This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Mrb Scratchpad
From OWASP
Revision as of 18:40, 3 November 2010 by Mark.bristow (talk | contribs)
| Plenary Day 2 - Nov 11th 2010 | ||||
| Offense (147B) | New Frontiers (147A) | OWASP (145B) | Process (145A) | |
| 07:30-08:55 | Registration | |||
| 08:55-09:00 | Day 2 Opening Remarks | |||
| 09:00-10:00 | Keynote by Ron Ross National Institute of Standards and Technology | |||
| 10:00-10:15 | Coffee Break sponsored by 
| |||
| 10:15-11:00 | Hacking SAP BusinessObjects Joshua Abraham and Will Vandevanter |
Cloudy with a chance of hack! Lars Ewe |
Dont Judge a Website by its GUI Read the Label!|Don’t Judge a Website by its GUI – Read the Label! Jeff Williams |
Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers Dan Cornell |
| 11:00-11:05 | Break | |||
| 11:05-11:50 | Deconstructing ColdFusion Chris Eng and Brandon Creighton |
Declarative Web Security Mozilla Foundation |
The Secure Coding Practices Quick Reference Guide Keith Turpin |
Code Reviewing Strategies Andrew Wilson and John Hoopes |
| 11:50-11:55 | Break | |||
| 11:55-12:40 | Friendly Traitor 2 Features are hot but giving up our secrets is not! Kevin Johnson and Mike Poor |
Exploiting the media for fun and profit. Analysis of a new type of web application attacks through media files Aleksandr Yampolskiy |
Open Source Web Entry Firewall Ivan Buetler |
Microsoft's Security Development Lifecycle for Agile Development Nick Coblentz |
| 12:40-1:40 | Lunch | |||
| 1:40-2:25 | Hacking .NET Applications at Runtime: A Dynamic Attack Jon McCoy |
Life in the Clouds: a Service Provider's View Michael Smith |
Solving Real World Problems with ESAPI Chris Schmidt |
Financial Services Panel |
| 2:25-2:30 | Break | |||
| 2:30-3:15 | JavaSnoop: How to hack anything written in Java Arshan Dabirsiaghi |
Social Zombies Gone Wild: Totally Exposed and Uncensored Kevin Johnson and Tom Eston |
Attack Detection and Prevention with OWASP AppSensor Colin Watson | |
| 3:15-3:30 | Coffee Break sponsored by 
| |||
| 3:30-4:15 | Unlocking the Toolkit: Attacking Google Web Toolkit Ron Gutierrez |
Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications Dan Cornell |
OWASP ModSecurity Core Rule Set Ryan Barnett |
Implementing a Secure Software Development Program Darren Death |
| 4:15-4:20 | Break | |||
| 4:20-5:05 | Constricting the Web: Offensive Python for Web Hackers Marcin Wielgoszewski and Nathan Hamiel |
Threats from Economical Improvement Eduardo Neves |
OWASP ESAPI SwingSet Fabio Cerullo |
The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform Benjamin Tomhave |
| 5:05-5:30 | Closing Remarks/Prizes The OWASP AppSec DC Team | |||
