Difference between revisions of "AppSecAsiaPac2013"

From OWASP
Jump to: navigation, search
Line 6: Line 6:
 
! width="500" align="center" | <br>
 
! width="500" align="center" | <br>
 
|-
 
|-
| align="center" | [[Image:Owasp_banner_7b.jpg|1100px]]]  
+
| align="center" | [[Image:Owasp_banner_7b.jpg|1100px]]  
 
| align="center" |  
 
| align="center" |  
  
Line 104: Line 104:
 
<font size=2pt>
 
<font size=2pt>
 
==Call for Papers==
 
==Call for Papers==
'''Submit your Talk Proposal here: [https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHNFa3NyTV82VFNiVVh5VnllU2tfQnc6MA Call for Papers Submission Form]'''
+
'''Submit your Talk Proposal here: [https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dDdSdVN6Q2lEbl9MTWpTWF9fQmpjdUE6MA#gid=0 Call for Papers Submission Form]'''
  
  
Please carefully fill out the [https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHNFa3NyTV82VFNiVVh5VnllU2tfQnc6MA CFP form]  to submit your talk for consideration at OWASP AppSec Latam 2012 in Montevideo, Uruguay.  
+
Please carefully fill out the [https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dDdSdVN6Q2lEbl9MTWpTWF9fQmpjdUE6MA#gid=0 CFP form]  to submit your talk for consideration at OWASP AppSec APAC 2013 in Jeju, South Korea.  
  
The talks will be held November 20th and 21st, 2012 at the ANTEL National Telco Company located in downtown Montevideo (training is November 18th and 19th). Talks will be 50 minutes each. We will post your Display Name, Biography, Talk Title, and Talk Abstract to the appseclatam.org site if your talk is selected. If you provide a URL or Twitter handle, we will post that if your talk is selected, too.
+
The talks will be held February 21st and 22nd, 2013 at the Hyatt Regency (training is February 19th and 20th). Talks will be 50 minutes each. We will post your Display Name, Biography, Talk Title, and Talk Abstract to the appsecapac.org site if your talk is selected. If you provide a URL or Twitter handle, we will post that if your talk is selected, too.
  
  
'''The deadline for this Call for Papers is August 31, 2011.''' If your talk is selected, we will contact you to confirm, and we will expect that your slides and other material will be sent to us no later than November 16, 2011 for our peer review. We peer review slides and other material for inclusion on the conference website (post-conference) and to verify general conformance to OWASP conference presentation guidelines.
+
The first round submission deadline for this Call for Papers is '''December 12, 2012.''' The final submission deadline is '''December 31, 2012'''. All talk acceptances will be confirmed by January 4, 2013.
 +
 
 +
 
 +
If your talk is selected, we will contact you to confirm, and we will expect that your slides and other material will be sent to us no later than February 18, 2011 for our peer review. We peer review slides and other material for inclusion on the conference website (post-conference) and to verify general conformance to OWASP conference presentation guidelines.
  
  
Line 126: Line 129:
  
 
==Questions?==
 
==Questions?==
Please contact us at [mailto:appseclatam2012@owasp.org appseclatam2012@owasp.org] with any questions!
+
Please contact us at [mailto:appsecAPAC2013@owasp.org appsecAPAC2013@owasp.org] with any questions!
  
  
 
= Keynotes  =
 
= Keynotes  =
 
<font size=2pt>
 
<font size=2pt>
== Jerry Hoff  ==
 
  
{| style="background-color: transparent"
+
To Be Announced.
|-
+
! width="200" align="center" | <br>
+
! width="1000" align="center" | <br>
+
|-
+
| align="center" | [[Image:Jerry.png|100px]]
+
| align="justify" |"Building Security Into Frameworks: Who is doing it right": In this talk, Jerry Hoff, VP of the Static Code Analysis Division at WhiteHat Security, will discuss the importance of security controls in mobile and web frameworks.  The talk features a tour through a spectrum of languages and frameworks.  A tip of the hat will be given to frameworks and security controls that demonstrably mitigate vulnerabilities, resulting in more secure code.  A wag of the finger will be given to frameworks that either lack essential security controls, or implement them improperly. 
+
  
Many of the OWASP Top 10 vulnerabilities and their corresponding security controls will be discussed.  Participants will walk away with a better understanding of the security libraries available across a wide array of popular web technologies.
+
<!--
 
+
== Speaker Name ==
 
+
Jerry Hoff is the VP of the Static Code Analysis Division at WhiteHat Security.  Prior to joining WhiteHat, he was a co-founder and managing partner at Infrared Security.  Jerry has worked at a number of fortune ten financial firms, along with years of hands-on security consulting, where he specialized in manual code review, web application penetration testing, and architecture reviews. Jerry also has years of development and teaching experience.  He taught for over seven years at Washington University's CAIT program, and the microcomputer program at University of Missouri in St. Louis. Jerry is the writer/producer of the popular OWASP Appsec Tutorial Series and the lead developer for the WebGoat.NET project. 
+
|}
+
<br>
+
 
+
== Pravir Chandra  ==
+
  
 
{| style="background-color: transparent"
 
{| style="background-color: transparent"
Line 155: Line 145:
 
! width="1000" align="center" | <br>
 
! width="1000" align="center" | <br>
 
|-
 
|-
| align="center" | https://www.owasp.org/images/7/75/PravirChandra_Headshot.jpg
+
| align="center" | [[Image:___________|100px]]
| align="justify" | '''Everything you know about Injection Attack is wrong''': This casual talk will take a look at several mundane vulnerabilities that we all know about and ask a few deeper questions. What are the underlying mechanisms? Does our advice on preventing them *actually* work? Is there a better way when you think of software design patterns? By the end, we’ll challenge the audience to think past the surface of these code vulnerabilities and hopefully learn a little about how the right abstraction model can save tons of security headaches.
+
| align="justify" | Insert talk title, abstract, and bio
 
+
 
+
Pravir Chandra is a veteran in the security space and a long-time OWASP contributor, including his role as the creator and leader of the Open Software Assurance Maturity Model (OpenSAMM) project. Currently as security architect for the CTO of Bloomberg, he drives proactive security initiatives that demonstrate concrete value for the firm. Prior to this, Pravir was Director of Strategic Services at HP/Fortify where he lead software security assurance programs for Fortune 500 clients in a variety of verticals. He is responsible for standing up the most comprehensive and measurably effective programs in existence today. As a thought leader in the security field for over 10 years, Pravir has written many articles, whitepapers, and books and is routinely invited to speak at businesses and conferences world-wide.
+
 
|}
 
|}
 
<br>
 
<br>
  
==Cristian Borghello==
 
{| style="background-color: transparent"
 
|-
 
! width="200" align="center" | <br>
 
! width="1000" align="center" | <br>
 
|-
 
| align="center" | [[Image:Cristian_Borghello.jpg|100px]]
 
| align="justify" | Cristian F. Borghello, es Licenciado en Sistemas, desarrollador, Certified Information Systems Security Professional (CISSP) y Microsoft MVP Security (Most Valuable Professional).
 
Actualmente es Director de Segu-Info y se desempeña como consultor independiente en Seguridad de la Información.
 
Escribe para diversos medios especializados e investiga en forma independiente sobre Seguridad Informática y de la Información.
 
Ha disertado se congresos y seminarios nacionales e internacionales sobre la temática.
 
El interés por la Seguridad Informática y su investigación lo ha llevado a mantener este sitio: [http://www.segu-info.com.ar/ http://www.segu-info.com.ar/]
 
|}
 
<br>
 
 
==Hernán M. Racciatti==
 
{| style="background-color: transparent"
 
|-
 
! width="200" align="center" | <br>
 
! width="1000" align="center" | <br>
 
|-
 
| align="center" | [[Image:Photo_Hernan_Racciatti.jpg|100px]]
 
| align="justify" |Hernan M. Racciatti has 20 years of experience in Information Technology, having dedicated most of his careers in areas related to Information Security.
 
 
Currently serves as Director of Security at SIClabs, advising private companies and public agencies, leading Penetration Test, Security Application Assessment, Code Source Review, pursuing researches about information security, teaching and offering seminars and technical lectures at conferences of national and international level related to his field.
 
 
Among his contributions to the community, should be noted: active participation as a collaborator in some ISECOM´s project (OSSTMM-Open Source Security Testing Methodology Manual and Hacker High School), OISSG (ISSAF – Information Systems Security Assessment Framework), the development of small tools designed to secure information systems and several papers, articles and technical documents written for digital and print publications whit national and international circulation.
 
 
During last year, he found and reported vulnerability in major commercial products.
 
 
Hernan Marcelo Racciatti is member of the Core Team at ISECOM (Institute for Security and Open Methodologies), ISSAF Key Contributor at OISSG (Open Information System Security Group), President of CSA (Cloud Security Alliance) Argentina Chapter, Executive Committee Member of the ONG Argentina Cibersegura, ISSA (Information Systems Security Association) and OWASP (Open Web Application Security Project) Buenos Aires Chapter Member.
 
 
Learn more about Hernan at [http://www.hernanracciatti.com.ar/ http://www.hernanracciatti.com.ar/]
 
|}
 
<br>
 
  
 +
-->
  
 
= Venue  =
 
= Venue  =
 
<font size=2pt>
 
<font size=2pt>
AppSec Latam 2012 will be held in downtown Montevideo, Uruguay at the [http://www.antel.com.uy/antel/institucional/nuestra-empresa/complejo-torre Antel National Telco Company]. Directions are available through: [https://maps.google.com/maps?q=Auditorio+Torre+de+las+Telecomunicaciones,+Guatemala+1075,+Montevideo+11800,+Uruguay&hl=es-419&ll=-34.899448,-56.179104&spn=0.098412,0.181789&geocode=FaOW6_0dt4qm_A&hnear=Auditorio+Torre+de+las+Telecomunicaciones,+Guatemala+1075,+Montevideo+11800,+Uruguay&t=m&z=13 Google Maps]
+
AppSec APAC 2013 will be held at the [http://jeju.regency.hyatt.com Hyatt Regency] in Jeju, South Korea.
<br>
+
<br>
+
  
The conference training and talks will be held in the conference auditorium and interactive room, which are adjacent to the Antel Tower.
 
<br><br>
 
'''Antel Tower:'''<br>
 
  
[[Image:Antel_National_Telco_Building.jpg‎|link=https://maps.google.com/maps?q=Auditorio+Torre+de+las+Telecomunicaciones,+Guatemala+1075,+Montevideo+11800,+Uruguay&hl=es-419&ll=-34.899448,-56.179104&spn=0.098412,0.181789&geocode=FaOW6_0dt4qm_A&hnear=Auditorio+Torre+de+las+Telecomunicaciones,+Guatemala+1075,+Montevideo+11800,+Uruguay&t=m&z=13]]
 
<br><br>
 
<br>
 
'''Antel Telco Auditorium (left) and Auditorium main entrance (right):'''<br>
 
 
[[Image:Antel_Telco_Venue_Auditorium.jpg|320x240px]]
 
[[Image:Antel_Telco_Main_Entrance_to_Auditorium.jpg|320x240px]]
 
<br>
 
<br>
 
<br>
 
'''Inside the Auditorium (left) and Interactive Room (right):'''<br>
 
 
[[Image:Antel_Telco_Auditorium_02.jpg]]
 
[[Image:Antel_Telco_Interactive_Room_02.jpg|320x240px]]]<br>
 
<br>
 
  
 
= Registration and Fees =
 
= Registration and Fees =
 
<font size=2pt>
 
<font size=2pt>
 
== Conference Fees ==
 
== Conference Fees ==
'''Access to conference:'''
 
  
* Before Sept 30th: 3200.00 UYU (approx. 150.00 USD)
+
{{:AppSecAsiaPac2012/Register}}
* Before Oct 31st:  4250.00 UYU (approx. 200.00 USD)
+
* After Nov 1st:    5300.00 UYU (approx. 250.00 USD)
+
 
+
 
+
'''Trainings'''
+
 
+
* One day: 8500.00 UYU (approx. 400.00 USD)
+
* Two days: 17000.00 UYU (approx. 800.00 USD)
+
 
+
 
+
'''Discounts'''
+
 
+
* OWASP Member:  50.00 USD (Note: This discount is equal to the cost of becoming an OWASP paid Member.)
+
* Student: 1600.00 UYU (approx. 75.00 USD). Note: student ID or other proof of current student status is required.
+
* Special discounts available for groups registrations. Please send inquiries to [mailto:appseclatam2012@owasp.org appseclatam2012@owasp.org].
+
+
 
+
== Online Registration ==
+
 
+
Registration is not yet available for this event.  Check back the beginning of September for registration details.
+
  
  
 
= Sponsoring  =
 
= Sponsoring  =
 
<font size=2pt>
 
<font size=2pt>
We are looking for sponsors for 2012 edition of Global AppSec Latin America.
+
We are looking for sponsors for 2013 edition of Global AppSec APAC.
  
  
If you are interested to sponsor Global AppSec Latin America 2012, please contact the conference team: [mailto:appseclatam2012@owasp.org appseclatam2012@owasp.org]
+
If you are interested to sponsor Global AppSec APAC 2013, please contact the conference team: [mailto:appsecAPAC2013@owasp.org AppSecAPAC2013@owasp.org]
  
  
Line 265: Line 177:
  
 
<br>  
 
<br>  
<!--
 
== Diamond Sponsors ==
 
<br>
 
<center>
 
[[Image:elipse_logo3.png|link=http://www.elipse.com.br]]
 
</center>
 
<br>
 
  
== Gold Sponsors ==
 
<br>
 
<center>
 
[[Image:Logoglobo.png|link=http://www.globo.com]] &nbsp; [[Image:IT2S.png|link=http://www.it2s.com.br]] &nbsp; [[Image:LogoSymantec.png|link=http://www.symantec.com]] &nbsp; [[Image:trustwaveappseclatam.jpg|link=https://www.trustwave.com]]
 
</center>
 
<br>
 
-->
 
== Silver Sponsors==
 
<br>
 
<center>
 
[[Image:SPL-LOGO-MED.png|link=https://www.trustwave.com/]]
 
 
</center>
 
<br>
 
 
== Venue Sponsor  ==
 
<br>
 
<center>
 
[[Image:Logo_Antel.jpg|200px|link=http://www.antel.com.uy/]]
 
</center>
 
<br>
 
  
  
Line 302: Line 186:
 
== Accommodation  ==
 
== Accommodation  ==
  
  '''We are currently in the process of negotiating a group rate with one or two local hotels. Please check back for details on those group rates.'''
+
AppSec APAC 2013 will be held at the [http://jeju.regency.hyatt.com Hyatt Regency] in Jeju, South Korea. We have secured a room block with the hotel.
  
  
  
= Social Events =
+
 
 +
 
 +
= Networking Events =
 
<font size=2pt>
 
<font size=2pt>
 
TBA
 
TBA
Line 314: Line 200:
 
<font size=2pt>
 
<font size=2pt>
  
[https://docs.google.com/document/d/1875PxrASC37IxgclLuK7cE9nfOu4D98p5GwSeYHSgas/edit?hl=en_US Meeting Minutes from Latin America Chapters Workshop 2011]
 
  
  
Details on the workshop for 2012 are forthcoming.
+
Details on the workshop for 2013 are forthcoming.
  
  
 
== '''Contact''' ==
 
== '''Contact''' ==
  
Email [mailto:sarah.baso@owasp.org Sarah Baso]  for more details.
+
[http://owasp4.owasp.org/contactus.html Contact Us]  for more details.
  
  
Line 328: Line 213:
 
<font size=2pt>
 
<font size=2pt>
  
==2012 AppSec Latam Conference Volunteer Team==
+
==2013 AppSec APAC Conference Volunteer Team==
* Mateo Martinez
+
* Johnny Cho
* Mauro Flores
+
* Yune Sung
* Martin Tartarelli
+
 
* Fabio Cerullo
+
  
  
Line 341: Line 225:
  
  
Contact us at [mailto:appseclatam2012@owasp.org appseclatam2012@owasp.org]
+
Contact us at [mailto:appsecAPAC2013@owasp.org appsecAPAC2013@owasp.org]
 
</font>
 
</font>
  

Revision as of 07:34, 21 November 2012




Owasp banner 7b.jpg
[edit]

We are pleased to announce that the OWASP South Korea chapter will host the OWASP AppSec APAC 2013 conference in Jeju, South Korea at the Hyatt Regency Jeju. The event will be composed of 2 days of training (February 19-20), followed by 2 days of conference talks (February 21-22).


The Global AppSec APAC 2012 Conference will be a reunion of Information Security Asia-Pacific leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 200-250 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.


If you have any questions, please email the conference committee: AppSecAPAC2013@owasp.org


Who Should Attend Global AppSec APAC 2013:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interested in Improving IT Security




                                                                                                                              Owasp social icon.jpg

Use the #AppSecAsia hashtag for your tweets for AppSec APAC 2013 (What are hashtags?)

@AppSecLatAm Twitter Feed (follow us on Twitter!)


Call for Training

Submit your Training Proposal here: Call for Training Submission Form


Please carefully fill out the CFT form to submit your training proposal for consideration at OWASP AppSec APAC 2012 in Jeju, South Korea.


The training will be held February 19 and 20, 2012 (Tuesday and Wednesday) at the Hyatt Regency (conference talks are February 21st and 22nd). Training courses will be one (8 hours) or two (16 hours) days. We will post your Display Name, Biography, Training Title, and Training Summary to the appsecapac.org site if your talk is selected. If you provide a URL or Twitter handle, we will post that if your training is selected, too.


The deadline for this Call for Training is December 17, 2012. If your training is selected, we will contact you to confirm, and need your completed Training Instructor Agreement before we open your class for registration.


Trainers get a 40% cut of the training revenue. Price for trainees will be $800 (USD) for a 2-day training course and $400 (USD) for a 1-day training course).


If you would like to submit multiple training proposals, please make multiple separate form submissions.


Trainers will receive one free admission (nontransferable) to the conference in return for delivering a one or two day training course.


Training Instructor Agreement

By submitting your training proposal through our CFT, you are consenting to stay within the guidelines of the Training Instructor Agreement. We will ask you to sign and complete the Agreement and email it back to us if your talk is selected and you accept.


Training Instructor Agreement


Questions?

Please contact us at appsecapac2013@owasp.org with any questions!


Call for Papers

Submit your Talk Proposal here: Call for Papers Submission Form


Please carefully fill out the CFP form to submit your talk for consideration at OWASP AppSec APAC 2013 in Jeju, South Korea.

The talks will be held February 21st and 22nd, 2013 at the Hyatt Regency (training is February 19th and 20th). Talks will be 50 minutes each. We will post your Display Name, Biography, Talk Title, and Talk Abstract to the appsecapac.org site if your talk is selected. If you provide a URL or Twitter handle, we will post that if your talk is selected, too.


The first round submission deadline for this Call for Papers is December 12, 2012. The final submission deadline is December 31, 2012. All talk acceptances will be confirmed by January 4, 2013.


If your talk is selected, we will contact you to confirm, and we will expect that your slides and other material will be sent to us no later than February 18, 2011 for our peer review. We peer review slides and other material for inclusion on the conference website (post-conference) and to verify general conformance to OWASP conference presentation guidelines.


If you would like to submit multiple presentations, please make multiple separate form submissions.


Speakers will receive free admission (nontransferable) to the conference in return for delivering a 50 minute talk.


Speaker Agreement

By submitting your proposal for a talk/paper through our CFP, you are consenting to stay within the guidelines of the speaker agreement: https://www.owasp.org/index.php/Speaker_Agreement


Questions?

Please contact us at appsecAPAC2013@owasp.org with any questions!


To Be Announced.


AppSec APAC 2013 will be held at the Hyatt Regency in Jeju, South Korea.


Conference Fees

OWASP AppSec Asia Pacific features two days of training April 11-12, and two days of talks, April 13-14


Please note - all prices below appear in USD; however the exchange rate at the current time is nearly 1:1 with AUD.


Conference Registration Fees (not including training)

Ticket Type
Early (until March 1) Regular Price
Non-Member $495 USD $545 USD
Non-Member plus 1-year OWASP Membership! $495 USD $545 USD
Active OWASP Member $445 USD $495 USD
Student $75 USD $100 USD
Training Only (See pricing table below)


Training Fees

Course Length
Price
1-Day Class $695 USD
2-Day Class $1295 USD

Price per attendee. Please note that conference Registration is separate.

For more information on available training courses and trainer bios, please select the "Trainers and Training Schedule" tab.


Group Discounts

10% off for groups of 10-19 20% off for groups of 20-29 30% off for groups of 30 or more

Please Contact Us for more information about registering a group.


Membership Discounts

We are pleased to offer $50 off admission for active OWASP members, AISA members, and AUSCERT members. Multiple discounts can not be applied.

  • OWASP Members - please select the "Member" registration option to receive your discount. You will need to register using the email address used at the time of enrolling for membership. If you need help remembering this email address, Contact Us.
  • AISA Members - please select one of the "Non-Member" registration options (Non-Member or Non-Member plus one year OWASP membership), and enter discount code: AISA50 in the text box. Proof of membership (i.e. membership number) will be required at the time of registering.
  • AUSCERT Members - please select one of the "Non-Member" registration options (Non-Member or Non-Member plus one year OWASP membership), and enter discount code: AUSCERT50 in the text box. Proof of membership (i.e. membership number) will be required at the time of registering.


Registration for Trainers and Speakers

If you have been selected to deliver a training or talk at the conference, you should have received a discount code for complimentary admission.
If you did not receive this code or have questions, please Contact Us.


Registration for OWASP Leaders

Complimentary admission to the conference is offered to active OWASP Chapter and Project Leaders. Additionally, two seats for each of the training courses are available at no cost to active OWASP Chapter and Project Leaders (available on a first come, first serve basis). To register as an active Chapter or Project leader, please select the "Member" registration option and enter discount code: OWASPLEADER. This is also the discount code that should be used to register for the training course.


Please note: conference and training registration using the OWASPLEADER discount code will be verified by the conference team and if you are not an active OWASP Chapter or Project Leader, you will be contacted regarding your status and your registration may be subject to cancellation.


RegisterForAppsec.png


We are looking for sponsors for 2013 edition of Global AppSec APAC.


If you are interested to sponsor Global AppSec APAC 2013, please contact the conference team: AppSecAPAC2013@owasp.org


To find out more about the different sponsorship opportunities please check the document below:
OWASP AppSec Latam 2012 Sponsorship Options - English




Accommodation

AppSec APAC 2013 will be held at the Hyatt Regency in Jeju, South Korea. We have secured a room block with the hotel.



TBA



Details on the workshop for 2013 are forthcoming.


Contact

Contact Us for more details.


2013 AppSec APAC Conference Volunteer Team

  • Johnny Cho
  • Yune Sung


OWASP Staff Support

  • Sarah Baso
  • Kate Hartmann


Contact us at appsecAPAC2013@owasp.org



Gold Sponsor

Logo Agesic color.jpg

Silver Sponsors

Core TM wtag.png PwC logo 4colourprint (2) Resized good one.jpg

Conference Room Sponsor

DEL COL.jpg

Venue Sponsor

Logo Antel.jpg

Academic Supporters

Ort bord1.JPG Logo-fing.png

Organizational Supporters

AppSecDC2012-ISC2.png