This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
AppSec Washington 2005/Agenda
From OWASP
Revision as of 10:43, 30 May 2006 by Esheridan (talk | contribs) (→OWASP DC 2005 Conference Schedule)
| ||
Track 1: Red Auditorium | Track 2: Green Auditorium | |
08:00 - 09:00 | Registration and Coffee | |
09:00 - 09:10 | Introduction: Dave Wichers, OWASP Conferences Chair & COO Aspect Security (<a href="http://www.aspectsecurity.com/owasp/OWASP_Intro_DaveWichers_Key_JoeJarzombek_RonRoss.mp4">video</a>) | |
09:10 - 10:00 | Keynote: Joe Jarzombek - Dir. of Software Assurance - DHS - Software Assurance: Considerations for Advancing a National Strategy to Secure Cyberspace (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1/AppSec2005DC-Joe_Jarzombek-DHS_SwA_Program_Overview.ppt">ppt</a> / Video) | |
10:00 - 11:00 | Ron Ross - FISMA Project Lead - NIST - Status of the Federal Information Security Management Act (FISMA) Project (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1/AppSec2005DC-Ron_Ross-FISMA.ppt">ppt</a> / video) | |
11:00 - 11:20 | Break | |
11:20 - 12:30 | Jack Danahy - CEO Ounce Labs - The Business Case for Software Security Assurance (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1/AppSec2005DC-Jack_Danahy-Business_Case_for_Application_Security.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_JackDanahy_The_Business_Case_for_Software_Security_Assurance.mp4">video</a>) | Arian Evans - FishNet Security - The OWASP Tools Survey Project (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Arian_Evans_Tools-Taxonomy.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_ArianEvans_Tools_SurveyProject.mp4">video</a>) |
12:30 - 13:45 | Lunch | |
13:45 - 15:00 | Alex Stamos - iSEC Partners - Web Services Project (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1/AppSec2005DC-Alex_Smolen-OWASP_WebServices_Project.ppt">ppt</a>) - Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1/AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt">ppt</a>) (video both) | Paul Black - NIST - The Software Assurance Metrics and Tool Evaluation (SAMATE) Project (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Paul_Black-SAMATE_Project.ppt">ppt</a>) Michael Kass - NIST - A Taxonomy of Software Assurance Tools and the Security Bugs They Catch (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Mike_Kass-Tools_Taxonomy.ppt">ppt</a>) (video both) |
15:00 - 15:20 | Break | |
15:20 - 16:40 | Diniz Cruz - OWASP .NET Project Lead - Rooting the CLR (<a href="http://www.aspectsecurity.com/owasp/OWASP_DinizCruz_Rooting_the_CLR.mp4">video</a>) | Paul Black - NIST - Developing a Reference Dataset (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Paul_Black-Reference_Dataset.ppt">ppt</a>) Rick Kuhn - NIST - Software Fault Interactions (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Rick_Kuhn-Software_Fault_Interactions.ppt">ppt</a>) (<a href="http://www.aspectsecurity.com/owasp/OWASP_PaulBlack_RickKuhn.mp4">video both</a>) |
16:40 - 17:00 | Break | |
17:00 - 18:00 | Alex Smolen - Parasoft - Application Logic Defense (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day1AppSec2005DC-Alex_Smolen-Application_Logic-Attacks_Defense.ppt">ppt</a> / video) | Daniel Cuthbert - OWASP Testing Project Lead - The Evolution of Web Application Penetration Testing (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day1/AppSec2005DC-Dan_Cuthbert-Evolution_of_App_Pen_Testing.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_DanielCutbert_Evolution_WebAppPenTest.mp4">video</a>) |
18:00 - 19:00 | Bus to Dinner Event at Holiday Inn | |
19:00 - 21:00 | Dinner Event (Optional) at Holiday Inn | |
Day 2 - October 12, 2005 | ||
Track 1: Red Auditorium | Track 2: Green Auditorium | |
08:00 - 09:00 | Coffee | |
09:00 - 09:50 | Keynote Day 2: Ira Winkler - Secrets of Superspies (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day2/AppSec2005DC-Ira_Winkler-Secrets_of_Superspies.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_IraWinkler_Secrets_and_Superspies.mp4">video</a>) | |
09:50 - 10:50 | Jeremy Poteet - AppDefense - In the Line of Fire: Defending Highly Visible Targets (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day2/AppSec2005DC-Jeremy_Poteet-In_the_Line_of_Fire.ppt">ppt</a> / video) | |
10:50 - 11:10 | Break | |
11:10 - 12:30 | Jeff Williams - OWASP Chair & CEO Aspect Security - The OWASP Guide Project v2 (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day2/AppSec2005DC-Jeff_Williams-OWASP_AppSec_Guide_2.0.ppt">ppt</a>) and OWASP Membership Plan (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day2/AppSec2005DC-Jeff_Williams-OWASP_Membership.ppt">ppt</a>) (video both) | Danny Allan - Watchfire - Identity Theft, Pfishing, and Pharming: Accountability and Responsibilities (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day2/AppSec2005DC-Danny_Allan-Identity_Theft_Phishing_and_Pharming.ppt">ppt</a>) |
12:30 - 13:45 | Lunch | |
13:45 - 15:00 | Dinis Cruz - OWASP .NET Project Lead - OWASP .Net Tools Project | Matt Fisher - SPI Dynamics - Worms Now Targeting Web Applications (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day2/AppSec2005DC-Matt_Fisher-Google_Hacking_and_Worms.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/dcVideos/OWASP_MattFisher_WormsNowTargetingWebApps.mp4">video</a>) |
15:00 - 15:20 | Break | |
15:20 - 16:30 | Tony Canike - The Vanguard Group - Establishing an Enterprise-Wide Application Security Program (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_1-Day2/AppSec2005DC-Anthony_Canike-Enterprise_AppSec_Program.ppt">ppt</a> / video) | Rogan Dawes - OWASP WebScarab Project Lead - Advanced Features of WebScarab (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day2/AppSec2005DC-Rogan_Dawes-WebScarab.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_RoganDawes_AdvancedFeaturesofWebScarab.mp4">video</a>) |
16:30 - 16:50 | Break | |
16:50 - 17:50 | John Steven - Cigital - Building a Scalable Software Security Practice within your Organization | Gunnar Peterson - Arctec Group - Integrating Identity Services into Web Applications (<a href="/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-Day2/AppSec2005DC-Gunnar_Peterson-Identity-Services-in-WebApps.ppt">ppt</a> / <a href="http://www.aspectsecurity.com/owasp/OWASP_GunnerPeterson_IntegratingIdentityServicesintoWebApps.mp4">video</a>) |
