This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP AppSec DC 2009 Schedule"
From OWASP
Mark.bristow (talk | contribs) (→Back to Conference Page) |
Mark.bristow (talk | contribs) (→Back to Conference Page) |
||
Line 86: | Line 86: | ||
| width="67" valign="middle" bgcolor="#7b8abd" | 10:45-11:30 | | width="67" valign="middle" bgcolor="#7b8abd" | 10:45-11:30 | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams <br><br> Video | [[Media: OWASP ESAPI-Jeff Williams.pptx| Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[OWASP ESAPI AppSecDC|OWASP ESAPI]]<br>Jeff Williams <br><br> Video | [[Media: OWASP ESAPI-Jeff Williams.pptx| Slides]] | ||
− | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Clubbing WebApps with a Botnet]]<br>Gunter Ollmann <br><br> Video | [[Media: | Slides]] | + | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[Clubbing WebApps with a Botnet]]<br>Gunter Ollmann <br><br> Video | [[Media: none.pdf| Slides]] |
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Understanding the Implications of Cloud Computing on Application Security]]<br>Dennis Hurst | ||
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence|Enterprise Application Security - GE's approach to solving root cause]]<br>Darren Challey | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" | [[Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence|Enterprise Application Security - GE's approach to solving root cause]]<br>Darren Challey | ||
Line 104: | Line 104: | ||
| width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 1:20-2:05 | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 1:20-2:05 | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li <br><br> Video | [[Media: DISAs Application Security and Development STIG How OWASP Can Help You-Jason Li.pdf| Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" | [[DISA's Application Security and Development STIG: How OWASP Can Help You]]<br>Jason Li <br><br> Video | [[Media: DISAs Application Security and Development STIG How OWASP Can Help You-Jason Li.pdf| Slides]] | ||
− | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett | + | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" | [[OWASP ModSecurity Core Rule Set Project]]<br>Ryan C. Barnett <br><br> Video | [[Media: OWASP ModSecurity Core Rule Set-Ryan Barnett.ppt| Slides]] |
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Development Issues Within AJAX Applications: How to Divert Threats]]<br>Lars Ewe | ||
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3" | [[SDLC Panel AppSecDC|Secure SDLC Panel: Real answers from real experience]]<br><i>Panelists:</i><br>Dan Cornell<br>Michael Craigue<br>Dennis Hurst<br>Joey Peloquin<br>Keith Turpin<br> <br><i>Moderator:</i><br>Pravir Chandra<br><br> Video | [[Media: SDLC Panel.ppt| Slides]] | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="3" | [[SDLC Panel AppSecDC|Secure SDLC Panel: Real answers from real experience]]<br><i>Panelists:</i><br>Dan Cornell<br>Michael Craigue<br>Dennis Hurst<br>Joey Peloquin<br>Keith Turpin<br> <br><i>Moderator:</i><br>Pravir Chandra<br><br> Video | [[Media: SDLC Panel.ppt| Slides]] | ||
Line 113: | Line 113: | ||
| width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 2:10-2:55 | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="1"| 2:10-2:55 | ||
| width="200" valign="middle" height="60" bgcolor="#c0a0a0" align="center" | [[Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates <br><br> Video | [[Media: Defend Yourself-Integrating Real Time Defenses into Online Applications-Michael Coates.pdf| Slides]] | | width="200" valign="middle" height="60" bgcolor="#c0a0a0" align="center" | [[Defend Yourself: Integrating Real Time Defenses into Online Applications]]<br>Michael Coates <br><br> Video | [[Media: Defend Yourself-Integrating Real Time Defenses into Online Applications-Michael Coates.pdf| Slides]] | ||
− | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Finding the Hotspots: Web-security testing with the Watcher tool]]<br>Chris Weber | + | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Finding the Hotspots: Web-security testing with the Watcher tool]]<br>Chris Weber <br><br> Video | [[Media: Finding the Hotspots Web-security testing with the Watcher tool-Chris Weber.pdf| Slides]] |
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" | [[Social Zombies: Your Friends Want to Eat Your Brains]]<br>Tom Eston/Kevin Johnson | ||
|- valign="bottom" | |- valign="bottom" | ||
Line 121: | Line 121: | ||
| width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2" | 3:10-3:55 | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2" | 3:10-3:55 | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The ESAPI Web Application Firewall (ESAPI WAF)|The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi <br><br> Video | [[Media: none.pdf| Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The ESAPI Web Application Firewall (ESAPI WAF)|The ESAPI Web Application Firewall]]<br>Arshan Dabirsiaghi <br><br> Video | [[Media: none.pdf| Slides]] | ||
− | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[One Click Ownage]]<br>Ferruh Mavituna | + | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[One Click Ownage]]<br>Ferruh Mavituna <br><br> Video | [[Media: One Click Ownage-Ferruh Mavituna.pdf| Slides]] |
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[Cloudy with a chance of 0-day]]<br>Jon Rose/Tom Leavey | ||
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[The essential role of infosec in secure software development]]<br>Kenneth R. van Wyk | ||
Line 145: | Line 145: | ||
| width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2" | 4:50-5:55 | | width="67" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2" | 4:50-5:55 | ||
| width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner <br><br> Video | [[Media: The Entrepreneurs Guide to Career Management-Lee Kushner.pdf| Slides]] | | width="200" valign="middle" height="120" bgcolor="#c0a0a0" align="center" rowspan="2" | [[The Entrepreneur's Guide to Career Management]]<br>Lee Kushner <br><br> Video | [[Media: The Entrepreneurs Guide to Career Management-Lee Kushner.pdf| Slides]] | ||
− | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coates | + | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[Advanced SSL: The good, the bad, and the ugly]]<br>Michael Coates <br><br> Video | [[Media: Advanced SSL The good the bad and the ugly-Michael Coates.pdf| Slides]] |
| width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and |When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los | | width="200" valign="middle" height="120" bgcolor="#a0c0e0" align="center" rowspan="2" | [[When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and |When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies]]<br>Rafal Los | ||
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Threat Modeling by John Steven|Threat Modeling]]<br>John Steven | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Threat Modeling by John Steven|Threat Modeling]]<br>John Steven | ||
|- valign="bottom" | |- valign="bottom" | ||
− | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco | + | | width="200" valign="middle" height="60" bgcolor="#ffdf80" align="center" | [[User input piercing for Cross Site Scripting Attacks]]<br>Matias Blanco<br><br> Video | [[Media: User input piercing for Cross Site Scripting Attacks-Matias Blanco.pdf| Slides]] |
|- valign="bottom" | |- valign="bottom" | ||
| width="67" valign="middle" height="60" bgcolor="#7b8abd" | 6:00-8:00 | | width="67" valign="middle" height="60" bgcolor="#7b8abd" | 6:00-8:00 |
Revision as of 17:50, 20 November 2009
Back to Conference Page
Training 11/10
Day 1 - Nov 10th 2009 | |||||
Room 154A | Room 149B | Room 149A | Room 154B | Room 155 | |
09:00-12:00 | Day 1: Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework Justin Searle |
Day 1: Java EE Secure Code Review Sahba Kazerooni Security Compass |
Threat Modeling Express Krishna Raja Security Compass |
Foundations of Web Services and XML Security Dave Wichers Aspect Security |
Live CD Matt Tesauro |
12:00-13:00 | Lunch | ||||
13:00-17:00 | Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework Justin Searle |
Java EE Secure Code Review Sahba Kazerooni Security Compass |
Threat Modeling Express Krishna Raja Security Compass |
Foundations of Web Services and XML Security Dave Wichers Aspect Security |
Live CD Matt Tesauro |
Training 11/11
Day 2 - Nov 11th 2009 | |||||
Room 154A | Room 149B | Room 149A | Room 154B | ||
09:00-12:00 | Day 2: Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework Justin Searle |
Day 2: Java EE Secure Code Review Sahba Kazerooni Security Compass |
WebAppSec.php: Developing Secure Web Applications Robert Zakon |
Leader and Manager Training - Leading the Development of Secure Applications John Pavone Aspect Security | |
12:00-13:00 | Lunch | ||||
13:00-17:00 | Assessing and Exploiting Web Applications with the open source Samurai Web Testing Framework Justin Searle |
Java EE Secure Code Review Sahba Kazerooni Security Compass |
WebAppSec.php: Developing Secure Web Applications Robert Zakon |
Leader and Manager Training - Leading the Development of Secure Applications John Pavone Aspect Security |