OWASP Week September 2007

This page will contain the outcome of the multiple OWASP Chapter events that will occur during during the week 5th Sep -> 12 Sep (see OWASP Day)

Washington DC
All presentations can be found at the link below.

Belgium

Belgium
All presentations can be found at the link below.

Washington_DC_LIVE-O

San Antonio
Here is the Bruce Jenkins presentation on Developing an Application Security Strategy for Large Enterprise Systems:

Israel
OWASP IL 8th meeting at the OWASP week - Meeting program and presentations.

Turkey
Introduction


 * Turkish Subtitle by Bedirhan Urgun (delete .ppt extension) for Jeff Williams's OWASP Day Intro movie

 Privacy in Governmental Insitutions - A Current State Analysis


 * OWASP2007_KamudaPrivacy.ppt‎

Presentation discusses the understanding of the privacy concept settled in governmental institutions and deliberate on general information security problems related with privacy issues. Getting off with general privacy problems, in specific, information about the privacy issues related to web applications is given. Moreover, concrete suggestions on providing a solid privacy in these institutions are presented.

Hayrettin BAHŞİ Chief Researcher CC Lab-UEKAE TUBITAK

 Secure Web Application Development 
 * Guvenli_Web_Uygulamalarinin_Gelistirilmesi.ppt

Presentation points out the vitality of security phases and touchpoints in SDLC, web applications' in specific. It goes over the principles, patterns, threat modeling as well as other important factors that comprise specification, development, testing phases of a secure application process.

Korhan GÜRLER Chief Researcher PRO-G

Discussion

Answers to Panel questions can be found at under the title of Artifacts - OWASP DAY: on the topic of "Privacy in the 21st Century" - September 8 (Turkey 2007)

Italy
All presentations can be found here

Rochester
2007 OWASP Top 10 Most Critical Web Application Security Vulnerabilities, by Ralph Durkee [[Media:OWASP_Top_10_2007_v6.ppt|PowerPoint]]

Abstract: Web application security vulnerabilities remain by the far the most frequently reported vulnerability category. In spite of wide spread use, and very frequent vulnerabilities, most web applications are still not being securely developed and deployed. The presentation will demonstrate why experts estimate the percentage of vulnerable web application range from 75% to 99% and review the 2007 OWASP top 10 web applications security vulnerabilities.

Ottawa

 * Presentation: What is Cardspace? By Christian Beauclair - Microsoft

The impact of phishing and other forms of online identity phraud has grown enormously in the last few years. Today, people are starting to curb their activities online due to fears of phishing and phraud and because they just can’t be bothered to fight through today’s online authentication systems such as multiple usernames and passwords, Captcha control and OTP tokens. In this session we’ll explore some of the core issues facing our identities online and then discuss how technologies such as Windows CardSpace enable users to authenticate and/or present personal information more easily and safely to sites that they know are legitimate.

Belgium

 * How many participants: 80+
 * How long did the event last: 8 hours
 * Pictures: (to upload)
 * Presentations: on the chapter page
 * Answers to Panel's questions:

London

 * How many participants: 15
 * How long did the event last: 2 1/2 hours
 * Pictures: (Ivan to upload)
 * Presentations: (pdp to upload)
 * Answers to Panel's questions: (Ivan to provide)

Washington DC

 * How many participants: 50
 * How long did the event last: 5 hours
 * Pictures: none
 * Presentations: Links above
 * Answers to Panel's questions: No time for a panel

Special thanks to the Organizations that made the mini-conference possible.

MITRE HoneyClient project

Grant Thornton LLC

Aspect Security

San Antonio

 * How many participants: 25
 * How long did the event last: 1 1/2 hours
 * Presentation: Bruce Jenkins "Developing an Application Security Strategy for Large Enterprise Systems"

Turkey

 * How many participants: 10
 * How long did the event last: 3.5 hours
 * Pictures: (on Bunyamin)
 * Presentations: (look above)
 * Answers to Discussion questions: (look above)

Israel

 * How many participants: 60
 * How long did the event last: 3 hours
 * Pictures: We seems to have no geeks with 2M phone cameras (and the leader forgot his :-
 * Presentations: Meeting program and presentations.

Italy

 * How many participants: nearly 110 (160 subscriptions)
 * How long did the event last: 4.5 hours
 * Pictures:
 * Presentations: here

Rochester

 * How many participants: 11
 * How long did the event last: 2 hours
 * Presentation: 2007 OWASP Top 10 Most Critical Web Application Security Vulnerabilities, by Ralph Durkee [[Media:OWASP_Top_10_2007_v6.ppt|PowerPoint]]
 * Meeting Minutes: [[Media:2007-09-10_Rochester_OWASP-Meeting-Minutes.pdf|PDF]]

Ottawa

 * How many participants: 10
 * How long did the event last: 2.5 hours
 * Presentation: What is Cardspace? By Christian Beauclair - Microsoft

[[Media:Windows_CardSpace_for_OWASP.zip|PowerPoint]]