This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Italy OWASP Day 2"

From OWASP
Jump to: navigation, search
Line 73: Line 73:
 
</tr>
 
</tr>
 
<tr>
 
<tr>
<td valign=top>14.30h</td><td bgcolor="#b9c2dc"><b>"How to start a software security initiative within your organization: a maturity based and metrics driven approach."</b><br>Marco Morana - CISO Citigroup<br>Abstract.</td>
+
<td valign=top>14.30h</td><td bgcolor="#b9c2dc"><b>"How to start a software security initiative within your organization: a maturity based and metrics driven approach."</b><br>Marco Morana - CISO Citigroup</td>
 
</tr>  
 
</tr>  
 
<tr>
 
<tr>
Line 85: Line 85:
 
</tr>
 
</tr>
 
<tr>
 
<tr>
<td valign=top>16.30h</td><td bgcolor="#eeeeee"><b>"Internet Banking e Web Security"</b><br>Giorgio fedon - Minded Security</td>
+
<td valign=top>16.30h</td><td bgcolor="#eeeeee"><b>"Internet Banking e Web Security"</b><br>Giorgio Fedon - Minded Security</td>
 
</tr>
 
</tr>
 
<tr>
 
<tr>

Revision as of 19:00, 10 March 2008

                 OWASP Day 2:  "The State of the Art of the Web Application Security
                             and the OWASP guidelines in the Companies"

Centro Congressi dell'Università di Roma "La Sapienza" - 31st March 2008 - Roma

Master.jpg



OWASP-Day Sponsors

Fortify.JPG 50px-F5_50px.jpg Watchfire.gif STE.jpg Logosmallminded2.png


Introduction

Welcome to the OWASP Day II Italy Conference for 2008. Following on from the great success of OWASP Day I in 2007 the second conference will take place in March 2008.

  • The conference represents a day of Web App Sec debate for all the OWASP chapters in the world during the week from 31st March to 5th April.
  • Thanks to the collaboration with the Master in Information Security of the "La Sapienza" University, next 31st March we will host the Conference: "The State of the Art of the Web Application Security and the OWASP guidelines in the Companies".
  • OWASP Day 2 is an all day Conference.

Topic:

Conference topics will be:

  • The evolution of attacks and countermeasures for the security in the Web Application.
  • Case studies of how the Companies have adopted the OWASP Guidelines in their SDLC.

Organization and goals:

  • The event will show several points of discussion: during the first phase we will talk from a higher level of the topic, and then we will discuss the problem from a technical point of view.
  • As conclusion of the day, we will organize a round table with international guests discussing the more interesting subjects come out during the event.
  • Conference goal is that to create a debate on which will be the evolution of the Web Application Security.


OWASP Day II Italy - Conference Schedule - March 31st 2008

AGENDA (DRAFT):

9:00hRegistration
9.30h"Welcome and open of the works"
Prof. L.Mancini - Director of the Master in Information Security, Università "La Sapienza" Rome.
9.45h"Introduction to the OWASP Day II"
Matteo Meucci - OWASP-Italy Chair, CEO Minded Security
10.00h"L'implementazione dello sviluppo sicuro delle applicazioni secondo Telecom Italia"
Marco Bavazzano - CISO TELECOM Italia
10.30h"SQL Injection tricks: building the bridge between the Web App and the Operating System"
Alberto Revelli - Portcullis
11.00h"Le problematiche di Web Application Security: la visione di ABI"
Matteo Lucchetti, Romano Stasi - ABI
11.30h"OWASP Backend Security Project"
Carlo Pelliccioni - Spike Reply
12.00h"Buffet"
14.00h"Web Services and SOA Security " (ENG)
Laurent Petroque, Alfredo Vistola - F5
14.30h"How to start a software security initiative within your organization: a maturity based and metrics driven approach."
Marco Morana - CISO Citigroup
15.00h"Secure Programming with Static Analysis" (ENG)
Jacob West - Head of Fortify Software's Security Research Group
15.30h"The Owasp Orizon project: internals and hands on"
Paolo Perego - Spike Reply
16.00h"Coffe break"
16.30h"Internet Banking e Web Security"
Giorgio Fedon - Minded Security
17:00hRound table: Quali sono le contromisure che le aziende stanno adottando ai nuovi possibili attacchi? Responsible disclosure: quale è il miglior approccio? Come si può implementare un ciclo di vita del software con processi di sicurezza garantendo un adeguto ROSI? La sensibilizzazione degli utenti: leva fondamentale al fine di implementare controlli di sicurezza?
Panelist: Raoul Chiesa - CTO MediaService, Matteo Flora, Matteo Lucchetti - ABI, Marco Morana - Citigroup, Stefano Di Paola - CTO Minded Security, Keynote: Matteo Meucci

Where

Centro Congressi dell'Università di Roma "La Sapienza". Via Salaria, 113 Roma.

Subscriptions:

To subscribe to the event please send an email with the subject "OWASP Day 2" to the following address: mastersicurezza <at> di.uniroma1.it

Entrance is FREE for all the subscribed persons (300 seats).

Call for Paper (Now closed)

It is possible to send your contribute that will be selected by the OWASP board to participate as speaker to the conference. Please send an email with the following information:

  • First name, Surname
  • Telephone number
  • List of previous articles and speeches
  • Speech title
  • Technical or not
  • Timing (max 30 minutes)
  • Abstract (no more than 1 page)

With the subject: "OWASP Day 2: CFP" to: matteo.meucci <at> gmail.com

Deadline: 29th February 2008 Participation to CFP is free.

Speech topic should be adherent to the argument of the OWASP Day.