This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP AppSec DC 2010 Schedule

From OWASP
Revision as of 19:19, 22 September 2010 by Mark.bristow (talk | contribs)


Redirect page
Jump to: navigation, search

Redirect to:

468x60-banner-2010.gif

Registration | Hotel | Walter E. Washington Convention Center

Back to Conference Page

Training 11/08

Day 1 - Nov 10th 2009
  Room TBD Room TBD Room TBD Room TBD Room TBD
09:00-12:00 Day 1:
Class
Instructor 		Day 1:
Class
Instructor 		Class
Instructor| width="150" valign="middle" height="120" bgcolor="#b3ff99" align="center" |
Class
Instructor 		Class
Instructor
12:00-13:00 Lunch
13:00-17:00 Class
Instructor 		Class
Instructor| width="150" valign="middle" height="120" bgcolor="#a0c0e0" align="center" |
Class
Instructor 		Class
Instructor 		Class
Instructor

Training 11/09

Day 2 - Nov 11th 2009
  Room TBD Room TBD Room TBD Room TBD Room TBD
09:00-12:00 Day 2:
Class
Instructor| width="150" valign="middle" height="120" bgcolor="#ffdf80" align="center" | Day 2:
Class
Instructor 		Class
Instructor 		Class
Instructor
12:00-13:00 Lunch
13:00-17:00 Class
Instructor 		Class
Instructor 		Class
Instructor 		Class
Instructor

Talks 11/10

Day 1 - Nov 12th 2009
  OWASP (146A) Tools (146B) Web 2.0 (146C) SDLC (152A)
07:30-08:50 Registration
08:50-09:00 Welcome and Opening Remarks
09:00-10:00 Keynote: Joe Jarzombek
Video | Slides
10:00-10:30 All about OWASP OWASP Board
Video | Slides
10:30-10:45 Coffee Break sponsored by AppSecDC2009-Sponsor-denim.gif
10:45-11:30 OWASP ESAPI
Jeff Williams

Video | Slides 		Clubbing WebApps with a Botnet
Gunter Ollmann

Video | Slides 		Understanding the Implications of Cloud Computing on Application Security
Dennis Hurst

Video | Slides 		Enterprise Application Security - GE's approach to solving root cause
Darren Challey

Video | Slides
11:30-12:30 Hosted Lunch
12:30-1:15 Software Assurance Maturity Model (SAMM)
Pravir Chandra

Video | Slides 		The Case of Promiscuous Parameters and Other Ongoing Capers in Web Security
Jacob West

Video | Slides 		Transparent Proxy Abuse
Robert Auger

Video | Slides 		Software Development The Next Security Frontier
Jim Molini

Video | Slides
1:15-1:20 Break
1:20-2:05 DISA's Application Security and Development STIG: How OWASP Can Help You
Jason Li

Video | Slides 		OWASP ModSecurity Core Rule Set Project
Ryan C. Barnett

Video | Slides 		Development Issues Within AJAX Applications: How to Divert Threats
Lars Ewe

Video | Slides 		Secure SDLC Panel: Real answers from real experience
Panelists:
Dan Cornell
Michael Craigue
Dennis Hurst
Joey Peloquin
Keith Turpin
 
Moderator:
Pravir Chandra

Video | Slides
2:05-2:10 Break
2:10-2:55 Defend Yourself: Integrating Real Time Defenses into Online Applications
Michael Coates

Video | Slides 		Finding the Hotspots: Web-security testing with the Watcher tool
Chris Weber

Video | Slides 		Social Zombies: Your Friends Want to Eat Your Brains
Tom Eston/Kevin Johnson

Video | Slides
2:55-3:10 Coffee Break sponsored by AppSecDC2009-Sponsor-denim.gif
3:10-3:55 The ESAPI Web Application Firewall
Arshan Dabirsiaghi

Video | Slides 		One Click Ownage
Ferruh Mavituna

Video | Slides 		Cloudy with a chance of 0-day
Jon Rose/Tom Leavey

Video | Slides 		The essential role of infosec in secure software development
Kenneth R. van Wyk

Video | Slides
Web Application Security Scanner Evaluation Criteria
Brian Shura

Video | Slides
3:55-4:00 Break
4:00-4:45 OWASP Live CD: An open environment for Web Application Security
Matt Tesauro / Brad Causey

Video | Slides 		Learning by Breaking: A New Project Insecure Web Apps
Chuck Willis

Video | Slides 		Attacking WCF Web Services
Brian Holyfield

Video | Slides 		Vulnerability Management in an Application Security World
Dan Cornell

Video | Slides
Synergy! A world where the tools communicate

Josh Abraham

Video | Slides

4:45-4:50 Break
4:50-5:55 The Entrepreneur's Guide to Career Management
Lee Kushner

Video | Slides 		Advanced SSL: The good, the bad, and the ugly
Michael Coates

Video | Slides 		When Web 2.0 Attacks - Understanding Security Implications of AJAX Flash and Highly Interactive Technologies
Rafal Los

Video | Slides 		Threat Modeling
John Steven

Video | Slides
User input piercing for Cross Site Scripting Attacks
Matias Blanco

Video | Slides
6:00-8:00 Cocktails and hors d'oeuvres in the EXPO Room (151)
Sponsored by AppSecDC2009-Sponsor-cenzic.gif

Talks 11/11

Day 2 - Nov 13th 2009
  Process (146A) Attack & Defend (146B) Metrics (146C) Compliance (152A)
8:00-9:00 Registration & Coffee sponsored by AppSecDC2009-Sponsor-fyrm.gif
9:00-9:45 The Big Picture: Web Risks and Assessments Beyond Scanning
Matt Fisher

Video | Slides 		Securing the Core JEE Patterns
Rohit Sethi/Krishna Raja

Video | Slides 		The Web Hacking Incidents Database
Ryan C. Barnett

Video | Slides 		Business Logic Automatons: Friend or Foe?
Amichai Shulman

Video | Slides
9:45-9:50 Break
9:50-10:35 Scalable Application Assessments in the Enterprise
Tom Parker/Lars Ewe

Video | Slides 		Malicious Developers and Enterprise Java Rootkits
Jeff Williams

Video | Slides 		Application security metrics from the organization on down to the vulnerabilities
Chris Wysopal

Video | Slides 		SCAP: Automating our way out of the Vulnerability Wheel of Pain
Ed Bellis

Video | Slides
10:35-10:40 Break
10:40-11:25 Secure Software Updates: Update Like Conficker
Jeremy Allen

Video | Slides 		Unicode Transformations: Finding Elusive Vulnerabilities
Chris Weber

Video | Slides 		OWASP Top 10 - 2010
Release Candidate
Dave Wichers

Video | Slides 		Secure SDLC: The Good, The Bad, and The Ugly
Joey Peloquin

Video | Slides
11:25-12:30 Hosted Lunch
12:30-1:15 Improving application security after an incident
Cory Scott

Video | Slides 		The 10 least-likely and most dangerous people on the Internet
Robert Hansen

Video | Slides 		Hacking by Numbers
Tom Brennan

Video | Slides 		Federal CISO Panel

Video
1:15-1:20 Break
1:20-2:05 Deploying Secure Web Applications with OWASP Resources
Sebastien Deleersnyder / Fabio Cerullo

Video | Slides 		Automated vs. Manual Security: You can't filter The Stupid
David Byrne/Charles Henderson

Video | Slides 		Building an in-house application security assessment team
Keith Turpin

Video | Slides
2:05-2:20 Coffee break sponsored by AppSecDC2009-Sponsor-fyrm.gif
2:20-3:05 OWASP O2 Platform - Open Platform for automating application security knowledge and workflows
Dinis Cruz

Video | Slides 		Injectable Exploits: Two New Tools for Pwning Web Apps and Browsers
Kevin Johnson, Justin Searle, Frank DiMaggio

Video | Slides 		The OWASP Security Spending Benchmarks Project
Dr. Boaz Gelbord

Video | Slides 		Promoting Application Security within Federal Government
Sarbari Gupta

Video | Slides
3:05-3:10 Break
3:10-3:55 Custom Intrusion Detection Techniques for Monitoring Web Applications
Matthew Olney

Video | Slides 		Manipulating Web Application Interfaces, a new approach to input validation
Felipe Moreno-Strauch

Video | Slides 		SANS Dshield Webhoneypot Project
Jason Lam

Video | Slides 		Techniques in Attacking and Defending XML/Web Services
Mamoon Yunus/Jason Macy

Video | Slides
3:55-4:00 Break
4:00-4:15 Closing Remarks (146B)
Mark Bristow, Rex Booth, Doug Wilson
Video | Slides

Back to Conference Page

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_AppSec_DC_2010_Schedule&oldid=89796"