OWASP Bucharest AppSec Conference 2017 Agenda Talks

From OWASP
Revision as of 18:58, 8 August 2017 by Oana Cornea (talk | contribs) (edit)

Jump to: navigation, search

Conference agenda

Time Title Speaker Description
8:30 - 9:00
(30 mins) 		Registration and coffee break
9:00 - 9:15
(15 mins) 		Introduction Oana Cornea Introduction to the OWASP Bucharest Event, Schedule for the Day
9:15 - 10:00
(45 mins) 		Automation of Application Security Testing Lucian Corlan This presentation aims to provide a way into achieving application security testing automation (with SAST, DAST and other tools) within a development pipeline. In this talk you will experience an approach to using ThreadFix and its "Policies" feature to determine the security exposure of a build/release and to output the result back into the continuous integration and delivery pipelines for quick and reliable decision making.
10:00 - 10:45
(45 mins) 		OWASP Juice Shop: The most trustworthy online shop out there Bjoern Kimminich OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.

In this talk you will learn all about the project and its capabilities. You will...

  • join a "happy shopper round tour"
  • enjoy a hacking demo of some of the 43+ challenges
  • get an insight into the underlying application architecture
  • witness how to customize Juice Shop into a security awareness booster
  • learn how to set up a CTF event with Juice Shop for extra fun during trainings

https://www.owasp.org/index.php/OWASP_Juice_Shop_Project

11:00 - 11:40
(40 mins) 		How my SVM nailed your Malware Nikhil.P.K As we know the Android Application Industry from a security perspective, it is also quite well known that the Android platform is succeptible to malicious applications. And with the recent trend where all the vendors and customers going completely mobile, android has now become an attack surface for most of the malicious attacks. Moreover, the mechanisms used for android malware detection comprise of several known methods, and we also know that most of these mechanisms are permission based or based on API usage. But, when we dig deeper and analyzed, we also realize the fact that these mechanisms are open to instruction level obfuscation techniques. Hence, we decided to bring in the approach of Machine Learning to the Android Malware analysis such as using the graph kernels, we tried implementing two different Graph Kernels namely: Weisfeiler – Lehman Graph Kernel and Neighborhood Hash Graph Kernel method which could be used to implement a mechanism that could be used to find the similarities among the binaries while being stringent against these obfuscations used.
11:50 - 12:30
(40 mins) 		Women in AppSec Panel
12:30 - 13:30
(60 mins) 		Lunch/Coffee Break
13:30 - 14:15
(45 mins)
14:15 - 15:00
(45 mins)
15:00 - 15:15
(15 mins) 		Coffee break
15:15 - 16:00
(45 mins)
16:00 - 16:45
(45 mins)
16:45 - 17:00
(15 mins) 		Closing ceremony OWASP Bucharest team CTF Prizes
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2017_Agenda_Talks&oldid=232082"