This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Schedule/4-5-2012

Revision as of 01:47, 27 March 2012 by Dallendoug (talk | contribs) (updated schedule w/ room numbers)

Jump to: navigation, search
Plenary Day 2 - 4/5/2012
Critical Infrastructure
Room 201
Room 202A
On the Go
Room 202B
Room 206
7:30 AM - 9:00 AM Registration
9:00 AM - 9:50 AM Pentesting Smart Grid Web Apps

Justin Searle

Friends don't let friends store passwords in source code

Neil Matatall

Smart Bombs: Mobile Vulnerability and Exploitation

Kevin Johnson, John Sawyer and Tom Eston

Overcoming the Quality vs. Quantity Problem in Software Security Testing

Rafal Los

Web Application Defense with Bayesian Attack Analysis

Ryan Barnett

9:50 AM - 10:00 AM Coffee Break
10:00 AM - 10:50 AM Vulnerabilities in Industrial Control Systems


Access Control

Jim Manico

Software Security Goes Mobile

Jacob West

Baking In Security, Sweet, Secure, Cupcakes

Ken Johnson and Matt Ahrens

10:50 AM - 11:00 AM Coffee Break
11:00 AM - 11:50 AM AMI Security

John Sawyer and Don Weber

SharePoint Security 101

Rob Rachwald

Behind Enemy Lines - Practical& Triage Approaches to Mobile Security Abroad - 2012 Edition

Justin Morehouse

Understanding IAST - More Context, Better Analysis

Jeff Williams

11:50 AM - 1:00 PM No-Host Lunch
1:00 PM - 1:50 PM Project Basecamp: News from Camp 4

Reid Wightman

Enterprise Security API (ESAPI) for C Plus Plus

Dan Amodio

Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment

Kevin Johnson and Tony Delagrange

Baking Security In - How to Get Every IT Architect to Become a Security Ambassador

Michele Guel

1:50 PM - 2:00 PM Coffee Break
2:00 PM - 2:50 PM Real world backdoors on industrial devices

Ruben Santamarta

Dynamic DAST/WAF Integration

Ryan Barnett

An In-Depth Introduction to the Android Permissions Model, and How to Secure Multi-Component Applications

Jeff Six

Teaching an Old Dog New Tricks: Securing Development with PMD

Joe Hemler

2:50 PM - 3:00 PM Coffee Break
3:00 PM - 3:50 PM Denial of Surface.

Eireann Leverett

Cloud-based dWAF: A Real World Deployment Case Study

Alexander Meisel

Android in the Healthcare Workplace A Case Study

Thomas Richards
What can an Acquirer do to prevent developers from make dangerous software errors?

Michele Moss and Don Davidson

3:50 PM - 4:00 PM Coffee Break
4:00 PM - 4:50 PM Securing Critical Infrastructure

Francis Cianfrocca

Using PHPIDS to Understand Attacks Trends

Salvador Grec

Mobile Application Security - Who, how and why

Mike Park and Charles Henderson

Private information Protection in Cloud Computing _ Laws, Compliance and Cloud Security Misconceptions

Mikhail Utin and Daniil Utin

5:00 PM Closing Remarks
Room 202A