This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Schedule/4-4-2012

Revision as of 01:46, 27 March 2012 by Dallendoug (talk | contribs) (updated schedule w/ room numbers)

Jump to: navigation, search
Plenary Day 1 - 4/4/2012
Offense & Tools
Room 201
Case Studies
Room 202A
Room 202B
Room 206
7:30 AM - 8:50 AM Registration
8:50 AM - 9:00 AM Welcome and Opening Remarks
Room 202A
9:00 AM - 10:00 AM Keynote: Dan Geer
Room 202A
10:00 AM - 10:45 AM OWASP Board
Room 202A
10:45 AM - 11:00 AM Coffee Break
11:00 AM - 11:50 AM DOMJacking - Attack, Exploit and Defense

Shreeraj Shah

The Unfortunate Reality of Insecure Libraries

Jeff Williams and Arshan Dabirsiaghi

Python Basics for Web App Pentesters - Part 2

Justin Searle

Integrating Application Security into your Lifecycle and Procurement

Jim Manico

11:50 AM - 12:00 PM Coffee Break
12:00 PM - 12:50 PM Attacking CAPTCHAs for Fun and Profit

Gursev Singh Kalra

Case Study: How New Software Assurance Policy Reduces Risk and Costs

Rob Roy

Security is Dead. Long Live Rugged DevOps: IT at Ludicrous Speed

Joshua Corman

12:50 PM - 2:00 PM No-Host Lunch
2:00 PM - 2:50 PM Hacking .NET(C#) Applications: The Black Arts

Jon McCoy

Security at scale: Web application security in a continuous deployment environment

Zane Lackey

The "Easy" Button for Your Web Application Security Career

Salvador Grec

Risk Analysis and Measurement with CWRAF

Joe Jarzombek, Bob Martin, Walter Houser and Tom Brennan

2:50 PM - 3:00 PM Coffee Break
3:00 PM - 3:50 PM OWASP Broken Web Applications (OWASP BWA) 1.0 Release

Chuck Willis

Security Is Like An Onion, That's Why It Makes You Cry

Michele Chubirka

Anatomy of a Logic Flaw

Charles Henderson and David Byrne

3:50 PM - 4:00 PM Coffee Break
4:00 PM - 4:50 PM New and Improved Hacking Oracle from Web

Sumit Siddharth

State of Web Security

Robert Rowley

Old Webshells, New Tricks -- How Persistent Threats have revived an old idea, and how you can detect them.

Ryan Kazanciyan

Fed Panel


4:50 PM - 5:00 PM Coffee Break
5:00 PM - 5:50 PM Unraveling some of the Mysteries around DOM-based XSS

Dave Wichers

2012 Global Security Report

Tom Brennan and Nick Percoco

Survivable Software for Cyber-Physical Systems

Karen Mercedes Goertzel

6:00 PM Networking Opportunity sponsored by: SPL-LOGO-MED.png