This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
EUTour2013 London Agenda
 |
OWASP EUROPE TOUR 2013 Tour Home Page |
| CONFERENCE AND TRAINING | |
OWASP Europe Tour - London 2013Monday 3rd June | |
| DESCRIPTION | |
OWASP Europe TOUR, is an event across the European region that promotes awareness about application security, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
| |
| OWASP MEMBERSHIP | |
| During the OWASP Europe Tour you could become a member and support our mission. |
|
London EUTour2013 Conference Day (Monday 3rd June) | |
| Fecha | Lugar |
| Monday 13th May | Venue Location: Lion Court Conference Centre Venue Address: 25 Procter Street, Holborn, London, WC1V 6NY |
| Price and registration | |
This event is FREE and open to allRegistration Link to the Europe Tour: REGISTER HERE!
| |
| Conference Details | |||||
| Time | Title | Speaker | Description | ||
| 09:00 am (45 mins) |
Registration and Tea/Coffee | ||||
| 9:45 am (15 mins) |
Introduction & Welcome | Justin Clarke - London OWASP Chapter Leader | Introduction to OWASP & London Event Schedule for the Day | ||
| 10:00AM (45 mins) |
TBD | TBD | TBD | ||
| 10:45AM (45 mins) |
TBD | TBD | TBD | ||
| 11:30AM (45 mins) |
PCI for Developers | Fabio Cerullo | TBD | ||
| 12:15PM (60 mins) |
Lunch | ||||
| 1:15PM (45 mins) |
Teaching an Old Dog New Tricks: Securing Development with PMD | Justin Clarke | With the recent rise in high-profile corporate web application attacks, many organizations have made it a priority to build security into their internal software development lifecycle. Using static analysis to identify software security bugs is a common element in virtually all software security programs. While there are numerous commercial static analysis products that focus on security, they often involve high price tags, complex/unreasonable licensing models, steep learning curves, and can be cumbersome to integrate with existing processes.
Luckily, using static analysis to identify software bugs is not a new paradigm. For years, developers have used static analysis tools to identifying code quality issues. While these tools may not be specifically designed for identifying security bugs, in many cases their underlying analysis engine can be adapted to do so with custom rules. This presentation will discuss how custom security rules can be added to existing code quality tools to identify potential software security bugs. In many cases, developers are already familiar with these tools and run them during development on a regular basis. Armed with security rulesets, the tools can also be valuable to security code auditors and penetration testers. Writing custom software security rules for the popular Java code scanning tool PMD will be the focus of the presentation. | ||
| 2:00PM (45 mins) |
TBD | TBD | TBD | ||
| 2:45PM (30 mins) |
Tea/Coffee Break and Networking | ||||
| 3:15PM (45 mins) |
OWASP Cornucopia | Colin Watson - Project Leader | Microsoft's Escalation of Privilege (EoP) threat modelling card game has been refreshed into a new version more suitable for common web applications, and aligned with OWASP advice and guides. "OWASP Cornucopia - Ecommerce Web Application Edition" will be presented and used to demonstrate how it can help developers identify security requirements from the OWASP Secure Coding Practices - Quick Reference Guide. It is now referenced by a PCIDSS information supplement. | ||
| 4:00PM (45 mins) |
TBD | TBD | TBD | ||
