This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Colorado Planning 2009"

From OWASP
Jump to: navigation, search
(2008 OWASP USA, NYC Conference Schedule – Sept 24th - Sept 25th)
Line 1: Line 1:
 
== Planning Schedule for CO Chapters 2009 ==
 
== Planning Schedule for CO Chapters 2009 ==
<center>
 
  
<h2>[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference/speakeragreement OWASP Speaker Agreement]</h2></center>
+
<h2>[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference/speakeragreement OWASP Speaker Agreement]</h2>
 
{| style="width:80%" border="0" align="center"
 
{| style="width:80%" border="0" align="center"
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | <h2>Day 1 – Sept 24th, 2008 </h2>  
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | <h2>Day 1 – Sept 24th, 2008 </h2>  

Revision as of 22:54, 19 September 2008

Planning Schedule for CO Chapters 2009

OWASP Speaker Agreement

Day 1 – Sept 24th, 2008

Track 1: BALLROOM Track 2: SKYLINE Track 3: TIMESQUARE
07:30-08:50 Doors Open for Attendee/Speaker Registration

avoid lines come early get your caffeine fix and use free wifi

09:00-09:45 OWASP Version 3.0 who we are, how we got here and where we are going?

OWASP Foundation: Jeff Williams, Dinis Cruz, Dave Wichers, Tom Brennan, Sebastien Deleersnyder, Paulo Coimbra, Kate Hartmann, Alison Shrader & all local chapter leaders

10:00-10:45 Analysis of the Web Hacking Incidents Database (WHID)

Ofer Shezaf

Web Application Security Road Map

Joe White

DHS Software Assurance Initiatives

Stan Wisseman & Joe Jarzombek

11:00-11:45 Http Bot Research

Andre M. DiMino - ShadowServer Foundation

OWASP "Google Hacking" Project

Christian Heinrich

MalSpam Research

Garth Bruen

12:00-13:00 Capture the Flag Sign-Up

LUNCH - Provided by event sponsors @ TechExpo

12:00-12:45 Get Rich or Die Trying - Making Money on The Web, The Black Hat Way

Trey Ford, Tom Brennan, Jeremiah Grossman

Framework-level Threat Analysis: Adding Science to the Art of Source-code review

Rohit Sethi & Sahba Kazerooni

Automated Web-based Malware Behavioral Analysis

Tyler Hudak

13:00-13:45 New 0-Day Browser Exploits: Clickjacking - yea, this is bad...

Jeremiah Grossman & Robert "RSnake" Hansen

WAF ModSecurity

Ivan Ristic

Using Layer 8 and OWASP to Secure Web Applications

David Stern & Roman Garber

14:00-14:45 Industry Outlook Panel: Mark Clancy EVP CitiGroup, Jim Routh CISO DTCC, Sunil Seshadri CISO NYSE-Euronet, Warren Axelrod SVP Bank of America, Joe Bernik SVP, RBS,Jennifer Bayuk Infosec Consultant & Philip Venables CISO, Goldman Sachs, Carlos Recalde SVP, Lehman Brothers, Tom King CISO, Barclays Capital,
Mahi Dontamsetti Moderator
Security Assessing Java RMI

Adam Boulton

JBroFuzz 0.1 - 1.1: Building a Java Fuzzer for the Web

Yiannis Pavlosoglou

15:00-15:45 OWASP Testing Guide - Offensive Assessing Financial Applications

Daniel Cuthbert

Flash Parameter Injection (FPI)

Ayal Yogev & Adi Sharabani

w3af - A Framework to own the web

Andres Riancho

16:00-16:45 OWASP Enterprise Security API (ESAPI) Project

Jeff Williams

Cross-Site Scripting Filter Evasion

Alexios Fakos

Case Studies: Exploiting application testing tool deficiencies via "out of band" injection

Vijay Akasapu & Marshall Heilman

17:00-17:45 Threading the Needle:

Bypassing web application/service security controls using Encoding, Transcoding, Filter Evasion, and other Canonicalization Attacks Arian Evans

Mastering PCI Section 6.6

Taylor McKinley and Jacob West

Multidisciplinary Bank Attacks

Gunter Ollmann

18:00-18:45 OWASP Live CD

Joshua Perrymon

Coding Secure w/PHP

Hans Zaunere

Payment Card Data Security and the new Enterprise Java

Dr. B. V. Kumar & Mr. Abhay Bhargav

19:00-20:00 OWASP Chapter Leader / Project Leader working session OWSAP Board/Chapter Leaders (ISC)2 Cocktail Hour all welcome to attend for special announcement
presented by: W. Hord Tipton, Executive Director of (ISC)2
Technology Movie Night Sneakers, WarGames, HackersArePeopleToo, TigerTeam from 19:00 - 23:00
20:00-23:00+ OWASP Event Party/Reception
Event badge required for admission
Food, Drinks w/ New & Old Friends - break out the laptop and play capture the flag for fun and prizes.
Location: HOTEL BALLROOM</b>


Day 2 – Sept 25th, 2008

08:00-10:00 BREAKFAST - Provided by event sponsors @ TechExpo
08:00-08:45 Software Development: The Last Security Frontier

W. Hord Tipton, CISSP-ISSEP, CAP, CISA, CNSS and former Chief Information Officer for the U.S. Department of the Interior Executive Director and member of the Board of Directors, (ISC)²

Best Practices Guide: Web Application Firewalls

Alexander Meisel

The Good The Bad and The Ugly - Pen Testing VS. Source Code Analysis

Thomas Ryan & Steve Antoniewicz

09:00-09:45 OWASP Web Services Top Ten

Gunnar Peterson

Tiger Team - APPSEC Projects

Chris Nickerson

OpenSource Tools Prof. Li-Chiou Chen & Chienitng Lin, Pace Univ
10:00-10:45 Building a tool for Security consultants: A story of a customized source code scanner

Dinis Cruz

"Help Wanted" 7 Things You Need to Know APPSEC/INFOSEC Employment

Lee Kushner

Industry Analyst with Forrester Research

Chenxi Wang

11:00-11:45 CLASP (Comprehensive, Lightweight Application Security Process)

Pravir Chandra

Security in Agile Development

Dave Wichers

Secure Software Impact

Jack Danahy

12:00-12:45 Next Generation Cross Site Scripting Worms

Arshan Dabirsiaghi

Security of Software-as-a-Service (SaaS)

James Landis

Open Reverse Benchmarking Project

Marce Luck & Tom Stracener

12:00-13:00 Capture the Flag Status

LUNCH - Provided @ TechExpo

13:00-13:45 NIST SAMATE Static Analysis Tool Exposition (SATE)

Vadim Okun

Lotus Notes/Domino Web Application Security

Jian Hui Wang

Shootout @ Blackbox Corral

Larry Suto

14:00-14:45 Practical Advanced Threat Modeling

John Steven

The Owasp Orizon Project: towards version 1.0

Paolo Perego

Building Usable Security

Zed Abbadi

15:00-15:45 Off-shoring Application Development? Security is Still Your Problem

Rohyt Belani

OWASP EU Summit Portugal

Dinis Cruz

Code Secrets

Johan Peeters

16:00-16:45 Vulnerabilities in application interpreters and runtimes

Erik Cabetas

Detecting User Disposition - Polar Bears in a Whiteout Robert "RSnake" Hansen Corruption Dave Aitel
17:00-17:45 Event Wrap-Up / Speaker & CTF Awards and Sponsor Raffles
18:30-19:30 OWASP Foundation, Chapter Leader Meeting - to collect ideas to make OWASP better!