Difference between revisions of "2010 BASC Presentations"

From OWASP
Jump to: navigation, search
Line 5: Line 5:
 
The power of HTML5 allows developers to create  
 
The power of HTML5 allows developers to create  
 
web applications not just structured content, but its new features has increased the attack surface.  This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.
 
web applications not just structured content, but its new features has increased the attack surface.  This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.
 
+
{{2010_BASC:Presentaton_Info_Template|A Crumple Zone for Service Oriented Architectures|Andrew Gronosky|11|1}}
 
+
We present a new architectural construct analogous to the crumple zone in an automobile.  It consists of a layer of intelligent service proxies that work together to provide both signature-based and non-signature based defenses. We present our initial design for Java RMI based services and compare it with  web application firewalls.
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|11|1}}
+
abstr
+
 
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|13|1}}
 
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|13|1}}
 
abstr
 
abstr

Revision as of 12:09, 15 November 2010

Platinum Sponsors (Listed Alphabetically)
  CORE Security Rapid7  
SafeLight Security
  Security Innovation SOURCE  


We kindly thank our sponsors for their support. Please help us keep future BASCs free by viewing and visiting all of our sponsors.

Contents

Presentations

We would like to thank our speakers for donating their time and effort to help make this conference successful and free.

HTML5 Security

Presented by: Ming Chow
Time: 10:00-1:50
Track: {{{5}}}

The power of HTML5 allows developers to create web applications not just structured content, but its new features has increased the attack surface. This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.

A Crumple Zone for Service Oriented Architectures

Presented by: Andrew Gronosky
Time: 11:00-1:50
Track: {{{5}}}

We present a new architectural construct analogous to the crumple zone in an automobile. It consists of a layer of intelligent service proxies that work together to provide both signature-based and non-signature based defenses. We present our initial design for Java RMI based services and compare it with web application firewalls.

Another TBD Presentation

Presented by: To Be Determined
Time: 13:00-1:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 14:00-1:50
Track: {{{5}}}

abst

Another TBD Presentation

Presented by: To Be Determined
Time: 15:00-1:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 16:00-1:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 10:00-2:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 11:00-2:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 13:00-2:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 14:00-2:50
Track: {{{5}}}

abst

Another TBD Presentation

Presented by: To Be Determined
Time: 15:00-2:50
Track: {{{5}}}

abstr

Another TBD Presentation

Presented by: To Be Determined
Time: 16:00-2:50
Track: {{{5}}}

abstr



We kindly thank our sponsors for their support.
Please help us keep future BASCs free by viewing and visiting all of our sponsors.

Gold Sponsors
Auric Systems International Fortify Palo Alto Networks WhiteHat Security

You can find out more about this conference at the BASC homepage: http://www.owasp.org/index.php/2010_BASC_Homepage.
Conference Organizer: Jim Weiler