https://wiki.owasp.org/index.php?title=Belgium_Events_2010&feed=atom&action=historyBelgium Events 2010 - Revision history2024-03-28T09:40:06ZRevision history for this page on the wikiMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Belgium_Events_2010&diff=229681&oldid=prevThomas Herlea: Added non-transcluding navigation links.2017-05-16T07:05:45Z<p>Added non-transcluding navigation links.</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 07:05, 16 May 2017</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[[Belgium]] <del class="diffchange diffchange-inline">events held in 2010</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline"><noinclude></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">These are the 2010 events of the </ins>[[Belgium<ins class="diffchange diffchange-inline">|OWASP Belgium Chapter</ins>]]<ins class="diffchange diffchange-inline">.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Previous year: [[Belgium Events 2009|2009]].</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Next year: [[Belgium Events 2011|2011]].</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></noinclude></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>== Previous Meeting (September 21st 2010) in Leuven ==</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>== Previous Meeting (September 21st 2010) in Leuven ==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
</table>Thomas Herleahttps://wiki.owasp.org/index.php?title=Belgium_Events_2010&diff=229547&oldid=prevThomas Herlea: Thomas Herlea moved page Belgium Previous Events 2010 to Belgium Events 2010: Made page title timeless2017-05-11T10:41:12Z<p>Thomas Herlea moved page <a href="/index.php/Belgium_Previous_Events_2010" class="mw-redirect" title="Belgium Previous Events 2010">Belgium Previous Events 2010</a> to <a href="/index.php/Belgium_Events_2010" title="Belgium Events 2010">Belgium Events 2010</a>: Made page title timeless</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<tr style='vertical-align: top;' lang='en'>
<td colspan='1' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='1' style="background-color: white; color:black; text-align: center;">Revision as of 10:41, 11 May 2017</td>
</tr><tr><td colspan='2' style='text-align: center;' lang='en'><div class="mw-diff-empty">(No difference)</div>
</td></tr></table>Thomas Herleahttps://wiki.owasp.org/index.php?title=Belgium_Events_2010&diff=149214&oldid=prevThomas Herlea: Fixed a typo in the name of Samy Kamkar.2013-04-05T12:48:20Z<p>Fixed a typo in the name of Samy Kamkar.</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 12:48, 5 April 2013</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l27" >Line 27:</td>
<td colspan="2" class="diff-lineno">Line 27:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:[http://www.linkedin.com/in/meeas Justin Searle], a Senior Security Analyst with InGuardians, specializing in the penetration testing of web applications, networks, and embedded devices.  Justin currently leads the Smart Grid Security Architecture group of the CSWG (Cyber Security Work Group) for NIST (National Institute of Standards and Technologies) and is a member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid).  Previously, Justin served as JetBlue Airway’s IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations.  Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS.  Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum.  Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA).</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:[http://www.linkedin.com/in/meeas Justin Searle], a Senior Security Analyst with InGuardians, specializing in the penetration testing of web applications, networks, and embedded devices.  Justin currently leads the Smart Grid Security Architecture group of the CSWG (Cyber Security Work Group) for NIST (National Institute of Standards and Technologies) and is a member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid).  Previously, Justin served as JetBlue Airway’s IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations.  Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS.  Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum.  Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA).</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>*19h45 - 20h00: Break<br>  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>*19h45 - 20h00: Break<br>  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>*20h00 - 21h00: '''[http://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf How I Met Your Girlfriend]''' (by Samy <del class="diffchange diffchange-inline">Kampkar</del>)<br></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>*20h00 - 21h00: '''[http://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf How I Met Your Girlfriend]''' (by Samy <ins class="diffchange diffchange-inline">Kamkar</ins>)<br></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:[http://samy.pl/ Samy Kamkar] is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws).</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>:[http://samy.pl/ Samy Kamkar] is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws).</div></td></tr>
</table>Thomas Herleahttps://wiki.owasp.org/index.php?title=Belgium_Events_2010&diff=109763&oldid=prevSdeleersnyder: Created page with "Belgium events held in 2010 == Previous Meeting (September 21st 2010) in Leuven == === WHEN === September 21st 2010 18h-20h === WHERE === Hosted by [http://distrinet.cs..."2011-04-28T09:18:47Z<p>Created page with "<a href="/index.php/Belgium" title="Belgium">Belgium</a> events held in 2010 == Previous Meeting (September 21st 2010) in Leuven == === WHEN === September 21st 2010 18h-20h === WHERE === Hosted by [http://distrinet.cs..."</p>
<p><b>New page</b></p><div>[[Belgium]] events held in 2010<br />
<br />
== Previous Meeting (September 21st 2010) in Leuven ==<br />
<br />
=== WHEN ===<br />
<br />
September 21st 2010 18h-20h<br />
<br />
=== WHERE ===<br />
<br />
Hosted by [http://distrinet.cs.kuleuven.be Distrinet Research Group (K.U.Leuven)].<br />
<br />
Pizza's sponsored by [http://www.f5.com F5 Networks]<br />
<br />
Address: <br> Department of Computer Science (auditorium 00.225)<br> Celestijnenlaan 200 A<br> 3001 Heverlee <br> <br />
<br />
Routemap: http://distrinet.cs.kuleuven.be/about/route/ <br />
<br />
=== PROGRAM ===<br />
<br />
The agenda: <br />
<br />
*18h00 - 18h30: Welcome &amp; Pizza's<br> <br />
*18h30 - 18h45: '''[http://www.owasp.org/images/7/71/Owasp_update_2010-09-21.pptx OWASP Update]''' (by Sebastien Deleersnyder, SAIT Zenitel, OWASP Board)<br> <br />
*18h45 - 19h45: '''[http://www.owasp.org/images/6/63/Attacking_and_Defending_the_Grid-BeOWASP_%281%29.pdf Attacking and Defending the Grid]''' (by Justin Searle)<br><br />
:The Smart Grid brings greater benefits for utilities and customer alike, however these benefits come at a cost from a security perspective. This presentation will explore how the increased functionality and complexity also increases the Smart Grid's attack surface, or in other words, increases the ways attackers can compromise the Smart Grid's new infrastructures, systems, and business models. We'll discuss several specific attack avenues against the Smart Grid and recommendations for mitigating or blocking these attacks.<br />
:[http://www.linkedin.com/in/meeas Justin Searle], a Senior Security Analyst with InGuardians, specializing in the penetration testing of web applications, networks, and embedded devices. Justin currently leads the Smart Grid Security Architecture group of the CSWG (Cyber Security Work Group) for NIST (National Institute of Standards and Technologies) and is a member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid). Previously, Justin served as JetBlue Airway’s IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations. Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum. Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA).<br />
*19h45 - 20h00: Break<br> <br />
*20h00 - 21h00: '''[http://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf How I Met Your Girlfriend]''' (by Samy Kampkar)<br><br />
:The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.<br />
:[http://samy.pl/ Samy Kamkar] is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws).<br />
:In the past 10 years, Samy has focused on evolutionary and genetic algorithmic software development, Voice over IP software development, automated security and vulnerability research in network security, reverse engineering, and network gaming. When not strapped behind the Matrix, Samy can be found stunt driving, getting involved in local community service projects, and continuing his focus on staying out of jail.<br />
<br />
== Previous Meeting (June 16th 2010) in Brussels ==<br />
<br />
=== WHEN ===<br />
<br />
June 16th 2010 18h-20h<br />
<br />
=== WHERE ===<br />
<br />
Location was sponsored by [http://www.zenitelbelgium.com/ Zenitel Belgium].<br />
<br />
Location: Zenitel Belgium, Z.1. Research Park 110 – 1731 Zellik, Belgium (same building as http://www.u2u.net/Route.aspx)<br />
<br />
=== PROGRAM ===<br />
<br />
The agenda: <br />
<br />
*18h00 - 18h30: Welcome &amp; Refreshments<br> <br />
*18h30 - 18h45: '''OWASP Update''' (by Sebastien Deleersnyder, Zenitel, OWASP Board)<br> <br />
*18h45 - 20h00: '''[http://www.owasp.org/images/4/42/Advanced_SQL_InjectionV2.pptx Advanced SQL Injection]''' (by Joe McCray, Learn Security Online)<br><br />
:SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated as NOT exploitable by security testers when it actually can be exploited. Advanced SQL Injection is a presentation geared toward showing security professionals advanced exploitation techniques for situations when you must prove to the customer the extent of compromise that is possible.<br />
:The key areas are:<br />
:* Re-Enabling stored procedures<br />
:* Old and new ways of obtaining an interactive command-shell<br />
:* Data Exfiltration via DNS<br />
:* IDS Evasion & Web Application Firewall Bypass<br />
:* Privilege Escalation<br />
:'''Joe McCray''' has 10 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Joe is a frequent presenter at security conferences, and has taught Ethical Hacking and Web Application Security at Johns Hopkins University (JHU), University of Maryland Baltimore College (UMBC), and several other technical training centers across the country.<br />
<br />
== Previous Meeting (June 1st 2010) in Brussels ==<br />
<br />
<br />
=== WHEN ===<br />
<br />
June 1st 2010 18h-21h<br />
<br />
=== WHERE ===<br />
<br />
Location is sponsored by [http://www.cisco.com/web/BE/index.html Cisco Belgium].<br />
<br />
Location: Cisco, Pegasus Park, De Kleetlaan, 6A, B-1831 Diegem. See [http://www.cisco.com/web/BE/pdfs/contact_plan.pdf directions].<br />
<br />
=== PROGRAM ===<br />
<br />
The agenda: <br />
<br />
*18h00 - 18h30: Welcome &amp; Refreshments<br> <br />
*18h30 - 18h45: '''OWASP Update''' (by Sebastien Deleersnyder, Zenitel, OWASP Board)<br> <br />
*19h00 - 20h00: '''[http://www.owasp.org/images/0/01/The_Belgian_e-ID_hacker_vs_developer.pdf The Belgian e-ID: hacker vs developer]''' (by Erwin Geirnaert and Frank Cornelis)<br><br />
:''Presentation + discussion:'' What can go wrong when implementing the Belgian eID in an unsecure way to authenticate a user? We will discuss the security issues, the problems with trust, SSL and some examples of a bad implementation. We will demo how to use WebScarab to intercept and change authentication data on the fly, impersonating somebody else.<br />
:To help developers to implement it correctly, we will give away best practices and a road map to do it properly using the new eID applet with entity authentication.<br />
:This presentation will be given by '''Frank Cornelis''', Developer @ Fedict, who is responsible for the new eID applet and '''Erwin Geirnaert''', co-founder & white-hat hacker @ ZION SECURITY, who has reviewed unsecure implementations of eID authentication<br />
*20h00 - 20h15: '''Break'''<br> <br />
*20h15 - 21h15: '''Analyzing the Accuracy Of Web Application Scanners''' (by Larry Suto)<br><br />
:''Presentation + discussion:'' Analyzing the Accuracy Of Web Application Scanners<br />
:This talk summarizes my recent [http://ha.ckers.org/blog/20100203/accuracy-and-time-costs-of-web-application-security-scanner-report/ study] related to benchmarking a set of web application scanners against target test sites constructed by the scanner vendors themselves. I will review the methodology and some of the challenges that were faced as the tests were conducted. I have received some interesting feedback from the vendors and the security community. This new information will be integrated into the presentation. The controversial nature of "Point and Shoot" and "Trained" scanning will be addressed and scanning issues related to cloud computing/SaaS will be covered. The presentation will cover some thoughts on open source scanners such as Skipfish and W3AF. Finally I will go into the ideas for another round of testing and the possibility of soliciting target apps from the community.<br />
:'''Larry Suto''' is an application security consultant based in the San Francisco Bay Area. He is focused on software security analysis and the testing the effectiveness of software security tools.<br />
<br />
<br />
== Previous Meeting (Feb-1-2010) in Brussels ==<br />
<br />
=== WHEN ===<br />
<br />
Monday, February 1th, 2010 (18h00pm-21h00pm), together with [http://www.issa-be.org ISSA Belgium]. <br />
<br />
=== WHERE ===<br />
<br />
Location sponsored by [http://www.ey.com/be Ernst&amp;Young]'s Information Security Team. <br> address: De Kleetlaan 2, 1831 Diegem ([http://www.ey.com/Global/assets.nsf/Belgium_E/Office_Map_Brussels/$file/EY_Brussels_Office.pdf Route] + [http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=De+Kleetlaan+2,+1831+Diegem&sll=37.0625,-95.677068&sspn=49.176833,89.648437&ie=UTF8&z=16&iwloc=cent Google Maps]) <br />
<br />
=== PROGRAM ===<br />
<br />
The agenda: <br />
<br />
*18h00 - 18h30: Welcome &amp; Refreshments<br> <br />
*18h30 - 18h45: '''[http://www.owasp.org/images/d/d9/Owasp_update_2010-02-01_v2.ppt OWASP Update]''' (by Sebastien Deleersnyder, Zenitel, OWASP Board)<br> <br />
*18h45 - 19h00: '''[http://www.owasp.org/images/2/22/ISSA_Presentation_Bart_20100201.pdf ISSA Update]''' (by Bart Moerman, ISSA)<br> <br />
*19h00 - 20h00: '''[http://www.owasp.org/images/6/6c/GreenSQL_-_an_Open_Source_database_firewall_-_Yuli_Stremovsky.ppt GreenSQL: an Open Source database firewall]''' (by Yuli Stremovsky, VP of Research and Development at GreenSQL)<br><br />
<br />
:''Presentation + discussion:'' [http://www.greensql.net/ GreenSQL], an open source database security solution, is available for three years. With the release of version 1.2 GreenSQL started providing support to PostgreSQL besides MySQL. GreenSQL provides a reverse proxy solution to SQL statements and during the reverse proxy process provides several security mechanisms. The lecture will focus on the latest version of GreenSQL and the solution for SQL injection and other attacks. <br />
:'''Yuli Stremovsky''' is a database security expert. He is responsible for design, development of novel database protection solution - GreenSQL. He is an experienced security consultant that worked for a number of leading financial institutions, telecom and health service companies. In the past, he was also involved in software development in a number of start-up companies including development of the security products.<br />
<br />
*20h00 - 20h15: '''Break'''<br> <br />
*20h15 - 21h15: '''[http://www.owasp.org/images/7/77/BE09_MOBILE_MALWARE_NOW_AND_IN_THE_FUTURE_by_Mikko_Hypponen.pdf MOBILE MALWARE NOW AND IN THE FUTURE]''' (by Mikko Hypponen, Chief Research Officer at F-Secure Corp)<br><br />
<br />
:''Presentation + discussion:'' <br />
:*Mobile Platforms <br />
:*Situation 2005-2009 <br />
:*Current threats <br />
:*Case: The Ikee / Duh botnet on jailbroken iPhones <br />
:*Case: Android banking trojans <br />
:*Future scenarios <br />
:*How to fight content security problems in mobile world? <br />
:'''[http://mikko.hypponen.com/ Mikko Hypponen]''' is the Chief Research Officer for F-Secure. He has worked with F-Secure since 1991 and has led his team through the biggest malware outbreaks in history. Mr. Hypponen has assisted law enforcment in USA, Europe and Asia on cybercrime cases. He has written for magazines such as Scientific American, Foreign Policy and Virus Bulletin.<br />
<br />
=== REGISTRATION ===<br />
<br />
There are only 100 seats available (first register, first serve)! Please '''send a mail''' to Belgium 'at' owasp.org if you plan to attend.</div>Sdeleersnyder