This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP NYC AppSec 2008 Conference

From OWASP
Revision as of 20:50, 12 March 2008 by Alison.McNamee (talk | contribs)

Jump to: navigation, search
Appsec nyc 2008.jpg

Last Update: 03/12/2008

OWASP NYC AppSec 2008 - October 7th - 10th 2008

In association with: WASC, NYM InfraGard, AITGlobal, NYC PHP, NYCBUG, ISACA, ISSA and Pace University

(2) days of Seminars and Techexpo from the world's best application security technology minds, (2) days of hardcore hands-on training, all held at Pace University, located in downtown New York City at One Pace Plaza New York, NY 10038.

Registration will open on April 1st - no really ;) $350 for seminars, $675 for 1-day training classes and $1,350 for 2-day courses
More Info: Submit a Talk - Sponsorship Opportunities


OWASP NYC AppSec 2008 Conference Schedule – Oct 7 - 8

  • PLEASE NOTE - This is just a notional schedule. Speaker times/dates/topics WILL change once we have a full agenda.
Day 1 – Oct 7, 2008
Track 1: Track 2: Track 3:
08:00-09:30 Registration Opens and Tech Expo
09:30-10:30 Industry Outlook - Jennifer Bayuk-CISO Bear Stearns, Mark Clancy-EVP Citi, Jim Routh-CISO DTCC, Sunil Seshadri-CISO NYSE-Euronet (unconfirmed), Warren Axelrod-SVP Bank of America

Moderator - Mahi Dontamsetti

10:30-11:30 Logic Attacks and Inefficiencies of Robotic Detection

Robert "RSnake" Hansen

Offensive Assessing Financial Apps

Daniel Cuthbert

Web Intrusion Detection with ModSecurity

Ivan Ristic

11:30-12:30 Reverse Engineering .NET

Adam Boulton

JBroFuzz + Crypto not that hard…

Yiannis Pavlosoglou

OWASP LABRAT

Joshua Perrymon

12:30-13:30 Black Art White Hat

Tom Brennan

OWASP CLASP

Pravir Chandra

.NET Ninja or Pirate?

Dinis Cruz

13:30-14:30 1 HR BREAK / TECH EXPO / LUNCH BREAK
14:30-15:30 W3AF Web Application Attack and Audit Framework

Andres Riancho

WASC Hacking Incidents

Jeremiah Grossman

OWASP CSRFTester Project

Dave Wichers

15:30-16:30 OWASP Enterprise Security API (ESAPI) Project

Jeff Williams

Next Generation Cross Site Scripting Worms

Arshan Dabirsiaghi

Application Security Forensics - Now What?

FBI Cybercrimes

16:30-17:30 Shhhh Don’t Tell Anybody

Petko D. Petkov, a.k.a. pdp

Secure PHP

Hans Zaunere

PCI‐DSS and the New Enterprise Java

Dr. B. V. Kumar

17:30-18:30 Notes Security

Jian Hui Wang

Full Disclosure vs Non-disclosure vs Responsible Disclosure

Panel

AppSec Techniques

JD Glaser

18:30 Web Application Capture the Flag (All Night – Bring it!!)
20:00 Tuesday Night Reception at NYC Famous Webster Hall
Day 1 – Oct 8, 2008
08:00-09:30 Web Application Capture the Flag Results
09:30-10:00 Keynote: OWASP Foundation Board – “This thing, we have”
10:00-11:00 Practical Advanced Threat Modeling

John Steven

Taking the Risk out of Web 2.0

Tom Stracener

Building Usable Security

Zed Abbadi

11:00-12:00 Offshoring Application Development? Security is Still Your Problem

Rohyt Belani

OWASP Orizon Project

Paolo Perego

TOPIC

SPEAKERS

12:00-13:00 TOPIC

SPEAKERS

TOPIC

SPEAKERS

TOPIC

SPEAKERS

13:00-14:00 1 HR BREAK / TECH EXPO / LUNCH BREAK
14:00-15:00 TOPIC

SPEAKERS

TOPIC

SPEAKERS

TOPIC

SPEAKERS

15:00-16:00 TOPIC

SPEAKERS

TOPIC

SPEAKERS

TOPIC

SPEAKERS

16:00-17:00 TOPIC

SPEAKERS

TOPIC

SPEAKERS

TOPIC

SPEAKERS

17:00-18:00 TOPIC

SPEAKERS

TOPIC

SPEAKERS

TOPIC

SPEAKERS

18:30 TBD
21:00 Closing Remarks / Awards / Raffles

Wednesday - October 8th

- Check Back Soon
Time TRACK1 TRACK2 TRACK3
0800Web Application Capture the Flag Results
0930 Keynote: OWASP Foundation Board - "This thing, we have"
1000Practical Advanced Threat Modeling
John Steven		 Taking the Risk out of Web 2.0
Tom Stracener		 Building Usable Security
Zed Abbadi
1100Offshoring Application Development? Security is Still Your Problem
Rohyt Belani		 Owasp Orizon Project
Paolo Perego		 TOPIC
SPEAKERS
1200TOPIC
SPEAKERS		 TOPIC
SPEAKERS		 TOPIC
SPEAKERS
13001HR BREAK / TECH-EXPO / LUNCH BREAK
1400TOPIC
SPEAKERS		 TOPIC
SPEAKERS		 TOPIC
SPEAKERS
1500TOPIC
SPEAKERS		 TOPIC
SPEAKERS		 TOPIC
SPEAKERS
1600TOPICS
SPEAKERS		 TOPICS
SPEAKERS		 TOPICS
SPEAKER
1700TOPIC
SPEAKERS		 TOPIC
SPEAKERS		 TOPIC
Tom Brennan
1830 TBD
2100 Closing Remarks / Awards / Raffles


Technology Expo - October 7th - 8th

Want to see the latest offerings from best of breed technology firms? For 2 days, Product/Service vendors worldwide will demonstrate their ability to conference attendees.

More Info: Submit a Talk - Sponsorship Opportunities


OWASP AppSec 2008 Training Courses - October 9th and 10th 2008

T1. Defensive Programming - 2-Days - $1350
This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software Learn More Here

Instructor: Pravir Chandra, Project Lead OWASP CLASP Project, Principal Consultant, Cigital

T2. Secure Coding for Java EE - 2-Days - $1350
This course is similar to Aspect's Building and Testing Secure Web Applications except it includes a significant amount of Java focused content, including:
  1. Java EE security overview,
  2. All coding examples and recommendations are specifically focused on Java and Java servers, and
  3. 3 additional hands on coding labs where the students find and then fix security vulnerabilities in a Java EE application developed for the class.

Learn More Here

Instructor: TBD

T3. Web Services and XML Security - 2-Days - $1350
The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software. Learn More Here

Instructor: Gunnar Peterson

T4. Advanced Web Application Security Testing - 2-Days - $1350
Syllabus Forthcoming

Instructor: TBD

T5. Leading the Development of Secure Applications 1-Day - Oct 9th - $675
In this one-day management session you’ll get the answers to the ten key questions that most CIOs and development managers face when trying to improve security in the development process. The course provides proven techniques and valuable lessons learned that can be applied to projects at any phase of their application’s lifecycle. Learn More Here

Instructor: TBD

T6. Application Security Forensics - 1-Day - Oct 10th - $675
How would you respond to a application security hack? This course will provide insight into the world or forensics with a focus on Web Application Security

Instructor: TBD

More Info: Submit a Talk - Sponsorship Opportunities

HOTELS / TRAVEL

Hotel's in the area of the event

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_NYC_AppSec_2008_Conference&oldid=26649"