OWASP NYC AppSec 2008 Conference

= OWASP NYC AppSec 2008 - September 22th-25th 2008 = Last Update: // In association with: WASC, NYM InfraGard, AITGlobal, NYC PHP, NYCBUG, ISACA, ISSA and Pace University you're invited to (2) days of Seminars and Technology Pavilion from the world's best application security technology minds, (2) days of hardcore hands-on training, all held at Pace University, located in downtown New York City at One Pace Plaza New York, NY 10038. Event Fees: $300 for 2 days of seminars, $675 for 1-day training classes and $1,350 for 2-day courses. https://www.owasp.org/images/7/7f/Register.gif - do you want to preview the event space Click Here Diamond Sponsor - https://www.owasp.org/images/d/de/Imperva_2color_RGB.jpg Platinum Sponsor - https://www.owasp.org/images/b/bf/CenzicLogo_RGB.gif - https://www.owasp.org/images/f/f8/Sponsorsm.gif Gold & Silver Sponsors - https://www.owasp.org/images/9/97/Proactiverisk_logo.jpg - https://www.owasp.org/images/a/ac/Fortify.jpg - http://www.owasp.org/images/d/d1/Aspect_logo.gif - https://www.owasp.org/images/b/be/Cigital_OWASP.GIF - https://www.owasp.org/images/6/6d/Accessit.JPG - https://www.owasp.org/images/6/6e/OunceLabs_logo.jpg - http://www.owasp.org/images/4/45/Isc2logo.gif - https://www.owasp.org/images/1/10/Evlogo.jpg - https://www.owasp.org/images/2/26/Foundstone.jpg- https://www.owasp.org/images/f/f8/Sponsorsm.gif Sponsorship Opportunities -- Press Registration -- Other OWASP Member Offers

OWASP NYC AppSec 2008 Conference Schedule – Sept 24th - Sept 25th
https://www.owasp.org/images/7/7f/Register.gif

Technology Pavilion - September 24th and 25th
Want to see the latest offerings from technology product and service firms, visit the Technology Pavilion. On September 24th and 25th there will be 2 full days of exhibits by service providers and manufacturers from around the world.

OWASP NYC AppSec 2008 Training Courses - September 22nd and 23rd, 2008
{| style="width:80%" border="0" align="center" ! align="center" style="background:#4058A0; color:white" | T1. Defensive Programming - 2-Days - $1350 |- | style="background:#F2F2F2" | This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws. The instructor Pravir Chandra is well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software Learn More Here

Instructor: Jason Rouse, Sr. Consultant, https://www.owasp.org/images/b/be/Cigital_OWASP.GIF''' |- {| style="width:80%" border="0" align="center" ! align="center" style="background:#4058A0; color:white" | T2. Secure Coding for Java EE - 2-Days - $1350 |- | style="background:#F2F2F2" | This course is similar to Aspect's Building and Testing Secure Web Applications except it includes a significant amount of Java focused content, including:
 * 1) Java EE security overview,
 * 2) All coding examples and recommendations are specifically focused on Java and Java servers, and
 * 3) 3 additional hands on coding labs where the students find and then fix security vulnerabilities in a Java EE application developed for the class.

Learn More Here

Instructor: This tutorial is provided by longtime OWASP contributor: http://www.owasp.org/images/d/d1/Aspect_logo.gif ''' |- ! align="center" style="background:#4058A0; color:white" | T3. Web Services and XML Security - 2-Days - $1350 |- | style="background:#F2F2F2" | The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software. Learn More Here

Instructor: Gunnar Peterson''' https://www.owasp.org/images/b/bf/Arctec.jpg |- ! align="center" style="background:#4058A0; color:white" | T4. Advanced Web Application Security Testing - 2-Days - $1350 |- | style="background:#F2F2F2" | Course Overview While all developers need to know the basics of web application security testing, application security specialists will want to know all the advanced techniques for finding and diagnosing security problems in applications. Aspect’s Advanced Web Application Security Testing training is based on a decade of work verifying the security of critical applications. The course is taught by an experienced application security practitioner in an interactive manner. Learn More Here

Instructor: This tutorial is provided by longtime OWASP contributor: http://www.owasp.org/images/d/d1/Aspect_logo.gif''' |- ! align="center" style="background:#4058A0; color:white" | T5. Leading the Development of Secure Applications 1-Day - Sept 22nd- $675 |- | style="background:#F2F2F2" | In this one-day management session you’ll get the answers to the ten key questions that most CIOs and development managers face when trying to improve security in the development process. The course provides proven techniques and valuable lessons learned that can be applied to projects at any phase of their application’s lifecycle. Learn More Here Instructor: This tutorial is provided by longtime OWASP contributor: http://www.owasp.org/images/d/d1/Aspect_logo.gif''' |- ! align="center" style="background:#4058A0; color:white" | T6. Application Security Forensics - 1-Day - Sep 23rd - $675 |- | style="background:#F2F2F2" | Web application forensics and incident response, requires a solid understanding of web application, security issues – this 1 day class will provide you with a crashcourse on chain of custody and issues related to dealing with a breach |- ! align="center" style="background:#4058A0; color:white" | T7. Encryption Programming Using SKSML - 2-Days - $1350 |- | style="background:#F2F2F2" | Application developers are increasingly required to protect sensitive data through encryption. While there are many libraries that can assist with cryptography, there are few to none that focus on encryption key management.

This class will introduce you to an OASIS standards protocol - Symmetric Key Services Markup Language (SKSML) - and show you how it can be used to securely encrypt sensitive data and manage encryption keys across the enterprise. Learn More Here

Instructor: Arshad Noor, CTO, StrongAuth Inc.''' https://www.owasp.org/images/8/86/StrongAuth.jpg https://www.owasp.org/images/7/7f/Register.gif

HOTELS / TRAVEL Hotels in the area of the event

New York City MTA: http://www.mta.nyc.ny.us/nyct/index.html

New York City Subway & walking directions: http://www.hopstop.com/?city=newyork

New York Sights & Sounds - SightsSounds

New York City Travel Guide - http://www.nytoday.com/

New York City Attractions - http://www.nycvisit.com

New York TV Show Tickets - Get free tickets to TV shows! - http://www.nytix.com/

New York City local news: http://www.ny1news.com

EVENT SPONSORSHIP The OWASP Conferences & Training security technologists including CSOs,admins, application admins, MIS directors, homeland defense chiefs. These important influencers drive buying decisions exclusive access to its audiences. OWASP has established strategic relationships with security—print publications, newsletters, portals, consultants,message—and leadership positioning OWASP events. OWASP’s mission is supported by organizations who share our application, and software security communities. This approach should be part of your mix.

Sponsorship Opportunities- Register online: click here