This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Asia 2007

Revision as of 01:24, 30 August 2007 by Bensonwu (talk | contribs) (Mike Shema (Qualys首席資安研究員))

Jump to: navigation, search

第一屆OWASP台灣分會高峰會議 (OWASP-TW 2007) (完全免費)

Security 3.0 in Web 2.0 Age — Practices and Challenges of Web 2.0 Security

Owasp taiwan 2007.jpg


「Web 2.0時代之Security 3.0 — 從實務經驗看Web資安防護之挑戰

  • 2007年5月11日,Google開始監控遭駭網站,並貼上危險網站之標籤,政府及企業該如何應對?
  • 2007年5月15日,OWASP公佈2007年最新的十大Web弱點,跨站腳本攻擊(XSS)登上榜首,對台灣及全球的含意為何?
  • 2007年6月6日,IBM購併Watchfire,HP隨即於6月19日購併SPI Dynamics?為何在短短一個月內,重量級資訊巨人跨足資安產業?而僅存的Cenzic以滲透測試技術於6月18日甫獲美國專利,又將對產業有何影響?
  • Web 2.0面臨哪些新的資安威脅?其因應之道是什麼? 什麼是Security 3.0?又有哪些成功的實務案例?






黃耀文(Wayne Huang) (阿碼科技創辦人兼執行長)

Owasp taiwan wayne.jpg

簡介: Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.


Jeremiah Grossman (WhiteHat Security創辦人兼技術長、InfoWorld 2007年最傑出25位技術長)

英文題目: The Next Challenge to Web Security: Business Logic Flaws

中文題目: 未來Web資安之大挑戰:邏輯漏洞 (此演講於本會議做第一次公開!)

國際演說:BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA

暢銷書籍:XSS Attacks

講者簡介: N/A

Daniel Hsu, 徐子文 (美國運通全球安全部東北亞區安全經理、美國產業安全學會ASIS International台灣分會會長、亞洲危機暨安全合作組織執行委員會委員)

英文題目: From a user perspective, what are CSOs' real concerns?

中文題目: 從使用者的角度出發,企業的安全長要的是什麼?

國際演說: 亞洲安全週、國際安全科技博覽會(SecuTech Expo)

暢銷書籍: 企業安全管理完全手冊

講者簡介: N/A

Jack Yu 余俊賢 (資安人雜誌主編)

英文題目: Live in Battle: The NetArmy and Cross-Straight Digital Warfare

中文題目: 決戰實況: 中國網軍與海峽兩岸資訊戰

講者簡介: N/A


Wayne Huang (OWASP台灣分會會長、阿碼科技創辦人兼執行長)

Owasp taiwan wayne.jpg

英文題目: Security 3.0 in Web 2.0 Age—Practices and Challenges of Web 2.0 Security

中文題目: Web 2.0時代的Security 3.0—從實務經驗看Web資安防護之挑戰

國際演說:RSA 2007, HITCon 2007, Zend PHP 2006, HITCon 2006, WWW 2004 and WWW 2003


Owasp taiwan wayne1.jpg

簡介: Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.

Ricardo Jenez (Google軟體工程部門主任)


題目: Google's Approach to Secure Software Development Lifecycle

講者簡介: Mr. Jenez brings over 14 years of industry experience to eTime Capital , leveraging the latest technology to create highly effective business solutions for industry leaders. He also focuses on developing eTime Capital's strategic technology partnerships. Mr. Jenez was most recently at Netscape Communications as the Senior Development Manager responsible for the creation of a variety of e-commerce applications. Mr. Jenez was part of the core team that defined and implemented the architecture on which Netscape's B-to-B e-commerce applications - SellerXpert and BuyerXpert - were built. Prior to Netscape , Mr. Jenez held positions at General Magic , Tenfold , and Oracle Corporation. He also was the cofounder of Portacom Technologies , which manufactured some of the first Windows Accelerator graphics cards. His Eclipse II product was the recipient of the PC Magazine's Editor's Choice Award and ranked Number 74 on PC Computing's Top 200 PC Products of 1992". Prior to working at Oracle , Mr. Jenez was on the technical research staff of the MIT Laboratory for Computer Science , working on both hardware and software systems for multiprocessor computers. Mr. Jenez has two Bachelor of Science degrees from MIT , one in Computer Science and the other in Electrical Engineering.

李德財院士 (TWISC總召集人、中研院資訊所所長、IEEE Fellow、ACM Fellow)

Owasp taiwan dtlee.jpg

英文題目: Taiwan Information Security

中文題目: 資訊安全在台灣

講者簡介: Dr. Lee received his B.S. degree in Electrical Engineering from the National Taiwan University in 1971, and the M.S. and Ph. D. degrees in Computer Science from the University of Illinois at Urbana-Champaign in 1976 and 1978 respectively. Dr. Lee has been with the Institute of Information Science, Academia Sinica, Taiwan, where he is Director and a Distinguished Research Fellow since July 1, 1998. Prior to joining the Institute, he was a Professor of the Department of Electrical Engineering and Computer Science, Northwestern University, where he has worked since 1978. Dr. Lee also serves as Director of the Taiwan Information Security Center (TWISC), Acting Director of the Center for Information Technology Innovation, Academia Sinica, and also the Chief Executive Officer of the National Digital Archives Program, both sponsored by the National Science Council, Taiwan.

Jim Roskind (AOL副總裁暨技術長、前Netscape/Netcenter資安架構師、Java安全架構師)


題目: How We Secured AOL's Web Infrastructure

講者簡介: 曾任Netscape副總裁暨首席科學家、創辦Infoseek...During 8 years at Netscape/AOL/TW, Dr. Jim Roskind had titles including VP/CTO of System Infrastructure for America Online, VP/Chief Scientist Netscape, Netscape/Netcenter Security Architect, and Netscape's Java Security Architect. Jim's time as the Java Security Architect in Netscape's Client Product Division, placed him in the near the epicenter of almost all security related problems that appeared in the browser. In addition to tasks involved with technically reconciling issues, he was also a common liaison with contributors that reported security issues (both real and imagined). His notable technical accomplishments at Netscape included the architecture and deployment of signed Java. Before joining Netscape in 1995, Jim was a co-founder of Infoseek Corporation, and later Chief Scientist. Dr. Roskind holds an SB Electrical Engineering, SB Computer Science, SM EECS (1980), and PhD EECS (1983), all from Massachusetts Institute of Technology. His current research and development focus is on his daughter Brianna and son Dylan, all studied in collaboration with his wife Melinda.






請email至[email protected],並註明下列資訊。

  1. 中文姓名:
  2. 英文姓名:
  3. 單位:
  4. 職稱:
  5. 電子郵件:
  6. 聯絡電話:
  7. 免費加入OWASP台灣分會:(空白為願意加入,若不欲加入請填否)





Owasp taiwan 2007venue0.gif

Owasp taiwan 2007venue2.jpg

Owasp taiwan 2007venue1.jpg

第三屆台灣駭客年會(HIT 2007)

今年七月,除了第一屆OWASP台灣分會高峰會議外,第三屆台灣駭客年會(HIT 2007)將緊接在OWASP高峰會議後的週末, 也就是2007年7月21日(週六)至22日(週日)舉行,會議地點定於國立臺灣科技大學公館校區-國際廳,歡迎各界人士踴躍報名參加。

詳情可上 HIT 2007 網站查詢: Owasp_taiwan_HIT-linkLOGO.gif


OWASP(開放Web軟體安全計畫 - Open Web Application Security Project)是一個開放社群、非營利性組織,目前全球有82個分會近萬名會員,其主要目標是研議協助解決Web軟體安全之標準、工具與技術文件,長期致力於協助政府或企業瞭解並改善網頁應用程式與網頁服務的安全性。由於應用範圍日廣,網頁應用安全已經逐漸的受到重視,並漸漸成為在安全領域的一個熱門話題,在此同時,駭客們也悄悄的將焦點轉移到網頁應用程式開發時所會產生的弱點來進行攻擊與破壞。

OWASP 台灣分會 (OWASP Taiwan Chapter)