This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP AppSec DC 2012/Schedule/4-5-2012

From OWASP
Revision as of 19:10, 13 March 2012 by Mark.bristow (talk | contribs)

Jump to: navigation, search
Plenary Day 2 - 4/5/2012
Critical Infrastructure Defend! On the Go SDLC
7:30 AM - 9:00 AM Registration
9:00 AM - 9:50 AM Pentesting Smart Grid Web Apps

Justin Searle

Friends don't let friends store passwords in source code

Neil Matatall

Smart Bombs: Mobile Vulnerability and Exploitation

Kevin Johnson, John Sawyer and Tom Eston

Overcoming the Quality vs. Quantity Problem in Software Security Testing

Rafal Los

Web Application Defense with Bayesian Attack Analysis

Ryan Barnett

9:50 AM - 10:00 AM Coffee Breakß
10:00 AM - 10:50 AM Vulnerabilities in Industrial Control Systems

ICS-CERT

Access Control

Jim Manico

Software Security Goes Mobile

Jacob West

Baking In Security, Sweet, Secure, Cupcakes

Ken Johnson and Matt Ahrens

10:50 AM - 11:00 AM Coffee Break
11:00 AM - 11:50 AM AMI Security

John Sawyer and Don Weber

SharePoint Security 101

Rob Rachwald, Amichai Shulman and Noa Bar-Yosef

Behind Enemy Lines - Practical& Triage Approaches to Mobile Security Abroad - 2012 Edition

Justin Morehouse

Understanding IAST - More Context, Better Analysis

Jeff Williams

11:50 AM - 1:00 PM Lunch
1:00 PM - 1:50 PM Project Basecamp: News from Camp 4

Reid Wightman

Enterprise Security API (ESAPI) for C Plus Plus

Dan Amodio

Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment

Kevin Johnson and Tony Delagrange

Baking Security In - How to Get Every IT Architect to Become a Security Ambassador

Michele Guel

1:50 PM - 2:00 PM Coffee Break
2:00 PM - 2:50 PM Real world backdoors on industrial devices

Ruben Santamarta

Dynamic DAST/WAF Integration

Ryan Barnett

An In-Depth Introduction to the Android Permissions Model, and How to Secure Multi-Component Applications

Jeff Six

Teaching an Old Dog New Tricks: Securing Development with PMD

Joe Hemler

2:50 PM - 3:00 PM Coffee Break
3:00 PM - 3:50 PM Denial of Surface.

Eireann Leverett

Cloud-based dWAF: A Real World Deployment Case Study

Alexander Meisel

TBA What can an Acquirer do to prevent developers from make dangerous software errors?

Michele Moss and Don Davidson

3:50 PM - 4:00 PM Coffee Break
4:00 PM - 4:50 PM Securing Critical Infrastructure

Francis Cianfrocca and Bob Lam

Using PHPIDS to Understand Attacks Trends

Salvador Grec

Mobile Application Security - Who, how and why

Mike Park and Charles Henderson

Private information Protection in Cloud Computing _ Laws, Compliance and Cloud Security Misconceptions

Mikhail Utin and Daniil Utin

5:00 PM Closing Remarks