This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

SecurityByte and OWASP Asia AppSec Conference 2009

From OWASP
Revision as of 07:18, 14 November 2009 by Puneetm (talk | contribs) (Two Days Conference)

Jump to: navigation, search
SB OWASP 2009 banner.gif
Hotel Crowne Plaza | Registrations


  • Only One Week Left ! Register Online today to grab your seat for India's best Security Conference.

  • Honorable Former President of India, Dr. A.P.J Abdul Kalam to Inaugrate the India Technology Leadership Summit 2009. This event is an Invitation ONLY event.


Click Here for more information.

Welcome

Securitybyte & OWASP are proud to welcome you to the annual international information security conference – Securitybyte & OWASP AppSec Asia Conference 2009, Nov 17th through Nov 20th in Delhi & NCR, India.

This is a landmark event, as both Securitybyte and OWASP join hands to present India’s largest InfoSec event with world renowned and most regarded international speakers.

Securitybye & OWASP AppSec Asia Conference 2009 will be held at Hotel Crowne Plaza, Gurgaon, NCR, India. on 17th November through 20th November 2009.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

  • Application Developers
  • Security Researchers
  • Application Testers and Quality Assurance
  • Penetration Testers
  • Application Project Management and Staff
  • IT Security Professionals
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security

About

About Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel conference talks to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular talk. Conference talks are being delivered by world renowned and most regarded speakers from around the world.

About Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.

Registrations

Registration is now open!

You can register here

Please check out our Exclusive Discount Offer, available Starting October 6th - 15th, 2009. "SAVE BIG NOW !"

The below pricing reflects the Standard Registration Prices .

Two Days of Conference (17th and 18th November 2009)
Rs.8,500/- INR General Public
Two Days of Conference (17th and 18th November 2009)
Rs.5,000/- INR Students
Two-Day Training Tracks (19th and 20th November 2009)
Rs.25,000/- INR
One-Day Training Tracks (19th OR 20th November 2009)
Rs.12,500/- INR

** Service Tax @ 10.3% will be charged extra.

  • ISC2 Members can avail a Special 15% discount on Conference & Training Registration.

(Please provide your ISC2 Certification ID number to avail the above Discount) For Registrations contact us at [email protected]

Exclusive Offers

- Group / Team Discounts available: Kindly contact us at [email protected]

Special University Student discount

- University Students can register for two days of conference for just Rs. 5000 (including taxes)
- Special 15 % Discounts for Training registration


Click here for details on the training courses that are available.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

  • Application Developers
  • Security Researchers
  • Application Testers and Quality Assurance
  • Penetration Testers
  • Application Project Management and Staff
  • IT Security Professionals
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


For student discount, attendees must present proof of enrollment when picking up your badge.

Schedule

Three parallel conference talks are scheduled for 17th & 18th November 2009 in three different halls. Training tracks have been divided in one-day tracks scheduled for 19th or 20th November 2009 and two-day tracks those are schedule to continue for two days both on 19th & 20th November 2009. Follow the tabs to learn the details on both conference and trainings.

  • Click here to view the Conference Schedule for 17th & 18th November 2009.
  • Click here to view Training Schedule on 19th & 20th November 2009.

Conference

Two Days Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel training sessions to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular session. Conference talks are being delivered by world renowned and most regarded speakers from around the world. Below is the conference schedule listing confirmed speakers and talks. Couple of talks are under review by the CFP (Call For Papers) Committee and shall be available as soon as those are confirmed. Event also follows two days of InfoSec trainings to be delivered in association with SANS, ISC2 and other organizations.

 

Where > Conference Hall 1   Conference Hall 2   Conference Hall 3: 
Who > (Security Researchers & Enthusiasts) (Security Auditors, Developers, QA, Architects) (Leaders, Managers, C&S professionals)
Schedule Topic Speaker Topic Speaker Topic Speaker

Day1.gif
9:00AM   - 10:30AM Keynote Sessions
10:30AM - 11:00AM Tea break & Snacks on Exhibition Floor
11:00AM - 12:00PM Active Man in the Middle Adi Sharabani, IBM   How To Blackbox Test Almost Anything Aviram Jenik, Beyond Security  

The International State of Cyber Security, Risk

reduction in a high threat world

Howard A. Schmidt, Former Cyber Security Advisor to

the White house
12:00PM - 1:00PM Reconsidering Network Defenses or NOT ! Cedric Blancher, EADS Innovation Works

Lust 2.0 – Desire for free WiFi and the threat of the

Imposter 
Lava Kumar Kuppan, Independent Security Researcher Applications - The new cyber security frontier Mano Paul, Software Assurance Advisor (ISC)2
1:00PM    - 2:00PM Lunch
2:00PM    - 3:00PM Exploiting Firefox Extensions Roberto Suggi Liverani, Security-Assessment.com   Threat Modeling  Varun Sharma, Microsoft Corp.  

Behind the scenes at the Microsoft Security Response

Center

Dave Midturi and Suresh Venkateswaran, Microsoft

Security Response Center
3:00PM    - 4:00PM SQL Server Forensics 2.0 Kevvie Fowler, TELUS & Ringzero Vbootkit 2.0: Attacking Windows 7 Via Boot Sectors

Nitin Kumar/Vipin Kumar, Independent Security

Researchers, Nvlabs

Business Case-Risk Management/Compliance at leading

Education Group at AMITY
Dr J.S Sodhi, AMITY
4:00PM    - 4:30PM Business Continuity Case Study Venkataram Arabolu, BSI Usability and Privacy in Security Ponnurangam Kumaraguru, IIIT 
4:30 PM   - 5:30 PM Tea break & Snacks on Exhibition Floor
7:00PM    - 10:00PM India Technology Leadership Summit 2009 (Exclusive by invitation only) -" Information Security Concerns for Offshoring"
 
Where > Conference Hall 1   Conference Hall 2   Conference Hall 3: 
Who > (Security Researchers & Enthusiasts) (Security Auditors, Developers, QA, Architects) (Leaders, Managers, C&S professionals)
Schedule Topic Speaker Topic Speaker Topic Speaker

Day2.gif
9:00AM   - 10:00AM Round Table with Speakers / Industry Panel - "Security Today & Tomorrow'
10:00AM - 10:30AM Tea break & Snacks on Exhibition Floor
10:30AM - 11:30AM Ten Things Web Developers Still Aren't Doing Frank Kim, ThinkSec Consulting   SANS Dshield Webhoneypot Project Jason Lam, Independent Security Researcher  

Critical Infrastructure Security “Danger Without

borders” 
John Bumgarner, US Cyber Consequence Unit (USCCU)
11:30AM - 12:30PM Cloud Hacking – Distributed Attack & Exploit Platform Shreeraj Shah, Blueinfy Solutions Testing JSON Applications For Security Holes Aviram Jenik, Beyond Security

Critical Infrastructure Security “Danger Without

borders” 
John Bumgarner, US Cyber Consequence Unit (USCCU)
12:30PM  - 1:30PM Lunch
1:30PM    - 2:30PM

All Your Packets Belong to Us - Attacking Backbone

Technologies 
Daniel Mende, Security Researcher, ERNW   Risk based Penetration Testing

K. K. Mookhey, Founder & Principal Consultant, NII

Consulting
  Wi-Fi security: the good, the bad and the ugly Cedric Blancher, EADS Innovation Works
2:30PM    - 3:30PM Xprobe3 - What's New? Going Application Level Fyodor Yarochkin, Guard-info OWASP SAMM Pravir Chandra, OWASP Do you wanna Play a Game Game theory and Cyberwar Bryan K. Fite, HackSecKlahn
3:30PM-4:00PM Tea break & Snacks on Exhibition Floor
4:00 PM   - 5:00PM Rumbling Infections – Web Malware Ontology Aditya K. Sood, COSEINC    Hacking Oracle From Web Sid, Independent Security Researcher   Connected Information Security Framework Anil Kumar Chintala, Microsoft
5:00PM    - 5:30PM Closing Remarks by Organizing Committee

Trainings

Two Day Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.


Day 1 - 19th Nov, 2009 Day 2 - 20th Nov, 2009
Course ID Course Duration

(# of Days)

Course Title Instructor Course ID Course Duration

(# of Days)

Course Title Instructor
One Day Training Tracks
SB1DHSO 1 Day
ORACLE Hacking & Security
Sumit Sidharth,
Sb logo.png

SB1DAWH 1 Day
Advanced Web Hacking -Securing AJAX, RIA & SOA
Shreeraj Shah
Blueinfy logo.png

SB1DAFT
1 Day
Advanced Forensics Techniques
Dr. Chandrasekhar Umapathy,
Sb logo.png

SB1DIAT
1 Day
In-depth Assessment Techniques: Design, Code, and Runtime

Fydor Yarochkin,

Logo Armorize.JPG

Two Day Training Tracks
SB2DNST 2 Days
Building advanced Network Security Tools
Daniel Mende,
Ernw logo.png
 
SB2DNST 2 Days
Building advanced Network Security Tools
Daniel Mende,
Ernw logo.png
 
SB2DCBC 2 Days
(ISC)2 CSSLP CBK Boot camp
Mano Paul,
Isc logo.png
 
SB2DCBC 2 Days
(ISC)2 CSSLP CBK Boot camp
Mano Paul,
Isc logo.png
 
SB2DSCJ / SANS Course ID : DEV530 2 Days Essential Secure Coding in Java / JEE
Sans logo.png
 
SB2DSCJ / SANS Course ID : DEV530 2 Days Essential Secure Coding in Java / JEE
Sans logo.png
 
SB2DWPT / SANS Course ID : DEV538 2 Days Web Application Pen Testing Hands-On Immersion
Sans logo.png
 
SB2DWPT / SANS Course ID : DEV538 2 Days Web Application Pen Testing Hands-On Immersion
Sans logo.png
 
SB2DSAB / SANS Course ID : AUD429 2 Days IT Security Audit Essentials Bootcamp
Sans logo.png
 
SB2DSAB / SANS Course ID : AUD429 2 Days IT Security Audit Essentials Bootcamp
Sans logo.png
 


Venue

Four Days Event is planned out at:

Hotel Crowne Plaza,
Site - 2, Sector - 29,
Gurgaon-122001 (National Capital Region), India
Hotel Front Desk: 91-124-4534000
Hotel Fax: 91-124-4304800

Sponsors


Co-Sponsor "Leadership Summit 2009"

CTF (Capture The Flag) Sponsor

Education  Partner

ISC2

         
Appin.jpg

         
BRIP-Logo.jpg

|                                          Left

                                             Innovation  Partner

                                               Left



Associate Sponsors Media Partners Supporters
Torridn.jpg
SSecurity india small.gif
HITB.jpg

SecurityCompass.JPG
HNS-web.jpg
Sector.jpg

Logo Armorize.JPG

Infosecurity.jpg

Clubhack.gif

Eventavenue Logo.jpg
Eads.jpg

Itmagz.jpg
 
Electronicsf.jpg
Crowne plaza.jpg


                                    Knowledge  Partner

                                      Left

                                  Left



 

Hotel & Travel

Hotel Stay & Travel Information

To help our valued delegates with Hotel and Travel services, we have negotiated with some of the best and Budget Category Guest houses in Gurgaon that are located within a radius of 3 - 4 Kms from the venue.

Limited cheaper accommodation is available near the venue hotel in budget hotels/apartments area. The tariff of these hotels ranges from Rs.2000 onwards per room night (inclusive of Room Rent, Breakfast and Luxury Tax). Interested delegates / students can send a formal request for the desired accommodations and dates to our official travel agent.


OFFICIAL TRAVEL AGENT

Dreamz conference Management Pvt.Ltd will look after your hotel accommodation in Gurgaon and New Delhi, pre & post conference tours / travel needs in India for delegates and visitors independently. If you wish to go for sightseeing tour within New Delhi and around it to places like Agra, Jaipur, Rajasthan etc. However, we would encourage you to make early bookings which will be done on “first – come - first service” basis and let us know of your interest, since that would ultimately work in your favour. Early reservation is strongly recommended as November being a high demand period for hotels in Gurgaon.


For further details please contact:

DREAMZ CONFERENCE MANAGEMENT PVT.LTD

406, Ansal’s Majestic Tower, Vikas Puri, New Delhi – 110018

Tel: 91 – 11 – 41586401, 402, Fax: 91 – 11 – 41586400

Email: [email protected] / [email protected]

Website: www.dreamztravel.net

Contact Person: Jitin Batra ( +91 9810558569 )



Capture the Flag

HackHunt 2009

India's foremost Hacking Challenge

Your Shot to the Title of India's best hacker along with Prize money of more than Rs 150,000 up for grabs!


Search for India’s Best Ethical Hacker

HackHunt is India’s leading hacking competition and aims at awarding the best ethical hackers in the country. The competition is brought to you by Appin Security Group, a leading Information Security and Ethical Hacking Company and Securitybyte, a global Information Security Conference Company.

The competition will be conducted in 3 phases. The 1st two rounds will be online and the 3rd and final round will take place at“Securitybyte & OWASP Appsec Asia 2009” on November 17, 2009at Crowne Plaza, Gurgaon.

Level 1 – Knowledge Check All the participants will be answering a quiz and based on the score top 10% will be shortlisted to 2nd round.

Level 2 – Skill Check This stage will require an attacker to get to the final FLAG file which he/she would need to register for the event.

Level 3 – Final Round This stage will require the attackers to exploit a pre-announced SSID which has WPA (or wpa 2).


To participate and for more details visit website :- http://www.hackerscouncil.org/

PacketWars

First time in India brought to you by Securitybyte!
About PacketWars

PacketWars is an intense, real-time information warfare simulation. Unlike other “capture the flag” games, the battlegrounds featured in PacketWars use the same software and hardware you would encounter in the real world.

PacketWars is designed to operate like a sport. Think Formula One Racing meets professional golf with a dash of Ultimate Fighting thrown in for good measure. Serious fun!

Visit http://packetwars.com/ for more details. How To Play?

PacketWars is a Sport like nothing you have ever experienced! Games known as “BATTLES” pit individual players and teams against each other in a race to achieve defined objectives.

The rules of engagement are simple: - Illegal activity of any kind is prohibited - Protect yourself at all times - Battles are designed to be of a low, medium or high difficulty level based on the battle objectives and battle duration - Primary, Secondary and Tertiary objectives are defined and assigned points based on difficulty - Battles have time limits and other defined constraints - Constraints are sometimes known to the combatants and other times are not - Anything that is not expressly prohibited is allowed - Points are awarded for FLARE

Equipment Needed: - Most combants use a notebook and a BackTrack CD however you are only limited by your imagination and bank account - You need a battle field and a PacketMaster…Oh yeah, skillz come in handy also!How To Play

<b.How can I participate?</b>
PacketWars to be held at the Hotel Crowne Plaza, Gurgaon on Nov 17 & Nov 18, 2009. Participation is FREE! Schedule will be announced soon.

WebWar III

About Hackers attack, coders defend, when you get them together you end up with Web War III. WWIII is designed to put your Web Application attack and defense skills to the test.

Teams Each team consists of two players, an attacker and a defender. The attacker would be capable of identifying Web Application Vulnerabilities (OWASP Top 10). The defender would be capable of writing secure Java code.


Game Format

The game has two stages:

Stage 1: Each team is given a VM Ware image containing a web server hosting a vulnerable web application. During this stage each team identifies the vulnerabilities in their application. They try to fix the identified vulnerabilities by making code changes.

Stage 2: The IP addresses of the Web Server's of all the teams is announced. Each team looks for vulnerabilities in the Web Applications of the other teams. Vulnerabilities found on the opponents' application get positive points. Vulnerabilities found by the opponents on your application get negative points.

Team with the highest points at the end of Stage 2 wins.

Tools and Equipments

Each team should bring their own laptop with VM Ware installed. The attacker can use any tools they bring. The applications come with ESAPI to help the defenders fix the code quicker.

Leadership Summit 2009

India's top technology thought leaders coming together to discuss "Security concerns in off-shoring"

Honored Guests
-Honorable Former President of India, Dr. A.P.J Abdul Kalam to inaugrate the Leadership Summit 2009.
-Prof. Howard A. Schmidt(Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House)
-Mr. Hord Tipton, Executive Director (ISC)2

About the Event
An elite gathering of 200 technology leaders, decision makers & InfoSec experts from leading service providers, government agencies and various industry verticals.
Two hours of panel discussions between three panels of 12 distinguished industry experts representing outsourcing companies, service providers and the regulatory bodies. Panel discussions will be followed by networking dinner & cocktails.

Prof Howard A. Schmidt (Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House) will facilitate the panel discussions. Thought leaders participating in the panel discussions are:

Outsourcing Organizations
Mr. Raghavendra Vaidya, CIO - GE Capital India
Mr. CRN Vairavelu, VP - Ford Technology Services India
Mr. Pankaj Agrawal, CISO - Aircel Limited
TBD

Service Providers
Mr. Terry Thomas, Partner - Ernst & Young
Mr. Debashis Ghosh, Head (LS&H ISU) - Tata Consultancy Services
Mr. Sunil Gujral, EVP & CTO - Quatrro
Mr. Sunil Goyal, COO - Sopra group

Regulatory Bodies
Dr. Kamlesh Bajaj, CEO - DSCI (a NASSCOM initiative)
Dr. Gulshan Rai, Director - CERT-in
Mr. Hord Tipton, Executive Director - ISC2 (ex CIO, US Department of Interior)
Mr. Vakul Sharma, Lawyer - Supreme Court

The event is exclusive to industry leaders and is by private invitation only. If you are interested in attending the event, please email your business card to [email protected] This e-mail address is being protected from spambots.

Venue - Hotel Crowne Plaza, Gurgaon | Timings - 5:30PM - 9:00PM

Please contact Chair - OWASP India for sponsorship opportunities.

Category: OWASP India