This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec Asia 2008 - Taiwan

Revision as of 02:15, 17 October 2008 by Wayne huang (talk | contribs)

Jump to: navigation, search

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please email us.

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.


OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th)

(2008/10/27) - Day 1

08:30 - 09:30 Door opens for registration
09:30- 09:40 Opening welcome and an introduction to this year’s program

Wayne Huang, Conference Chair
09:40-09:50 Welcome by Institute for Information Industry

09:50-10:00 Welcome by Information Security Consortium, Information Service Industry Association

10:00-11:00 What's Next? Strategies for Web Application Security

YM Chen, Director, Foundstone, A Division of McAfee

11:10-12:00 Web-based Malware obfuscation: the kung-fu and the detection
Wayne Huang, OWASP Taiwan Chapter

12:00 - 13:00 Lunch
13:00 - 13:40 Why Webmail systems are hard to secure--using real case studies

Charmi Lin, Taiwan Information & Communication Security Technology Center
13:50 - 14:40 Web Application Proactive and Passive Defense Best Practices

Frank Fan, OWASP China
14:40 - 15:00 Coffee Break
15:00 - 15:40 How bad can Web vulnerabilities be—case study on a 50 million personal records breach

PK (Taiwan Criminal Investigation Bureau)
15:50 - 16:40 Tiny coding errors, big losses: real stories of website 0wnage

Fyodor Yarochkin (Guard-Info)
16:50 - 17:40 Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example

Tim Bass, OWASP Thailand
17:40 - 18:40 Asia Chapter Leader’s Meeting

China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapter Leaders

(2008/10/28) - Day 2

09:00- 10:30 New 0-Day Browser Exploits: Clickjacking - yea, this is bad...

Robert "RSnake" Hansen (SecTheory)
10:40- 11:30 Web 2.0, Consumerization, and Application Security

Chenxi Wang, Ph.D. (Forrester Research)
11:40- 12:30 Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks

Dhruv Soi (OWASP Delhi Chapter Leader), Pukhraj Singh (OWASP Delhi Chapter)
12:30 - 13:30 Lunch
13:30 - 14:20 Good Business Penetration Testing

KK Mookhey (OWASP Mumbai)
14:30 - 15:20 Best Practices Guide: Web Application Firewalls

Alexander Meisel (OWASP Germany)
15:20 - 15:40 Coffee Break
15:40 - 16:30 The HTTP Botnet Research: Focusing on HTTP based DDoS Botnets

Steven Adair (ShadowServer Foundation)
16:40 - 17:30 Panel: Manual auditing or automated tools? Blackbox, whitebox, or WAF?

Alex, Chenxi, Dhruv, Frank Fan, Fyodor, KK, Robert, Tim Bass, Wayne, YM

Conference Fees & Registration

Conference Fees

The fee for the two days conference is USD 35, which includes:

  • Two lunches
  • Coffee breaks
  • Conference T-Shirt


Registration is now open!! Please contact us for the registration.

Conference T-Shirt

OWAS AppSec Asia Tshirt.png

Conference Location

NTUH International Convention Center

Address: No. 2, Xuzhou Road, Zhongzheng District 101, Taipei City


Map and transport Information

Welcome to Taiwan

And WELCOME TO TAIWAN! Please check out this video about interesting places in Taiwan. If you need suggestions on how to plan out your trip, please feel free to contact us!