This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP AppSec DC 2010 Schedule"
From OWASP
Mark.bristow (talk | contribs) |
|||
Line 153: | Line 153: | ||
|- valign="bottom" | |- valign="bottom" | ||
| width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 4:50-5:35 | | width="72" valign="middle" height="120" bgcolor="#7b8abd" rowspan="2"| 4:50-5:35 | ||
− | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" rowspan="2" | | + | | width="200" valign="middle" height="120" bgcolor="#ffdf80" align="center" rowspan="2" | [[Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners]]<br>David Shelly, Randy Marchany & Joseph Tront<br><br> Video | Slides |
| width="200" valign="middle" height="90" bgcolor="#a0c0e0" align="center" | [[Using Misuse Cases to Articulate Vulnerabilities to Stakeholders]]<br>Scott Mendenhall<br>Video | Slides | | width="200" valign="middle" height="90" bgcolor="#a0c0e0" align="center" | [[Using Misuse Cases to Articulate Vulnerabilities to Stakeholders]]<br>Scott Mendenhall<br>Video | Slides | ||
| width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Federal Perspectives on Application Security]] - Panel<br><br> Video | Slides | | width="200" valign="middle" height="120" bgcolor="#b3ff99" align="center" rowspan="2" | [[Federal Perspectives on Application Security]] - Panel<br><br> Video | Slides |
Revision as of 16:43, 8 November 2010
Registration | Hotel | Walter E. Washington Convention Center
Main Conference Page | Presentations Page | Training Page
Training 11/08
Training Day 1 - Nov 8th 2010 | |||||||
149A | 149B | 154A | 155 | 154B | |||
09:00-12:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle & Mike Poor |
Day 1: Leading an AppSec Initiative Jeff Williams |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades |
The Art of Exploiting SQL Injections Sumit Siddharth |
WebAppSec.php: Developing Secure Web Applications Robert Zakon | ||
12:00-13:00 | Lunch | ||||||
13:00-17:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle & Mike Poor |
Day 1: Leading an AppSec Initiative Jeff Williams |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades |
The Art of Exploiting SQL Injections Sumit Siddharth |
WebAppSec.php: Developing Secure Web Applications Robert Zakon |
Training 11/09
Training Day 2 - Nov 9th 2010 | |||||||
149A | 149B | 154A | 155 | 154B | 159B | ||
09:00-12:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle & Mike Poor |
Day 1: Leading an AppSec Initiative Jeff Williams |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades |
Java Security Overview Zoltán Hornák |
Software Security Remediation: How to Fix Application Vulnerabilities Dan Cornell |
Threat Modeling Express Rohit Sethi & Oliver Ng | |
12:00-13:00 | Lunch | ||||||
13:00-17:00 | Day 1: Assessing and Exploiting Web Applications with Samurai-WTF Justin Searle & Mike Poor |
Day 1: Leading an AppSec Initiative Jeff Williams |
Day 1: Remote Testing for Common Web Application Security Threats David Rhoades |
Java Security Overview Zoltán Hornák |
Software Security Remediation: How to Fix Application Vulnerabilities Dan Cornell |
Threat Modeling Express Rohit Sethi & Oliver Ng |
Plenary Day 1 - 11/10
Plenary Day 2 - 11/11
Plenary Day 2 - Nov 11th 2010 | ||||
Offense (147B) | New Frontiers (147A) | OWASP (145B) | Process (145A) | |
07:30-08:55 | Registration | |||
08:55-09:00 | Day 2 Opening Remarks | |||
09:00-10:00 | Keynote: Ron Ross National Institute of Standards and Technology Video | Slides | |||
10:00-10:15 | Coffee Break sponsored by | |||
10:15-11:00 | Hacking SAP BusinessObjects Joshua Abraham and Will Vandevanter Video | Slides |
Cloudy with a chance of hack! Lars Ewe Video | Slides |
Don’t Judge a Website by its Icon – Read the Label! Jeff Williams Video | Slides |
Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers Dan Cornell Video | Slides |
11:00-11:05 | Break | |||
11:05-11:50 | Deconstructing ColdFusion Chris Eng and Brandon Creighton Video | Slides |
Declarative Web Security Brandon Sterne Video | Slides |
The Secure Coding Practices Quick Reference Guide Keith Turpin Video | Slides |
Code Reviewing Strategies Andrew Wilson and John Hoopes Video | Slides |
11:50-11:55 | Break | |||
11:55-12:40 | Friendly Traitor 2 Features are hot but giving up our secrets is not! Kevin Johnson and Mike Poor Video | Slides |
Exploiting the media for fun and profit. Analysis of a new type of web application attacks through media files Aleksandr Yampolskiy Video | Slides |
Open Source Web Entry Firewall Ivan Buetler Video | Slides |
Microsoft's Security Development Lifecycle for Agile Development Nick Coblentz Video | Slides |
12:40-1:40 | Lunch | |||
1:40-2:25 | Hacking .NET Applications at Runtime: A Dynamic Attack Jon McCoy Video | Slides |
Life in the Clouds: a Service Provider's View Michael Smith Video | Slides |
Solving Real World Problems with ESAPI Chris Schmidt Video | Slides |
Financial Services Panel Video | Slides |
2:25-2:30 | Break | |||
2:30-3:15 | JavaSnoop: How to hack anything written in Java Arshan Dabirsiaghi Video | Slides |
Social Zombies Gone Wild: Totally Exposed and Uncensored Kevin Johnson and Tom Eston Video | Slides |
Attack Detection and Prevention with OWASP AppSensor Colin Watson Video | Slides | |
3:15-3:30 | Coffee Break sponsored by | |||
3:30-4:15 | Unlocking the Toolkit: Attacking Google Web Toolkit Ron Gutierrez Video | Slides] |
Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications Dan Cornell Video | Slides |
OWASP ModSecurity Core Rule Set Ryan Barnett Video | Slides |
Implementing a Secure Software Development Program Darren Death Video | Slides |
4:15-4:20 | Break | |||
4:20-5:05 | Constricting the Web: Offensive Python for Web Hackers Marcin Wielgoszewski and Nathan Hamiel Video | Slides |
Threats from Economical Improvement Eduardo Neves Video | Slides |
OWASP ESAPI SwingSet Fabio Cerullo Video | Slides |
The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform Benjamin Tomhave Video | Slides |
5:05-5:30 | Closing Remarks/Prizes The OWASP AppSec DC Team |