This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec Asia 2007"

From OWASP
Jump to: navigation, search
(OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007))
 
(97 intermediate revisions by 4 users not shown)
Line 1: Line 1:
== 第一屆OWASP亞洲年會 (OWASP Asia 2007) (完全免費)==
+
[[Image:MG_0476.jpg|733px]]
'''First OWASP Asia Conference 2007'''
 
  
[[Image:owasp_appsec_asia_2007.jpg|800px]]
+
== OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)==
  
OWASP破天荒將於台灣召開第一屆亞洲年會,將邀請國內外重量級專家齊聚一堂與會員分享與交流最新資安趨勢與實務案例。
+
[[Image:owasp_appsec_asia_2007.jpg|733px]]
  
「Web 2.0時代之Security 3.0 — 從實務經驗看Web資安防護之挑戰
+
= OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007) =
 +
{| style="width:80%" border="0" align="center"
 +
! colspan="4" align="center" style="background:#4F81BD; color:white" |
  
* 2007年5月11日,Google開始監控遭駭網站,並貼上危險網站之標籤,政府及企業該如何應對?
+
|-
* 2007年5月15日,OWASP公佈2007年最新的十大Web弱點,跨站腳本攻擊(XSS)登上榜首,對台灣及全球的含意為何?
+
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
* 2007年6月6日,IBM購併Watchfire,HP隨即於6月19日購併SPI Dynamics?為何在短短一個月內,重量級資訊巨人跨足資安產業?而僅存的Cenzic以滲透測試技術於6月18日甫獲美國專利,又將對產業有何影響?
+
| style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''
* Web 2.0面臨哪些新的資安威脅?其因應之道是什麼? 什麼是Security 3.0?又有哪些成功的實務案例?
+
<hr>
+
|-
第一屆OWASP亞洲年會暨會員大會<s>將於2007年7月20日(週五)下午1點至5點舉行,會議地點定於國立臺灣科技大學公館校區-國際廳</s>'''由於報名人數眾多,原場地座位不敷大會使用,並配合部分國外講者時間異動,大會決定將延期至9月27日(週四)下午1點於台大醫院國際會議中心201室(台北市中正區徐州路二號)延期至9月27日(週四)下午1點於台大醫院國際會議中心201室(台北市中正區徐州路二號)''',將由國內外知名專家一同與您探討,目前規劃演講者包含任職於國內外產、官、學的資安專家,詳細內容如下。
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 hrs - 13:40 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Keynote <BR>Opening Keynote]<BR><br>'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang Wayne Huang<br>Chair, OWASP Taiwan Chapter]<br>'''
 +
|-
  
'''OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次。'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:40 hrs - 13:50 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark]<BR><br>'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Dr._Ching-Chi_Hsu Dr. Ching-Chi Hsu <br>Vice President, III Taiwan]<br>'''
 +
|-
  
'''然由於場地限制,席次僅提供前300名來信報名者,還請包涵。'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:50 hrs - 14:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark II]<BR><br>'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#David_Chang David Chang<br>Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan]<br><br>'''
 +
|-
  
'''請各位欲參加之會員朋友,務必儘速來信報名參加。報名方式請見頁尾。'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''Talk Session I''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Changing Faces in Web Attacks'''
 +
|-
  
 +
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:00 hrs - 14:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman The Next Challenge to Web Security: Business Logic Flaws]<br>'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman_.28Founder_and_CTO.2C_WhiteHat_Security.29_.282:00pm-2:30pm.29  Jeremiah Grossman <br>Founder and CTO, WhiteHat Security]<br><BR>'''
 +
|-
  
 +
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:30 hrs - 15:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Daniel_Hsu_.28Manager_Security_Service_-_North_East_Asia.2C_Global_Security.2C_American_Express.29_.282:30pm-3:00pm.29 From a user perspective, what are CSOs' real concerns?]'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Daniel_Hsu_.28Manager_Security_Service_-_North_East_Asia.2C_Global_Security.2C_American_Express.29_.282:30pm-3:00pm.29 Daniel Hsu <br>Manager Security Service - North East Asia, Global Security, American Express]<br><BR>'''
 +
|-
  
===OWASP台灣分會會長致詞===
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''15:00 hrs - 15:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jack_Yu_.28Editor-In-Chief.2C_InfoSecurity_Magazine_Taiwan.29_.283:00pm-3:30pm.29 Live in Battle: The NetArmy and Cross-Straight Digital Warfare]'''
====黃耀文(Wayne Huang) ([http://www.armorize.com/?utm_source=HIT&utm_medium=web 阿碼科技]創辦人兼執行長)====
+
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jack_Yu_.28Editor-In-Chief.2C_InfoSecurity_Magazine_Taiwan.29_.283:00pm-3:30pm.29 Jack Yu <br>Editor-In-Chief, InfoSecurity Magazine Taiwan]<br><BR>'''
[[Image:owasp_taiwan_wayne.jpg|100px]]
+
|-
  
'''簡介''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
 
<hr>
 
  
===第一場時段講者(1:00pm-3:30pm)===
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''Talk Session II''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Current Best Practices and Solutions'''
====Jeremiah Grossman (WhiteHat Security創辦人兼技術長、InfoWorld 2007年最傑出25位技術長)====
+
|-
  
'''英文題目''': '''''The Next Challenge to Web Security: Business Logic Flaws'''''
 
  
'''中文題目''': '''''未來Web資安之大挑戰:邏輯漏洞 (此演講於本會議做第一次公開!) '''''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:00 hrs - 16:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Mike_Shema_.28Lead_Security_Researcher.2C_Qualys.29_.284:00pm-4:30pm.29 Automated Tools: Are They Any Good for Enterprises?]'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Mike_Shema_.28Lead_Security_Researcher.2C_Qualys.29_.284:00pm-4:30pm.29 Mike Shema <br>Lead Security Researcher, Qualys]<BR><BR>'''
 +
|-
  
'''國際演說''':BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA
 
  
'''暢銷書籍''':XSS Attacks
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''16:30 hrs - 17:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang.2C_.28Founder_and_CEO.2C_Armorize_Technologies.29.284:30pm-5:00pm.29 Secure Web Developing using Static Analysis]'''
 +
| style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang.2C_.28Founder_and_CEO.2C_Armorize_Technologies.29.284:30pm-5:00pm.29 Wayne Huang,<br>Founder and CEO, Armorize Technologies]<BR><BR>'''
 +
|-
  
'''講者簡介''': N/A
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''17:00 hrs - 17:30 hrs''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Round Table Panel Discussion'''
<hr>
+
|-
  
====Daniel Hsu, 徐子文 (美國運通全球安全部東北亞區安全經理、美國產業安全學會ASIS International台灣分會會長、亞洲危機暨安全合作組織執行委員會委員)====
 
  
'''英文題目''': '''''From a user perspective, what are CSOs' real concerns?'''''
+
|}
 +
===Opening Keynote===
  
'''中文題目''': '''''從使用者的角度出發,企業的安全長要的是什麼?'''''
+
----
  
'''國際演說''': 亞洲安全週、國際安全科技博覽會(SecuTech Expo)
+
----
  
'''暢銷書籍''': 企業安全管理完全手冊
+
====Wayne Huang====
 +
'''Chair, OWASP Taiwan Chapter'''
  
'''講者簡介''': N/A
+
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
<hr>
 
  
====Jack Yu, 余俊賢 (資安人雜誌主編)====
 
  
'''英文題目''': '''''Live in Battle:  The NetArmy and Cross-Straight Digital Warfare'''''
+
----
  
'''中文題目''': '''''決戰實況: 中國網軍與海峽兩岸資訊戰'''''
+
===Opening Remark===
  
'''講者簡介''': N/A
+
----
<hr>
 
  
===第二場時段講者(3:30pm-5:00pm)===
+
----
==== Mike Shema (Qualys首席資安研究員)====
 
[[Image:owasp_taiwan_mike.jpg|100px]]
 
  
此場為英文演說,大會沒有提供同步口譯,還請見諒
+
====Dr. Ching-Chi Hsu====
 +
'''Vice President, [http://www.iii.org/ Insurance Information Institute], Taiwan'''
  
'''英文題目''': '''''Automated Tools: Are They Any Good for Enterprises?'''''
+
Dr. Hsu was a professor of the [http://www.csie.ntu.edu.tw/ Department of Information Engineering] of [http://www.ntu.edu.tw National Taiwan University] for several years and became the Chairman of the Department in 2000.  After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of [http://www.knu.edu.tw/ Kai Nan University].  Nowadays, Dr. Hsu is the Executive Vice President of the [http://www.iii.org/ Institute for Information Industry], which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.
  
'''中文題目''': '''''Web資安--企業如何有效利用自動工具?"'''''
 
  
'''國際演說''':BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe
+
====David Chang====
 +
'''Secretary General, [http://www.cisanet.org.tw/ Information Service Industry Association of R.O.C (CISA)] Taiwan'''
  
'''暢銷書籍''':九本資安暢銷書籍之作者包括
 
  
[[Image:owasp_taiwan_mike1.jpg|100px]][[Image:owasp_taiwan_mike2.jpg|100px]][[Image:owasp_taiwan_mike3.jpg|100px]][[Image:owasp_taiwan_mike4.jpg|100px]][[Image:owasp_taiwan_mike5.jpg|100px]][[Image:owasp_taiwan_mike6.jpg|100px]][[Image:owasp_taiwan_mike7.png|100px]][[Image:owasp_taiwan_mike8.jpg|100px]][[Image:owasp_taiwan_mike9.jpg|100px]]
+
----
  
'''講者簡介''': Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
+
===Talk Session I: Changing Faces in Web Attacks===
<hr>
 
  
====Wayne Huang, 黃耀文 (OWASP台灣分會會長、[http://www.armorize.com/?utm_source=HIT&utm_medium=web 阿碼科技]創辦人兼執行長)====
+
----
[[Image:owasp_taiwan_wayne.jpg|100px]]
 
  
'''英文題目''': '''''Secure Web Developing using Static Analysis'''''
+
----
  
'''中文題目''': '''''利用靜態檢測做好安全Web應用程式開發'''''
+
====Jeremiah Grossman====
 +
'''Founder and CTO, WhiteHat Security '''
  
'''國際演說''': RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan
+
'''Talk Title''': '''''The Next Challenge to Web Security: Business Logic Flaws'''''
  
'''暢銷書籍''': Security in the 21st Century, 多篇頂尖IEEE/ACM國際論文
+
'''Previous Talks''':BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA
  
[[Image:owasp_taiwan_wayne1.jpg|100px]]
+
'''Publications''':XSS Attacks
  
'''簡介''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
 
<hr>
 
  
'''以上內容可能改變,請至OWASP台灣分會網頁獲得最新之詳盡會議資訊'''
+
====Daniel Hsu====
 +
'''Manager Security Service - North East Asia, Global Security, American Express'''
  
'''OWASP為國際非營利組織,參加此次活動係完全免費,會場寬敞明亮,備有舒適席次(200名)。'''
+
'''Talk Title''': '''''From a user perspective, what are CSOs' real concerns?'''''
  
'''然由於場地大小限制,席次僅提供來信報名者,同時請報名者於活動當天提早前往入席,還請包涵。'''
+
'''Previous Talks''': Asia Security Weeks, SecuTech Expo
  
'''請各位欲參加之會員朋友,務必儘速來信報名參加。'''
+
Daniel Hsu have been in corporate security professional field for over a decade.  After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's ''Information Security Management'' magazine, and is the editor of the Chinese version ''Introduction to Security Management'' book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.
  
===來信報名===
 
請email至[mailto:[email protected]?subject=OWASP_Taiwan_Registration [email protected]],並註明下列資訊。
 
#中文姓名:
 
#英文姓名:
 
#單位:
 
#職稱:
 
#電子郵件:
 
#聯絡電話:
 
#免費加入OWASP台灣分會:(空白為願意加入,若不欲加入請填否)
 
  
'''鑑於報名人數踴躍,提醒各位務必準時報到以提早入席,目前大會仍並不強制安排座位,從12:30pm開始接受報到。'''
+
====Jack Yu====
 +
'''Editor-In-Chief, InfoSecurity Magazine Taiwan'''
  
===會場位置===
+
'''Talk Title''': '''''Live in Battle:  The NetArmy and Cross-Straight Digital Warfare'''''
台大醫院國際會議中心201廳
+
 
 +
 
 +
----
 +
===Talk Session II:  Current Best Practices and Solutions===
 +
 
 +
----
 +
 
 +
----
 +
 
 +
==== Mike Shema====
 +
'''Lead Security Researcher, Qualys
 +
'''
 +
 
 +
'''Talk Title''': '''''Automated Tools: Are They Any Good for Enterprises?'''''
 +
 
 +
'''Previous Talks''':BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe
 +
 
 +
'''Publications''':Author of 9 best-selling books
 +
 
 +
Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
 +
 
 +
 
 +
====Wayne Huang====
 +
'''Founder and CEO, [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies Inc.]'''
 +
 
 +
'''Talk Title''': '''''Secure Web Developing using Static Analysis'''''
 +
 
 +
'''Previous Talks''': RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan
 +
 
 +
'''Publications''': Security in the 21st Century, Several IEEE/ACM papers
 +
 
 +
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
 +
 
 +
 
 +
----
 +
 
 +
===Round Table Panel Discussion (5:00pm-5:30pm)===
 +
 
 +
----
 +
 
 +
----
 +
 
 +
=Registration=
 +
 
 +
This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon.
 +
 
 +
=Venue=
 +
[http://www.thcc.net.tw/ NTUH International Convention Center], Taipei, Taiwan
 +
 
 +
=Sponsors=
 +
 
 +
[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/f/f0/OWASP_Taiwan.png]
 +
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
 +
[http://web.cisanet.org.tw/ https://www.owasp.org/images/6/64/CISA.png]
 +
[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/2/2b/Infosec2.png]

Latest revision as of 11:12, 30 September 2008

MG 0476.jpg

OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)

Owasp appsec asia 2007.jpg

OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007)

TIME SESSION SPEAKER
13:30 hrs - 13:40 hrs
Opening Keynote


Wayne Huang
Chair, OWASP Taiwan Chapter

13:40 hrs - 13:50 hrs
Opening Remark


Dr. Ching-Chi Hsu
Vice President, III Taiwan

13:50 hrs - 14:00 hrs
Opening Remark II


David Chang
Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan


Talk Session I Changing Faces in Web Attacks
14:00 hrs - 14:30 hrs The Next Challenge to Web Security: Business Logic Flaws

Jeremiah Grossman
Founder and CTO, WhiteHat Security


14:30 hrs - 15:00 hrs From a user perspective, what are CSOs' real concerns?
Daniel Hsu
Manager Security Service - North East Asia, Global Security, American Express


15:00 hrs - 15:30 hrs Live in Battle: The NetArmy and Cross-Straight Digital Warfare
Jack Yu
Editor-In-Chief, InfoSecurity Magazine Taiwan


Talk Session II Current Best Practices and Solutions
16:00 hrs - 16:30 hrs Automated Tools: Are They Any Good for Enterprises?
Mike Shema
Lead Security Researcher, Qualys


16:30 hrs - 17:00 hrs Secure Web Developing using Static Analysis
Wayne Huang,
Founder and CEO, Armorize Technologies


17:00 hrs - 17:30 hrs Round Table Panel Discussion

Opening Keynote



Wayne Huang

Chair, OWASP Taiwan Chapter

Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.



Opening Remark



Dr. Ching-Chi Hsu

Vice President, Insurance Information Institute, Taiwan

Dr. Hsu was a professor of the Department of Information Engineering of National Taiwan University for several years and became the Chairman of the Department in 2000. After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of Kai Nan University. Nowadays, Dr. Hsu is the Executive Vice President of the Institute for Information Industry, which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.


David Chang

Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan



Talk Session I: Changing Faces in Web Attacks



Jeremiah Grossman

Founder and CTO, WhiteHat Security

Talk Title: The Next Challenge to Web Security: Business Logic Flaws

Previous Talks:BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA

Publications:XSS Attacks


Daniel Hsu

Manager Security Service - North East Asia, Global Security, American Express

Talk Title: From a user perspective, what are CSOs' real concerns?

Previous Talks: Asia Security Weeks, SecuTech Expo

Daniel Hsu have been in corporate security professional field for over a decade. After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's Information Security Management magazine, and is the editor of the Chinese version Introduction to Security Management book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.


Jack Yu

Editor-In-Chief, InfoSecurity Magazine Taiwan

Talk Title: Live in Battle: The NetArmy and Cross-Straight Digital Warfare



Talk Session II: Current Best Practices and Solutions



Mike Shema

Lead Security Researcher, Qualys

Talk Title: Automated Tools: Are They Any Good for Enterprises?

Previous Talks:BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe

Publications:Author of 9 best-selling books

Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.


Wayne Huang

Founder and CEO, Armorize Technologies Inc.

Talk Title: Secure Web Developing using Static Analysis

Previous Talks: RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan

Publications: Security in the 21st Century, Several IEEE/ACM papers

Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.



Round Table Panel Discussion (5:00pm-5:30pm)



Registration

This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon.

Venue

NTUH International Convention Center, Taipei, Taiwan

Sponsors

OWASP_Taiwan.png III.png CISA.png Infosec2.png