This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec DC 2012/Schedule/4-5-2012"

From OWASP
Jump to: navigation, search
Line 60: Line 60:
 
|  align=center width=200 valign=middle height=60 bgcolor=#a0c0e0 align=center | [https://www.owasp.org/index.php/OWASP_AppSec_DC_2012/WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment]<br><br>
 
|  align=center width=200 valign=middle height=60 bgcolor=#a0c0e0 align=center | [https://www.owasp.org/index.php/OWASP_AppSec_DC_2012/WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment]<br><br>
 
Kevin Johnson and Tony Delagrange
 
Kevin Johnson and Tony Delagrange
|  align=center width=200 valign=middle height=60 bgcolor=#b3ff99 align=center | [https://www.owasp.org/index.php/OWASP_AppSec_DC_2012/Baking_Security_In__How_to_Get_Every_IT_Architect_toBecome_a_Security_Ambassador Baking Security In - How to Get Every IT Architect to Become a Security Ambassador]<br><br>
+
|  align=center width=200 valign=middle height=60 bgcolor=#b3ff99 align=center | TBA
Michele Guel
 
 
|-  
 
|-  
 
|  width=72 valign=middle bgcolor=#7b8abd | 2:20 PM - 2:30 PM
 
|  width=72 valign=middle bgcolor=#7b8abd | 2:20 PM - 2:30 PM

Revision as of 16:27, 29 March 2012

Plenary Day 2 - 4/5/2012
Critical Infrastructure
Room 201
Defend!
Room 202A
On the Go
Room 202B
SDLC
Room 206
7:30 AM - 9:00 AM Registration
9:00 AM - 9:50 AM Pentesting Smart Grid Web Apps

Justin Searle

Friends don't let friends store passwords in source code

Neil Matatall

Smart Bombs: Mobile Vulnerability and Exploitation

Kevin Johnson, John Sawyer and Tom Eston

Overcoming the Quality vs. Quantity Problem in Software Security Testing

Rafal Los

Web Application Defense with Bayesian Attack Analysis

Ryan Barnett

9:50 AM - 10:00 AM Coffee Break
10:00 AM - 10:50 AM Vulnerabilities in Industrial Control Systems

ICS-CERT

Access Control

Jim Manico

Software Security Goes Mobile

Jacob West

Baking In Security, Sweet, Secure, Cupcakes

Ken Johnson and Matt Ahrens

10:50 AM - 11:00 AM Coffee Break
11:00 AM - 11:50 AM AMI Security

John Sawyer and Don Weber

SharePoint Security 101

Rob Rachwald

Behind Enemy Lines - Practical& Triage Approaches to Mobile Security Abroad - 2012 Edition

Justin Morehouse

Understanding IAST - More Context, Better Analysis

Jeff Williams

11:50 AM - 1:30 PM No-Host Lunch
1:30 PM - 2:20 PM Project Basecamp: News from Camp 4

Reid Wightman

Enterprise Security API (ESAPI) for C Plus Plus

Dan Amodio

Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment

Kevin Johnson and Tony Delagrange

TBA
2:20 PM - 2:30 PM Coffee Break
2:30 PM - 3:20 PM Real world backdoors on industrial devices

Ruben Santamarta

Dynamic DAST/WAF Integration

Ryan Barnett

An In-Depth Introduction to the Android Permissions Model, and How to Secure Multi-Component Applications

Jeff Six

Teaching an Old Dog New Tricks: Securing Development with PMD

Joe Hemler

3:20 PM - 3:30 PM Coffee Break
3:30 PM - 4:20 PM Denial of Surface.

Eireann Leverett

Cloud-based dWAF: A Real World Deployment Case Study

Alexander Meisel

Android in the Healthcare Workplace A Case Study

Thomas Richards
What can an Acquirer do to prevent developers from make dangerous software errors?

Michele Moss and Don Davidson

4:20 PM - 4:30 PM Coffee Break
4:30 PM - 5:20 PM Securing Critical Infrastructure

Francis Cianfrocca

Using PHPIDS to Understand Attacks Trends

Salvador Grec

Mobile Application Security - Who, how and why

Mike Park and Charles Henderson

Private information Protection in Cloud Computing _ Laws, Compliance and Cloud Security Misconceptions

Mikhail Utin and Daniil Utin

5:20 PM Closing Remarks
Room 202A