Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please email us.
Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.
OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th)
(2008/10/27) - Day 1
|
08:30 - 09:30 Door opens for registration
|
|
TIME |
SESSION
|
SPEAKER
|
09:30- 09:40 |
Opening welcome and an introduction to this year’s program
|
Wayne Huang, Conference Chair
|
09:40-09:50 |
Welcome by Institute for Information Industry
|
|
09:50-10:00 |
Welcome by Information Security Consortium, Information Service Industry Association
|
|
10:00-10:50 |
What's Next? Strategies for Web Application Security
|
YM Chen, Director, Foundstone, A Division of McAfee
|
11:00-11:50 |
Web-based Malware obfuscation: the kung-fu and the detection
|
Wayne Huang, OWASP Taiwan Chapter
|
11:50 - 12:40 Lunch
|
|
TIME |
SESSION
|
SPEAKER
|
12:40 - 13:30 |
Good Business Penetration Testing
|
KK Mookhey (OWASP Mumbai)
|
13:40 - 15:40 Asia Chapter Leader Meeting
Attendee: China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters
P.S: Meeting with go in parallel to the two of the talk sessions and coffee break.
|
|
13:40 - 14:30 |
How bad can Web vulnerabilities be—case study on a 50 million personal records breach
|
PK (Taiwan Criminal Investigation Bureau)
|
14:30 - 14:50 Coffee Break
|
|
TIME |
SESSION
|
SPEAKER
|
14:50 - 15:40 |
Tiny coding errors, big losses: real stories of website 0wnage
|
Fyodor Yarochkin (Guard-Info)
|
15:50 - 16:40 |
Web Application Proactive and Passive Defense Best Practices
|
Frank Yuan Fan, OWASP China Chapter
|
16:50 - 17:30 |
Why Webmail systems are hard to secure--using real case studies
|
Charmi Lin (Taiwan Information & Communication Security Technology Center)
|
17:40 - 18:10 |
Exploiting Client-side Vulnerabilities using Metasploit and Metapreter
|
Anthony, OWASP HK Chapter
|
(2008/10/28) - Day 2
|
|
TIME |
SESSION
|
SPEAKER
|
09:00- 10:30 |
New 0-Day Browser Exploits: Clickjacking - yea, this is bad...
|
Robert "RSnake" Hansen (SecTheory)
|
10:40- 11:30 |
Web 2.0, Consumerization, and Application Security
|
Chenxi Wang, Ph.D. (Forrester Research)
|
11:40- 12:30 |
Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks
|
Dhruv Soi (OWASP Delhi Chapter Leader), Pukhraj Singh (OWASP Delhi Chapter)
|
12:30 - 13:30 Lunch
|
|
TIME |
SESSION
|
SPEAKER
|
13:30 - 14:20 |
Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example
|
Tim Bass, OWASP Thailand
|
14:30 - 15:20 |
Best Practices Guide: Web Application Firewalls
|
Alexander Meisel (OWASP Germany)
|
15:20 - 15:40 Coffee Break
|
|
TIME |
SESSION
|
SPEAKER
|
15:40 - 16:30 |
The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets
|
Steven Adair (ShadowServer Foundation)
|
16:40 - 17:30 |
Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?
|
Alex, Chenxi, Dhruv, Frank Fan, Fyodor, KK, Robert, Tim Bass, Wayne, YM
|
Conference Fees & Registration
Conference Fees
The fee for the two days conference is USD 35, which includes:
- Two lunches
- Coffee breaks
- Conference T-Shirt
Registration
Registration is now open!! Please contact us for the registration.
Conference T-Shirt
Conference Venue
NTUH International Convention Center
Address: No. 2, Xuzhou Road, Zhongzheng District 101, Taipei City
Website
Map and transport Information
Hotel Information
Welcome to Taiwan
And WELCOME TO TAIWAN! Please check out this video about interesting places in Taiwan.
If you need suggestions on how to plan out your trip, please feel free to contact us!