OWASP AppSec Asia 2008 - Taiwan

Welcome to OWASP AppSec Asia 2008! We'd like to thank China, Delhi, Hong Kong, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters for helping out with the conference and for attending the conference. We are working with other chapters across Asia to see if we can invite more chapters. If you represent an Asia chapter and are interested in participating, please [mailto:wayne.owasp@gmail.com email us].

Two professional translators will be at the conference to conduct simultaneous oral translation between English and Mandarin. Wireless earphones will be provided.



OWASP AppSec Asia 2008, Conference Schedule (Oct 27th - Oct 28th)
{| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" |

(2008/10/27) - Day 1
|- {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 08:30 - 09:30 Door opens for registration |- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" |

|- | style="width:33%; background:#4F81BD; color:white" align="center" | SPEAKER |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Wayne Huang, Conference Chair  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |   |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |    |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | YM Chen, Director, Foundstone, A Division of McAfee  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Wayne Huang, OWASP Taiwan Chapter  {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 11:50 - 12:40 Lunch |- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" |
 * align="center" style="width:33%; background:#4F81BD; color:white" | TIME || style="width:33%; background:#4F81BD; color:white" align="center" | SESSION
 * align="center" style="width:20%; background:#4F81BD; color:white" | 09:30- 09:40 || style="width:30%; background:#A7BFDE" align="center" | Opening welcome and an introduction to this year’s program 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 09:40-09:50 || style="width:30%; background:#A7BFDE" align="center" | Welcome by Institute for Information Industry 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 09:50-10:00 || style="width:30%; background:#A7BFDE" align="center" | Welcome by Information Security Consortium, Information Service Industry Association 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 10:00-10:50 || style="width:30%; background:#A7BFDE" align="center" |  What's Next? Strategies for Web Application Security 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 11:00-11:50 || style="width:30%; background:#A7BFDE" align="center" | Web-based Malware obfuscation: the kung-fu and the detection

|- | style="width:33%; background:#4F81BD; color:white" align="center" | SPEAKER |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | KK Mookhey (OWASP Mumbai)  |- {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 13:40 - 15:40 Asia Chapter Leader Meeting Attendee: China, Delhi, HK, Korea, Mumbai, Singapore, Taiwan, Thailand, and Vietnam Chapters
 * align="center" style="width:33%; background:#4F81BD; color:white" | TIME || style="width:33%; background:#4F81BD; color:white" align="center" | SESSION
 * align="center" style="width:20%; background:#4F81BD; color:white" | 12:40 - 13:30 || style="width:30%; background:#A7BFDE" align="center" | Good Business Penetration Testing 

P.S: Meeting with go in parallel to the two of the talk sessions and coffee break. |- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" | |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | PK (Taiwan Criminal Investigation Bureau)  |-
 * align="center" style="width:33%; background:#4F81BD; color:white" | 13:40 - 14:30 || style="width:33%; background:#A7BFDE" align="center" | How bad can Web vulnerabilities be—case study on a 50 million personal records breach 

{| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 14:30 - 14:50 Coffee Break |- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" |

|- | style="width:33%; background:#4F81BD; color:white" align="center" | SPEAKER |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Fyodor Yarochkin (Guard-Info)  |-  ''' | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Frank Yuan Fan, OWASP China Chapter  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Charmi Lin (Taiwan Information & Communication Security Technology Center)  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Anthony Lai (Dark Floyd), OWASP HK Chapter  |- {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" |
 * align="center" style="width:33%; background:#4F81BD; color:white" | TIME || style="width:33%; background:#4F81BD; color:white" align="center" | SESSION
 * align="center" style="width:20%; background:#4F81BD; color:white" | 14:50 - 15:40 || style="width:30%; background:#A7BFDE" align="center" | Tiny coding errors, big losses: real stories of website 0wnage 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 15:50 - 16:40 || style="width:30%; background:#A7BFDE" align="center" | '''Web Application Proactive and Passive Defense Best Practices
 * align="center" style="width:20%; background:#4F81BD; color:white" | 16:50 - 17:30 || style="width:30%; background:#A7BFDE" align="center" | Why Webmail systems are hard to secure--using real case studies 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 17:40 - 18:10 || style="width:30%; background:#A7BFDE" align="center" | Penetration Test with BackTrack: Art of Exploitation 

(2008/10/28) - Day 2
|- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" |

|- | style="width:33%; background:#4F81BD; color:white" align="center" | SPEAKER |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Robert "RSnake" Hansen (SecTheory)  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Chenxi Wang, Ph.D. (Forrester Research)  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Dhruv Soi (OWASP Delhi Chapter Leader), Pukhraj Singh (OWASP Delhi Chapter)  {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 12:30 - 13:30 Lunch |- {| style="width:80%" border="0" align="center" ! colspan="4" align="center" style="background:#4F81BD; color:white" |
 * align="center" style="width:33%; background:#4F81BD; color:white" | TIME || style="width:33%; background:#4F81BD; color:white" align="center" | SESSION
 * align="center" style="width:20%; background:#4F81BD; color:white" | 09:00- 10:30 || style="width:30%; background:#A7BFDE" align="center" | New 0-Day Browser Exploits: Clickjacking - yea, this is bad... 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 10:40- 11:30 || style="width:30%; background:#A7BFDE" align="center" | Web 2.0, Consumerization, and Application Security 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 11:40- 12:30 || style="width:30%; background:#A7BFDE" align="center" | Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 11:40- 12:30 || style="width:30%; background:#A7BFDE" align="center" | Crossing the Chasm: Anatomy of Client-Side and Browser-Based Attacks<BR> 

|- | style="width:33%; background:#4F81BD; color:white" align="center" | SPEAKER |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Tim Bass, OWASP Thailand  |- | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | Alexander Meisel (OWASP Germany)  |- {| style="width:80%" border="0" align="center" ! colspan="2" align="center" style="background:#4058A0; color:white" | 15:20 - 15:40 Coffee Break |-
 * align="center" style="width:33%; background:#4F81BD; color:white" | TIME || style="width:33%; background:#4F81BD; color:white" align="center" | SESSION
 * align="center" style="width:20%; background:#4F81BD; color:white" | 13:30 - 14:20 || style="width:30%; background:#A7BFDE" align="center" | Proxy Caches and Web Application Security--using the recent Google Docs 0-day as an example<BR> 
 * align="center" style="width:20%; background:#4F81BD; color:white" | 14:30 - 15:20 || style="width:30%; background:#A7BFDE" align="center" | Best Practices Guide: Web Application Firewalls<BR> 

Conference Fees
The fee for the two days conference is USD 35, which includes:
 * Two lunches
 * Coffee breaks
 * Conference T-Shirt

Registration
Registration is now open!! Please [mailto:wayne.owasp@gmail.com contact us] for the registration.

Conference Venue
Taipei International Convention Center

Address: 3rd floor Conference Hall, Xin Yi Road, Section 5, number 1, Taipei, Taiwan R.O.C.

Website

Hotel Information
San Want Hotel

Address: No.172, Sec. 4, ZhongXiao East Road, Taipei, Taiwan

Tel:+886-2-2772-2121 ｜ Fax : +886-2-2721-0302

Website

Hope City FuShing Hotel

Address: No.275, Sec.1, Fushing S. Rd., Taipei, Taiwan

Tel : +886-2-2703-9990 ｜ Fax : +886-2-2706-8547

Website

Welcome to Taiwan
And WELCOME TO TAIWAN! Please check out this video about interesting places in Taiwan. If you need suggestions on how to plan out your trip, please feel free to [mailto:wayne.owasp@gmail.com contact us!]