SecurityByte and OWASP Asia AppSec Conference 2009

Hotel Crowne Plaza | Registrations

• Only One Week Left ! Register Online today to grab your seat for India's best Security Conference.
  
  
• Honorable Former President of India, Dr. A.P.J Abdul Kalam to Inaugrate the India Technology Leadership Summit 2009. This event is an Invitation ONLY event.

Click Here for more information.

Welcome

Securitybyte & OWASP are proud to welcome you to the annual international information security conference – Securitybyte & OWASP AppSec Asia Conference 2009, Nov 17th through Nov 20th in Delhi & NCR, India.

This is a landmark event, as both Securitybyte and OWASP join hands to present India’s largest InfoSec event with world renowned and most regarded international speakers.

Securitybye & OWASP AppSec Asia Conference 2009 will be held at Hotel Crowne Plaza, Gurgaon, NCR, India. on 17th November through 20th November 2009.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

• Application Developers
• Security Researchers
• Application Testers and Quality Assurance
• Penetration Testers
• Application Project Management and Staff
• IT Security Professionals
• Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
• Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
• Security Managers and Staff
• Executives, Managers, and Staff Responsible for IT Security Governance
• IT Professionals Interesting in Improving IT Security

About

About Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel conference talks to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular talk. Conference talks are being delivered by world renowned and most regarded speakers from around the world.

About Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.

Registrations

Registration is now open!

You can register here

• Click Here for Online Registrations.
• Click Here for Offline Registrations.
  

Please check out our Exclusive Discount Offer, available Starting October 6th - 15th, 2009. "SAVE BIG NOW !"

The below pricing reflects the Standard Registration Prices .

Two Days of Conference (17th and 18th November 2009)		Rs.8,500/- INR	General Public
Two Days of Conference (17th and 18th November 2009)		Rs.5,000/- INR	Students
Two-Day Training Tracks (19th and 20th November 2009)		Rs.25,000/- INR
One-Day Training Tracks (19th OR 20th November 2009)		Rs.12,500/- INR

** Service Tax @ 10.3% will be charged extra.

• ISC2 Members can avail a Special 15% discount on Conference & Training Registration.

(Please provide your ISC2 Certification ID number to avail the above Discount) For Registrations contact us at [email protected]

Exclusive Offers

- Group / Team Discounts available: Kindly contact us at [email protected]

Special University Student discount
- University Students can register for two days of conference for just Rs. 5000 (including taxes)
- Special 15 % Discounts for Training registration

Click here for details on the training courses that are available.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

• Application Developers
• Security Researchers
• Application Testers and Quality Assurance
• Penetration Testers
• Application Project Management and Staff
• IT Security Professionals
• Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
• Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
• Security Managers and Staff
• Executives, Managers, and Staff Responsible for IT Security Governance
• IT Professionals Interesting in Improving IT Security
  

For student discount, attendees must present proof of enrollment when picking up your badge.

Schedule

Three parallel conference talks are scheduled for 17th & 18th November 2009 in three different halls. Training tracks have been divided in one-day tracks scheduled for 19th or 20th November 2009 and two-day tracks those are schedule to continue for two days both on 19th & 20th November 2009. Follow the tabs to learn the details on both conference and trainings.

• Click here to view the Conference Schedule for 17th & 18th November 2009.

• Click here to view Training Schedule on 19th & 20th November 2009.

Conference

Two Days Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel conference talks to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular talk. Conference talks are being delivered by world renowned and most regarded speakers from around the world. Below is the detailed schedule for the two days of conference.

Day 1 - 17th Nov, 2009
Where>	Conference Hall - I		Conference Hall - II		Conference Hall - III
Who>	(Security Researchers & Enthusiasts)		(Security Auditors, Developers, QA teams, Architects)		(Leaders, Managers, C&S professionals)
8:00 AM - 9:00 AM	Registrations
Schedule	Topic	Speaker	Topic	Speaker	Topic	Speaker
9:00 AM - 10:30 AM	Keynote
10:30 AM - 11:00 PM	Tea Break
11:00 AM - 12:00 PM	TBD	TBD	How To Blackbox Test Almost Anything	Aviram Jenik, Beyond Security	The International State of Cyber Security, Risk reduction in a high threat world	Prof. Howard A. Schmidt, Former Cyber Security Advisor to the White house
12:00 PM - 1:00 PM	Client Side Hacks	Dino Covotsos & Charleton Smith, Telspace Systems	Risk Based Penetration testing	K. K. Mookhey, Founder & Principal Consultant, NII Consulting	Applications, the source for CyberThreats	Mano Paul,Software Assurance Advisor,(ISC)2
1:00PM - 2:00PM	Lunch
2:00 PM - 3:00 PM	Exploiting Firefox Extensions	Roberto Suggi Liverani, Security-Assessment.com	Threat Modeling	Varun Sharma,Microsoft India	Enterprise Application Security Program	TBD
3:00 PM - 4:00 PM	SQL Server Forensics 2.0	Kevvie Fowler, TELUS & Ringzero	OWASP SAMM	Pravir Chandra, Director of Strategic Services, Fortify	Business Case - Risk Management/Compliance at leading Education Group AMITY (Rapid Fire: 30 Min talk)	Dr. JS Sodhi, CIO, AMITY Group
4:00 PM - 5:00 PM	Ownage 2.0 - How to own the World	Saumil Shah, NetSquare Solutions	"Do you want to play a Game" - Game theory and Cyberwar	Bryan K. Fite, HackSecKlahn	Usability and Privacy in Security	Dr. Ponnurangam Kumaraguru, Asst. Professor - IIIT (Rapid Fire : 30 Min talk)
5:00 PM - 6:00 PM	Tea and Snacks on the Exhibition floor
7:00 PM - 10:00 PM	CXO Event (Exclusive by invitation only) - Information Security Concerns for Offshoring

Day 2 - 18th Nov, 2009
Where>	Conference Hall - I		Conference Hall - II		Conference Hall - III
Who>	(Security Researchers & Enthusiasts)		(Security Auditors, Developers, QA teams, Architects)		(Leaders, Managers, C&S professionals)
8:00 AM - 9:00 AM	Registrations
9:00 AM - 10:00 AM	Round Table with Speakers / Industry Panel - "Security Today & Tomorrow'
10:00 AM - 10:30 AM	Tea Break
Schedule	Topic	Speaker	Topic	Speaker	Topic	Speaker
10:30 AM - 11:30 AM	All your Packets belong to us	Daniel Mende, Security Researcher, ERNW	SANS Dshield Webhoneypot Project	Jason Lam, Independent Security Researcher	Critical Infrastructure Security “Danger Without borders”	John Bumgarner, US Cyber Consequence Unit (USCCU)
11:30 AM - 12:30 PM	Hacking Oracle From Web	Sid, Independent Security Researcher	Testing JSON Applications For Security Holes	Aviram Jenik, Beyond Security	Critical Infrastructure Security “Danger Without borders”	John Bumgarner, US Cyber Consequence Unit (USCCU)
12:30PM - 1:30PM	Lunch
1:30 PM - 2:30 PM	Lust 2.0 – Desire for free WiFi and the threat of the Imposter	Lava Kumar Kuppan, Independent Security Researcher	Cloud Hacking - Distributed Attacks & Exploits	Shreeraj Shah, Blueinfy Solutions	TBD	Cedric Blancher, EADS Innovation Works
2:30 PM - 3:30 PM	Xprobe3 - What's New? Going Application Level	Fyodor Yarochkin, Armorize	Vbootkit 2.0: Attacking Windows 7 Via Boot Sectors	Nitin Kumar/Vipin Kumar, Independent Security Researchers, NVlabs	Behind the Scenes at Microsoft Security Response Center	Dave Midturi,MSRC, Microsoft Corp.
3:30PM - 4:00PM	Tea Break
4:00 PM - 5:00 PM	TBD	TBD	TBD	TBD	TBD	TBD
5:00 PM - 6:00 PM	Closing Keynotes - "OWASP & Securitybyte"

Trainings

Two Day Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.

Day 1 - 19th Nov, 2009				Day 2 - 20th Nov, 2009
Course ID	Course Duration (# of Days)	Course Title	Instructor	Course ID	Course Duration (# of Days)	Course Title	Instructor
One Day Training Tracks
SB1DHSO	1 Day	ORACLE Hacking & Security	Sumit Sidharth,	SB1DAWH	1 Day	Advanced Web Hacking -Securing AJAX, RIA & SOA	Shreeraj Shah
SB1DAFT	1 Day	Advanced Forensics Techniques	Dr. Chandrasekhar Umapathy,	SB1DIAT	1 Day	In-depth Assessment Techniques: Design, Code, and Runtime	Fydor Yarochkin,
Two Day Training Tracks
SB2DNST	2 Days	Building advanced Network Security Tools	Daniel Mende,	SB2DNST	2 Days	Building advanced Network Security Tools	Daniel Mende,
SB2DCBC	2 Days	(ISC)2 CSSLP CBK Boot camp	Mano Paul,	SB2DCBC	2 Days	(ISC)2 CSSLP CBK Boot camp	Mano Paul,
SB2DSCJ / SANS Course ID : DEV530	2 Days	Essential Secure Coding in Java / JEE		SB2DSCJ / SANS Course ID : DEV530	2 Days	Essential Secure Coding in Java / JEE
SB2DWPT / SANS Course ID : DEV538	2 Days	Web Application Pen Testing Hands-On Immersion		SB2DWPT / SANS Course ID : DEV538	2 Days	Web Application Pen Testing Hands-On Immersion
SB2DSAB / SANS Course ID : AUD429	2 Days	IT Security Audit Essentials Bootcamp		SB2DSAB / SANS Course ID : AUD429	2 Days	IT Security Audit Essentials Bootcamp

Venue

Four Days Event is planned out at:

Hotel Crowne Plaza,
Site - 2, Sector - 29,
Gurgaon-122001 (National Capital Region), India
Hotel Front Desk: 91-124-4534000
Hotel Fax: 91-124-4304800

Sponsors

Co-Sponsor "Leadership Summit 2009"		CTF (Capture The Flag) Sponsor		Education  Partner

|                                         

                                             Innovation  Partner

                                              

Associate Sponsors	Media Partners	Supporters
‎
Knowledge  Partner

Hotel & Travel

Hotel Stay & Travel Information

To help our valued delegates with Hotel and Travel services, we have negotiated with some of the best and Budget Category Guest houses in Gurgaon that are located within a radius of 3 - 4 Kms from the venue.

Limited cheaper accommodation is available near the venue hotel in budget hotels/apartments area. The tariff of these hotels ranges from Rs.2000 onwards per room night (inclusive of Room Rent, Breakfast and Luxury Tax). Interested delegates / students can send a formal request for the desired accommodations and dates to our official travel agent.

OFFICIAL TRAVEL AGENT

Dreamz conference Management Pvt.Ltd will look after your hotel accommodation in Gurgaon and New Delhi, pre & post conference tours / travel needs in India for delegates and visitors independently. If you wish to go for sightseeing tour within New Delhi and around it to places like Agra, Jaipur, Rajasthan etc. However, we would encourage you to make early bookings which will be done on “first – come - first service” basis and let us know of your interest, since that would ultimately work in your favour. Early reservation is strongly recommended as November being a high demand period for hotels in Gurgaon.

For further details please contact:

DREAMZ CONFERENCE MANAGEMENT PVT.LTD

406, Ansal’s Majestic Tower, Vikas Puri, New Delhi – 110018

Tel: 91 – 11 – 41586401, 402, Fax: 91 – 11 – 41586400

Email: [email protected] / [email protected]

Website: www.dreamztravel.net

Contact Person: Jitin Batra ( +91 9810558569 )

Capture the Flag

HackHunt 2009

India's foremost Hacking Challenge

Your Shot to the Title of India's best hacker along with Prize money of more than Rs 150,000 up for grabs!

Search for India’s Best Ethical Hacker

HackHunt is India’s leading hacking competition and aims at awarding the best ethical hackers in the country. The competition is brought to you by Appin Security Group, a leading Information Security and Ethical Hacking Company and Securitybyte, a global Information Security Conference Company.

The competition will be conducted in 3 phases. The 1st two rounds will be online and the 3rd and final round will take place at“Securitybyte & OWASP Appsec Asia 2009” on November 17, 2009at Crowne Plaza, Gurgaon.

Level 1 – Knowledge Check All the participants will be answering a quiz and based on the score top 10% will be shortlisted to 2nd round.

Level 2 – Skill Check This stage will require an attacker to get to the final FLAG file which he/she would need to register for the event.

Level 3 – Final Round This stage will require the attackers to exploit a pre-announced SSID which has WPA (or wpa 2).

To participate and for more details visit website :- http://www.hackerscouncil.org/

PacketWars

First time in India brought to you by Securitybyte!
About PacketWars

PacketWars is an intense, real-time information warfare simulation. Unlike other “capture the flag” games, the battlegrounds featured in PacketWars use the same software and hardware you would encounter in the real world.

PacketWars is designed to operate like a sport. Think Formula One Racing meets professional golf with a dash of Ultimate Fighting thrown in for good measure. Serious fun!

Visit http://packetwars.com/ for more details. How To Play?

PacketWars is a Sport like nothing you have ever experienced! Games known as “BATTLES” pit individual players and teams against each other in a race to achieve defined objectives.

The rules of engagement are simple: - Illegal activity of any kind is prohibited - Protect yourself at all times - Battles are designed to be of a low, medium or high difficulty level based on the battle objectives and battle duration - Primary, Secondary and Tertiary objectives are defined and assigned points based on difficulty - Battles have time limits and other defined constraints - Constraints are sometimes known to the combatants and other times are not - Anything that is not expressly prohibited is allowed - Points are awarded for FLARE

Equipment Needed: - Most combants use a notebook and a BackTrack CD however you are only limited by your imagination and bank account - You need a battle field and a PacketMaster…Oh yeah, skillz come in handy also!How To Play

<b.How can I participate?</b>
PacketWars to be held at the Hotel Crowne Plaza, Gurgaon on Nov 17 & Nov 18, 2009. Participation is FREE! Schedule will be announced soon.

WebWar III

About Hackers attack, coders defend, when you get them together you end up with Web War III. WWIII is designed to put your Web Application attack and defense skills to the test.

Teams Each team consists of two players, an attacker and a defender. The attacker would be capable of identifying Web Application Vulnerabilities (OWASP Top 10). The defender would be capable of writing secure Java code.

Game Format

The game has two stages:

Stage 1: Each team is given a VM Ware image containing a web server hosting a vulnerable web application. During this stage each team identifies the vulnerabilities in their application. They try to fix the identified vulnerabilities by making code changes.

Stage 2: The IP addresses of the Web Server's of all the teams is announced. Each team looks for vulnerabilities in the Web Applications of the other teams. Vulnerabilities found on the opponents' application get positive points. Vulnerabilities found by the opponents on your application get negative points.

Team with the highest points at the end of Stage 2 wins.

Tools and Equipments

Each team should bring their own laptop with VM Ware installed. The attacker can use any tools they bring. The applications come with ESAPI to help the defenders fix the code quicker.

Leadership Summit 2009

India's top technology thought leaders coming together to discuss "Security concerns in off-shoring"

Honored Guests
-Honorable Former President of India, Dr. A.P.J Abdul Kalam to inaugrate the Leadership Summit 2009.
-Prof. Howard A. Schmidt(Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House)
-Mr. Hord Tipton, Executive Director (ISC)2

About the Event
An elite gathering of 200 technology leaders, decision makers & InfoSec experts from leading service providers, government agencies and various industry verticals.
Two hours of panel discussions between three panels of 12 distinguished industry experts representing outsourcing companies, service providers and the regulatory bodies. Panel discussions will be followed by networking dinner & cocktails.

Prof Howard A. Schmidt (Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House) will facilitate the panel discussions. Thought leaders participating in the panel discussions are:

Outsourcing Organizations
Mr. Raghavendra Vaidya, CIO - GE Capital India
Mr. CRN Vairavelu, VP - Ford Technology Services India
Mr. Pankaj Agrawal, CISO - Aircel Limited
TBD

Service Providers
Mr. Terry Thomas, Partner - Ernst & Young
Mr. Debashis Ghosh, Head (LS&H ISU) - Tata Consultancy Services
Mr. Sunil Gujral, EVP & CTO - Quatrro
Mr. Sunil Goyal, COO - Sopra group

Regulatory Bodies
Dr. Kamlesh Bajaj, CEO - DSCI (a NASSCOM initiative)
Dr. Gulshan Rai, Director - CERT-in
Mr. Hord Tipton, Executive Director - ISC2 (ex CIO, US Department of Interior)
Mr. Vakul Sharma, Lawyer - Supreme Court

The event is exclusive to industry leaders and is by private invitation only. If you are interested in attending the event, please email your business card to [email protected] This e-mail address is being protected from spambots.

Venue - Hotel Crowne Plaza, Gurgaon | Timings - 5:30PM - 9:00PM

Please contact Chair - OWASP India for sponsorship opportunities.

Category: OWASP India