This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "AppSec ASIA 2016"

Jump to: navigation, search
(Registration and Fees)
(Speaker Bios)
Line 227: Line 227:
HP Enterprise Software全球安全技术主管,负责年营业额10亿美元的软件产品线的总体安全,以及SDL(软件安全开发流程)在公司内部的实施。OWASP上海分会负责人,CWASP资深讲师,拥有CSSLP和CISSP认证,是《Web应用安全威胁与防治》的作者之一。

Revision as of 03:29, 15 April 2016


We are pleased to announce that the OWASP China-Mainland Chapter will host the OWASP AppSec ASIA 2016 in Wuhan, China. The event will be held on May 21, Saturday.

The OWASP AppSec ASIA 2016 will bring together application security experts and software engineers from all over the world. Industry and academia meet to discuss open problems and new solutions in web & mobile security.

At the age of Internet+, Global AppSec Asia 2016 brings together application security experts and software engineers from all round the world to explore security technologies for core platforms such as Web applications, Mobile internet and Internet of things. Meantime, the sub-forum will focus on how to build cyber security training systems.

Who Should Attend AppSec ASIA 2016 :

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interested in Improving IT Security

If you have any questions, please email the conference committee: [email protected]


Call for Paper

OWASP AppSec ASIA 2016 will bring together application security experts and software engineers from all over the world on May 21, 2016. Industry and academia meet to discuss open problems and new solutions in web & mobile security. For this event, we will invite application security researchers, thought leaders and developers worldwide to submit papers for presentations looking for “the next”, cutting edge research in the context of web applications, secure development, security management and privacy. Don't miss the opportunity to share and discuss your ideas and knowledge with other experts and practitioners.

The topics of interest, but not limited:

  • Web Security
  • Mobile Security
  • Cloud Security, specifically secure Cloud Apps
  • Infrastructure security
  • Secure development
  • Application Security Testing
  • Privacy protection in web based apps
  • Emerging web technologies and associated security considerations
  • Security Trainings, Certificates and CTP

Papers should describe new ideas, new implementations, or experiences related to web & mobile security. We are glad to have some leading-edge topics and ideas as well as in-depth discussion in the conference. The conference planning team will review your submission based on a descriptive abstract of your intended presentation. Feel free to attach a preliminary version of your presentation if available, or any other supporting materials. Remember: the better your description is, the better our review will be.

Important dates:
Submission deadline: Mar 25, 2016.
Notification of acceptance: Mar 31, 2016.
Presentation PPT due: April 30, 2016.

To submit a proposal please use easy chair
To contact the conference planning team, please mail to [email protected][1]
OWASP Speaker Agreement:
Likely we can cover travel expenses or costs for accommodations.

By your submission you agree to the OWASP Speaker Agreement. OWASP values vendor neutrality. You need to use the OWASP presentation template and you’re not allowed to place marketing pitches in your slides. All presentation slides will be published on the conference website after the conference. Please make sure that any pictures and other materials in your slides don’t violate any copyrights. You are solely liable for copyright violations. You may choose any CC license for your slides, including CC0. OWASP does suggest open licenses.

9:00-9:15 15 Opening speech N/A
9:15-9:55 40 OWASP Mobile 2016 & Self-healing apps

Milan Singh Thakur

9:55-10:35 40 Testing next-gen iOS apps

Prateek Gianchandani

10:35-10:55 20 Coffee & Tea Break N/A
11:30-12:00 30 OWASP CISO Survey Report – Tactical Insights for Managers

Tobias Gondrom

12:00-14:00 120 LUNCH N/A
14:00-14:40 40 Cloud-ids:智能Web 入侵检测与威胁感知


Capture-the-Flag Secrets

Ivan Butler

14:40-15:15 35 企业AppLayer面临的IT安全风险与危机

Dixon Ho

15:15-15:50 35 TBD 新型安全人才培养模式


15:50-16:10 20 Coffee & Tea Break N/A
16:10-16:45 35 OWASP Top 10: Effectiveness of Web Application Firewalls

David Caissy

16:45-17:20 35 移动互联网应用的服务端安全防护探讨


17:20-17:30 10 Closing speech N/A

Prateek Gianchandani

An OWASP member and contributor has been working in the infosec industry for over 5 years. During his five years, he has performed a number of penetration tests on mobile and web applications and even developed a lot of applications for the App Store. His core focus area is mobile pentesting and embedded device hacking. He is also the author of the open source vulnerable application named Damn Vulnerable iOS app. He has presented and trained at Conferences like Defcon, Blackhat USA, Brucon, Hack in paris, Phdays etc.

Jakub Kaluzny

A Senior IT Security Consultant at SecuRing and performs penetration tests of high-risk applications, systems and devices. He was a speaker at many international IT Security conferences: OWASP AppSec EU, BlackHat Asia, PHdays, CONFidence, HackInTheBox AMS, as well at local events. Previously working for European Space Agency and internet payments intermediary. Apart from testing applications, he digs into proprietary network protocols, embedded devices and other enterprise solutions.

Tobias Gondrom

CTO Security for global IT company. Chairman of the Board of OWASP, Chair of the IAOC. Experience asHead of Information Security, Chief Information Security Officer, CISO, IT Risk Management, Governance & Compliance Head of Software Development, CTO, Manage in global, multinational and complex organisations, Change Management, project management, M&A, Strategy, ArchitectureSDLC, Software development processes and standards CCISO, CISSP, CSSLP.

David Caissy

David Caissy, M. Sc., OSCP, GWAPT, GPEN, GSEC, CISSP, CEH is a web application penetration tester with in-depth developer and IT Security background spanning over 16 years. He has extensive experience in conducting vulnerability assessments and penetration tests as well as providing training globally, amongst numerous other teaching engagements. He has worked for a central bank, various government agencies and private companies. David has been teaching web application security in colleges, conferences and for many government agencies over the last 15 years.

Ivan Butler

Founder and CEO of Compass Security, a leading Swiss ethical hacking and penetration testing company. Speaker @ BlackHat Las Vegas 2008, IT Underground Warsaw 2009, Unistrategic Singapore 2010 and organizer of Swiss Cyber Storm Security Conference since 2007.

Milan Singh Thakur

Heading the OWASP Mobile Application Security Guide Development Project with Jonathan Carter.

Dixon Ho

为ISACA北京事务委员会主席、中国信息化推进联盟信息安全专业委员会副主任,主管微软大中华区信息安全领域超过8年。在2008年担任了北京市市政管理委员会奥运城市运行指挥平台安全顾问。 信息安全领域从业时间:近20多年。


百度云安全部资深架构师刘焱,毕业于华中科技大学,具有近十年 bat级互联网公司甲方安全防护经验,主持或者参与了百度内部几乎全部安全监控以及防护项目,黑客入侵主动发现比例超过80%;具有多项国家信息安全专利;在国内外学术期刊、会议发表多篇论文;主持开发的安全产品在十多家国内外中大型互联网企业中使用。




HP Enterprise Software全球安全技术主管,负责年营业额10亿美元的软件产品线的总体安全,以及SDL(软件安全开发流程)在公司内部的实施。OWASP上海分会负责人,CWASP资深讲师,拥有CSSLP和CISSP认证,是《Web应用安全威胁与防治》的作者之一。


Leader of OWASP China.

Course Name
Course Length
Course Date(s)
OWASP Top 10 Effective Safeguards David Caissy 4H May20,8:30-12:30 English RMB 1500
Mobile Application security Prateek Gianchandani 4H May20,14:30-18:30 English RMB 1500

Pay attention to "OWASP China" WeChat public number, choice "registration" to fill in tables then become a member of OWASP China. The conference will be free for you.

AppSec ASIA 2016 will be held at Hubei University, Wuhan, in China.

Hubei University


We are looking for sponsors for AppSec ASIA 2016.

If you are interested to sponsor AppSec ASIA 2016, please contact the conference team:[email protected]

Sponsorship Deadline is April 10, 2016.

To find out more about the different sponsorship opportunities please check the document below:
OWASP AppSec ASIA 2016 Sponsorship

___Gold Sponsor___


Airport Transportation

Wuhan Tianhe International Airport


Hotel & City Guide is coming soon.

Conference Planning Team is available to answer any questions!

AppSec ASIA 2016 Conference Planning Team

  • Miya Xu
  • Ivy Zhang
  • Xiaoli Tan

Do you want to volunteer for AppSec ASIA 2016?Conference Planning Team

AppSec ASIA 2016 Volunteer Team

  • Ankit Giri
  • Samit Anwer

OWASP Staff Support

  • Laura Grau
  • Kelly Santalucia
  • Kate Hartmann
  • Noreen Whysel

Contact us at Conference Planning Team