.owasp.org/images/b/bf/CenzicLogo_RGB.gif] - [http://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf http://www.owasp.org/images/f/f8/Sponsorsm.gif] </center><br> |
| − | [ | + | [http://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Other Sponsors] - |
| − | [http://www.proactiverisk.com https://www.owasp.org/images/9/97/Proactiverisk_logo.jpg] - [http://www.fortify.com https://www.owasp.org/images/a/ac/Fortify.jpg] - [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif] - [http://www.cigital.com/ https://www.owasp.org/images/b/be/Cigital_OWASP.GIF] - [http://www.accessitgroup.com https://www.owasp.org/images/6/6d/Accessit.JPG] - [http://www.ouncelabs.com https://www.owasp.org/images/6/6e/OunceLabs_logo.jpg] - [http://www.isc2.org http://www.owasp.org/images/4/45/Isc2logo.gif] - [http://evangelyze.net/marketing.asp https://www.owasp.org/images/1/10/Evlogo.jpg] - [http://www.foundstone.com/us/education-overview.asp | + | [http://www.proactiverisk.com https://www.owasp.org/images/9/97/Proactiverisk_logo.jpg] - [http://www.fortify.com https://www.owasp.org/images/a/ac/Fortify.jpg] - [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif] - [http://www.cigital.com/ https://www.owasp.org/images/b/be/Cigital_OWASP.GIF] - [http://www.accessitgroup.com https://www.owasp.org/images/6/6d/Accessit.JPG] - [http://www.ouncelabs.com https://www.owasp.org/images/6/6e/OunceLabs_logo.jpg] - [http://www.isc2.org http://www.owasp.org/images/4/45/Isc2logo.gif] - [http://evangelyze.net/marketing.asp https://www.owasp.org/images/1/10/Evlogo.jpg] - [http://www.foundstone.com/us/education-overview.asp http://www.owasp.org/images/2/26/Foundstone.jpg] - [http://www.arctecgroup.net http://www.owasp.org/images/b/bf/Arctec.jpg] - [http://www.f5.com http://www.owasp.org/images/7/7e/50px-F5_50px.jpg] - [http://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf http://www.owasp.org/images/f/f8/Sponsorsm.gif] |
<br> | <br> | ||
| − | <center>[https://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Sponsorship Opportunities] -- [ | + | <center>[https://www.owasp.org/images/6/66/NY_Sponsorship_Form_update_%282%29.pdf Sponsorship Opportunities] -- [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-PRESS Press Registration] -- [http://www.owasp.org/index.php/Member_Offers Other OWASP Member Offers] </center> |
<hr> | <hr> | ||
| Line 162: | Line 162: | ||
<hr> | <hr> | ||
| − | == [ | + | == [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference_Training OWASP NYC AppSec 2008 Training Courses - September 22nd and 23rd, 2008] == |
{| style="width:80%" border="0" align="center" | {| style="width:80%" border="0" align="center" | ||
! align="center" style="background:#4058A0; color:white" | T1. Defensive Programming - 2-Days - $1350 | ! align="center" style="background:#4058A0; color:white" | T1. Defensive Programming - 2-Days - $1350 | ||
| Line 168: | Line 168: | ||
| style="background:#F2F2F2" | This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software [[:Category:OWASP_AppSec_Conference_Training | Learn More Here]] | | style="background:#F2F2F2" | This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software [[:Category:OWASP_AppSec_Conference_Training | Learn More Here]] | ||
| − | Instructor: Jason Rouse, Sr. Consultant, [http://www.cigital.com/training/series | + | Instructor: Jason Rouse, Sr. Consultant, [http://www.cigital.com/training/series http://www.owasp.org/images/b/be/Cigital_OWASP.GIF]''' |
|- | |- | ||
{| style="width:80%" border="0" align="center" | {| style="width:80%" border="0" align="center" | ||
Revision as of 15:43, 1 July 2008
2008 OWASP USA, NYC
Last Update: 07/1/2008
In association with: WASC, NYM InfraGard, AITGlobal, NYC PHP, NYCBUG, ISACA, ISSA and Pace University you're invited to (2) days of Seminars and Technology Pavilion from the world's best application security technology minds, (2) days of hardcore hands-on training, all held at Pace University, located in downtown New York City at One Pace Plaza New York, NY 10038. Event Fees: $350 Members / $400 Non-Members / $200 for Students for 2 days of seminars & 2 days of hands on training classes are also available.
To Get more involved and discuss this upcoming event click here for forums or visit other OWASP member offers
2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th
| Day 1 – Sept 24th, 2008 | |||
|---|---|---|---|
| Track 1: | Track 2: | Track 3: | |
| 08:00-09:30 | Doors Open for Badge Registration, Capture the Flag Sign-Up & Exhibit/Sponsor Area | ||
| 09:15-10:15 | Introduction, OWASP Version 3.0 where we are.. where we are going
OWASP Foundation Board Jeff Williams, Tom Brennan, Dinis Cruz, Sebastien Deleersnyder & Dave Wichers | ||
| 10:30-11:30 | Logic Attacks and Inefficiencies of Robotic Detection
Robert "RSnake" Hansen CEO SecTheory |
Offensive Assessing Financial Apps | Web Intrusion Detection with ModSecurity
Ivan Ristic |
| 11:30-12:30 | Reverse Engineering .NET
Adam Boulton |
JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web
Yiannis Pavlosoglou - Senior Director - Ounce Labs |
OWASP LIVE CD
Joshua Perrymon - CEO Packetfocus |
| 12:30-13:30 | Multidisciplinary Bank Attacks
Gunter Ollmann, Director Security Strategy, IBM Internet Security Systems |
OWASP CLASP
Pravir Chandra |
Shootout at the Blackbox Corral
Dinis Cruz & Larry Suto |
| 13:30-14:30 | Collective Intelligence - Jennifer Bayuk-CISO Bear Stearns, Mark Clancy EVP CitiGroup, Jim Routh CISO DTCC, Sunil Seshadri CISO NYSE-Euronet, Warren Axelrod SVP Bank of America, Joe Bernik Royal Bank of Scotland & Philip Venables CIRO, Goldman, Sachs
Moderator: Mahi Dontamsetti | ||
| 14:30-15:30 | w3af, a framework to own the web - | Trends in Web Hacking: What's hot in 2008 Analysis of the Web Hacking Incidents Database (WHID) Ofer Shezaf, Breach |
Security in Agile Development
Dave Wichers, COO Aspect Security |
| 15:30-16:30 | OWASP Enterprise Security API (ESAPI) Project
Jeff Williams, CEO Aspect Security |
Next Generation Cross Site Scripting Worms
Arshan Dabirsiaghi, Director of Research Aspect Security |
"Threading the Needle:
Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks." Arian Evans, Director of Operations WhiteHat Security |
| 16:30-17:30 | Shhhh Don’t Tell Anybody
Petko D. Petkov, a.k.a. pdp |
Secure PHP
Hans Zaunere, CEO NYCPHP |
Payment Card Data Security and the new Enterprise Java |
| 17:30-18:30 | Notes Security
Jian Hui Wang |
Mastering PCI Section 6.6
Taylor McKinley and Jacob West |
AppSec Techniques
JD Glaser, CEO NTO Objectives |
| 18:30 | Capture the Flag - Polytechnic University & OWASP Chapter Leader Meeting - | ||
| 20:00 | Speaker/Attendee Reception | ||
| Day 2 – Sept 25th, 2008 | |||
| 8:00-10:00 | Breakfast @ Tech-Expo | ||
| 0900-10:00 | Prof. Howard A. Schmidt, CISSP, CISM (Hon.) |
Current (ISC)² Security Strategist and Former White House Cyber Security Advisor | ||
| 10:00-11:00 | Practical Advanced Threat Modeling
John Steven |
Open Reverse Benchmarking Project
Marce Luck & Tom Stracener |
Building Usable Security
Zed Abbadi |
| 11:00-12:00 | Offshoring Application Development? Security is Still Your Problem
Rohyt Belani |
OWASP Orizon Project
Paolo Perego |
NIST SAMATE Static Analysis Tool Exposition (SATE)
Vadim Okun |
| 12:00-13:00 | Wild Wild Web on Security Planet | Software Liability
Jack Danahy |
Cross-Site Scripting Filter Evasion
Alexios Fakos |
| 13:00-14:00 | OWASP Projects "Dinis Cruz & OWASP Project Leaders" | ||
| 14:00-15:00 | Projects with OWASP
Steve Malson |
OWASP Pantera Advances
Simon Roses Femerling |
Software-as-a-Service (SaaS)
James Landis |
| 15:00-16:00 | "Out of Band" Injection
Vijay Akasapu & Marshall Heilman |
OWASP V2 Testing Guide 4.2.3 Spidering and Googling in depth
Christian Heinrich |
Caution, Java ahead
Jeremiah Grossman CTO WhiteHat Security |
| 16:00-17:00 | Input validation: the Good, the Bad and the Ugly | Flash Parameter Injection (FPI)
Ayal Yogev & Yuval Baror |
Learning the .Net Debugging API
Kevin Spett |
| 17:00-18:00 | Secure System Development Life Cycle (SSDLC) Methodology for SOA
Ken Huang |
Web Security Education using Open Source Tools
Prof. Li-Chiou Chen & Chienitng Lin |
Friend or Foe: Penetration Testing VS Source Code Analysis
Tom Ryan |
| 18:30 | Closing Remarks / CTF Awards / Raffles | ||
| 21:00 | Farewell dinner.. Go secure the world | ||
Technology Pavilion - September 24th and 25th
Want to see the latest offerings from technology product and service firms, visit the Technology Pavilion. On September 24th and 25th. 2 full days of exhibits by service providers and manufacturers from around the world.
Do you want to preview the event space Click Here
Platinum Sponsor -
- 
Other Sponsors -
- 
- 
- 
- 
- 
- 
- 
- 
- 
- 
-
OWASP NYC AppSec 2008 Training Courses - September 22nd and 23rd, 2008
| T1. Defensive Programming - 2-Days - $1350 |
|---|
| This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software Learn More Here
Instructor: Jason Rouse, Sr. Consultant, |
| T2. Secure Coding for Java EE - 2-Days - $1350 |
|---|
This course is similar to Aspect's Building and Testing Secure Web Applications except it includes a significant amount of Java focused content, including:
Instructor: This tutorial is provided by longtime OWASP contributor: |
| T3. Web Services and XML Security - 2-Days - $1350 |
| The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software. Learn More Here
Instructor: Gunnar Peterson |
| T4. Advanced Web Application Security Testing - 2-Days - $1350 |
| Course Overview While all developers need to know the basics of web application security testing, application security specialists will want to know all the advanced techniques for finding and diagnosing security problems in applications. Aspect’s Advanced Web Application Security Testing training is based on a decade of work verifying the security of critical applications. The course is taught by an experienced application security practitioner in an interactive manner. Learn More Here
Instructor: This tutorial is provided by longtime OWASP contributor: |
| T5. Leading the Development of Secure Applications 1-Day - Sept 22nd- $675 |
| In this one-day management session you’ll get the answers to the ten key questions that most CIOs and development managers face when trying to improve security in the development process. The course provides proven techniques and valuable lessons learned that can be applied to projects at any phase of their application’s lifecycle. Learn More Here
Instructor: This tutorial is provided by longtime OWASP contributor: |
| T6. Application Security Forensics - 1-Day - Sep 23rd - $675 |
| Web application forensics and incident response, requires a solid understanding of web application, security issues – this 1 day class will provide you with a crashcourse on chain of custody and issues related to dealing with a breach |
| T7. Encryption Programming Using SKSML - 2-Days - $1350 |
| Application developers are increasingly required to protect sensitive data through encryption. While there are many libraries that can assist with cryptography, there are few to none that focus on encryption key management.
This class will introduce you to an OASIS standards protocol - Symmetric Key Services Markup Language (SKSML) - and show you how it can be used to securely encrypt sensitive data and manage encryption keys across the enterprise. Learn More Here Instructor: Arshad Noor, CTO, StrongAuth Inc. |
| T8. Writing Secure Code ASP.NET - 2-Days - $1350 |
|---|
| Understand the key security features of the .NET platform, the common web security pitfalls developers make, and how to build secure and reliable web applications using ASP.NET. Students are lead through hands on code examples that highlight issues and prescribe solutions. Learn More Here
The instructors are Foundstone's Technical Director, Rudolph Araujo and Foundstone's Professional Services Conlultant, Alex Smolen. |
HOTELS / TRAVEL
Hotels in the area of the event
New York City MTA: http://www.mta.nyc.ny.us/nyct/index.html
New York City Subway & walking directions: http://www.hopstop.com/?city=newyork
New York Sights & Sounds - SightsSounds
New York City Travel Guide - http://www.nytoday.com/
New York City Attractions - http://www.nycvisit.com
New York TV Show Tickets - Get free tickets to TV shows! - http://www.nytix.com/
New York City local news: http://www.ny1news.com
EVENT SPONSORSHIP
The OWASP Conferences & Training security technologists including CSOs,admins, application admins, MIS directors, homeland defense chiefs. These important influencers drive buying decisions exclusive access to its audiences. OWASP has established strategic relationships with security—print publications, newsletters, portals, consultants,message—and leadership positioning OWASP events. OWASP’s mission is supported by organizations who share our application, and software security communities. This approach should be part of your mix.Sponsorship Opportunities- Register online: click here
