This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP EU Summit 2008

Revision as of 20:14, 6 October 2008 by Mroxberr (talk | contribs)

Jump to: navigation, search
OWASP EU Summit Portugal 2008.jpg
4th - 7th November 2008


Please see here.


  • OWASP Summit EU 2008 is a worldwide gathering of OWASP leaders and Key Industry Players to present and discuss the latest OWASP Tools and documentation projects.
  • In addition to 40+ presentations from the OWASP Leaders granted 250,000 USD for web application security research, the summit will host multiple Working Sessions designed to improve collaboration, achieve specific objectives and decide roadmaps for OWASP projects, chapters and for the OWASP community itself.
  • Containing both technical and business tracks, the Summit is the perfect place to learn what resources OWASP has available for use today.
  • And with the confirmed presence of its most active leaders (OWASP is covering their expenses), the Summit will provide a relaxed but professional environment to meet the OWASP Leaders and to contribute to those project’s roadmaps for 2009.
  • Following and expanding the tradition started at OWASP conferences, the Summit will also host the largest offering of training courses, covering multiple OWASP specific and Web Application Security Topics.

TRAINING COURSES - November 3rd & 4th (Mon, Tue)

OWASP is bringing together the world’s best application security experts to teach you on OWASP tools, methodologies and how to build secure web software. The OWASP creators of tools will bring you up to speed on how to disect, test, improve and construct secure software.

Training Courses
Monday November 3 Tuesday November 4
Linux Software Exploitation (day 1 of 2) Linux Software Exploitation (day 2 of 2)
Web server/services hardening using SELinux (1 day) Practical Penetration Testing: Think Like an Attacker to Stop Attacks (0,5 days)
Secure Programming with Java (1 day) Classic ASP Security using OWASP tools (1 day)
Web Application Assessments (0,5 day) OWASP Top 10 - What Developers Should Know on Web Application Security (0,5 day)
Hacking Owasp Orizon Project v1.0 (0,5 day) Securing WebGoat with ModSecurity (0,5 day)
Uncovering WebScarab's Secret Treasures (1 day) tbd
tbd tbd

WORKING SESSIONS - November 4th & 5th (Tue, Wed)

Working Sessions
Tuesday, November 4 Wednesday, November 5
Working Sessions Operational Model - 1h , ALL to attend Working Session|OWASP Top 10 2009 [3h]
Working Session|OWASP Strategic Planning for 2009 [3h] Working Session|OWASP Education Project [2h]
Working Session|OWASP Tools Projects [3h] Working Session|OWASP Enterprise Security API Project [4h]
Working Session|ISWG: Browser Security [7h] Working Session|OWASP Code Review Guide 2009 [2h]
Working Session|OWASP Documentation Projects [3h] Working Session|OWASP Testing Guide Next Version [2h]
Working Session|OWASP Winter Of Code 2009 [4h] Working Session|OWASP Certification [2h]
Working Session|OWASP .NET Project [2h] Working Session|Application Security Desk Reference (ASDR) [4h]
Working Session|Two-way Internationalization OWASP Content [2h] Working Session|OWASP Intra Governmental Affairs [2h]
Working Session|OWASP Awards [2h]
Working Session|OWASP Website [2h]
Working Session|ISWG:Web Application Framework Security [7h]
Working Session|OWASP Live CD&DVD [2h]
Working Session|Best Practices for OWASP Chapter Leaders [2h]
Working Sessions Wrap Up [1h]

TECHNICAL TRACK AGENDA - November 6th & 7th (Thu,Fri)

Thursday, November 6, 2008
Tracks Track 1 & 3 Track 2 & 4
08:00-09:00 Registration and Coffee
09:00-09:45 KeyNote
09:45-10:20 About OWASP
10:20-10:40 Break - Expo - CTF
TRACKS Track 1: Secure Design & Defensive Strategies Track 2: OWASP Internals
10:40-10:55 OWASP Enigform and mod_Openpgp (SoC 08)

Arturo Alberto Busleiman (a.k.a Buanzo)

OWASP Internationalization Guidelines (SoC 08)

Juan Carlos Calderon

11:00-11:15 OWASP OpenSign Server Project (SoC 08)

Phil Potisk, Richard Conway - pending

OWASP Spanish Project (SoC 08)

Juan Carlos Calderon

11:20-11:35 OWASP AntiSamy (SoC 08)

Arshan Dabirsiaghi

OWASP Positive Security (SoC 08)

Eduardo Vianna de Camargo Neves

11:40-11:55 OWASP AppSensor (SoC 08)

Michael Coates

OWASP Source Code Review OWASP Projects (SoC 08)

James Walden

12:00-12:15 OWASP Securing WebGoat using ModSecurity (SoC 08)

Stephen Craig Evans, Christian Folini

OWASP Education (SoC 08 Working Session)

Sebastien Deleersnyder, Martin Knobloch

12:20-12:35 OWASP Book Cover & Sleeve Design, OWASP Individual & Corporate Member Packs (SoC 08)

Deb, LX Studios

12:35-14:00 Lunch - Expo - CTF
TRACKS Track 3: Cutting Edge Tools Track 4: Security Guidance and Knowledge
14:00-14:15 OWASP Access Control Rules Tester Project (SoC 08)

Andrew Petukhov

OWASP Classic ASP Security Project (SoC 08)

Juan Carlos Calderon

14:20-14:35 OWASP Skavenger Project (SoC 08)

Matthias Rohr

OWASP .NET Project (SoC 08 & Working Session)

Mark Roxberry

14:40-14:55 OWASP JSP Testing Tool (SoC 08)

Jason Li

15:00-15:15 WebScarab-NG (SoC 08)

Rogan Dawes

OWASP SQL Injector Benchmarking Project (SoC 08)

Kevin Fuller

15:20-15:35 OWASP Pantera (SoC 08)

Simon Roses Femerling

OWASP Code Review Guide (SoC 08 & Working Session)

Eoin Keary

15:40-15:55 OWASP Live CD 2008 (SoC 08)

Matt Tesauro

16:00-16:15 OWASP Teachable Static Analysis Workbench (SoC 08)

Dmitry Kozlov

OWASP Backend Security Project (SoC 08)

Carlo Pelliccioni

16:20-16:35 OWASP Interceptor (SoC 08)

Justin Derry

OWASP Application Security Desk Reference (ASDR) (SoC 08 & Working Session)

Leonardo Cavallari Militelli

16:40-16:55 OWASP Orizon Project (SoC 08)

Paolo Perego (aka thesp0nge)

17:00-17:15 OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project (SoC 08)

Dmitry Kozlov

OWASP Ruby on Rails Security Project (SoC 08)

Heiko Webers

17:20-17:35 OWASP Python Static Analysis Project

Nam Nguyen

OWASP Testing Guide (SoC 08 & Working Session)

Matteo Meucci

17:40-17:55 .


19:00 OWASP Gala Dinner

Friday, November 7
Track Track
09:00-10:00 Coffee
10:00-10:15 ISWG: Browser Security (Working Session) Certification (Working Session)
10:20-10:35 Enterprise Security API Project (Working Session) Awards (Working Session)
10:40-10:35 Tools Projects (Working Session) OWASP Website (Working Session) [2h]
11:00-11:15 ISWG:Web Application Framework Security (Working Session) Winter Of Code 2009 (Working Session)
11:20-11:35 Documentation Projects (Working Session) Strategic Planning for 2009 (Working Session)
11:40-11:55 OWASP Top 10 2009 (Working Session) Board Meeting (public session)
12:00-12:15 Intra Governmental Affairs (Working Session) OWASP Live CD&DVD (Working Session)
14:00-17:00 Board Meeting
17:00 Cocktail Party

Corrections or Updates: Contact michael.coates{at}

BUSINESS TRACK AGENDA - November 6th & 7th (Thu,Fri)

Thursday, November 6
09:45 About OWASP
11:00 Real World Usage of OWASP Material
12:00 OWASP Projects: Top 10, Legal Contract, Testing Guide, Developer Guide, Code Review, Webgoat
14:00 OWASP Intergovernmental Activities and Compliance
15:00 Panel: Security Threats Landscape and Future Trends
16:00 OWASP Projects: Internationalization, Education, Certification and OWASP Books
19:00 OWASP Gala Dinner

Friday, November 7
10:00 OWASP Projects: ESAPI, ASDR, CLASP, ISWG Browser Security and Web Application Security Framework
11:00 OWASP Roadmap for 2009
12:00 Panel: What do you want from OWASP?
14:00 OWASP Board Meeting over Working Session
15:00 Panel: Security Threats Landscape and Future Trends
16:00 Round Table: What's in our sponsors minds?
19:00 Cocktail Party


The OWASP European Summit 2008 will be hosted at the 5 start Resort in Algarve Portugal (Grande Real Santa Eulália Resort & Hotel). We suggest the hotel booking and the travel arrangements be handled via Diplomata Tours, the assigned travel agency.

The venue address:

Praia de Santa Eulália

PO Box 2445

Albufeira, Portugal


Google Maps Link

Nearest Airport: Faro

Registration will soon be available via the OWASP Conference Cvent site at: Cvent link