This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Mrb Scratchpad
From OWASP
Revision as of 20:09, 3 November 2010 by Mark.bristow (talk | contribs)
| Plenary Day 1 - Nov 10th 2010 | ||||
| Offense (147B) | Defense (147A) | Metrics (145B) | Government (145A) | |
| 07:30-08:50 | Registration | |||
| 08:50-09:00 | Welcome and Opening Remarks | |||
| 09:00-10:00 | Keynote by Neal Ziring National Security Agency | |||
| 10:00-10:30 | All about OWASP OWASP Board | |||
| 10:30-10:45 | Coffee Break sponsored by 
| |||
| 10:45-11:30 | Python Basics for Web App Pentesters Justin Searle |
Drive By Downloads: How To Avoid Getting A Cap Popped In Your App Neil Daswani |
Secure Code Review: Enterprise Metrics Richard Tychansky |
Cyber-Assurance Ecosystem - Automation Activities for Securing the Enterprise Joe Jarzombek |
| 11:30-11:35 | Break | |||
| 11:35-12:20 | White and Black box testing of Lotus Domino Applications Ari Elias-bachrach and Casey Pike |
Protecting Federal Government from Web 2.0 Application Security Risks Sarbari Gupta |
Measuring Security: 5 KPIs for Successful Web App Security Programs Rafal Los |
Security Risk and the Software Supply Chain Karen Goertzel |
| 12:20-1:20 | Lunch | |||
| 1:20-2:05 | Pen Testing with Iron Andrew Wilson |
Providing application-level assurance through DNSSEC Suresh Krishnaswamy, Wes Hardaker and Russ Mundy |
H.....t.....t....p.......p....o....s....t Onn Chee & Tom Brennan |
Understanding How They Attack Your Weaknesses: CAPEC Sean Barnum |
| 2:05-2:10 | Break | Break | ||
| 2:10-2:55 | Hacking Oracle From Web Apps Sumit Siddharth |
GuardRails: A Nearly Painless Solution to Insecure Web Applications|GuardRails: A (Nearly) Painless Solution to Insecure Web Applications Jonathan Burket, Patrick Mutchler, Michael Weaver and Muzzammil Zaveri |
Securing Frameworks Panel | |
| 2:55-3:10 | Coffee Break sponsored by 
| |||
| 3:10-3:55 | wXf: Web Exploitation Framework Ken Johnson and Chris Gates ] |
The Strengths of Combining Code Review with Application Penetration Testing Dave Wichers |
Dealing with Web Application Security, Regulation Style Andrew Weidenhamer |
Ensuring Software Assurance Process Maturity Edmund Wotring |
| 3:55-4:00 | Break | |||
| 4:00-4:45 | Pen-Test Panel | Botnet Resistant Coding: Protecting Your Users from Script Kiddies Fabian Rothschild and Peter Greko |
OWASP Broken Web Applications Project Update Chuck Willis |
People, Process, and Technology: OWASP Impact on the SwA Processes and Practices Working Group Michele Moss |
| Smashing WebGoat for Fun and Research: Static Code Scanner Evaluation Joshua Windsor and Joshua Pauli | ||||
| 4:45-4:50 | Break | |||
| 4:50-5:35 | A new approach to preventing injection attacks on the Web Application Stack Ahmed Masud |
Using Misuse Cases to Articulate Vulnerabilities to Stakeholders Scott Mendenhall |
Federal Perspectives on Application Security - Panel | |
| The Web Hacking Incident Database (WHID) Report Ryan Barnett | ||||
| 5:30-7:30 | Cocktails sponsored by 
| |||
