OwaspRomaniaConference2014

From OWASP
Jump to: navigation, search


InfoSec2014banner.png
.

Owasp Romania InfoSec Conference 2014 - October 24th

OWASP Romania team is happy to announce the OWASP Romania InfoSec Conference 2014, a one day Security and Hacking Conference. It will take place on 24th of October, 2014 - Bucharest, Romania.
The OWASP Romania InfoSec Conference objective is to raise awareness about application security, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

Who Should Attend?

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security
  • Anyone interested in learning about or promoting Web Application Security

CONFERENCE (Friday 24th of October)

Date Location
Friday 24th of October, 10.00 AM
Venue Location: University "Politehnica" of Bucharest, AN010

Venue Address: Splaiul Independentei nr. 313, sector 6, Bucuresti, ROMANIA;

Price and registration
This event is FREE, you need to register on the link provided below, print your ticket and present it at the entrance.

Limited number of seats! Register now! [1]


Agenda

Time Title Speaker Description
10:00 - 10:30
(30 mins)
Registration
10:30 - 10:45
(15 mins)
Introduction & Welcome Oana Cornea Introduction to OWASP & Bucharest Event, Schedule for the Day
10:45 - 11:30
(45 mins)
Keynote
Andrzej Klesnicki We tend to blame developers for every problem we have with web applications, is it really the case? Nevertheless who is responsible, what if we just do not have security emended in our process. How to deal with security when deployment days is close. Are we doomed or there is still something that we can do? This speech will look for those answers.
11:50 - 12:35
(45 mins)
OWASP O2 Platform : Automating Security Consultant's Knowledge/Workflows and Allowing non-security experts to access and consume Security Knowledge Dinis Cruz This presentation will show how to use the multiple O2 Platform tools and coding environments to perform multiple types of Application security analysis (from black-box browser-automation, to static-analysis code-reviews). A key part of the O2 Platform are the FluentSharp APIs which will be used for the demos (like the interactive creation of a custom Application security tool, which is then packaged as an stand-alone executable/cli-tool)
12:55 - 13:40
(45 mins)
OWASP WordPress Security Checklist Dan Catalin Vasile In last year presentation I focused on breaking the WordPress ecosystem. Meanwhile I finished the OWASP project related to the security checklist every administrator should follow when implementing WordPress. It was an effort of gathering information from various sources and personal experience and setting a security baseline for WordPress. Furthermore, I also focused on the implementation of WordPress in corporate environments with general advises (which applies in general to the adoption of open source software by the business) and specific actions like central management and integration with Active Directory.
13:40 - 14:30
(50 mins)
Lunch/Coffee Break
14:30 - 15:15
(45 mins)
Secure continuous delivery: developer’s immediate connection to what they’re creating Dinis Cruz This presentation makes the case that when developers have access to powerful development CI (Continuous Integration) environments and code analysis/execution tools, they are able to: a) understand what their code is doing, b) refactor code with confidence, c) test they code efficiently and d) provide assurance that are writing secure code. This presentation will show real examples of what such environment looks like in .NET and NodeJS
15:20 - 16:05
(45 mins)
Secure coding with python Enrico Branca TBD
16:10 - 16:55
(45 mins)
Shellshock Vulnerability Tudor Enache Discussion of one of the most popular 0-days in recent years. What's shellshock? What are the attack vectors? How do you mitigate it? Additionally we will brainstorm about how to efficiently deal with such bugs and understand the real threat of 0-days.


  • Oana Cornea [2]
  • Daniel Barbu [3]
  • Catalin Teodorescu [4]
  • Cosmin Ilie [5]
  • Mihai Terzea [6]
  • Ivona Oancea [7]

Sponsors

Sponshorship opportunities
Why sponsor?

  • Join 200+ leaders, security consultants, security architects and developers gathered to share cutting-edge ideas, initiatives and trends in technology.
  • OWASP events attract an audience interested in "What's next?" - As a sponsor, you will be promoted as an answer to this question.
  • Increase awareness and recognition in Romanian Security IT environment.
  • Support and involvement in the world of information security enthusiasts.
     

Platinum Sponsor

     
      IntelLogo rgb.png      
     

Gold Sponsor

     
    CheckmarxIL.jpg Dell-logo.png  
     

Event Supporters

     
    DevAcademy.JPG SoftLead.png Danielbarbu.png  
    Logo phpromania.png Devtalks logo + background.jpg Defcamp logo.png  
    Securitatea-Informatiilor.jpg RAISA-logo.jpg Logo-C.jpg  
     

Educational Supporters

     
    UPBlogo.png SiglaFils.JPG