Category:OWASP Presentations

 = Welcome to the OWASP Presentations Program =

In an effort to promote more in-depth work in application security, the OWASP Presentations program is always accepting presentation submissions. Presentations submitted to the OWASP Presentations program will be reviewed by a team of senior application security experts. These reviewers will provide constructive feedback on submissions in the hopes of achieving a publishable quality paper. Papers that are approved by the review team will be published on the OWASP website and will be candidates for presentation at the next OWASP AppSec conference.

Submitting a Presentation
To submit a presentation, please use the following template for [[Media:OWASP_Presentatiion_Template.zip | Microsoft Powerpoint, Keynote and Open Office]] presentations. You can create a wiki account and upload it yourself or contact your local chapter leader. For more information Contact Us

OWASP Presentation Template
PPT Template Toolbox

PowerPoint 3
= OWASP Education Presentation Guidelines = Some guidelines:
 * Use any of the templates from the PPT Template Toolbox
 * Provide a summary next to the slides
 * Add a descriptive summary and expectations on knowledge
 * Only include necessary data
 * Slide contents should be self evident
 * One slide should cover only one specific topic, avoid overly dense slides
 * Max seven words per line, seven lines per slide
 * Present information graphically: an image can say more than thousand words
 * Don't use all capital letters
 * limit your presentation to less than 50 slides - better less than 30 slides (a good presentation will be max. 90 minutes and typical time per slide is 2 minutes). If you need more, split the presentation in parts.
 * Support each slide with notes (the part below the slide in PowerPoint). These notes should provide the presenter with enough material (including references) to prepare the presentation without much extra research.

= Recent Papers =


 * AppSec 2013 Welcome
 * The slides used for the welcoming at AppSec USA 2013 in NYC.


 * Why Hackers Don't Care About Your Firewall (Seba Deleersnyer)
 * Presentation done at Belnet conference 2011 in Belgium by Seba. While network and ICT infrastructure are important, the current risks have evolved beyond perimeter security. Hackers are attacking the weak spots and going after the easy targets, such as the holes in browsers and vulnerable applications. This presentation will explain the OWASP Top Ten with real life examples; it provides a powerful awareness tool for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.

=2001 to 2009 Papers=
 * Advanced SQL Injection (Victor Chapela)
 * Detailed methodology for analyzing applications for SQL injection vulnerabilities.


 * Advanced SQL Injection (Eric Sheridan)
 * 2006


 * Advanced Topics on SQL Injection Protection
 * 7 methods to prevent SQL injection attacks correctly and in a more integrated approach. Methods 1 to 3 are applicable during design or development life cycle. Method 4 is mainly from QA’s perspective. Methods 5 and 6 can be applied to production environment and are applicable even if you do not have access to or if you cannot change the source code. Other non-main stream technology are discussed in Method 7. From 2006.


 * OWASP Web Services Project (Alex Smolen)
 * AppSec DC 2005


 * Attacking Web Services (Alex Stamos)
 * AppSec DC 2005


 * Enterprise AppSec Program (Anthony Canike)
 * AppSec DC 2005


 * Evolution of App Pen Testing (Dan Cuthbert)
 * AppSec DC 2005


 * Identity Theft, Phishing and Pharming (Danny Allan)
 * AppSec DC 2005

