Conference Program - OWASP AppSec USA 2011

More documents

Recommendations

Info

TALKS: Thursday, September 22, 2011Abstracts available in this conference program. See http://www.appsecusa.org/speakers.html for bios.Time Attacks & Defenses Cloud Mobile Thought Leadership0730-0830 CONTINENTAL BREAKFAST0830-0920 KEYNOTE: Mark Curphey, Community - The Killer App0920-0930 BREAK0930-1020 Andrés Riancho Web ApplicationSecurity PayloadsAndy Murren SwA and theCloud - Counting the RisksBlanchou, Osborne, SolnikBlackbox Android: Breaking“Enterprise Class” Applicationsand Secure ContainersArian Evans Six Key Metrics:A look at the future of appsec1020-1040 COFFEE BREAK1040-1130 Jim Manico Ghosts of XSSPast, Present and Future1130-1140 BREAK1140-1230 Shreeraj Shah Next GenerationWeb Attacks – HTML 5,DOM(L3) and XHR(L2)Shankar Babu Chebrolu,PhD, CISSP Top Ten Riskswith Cloud that will keep youAwake at NightScott Matsumoto ThreatModeling in the Cloud: WhatYou Don’t Know Will HurtYou!Ryan W Smith STAAF: AnEfficient Distributed Frameworkfor Performing Large-Scale Android ApplicationAnalysisTom Fischer LessonsLearned Building Secure ASP.NET Applications * Moved forscheduleCharles Henderson GlobalSecurity ReportJohn Benninghoff BehavioralSecurity Modeling:Eliminating Vulnerabilities byBuilding Predictable Systems1230-1330 LUNCH & OWASP FOUNDATION BOARD DISCUSSION: Jeff Williams (Chair), Tom Brennan, Eoin Keary, Matt Tesauro,Dave Wichers, and incoming board member Michael Coates * Sebastien Deleersnyder unavailable due to scheduling conflict1330-1420 de Prado, Lara Pwningintranets with HTML5Dan Cornell The Self HealingCloud: Protecting Applicationsand Infrastructure withAutomated Virtual PatchingMike Park Android Security,or This is not the Kind of“Open” I Meant...Veltsos (moderator), Los,McCormick, Williams Makingit in Information Securityand Application Security1420-1430 BREAK1430-1520 Devarajan, Redfoot Keepingup with the Web-ApplicationSecurity1520-1540 COFFEE BREAK1540-1630 Jon McCoy Hacking .NET(C#) Applications: The BlackArtsMatt Tesauro Testing fromthe Cloud: Is the Sky Falling?Adrian Lane CloudSec 12-Step1630-1700 UNIVERSITY CHALLENGE WINNERS TALK!1700-1800 HAPPY HOUR2Stadmeyer, Held Hacking(and Defending) iPhone ApplicationsSoltani, Padgham WhenZombies Attack - a TrackingLove StoryJohn B. Dickson, CISSPSoftware Security: Is OKGood Enough?Jeff Williams AppSec Inception- Exploiting SoftwareCulture
TALKS: Friday, September 23, 2011Abstracts available in this program. See http://www.appsecusa.org/speakers.html for bios.Time Software Assurance OWASP Patterns Secure SDLC0730-0830 CONTINENTAL BREAKFAST0830-0920 KEYNOTE: Ira Winkler0920-0930 BREAK0930-1020 Richard Struse Software AssuranceAutomation throughoutthe LifecycleCoates Pure AppSec, No Fillersor Preservatives - OWASPCheat Sheet Series WatsonOWASP Codes of ConductDr. Chu, Xie Secure ProgrammingSupport in IDEBrian Chess Gray, the NewBlack: Gray-Box Web PenetrationTesting1020-1040 COFFEE BREAK1040-1130 Ryan Stinson Improve yourSDLC with CAPEC and CWE1130-1140 BREAK1140-1230 Willis, Britton Sticking tothe Facts: Scientific Study ofStatic Analysis Tools1230-1330 LUNCH & KEYNOTE: Moxie Marlinspike1330-1420 Adam Meyers Mobile ApplicationsSoftware Assurance1420-1430 BREAK1430-1520 Charles Schmidt You’reNot Done (Yet) - TurningSecurable Apps into SecureInstallations using SCAP1520-1540 COFFEE BREAK1540-1630 Moss, Bartol Why do developersmake these dangeroussoftware errors?1630-1640 BREAKMannino, Lanier, ZusmanOWASP Mobile Top 10 RisksSimon Bennetts Introducingthe OWASP Zed Attack ProxyAnthony J. Stieber HowNOT to Implement Cryptographyfor the OWASP Top 10Beef (Schmidt), Wall ESAPI2.0 - Defense Against theDark Arts Li OWASP ProjectsPortal Launch! (5-10 Minutes)Ryan Barnett OWASP CRSand AppSensor ProjectSood, Enbody The GoodHacker - Dismantling WebMalwareCollins, Zaw Brakeman andJenkins: The Duo Detect Defectsin Ruby on Rails CodeMichael Coates SecurityEvolution - Bug Bounty Programsfor Web ApplicationsSrini Penchikala MessagingSecurity using GlassFish 3.1and Open Message QueueAlex Smolen ApplicationSecurity and User Experience1700-1800 RECAP AND LOOKING AHEAD TO THE NEXT TEN YEARS AND APPSEC USA 2012Chris Wysopal ApplicationSecurity Debt and ApplicationInterest RatesMike Ware SimplifyingThreat ModelingNather (moderator), Cruz,Eng, Hoff, Meyer, Steven,Fay Speeding Up SecurityTesting PanelLeifheit (moderator),Fuchsberger, Kumar,Tychansky, Moretti ApplicationSecurity AdvisoryBoard SDLC PanelGunnar Peterson MobileWeb Services * Moved forschedule3
Page 3: Welcome to OWASP AppSec USA 2011, a
Page 7 and 8: MORE EVENTS:Tuesday, September 20,
Page 9 and 10: Application Security Debt & Applica
Page 11 and 12: ESAPI 2.0 - Defense Against the Dar
Page 16: surface and vectors to protect next
Page 22 and 23: Application Security,Risk, & Compli
Page 24: Web Application Security PayloadsAn
Page 28 and 29: Downtown Minneapolis26
Page 30 and 31: Platinum Sponsors:Security Innovati
Page 32 and 33: Silver Sponsors:Aspect Security spe
Page 34 and 35: Notes:32

Conference Program - OWASP AppSec USA 2011

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?