This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Mrb Scratchpad
From OWASP
Revision as of 23:19, 19 August 2009 by Mark.bristow (talk | contribs)
| Day 1 - Nov 12th 2009 | ||||
| OWASP | Tools | SDLC | Web 2.0 | |
| 07:30-08:50 | Registration | |||
| 09:00-09:50 | Welcome and Opening Remarks | |||
| 10:00-10:50 | Keynote: Joe Jarzombek | |||
| 11:00-11:50 | OWASP ESAPI Jeff Williams | Manipulating Web Application Interfaces, a new approach to input validation Felipe Moreno-Strauch | Development Issues Within AJAX Applications: How to Divert Threats Lars Ewe | Understanding the Implications of Cloud Computing on Application Security Dennis Hurst |
| 12:00-13:00 | Software Assurance Maturity Model (SAMM) Pravir Chandra | The Case of Promiscuous Parameters and other Ongoing Capers in Web Security Jacob West | Enterprise Application Security - GE's approach to solving root cause and establishing a Center of Excellence Darren Challey | Transparent Proxy Abuse Robert Auger |
| 12:00-12:50 | DISA's Application Security and Development STIG: How OWASP Can Help You Jason Li | OWASP ModSecurity Core Rule Set Project Ryan C. Barnett | The essential role of infosec in secure software development Kenneth R. van Wyk | Fracturing Flex For Fun- An Alliterative Attackers Approach Jon Rose/Kevin Stadmeyer |
| 13:00-13:50 | Lunch | |||
| 13:00-13:50 | Defend Yourself: Integrating Real Time Defenses into Online Applications Michael Coates | Finding the Hotspots: Web-security testing with the Watcher tool Chris Weber | SDLC Pannel | Social Zombies: Your Friends Want to Eat Your Brains Tom Eston/Kevin Johnson |
| 14:00-14:50 | The ESAPI Web Application Firewall Arshan Dabirsiaghi | One Click Ownage Ferruh Mavituna | Cloudy with a chance of 0-day Jon Rose/Tom Leavey | |
| Web Application Security Scanner Evaluation Criteria Brian Shura | ||||
| 15:00-15:50 | OWASP Live CD: An open environment for Web Application Security Matt Tesauro / Brad Causey | Learning by Breaking: A New Project Insecure Web Apps Chuck Willis | Vulnerability Management in an Application Security World Dan Cornell | Attacking WCF Web Services Brian Holyfield |
| Synergy! - A world where the tools communicate Josh Abraham | ||||
| 16:00-16:50 | The Entrepreneur's Guide to Career Management Lee Kushner | Advanced SSL: The good, the bad, and the ugly Michael Coats | Threat Modeling John Steven | When Web 2.0 Attacks - Understanding Security Implications of AJAX, Flash and "Highly Interactive" Technologies Rafal Los |
| User input piercing for Cross Site Scripting Attacks Matias Blanco | ||||
| 18:00-???? | Reception (TBD) | |||
