This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Italy OWASP Day 2"

From OWASP
Jump to: navigation, search
Line 40: Line 40:
  
 
* Conference goal is that to create a debate on which will be the evolution of the Web Application Security.
 
* Conference goal is that to create a debate on which will be the evolution of the Web Application Security.
 +
 +
[[Image:owaspday2Meucci.pdf]]
 +
[[Image:owaspday2Revelli.pdf]]
 +
[[Image:owaspday2Lucchetti.pdf]]
 +
[[Image:owaspday2Pelliccioni.pdf]]
 +
[[Image:owaspday2Petroque.pdf]]
 +
[[Image:owaspday2Morana.pdf]]
 +
[[Image:owaspday2West.pdf]]
 +
[[Image:owaspday2Perego.pdf]]
 +
[[Image:owaspday2Fedon.pdf]]
  
  

Revision as of 12:34, 4 April 2008

OWASP Day II: "The State of the Art of the Web Application Security and the OWASP guidelines in the Companies"

Centro Congressi dell'Università di Roma "La Sapienza"

31st March 2008 - Roma

Master.jpg



OWASP-Day Sponsors

Fortify.JPG 50px-F5_50px.jpg IBM.png Rational.gif STE.jpg Logosmallminded2.png

Introduction

Welcome to the OWASP Day II Italy Conference for 2008. Following on from the great success of OWASP Day I in 2007 the second conference will take place in March 2008.

  • The conference represents a day of Web App Sec debate for all the OWASP chapters in the world during the week from 31st March to 5th April.
  • Thanks to the collaboration with the Master in Information Security of the "La Sapienza" University, next 31st March we will host the Conference: "The State of the Art of the Web Application Security and the OWASP guidelines in the Companies".
  • OWASP Day 2 is an all day Conference.

Topic:

Conference topics will be:

  • The evolution of attacks and countermeasures for the security in the Web Application.
  • Case studies of how the Companies have adopted the OWASP Guidelines in their SDLC.

Organization and goals:

  • The event will show several points of discussion: during the first phase we will talk from a higher level of the topic, and then we will discuss the problem from a technical point of view.
  • As conclusion of the day, we will organize a round table with international guests discussing the more interesting subjects come out during the event.
  • Conference goal is that to create a debate on which will be the evolution of the Web Application Security.

File:Owaspday2Meucci.pdf File:Owaspday2Revelli.pdf File:Owaspday2Lucchetti.pdf File:Owaspday2Pelliccioni.pdf File:Owaspday2Petroque.pdf File:Owaspday2Morana.pdf File:Owaspday2West.pdf File:Owaspday2Perego.pdf File:Owaspday2Fedon.pdf


OWASP Day II Italy - Conference Schedule - March 31st 2008

AGENDA (DRAFT):

9:00hRegistration
9.30h"Welcome and opening of the works"
Prof. L.Mancini - Director of the Master in Information Security, Università "La Sapienza" Rome.
9.45h"Introduction to the OWASP Day II"
Matteo Meucci - OWASP-Italy Chair, CEO Minded Security
10.00h"L'approccio di Telecom Italia allo sviluppo sicuro delle applicazioni"
Marco Bavazzano - CISO TELECOM Italia
10.30h"SQL Injection tricks: building the bridge between the Web App and the Operating System"
Alberto Revelli - Portcullis Computer Security
11.00h"Le problematiche di Web Application Security: la visione di ABI Lab"
Matteo Lucchetti - ABI Lab
11.30h"OWASP Backend Security Project"
Carlo Pelliccioni - Spike Reply
12.00hBuffet
14.00h"Web Services and SOA Security " (ENG)
Laurent Petroque - F5
14.30h"How to start a software security initiative within your organization: a maturity based and metrics driven approach."
Marco Morana - OWASP USA Chapter Lead, TISO Citigroup
15.00h"Secure Programming with Static Analysis" (ENG)
Jacob West - Head of Fortify Software's Security Research Group
15.30h"The Owasp Orizon project: internals and hands on"
Paolo Perego - Spike Reply
16.00hCoffe break
16.30h"Internet Banking and Web Security"
Giorgio Fedon - Minded Security
17:00hRound table: Quali sono le contromisure che le aziende stanno adottando ai nuovi possibili attacchi? Responsible disclosure: quale è il miglior approccio? Come si può implementare un ciclo di vita del software con processi di sicurezza garantendo un adeguato ROSI? La sensibilizzazione degli utenti: leva fondamentale al fine di implementare controlli di sicurezza?

Panelist: Raoul Chiesa - CTO @ MediaService.net, Matteo Flora - Security Evangelist,Direttore OPSI, Marco Morana - OWASP USA Chapter Lead, TISO Citigroup, Stefano Di Paola - CTO Minded Security, Paolo Cravino - Senior IT Specialist Rational Software IBM Software Group.

Keynote: Matteo Meucci

Where

Centro Congressi dell'Università di Roma "La Sapienza". Via Salaria, 113 Roma.

Subscriptions:

To subscribe to the event please send an email with the subject "OWASP Day 2" to the following address:
mastersicurezza<at>di.uniroma1.it

Entrance is FREE for all the subscribed persons (300 seats).