This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP NYC AppSec 2008 Conference/altspeaker"
| Line 70: | Line 70: | ||
Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks | Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks | ||
'' [http://www.linkedin.com/in/arianevans Arian Evans]'' | '' [http://www.linkedin.com/in/arianevans Arian Evans]'' | ||
| − | | style="width:30%; background:#BCA57A" align="left" | | + | | style="width:30%; background:#BCA57A" align="left" |Shhhh Don’t Tell Anybody |
| − | '' | + | ''[http://www.linkedin.com/in/ppetkov Petko D. Petkov]'' |
| style="width:30%; background:#99FF99" align="left" | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Andres_Riancho W3AF Open Source App Scanner] | | style="width:30%; background:#99FF99" align="left" | [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Andres_Riancho W3AF Open Source App Scanner] | ||
''Andres Riancho'' | ''Andres Riancho'' | ||
Revision as of 15:57, 6 July 2008
7/3 12:00pm ~ Currently I am moving speakers around, making room and adjustments, when done
i will simple REPLACE the agenda currently posted with this one and kill this placeholder page... special requests can be accommodated by calling 973-795-1046 x112 - brennan
2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th
| Day 1 – Sept 24th, 2008 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Track 1: | Track 2: | Track 3: | |||||||
| 07:30-10:00 | Doors Open for Attendee/Speaker Registration & Exhibit/Sponsor Area | ||||||||
| 09:00-09:45 | OWASP Version 3.0 who we are, where we are.. where we are going
OWASP Foundation: Jeff Williams, Dinis Cruz, Dave Wichers, Tom Brennan, Sebastien Deleersnyder, Paolo Perego, Kate Hartmann & Alison Shrader | ||||||||
| 10:00-10:45 | Analysis of the Web Hacking Incidents Database (WHID) | Web Application Security Road Map |
Got Security? | ||||||
| 11:00-11:45 | Web Security Education using Open Source Tools
Prof. Li-Chiou Chen & Chienitng Lin, Pace Univ |
Http Bot Research | MalSpam Research | ||||||
| 12:00-13:00 | Capture the Flag Sign-Up
LUNCH - Provided by event sponsors @ TechExpo | ||||||||
| 13:00-13:45 | Offensive Assessing Financial Applications | WAF ModSecurity | OWASP & NYC | ||||||
| 14:00-14:45 | Logic Attacks and Inefficiencies of Robotic Detection
Robert "RSnake" Hansen, CEO SecTheory |
Reverse Engineering .NET
Adam Boulton |
JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web | ||||||
| 15:00-15:45 | Industry Panel w/ Jennifer Bayuk CISO Bear Stearns, Mark Clancy EVP CitiGroup, Jim Routh CISO DTCC, Sunil Seshadri CISO NYSE-Euronet, Warren Axelrod SVP Bank of America, Joe Bernik Royal Bank of Scotland & Philip Venables CIRO, Goldman, Sachs | Wild Wild Web on Security Planet
Mano Paul CEO Express Certifications |
Multidisciplinary Bank Attacks
Gunter Ollmann | ||||||
| 16:00-16:45 | OWASP Enterprise Security API (ESAPI) Project | Shootout @ Blackbox Corral
Larry Suto |
80% 10% 10%
Andy Steingruebl, Security @ PayPal | ||||||
| 17:00-17:45 | Threading the Needle:
Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks Arian Evans |
Shhhh Don’t Tell Anybody | W3AF Open Source App Scanner
Andres Riancho | ||||||
| 18:00-18:45 | OWASP Live CD | TALK
Speaker |
TALK24 TITLE TRACK3
SPEAKER NAME, TITLE [http:// LINK] | ||||||
| 20:00-23:00 | OWASP NYC AppSec 2008 VIP Party
Location: TBD | ||||||||
| Day 2 – Sept 25th, 2008 | |||||||||
| 08:00-10:00 | BREAKFAST - Provided by event sponsors @ TechExpo | ||||||||
| 0800-08:45 | Prof. Howard A. Schmidt, CISSP, CISM (Hon.) |
Current (ISC)² Security Strategist and Former White House Cyber Security Advisor | ||||||||
| 09:00-09:45 | Good vs. Evil JavaScript | TALK26 TITLE TRACK2
SPEAKER NAME, TITLE [http:// LINK] |
TALK27 TITLE TRACK3
SPEAKER NAME, TITLE [http:// LINK] | ||||||
| 1000-10:45 | Dinis Cruz/Jeff Williams + Surprise Guest |
OWASP Foundation | ||||||||
| 11:00-11:45 | CLASP (Comprehensive, Lightweight Application Security Process)
Pravir Chandra |
Next Generation Cross Site Scripting Worms | TALK30 TITLE TRACK3
SPEAKER NAME, TITLE [http:// LINK] | ||||||
| 12:00-12:45 | Security in Agile Development | TALK32 TITLE TRACK2
SPEAKER NAME, TITLE [http:// LINK] |
TALK33 TITLE TRACK3
SPEAKER NAME, TITLE [http:// LINK] | ||||||
| 12:00-13:00 | LUNCH - Provided by event sponsors @ TechExpo | ||||||||
| 13:00-13:45 | TALK34 TITLE TRACK1
Dinis Cruz, TITLE [http:// LINK] |
TALK35 TITLE TRACK2
SPEAKER NAME, TITLE [http:// LINK] |
TALK36 TITLE TRACK3
SPEAKER NAME, TITLE [http:// LINK] | ||||||
| 14:00-14:45 | Practical Advanced Threat Modeling
John Steven |
Open Reverse Benchmarking Project
Marce Luck & Tom Stracener |
Building Usable Security
Zed Abbadi | ||||||
| 15:00-15:45 | Offshoring Application Development? Security is Still Your Problem
Rohyt Belani |
OWASP Orizon Project
Paolo Perego |
NIST SAMATE Static Analysis Tool Exposition (SATE)
Vadim Okun | ||||||
| 16:00-16:45 | Wild Wild Web on Security Planet | Software Liability
Jack Danahy |
Cross-Site Scripting Filter Evasion
Alexios Fakos | ||||||
| 17:00-17:45 | Wizdom of Crowds / CTF Awards & Raffles | ||||||||
| 18:30-19:30 | OWASP Foundation, Chapter Leader Meeting | ||||||||
More information below
