- Call for Papers
- Open Source Projects
- Registration and Fees
- Practical Info
- Networking Events
- Chapter Leader Workshop
Two Day Training Courses
Tuesday & Wednesday, February 19-20, 2013
HACKED - The OWASP Top 10 - Incident Response
Trainer: Chris Pogue (Trustwave Spiderlabs)
Audience: Management, Technical, Operations, DevOps, Law Enforcement
Level: Intermediate, Advanced
Language: Training will be conducted in English
After completing this course, you will possess the skills to successfully conduct a basic network intrusion investigation that adheres to a formal methodology to ensure the admissibility of evidence in a court of law and ultimately increases the chances of apprehending the intruder. You will engage in hands-‐on labs and instructor demos of network intrusion concepts in a “real-‐world” environment. The real-‐world environment is made possible through the use of Virtual Machines (VMs). Each VM is pre-‐configured to mimic the different Operating Systems(OSs), network environments and intrusion issues that you may encounter.
Note: Students must furnish their own laptop running a version of Microsoft Windows. VMware Workstation or Server will also be required in order to participate in the hands-‐on labs. Laptop should have at least 20GB of free space.
Chris Pogue is a Senior Security Analyst for the Spiderlabs Incident Response and Digital Forensics team at Trustwave. He has over ten years of administrative and security experience including three years on the IBM ISS X-Force Emergency Response Services Team, five years with IBM’s Ethical Hacking Team, and 13 years of Active Military service in the US Army Signal Corps.
Chris also has worked with local, state, and federal law enforcement agencies such as the New York Police Department, the Royal Canadian Mounted Police, the Federal Bureau of Investigation, and The United States Secret Service to help pursue the digital evidence left behind by criminals of all types. His efforts have lead to arrests and convictions in Oklahoma, New York, Florida, Albania, and Germany.
Chris holds a Bachelor's Degree in Business Management, a Master’s degree in Information Security, is a Certified Information Systems Security Professional, (CISSP), a Certified Ethical Hacker (CEH), a Certified Reverse Engineering Analyst (CREA), a GIAC Certified Forensics Analyst (GCFA), and a VISA PCI DSS Qualified Security Assessor (QSA).
Advanced Android and iOS Hands-on Exploitation Course
Trainers: Aditya Gupta and Subho Halder (XYSec)
Audience: Management, Technical, DevOps, Developers
Level: Basic, Intermediate
Language: Training will be conducted in English
This fast-paced workshop will get you familiar with the various Android as well as iOS exploitation techniques, and bypassing most of the existing security models in both of the platforms. We will also discuss about a framework, which we have made for Android Exploitation, named as the Android Framework for Exploitation, which will help security researchers to perform automated and in-depth analysis of bug hunting and security assessment of Android Application and platforms.
For iOS, we will be looking into the application security assessment, creating a pentest environment, present sandboxing model, and much more. We will also be looking into Android rooting and iOS jailbreaking exploits, and recreate the scenario from the scratch.
Aditya Gupta is a renowned mobile security expert and information security researcher. Also being the lead developer and co-creator of Android Framework for Exploitation, he has done a lot of in-depth research on the security of mobile devices including Android, iOS and Blackberry.
He has also discovered serious security flaws in websites such as Google, Apple, Microsoft, Adobe, Skype and many more. In his work with XYSEC, he is committed to perform VAPT and Mobile Application Security Analysis. He has also been working with government clients and intelligence agencies in India, as well as providing them trainings and services on Malware Analysis, Exploit Development and Advanced Web App Hacking.
He has also previously spoken at a bunch of conferences including BlackHat, Toorcon, ClubHack, Nullcon, THC, Defcon India Chapter and many more.
Subho Halder is a Programmer, Security Researcher and Penetration Tester. He loves writing exploits and programming in PHP, Java, Perl and Python. He is well equipped and has a deep understanding of Android and Blackberry frameworks.
Call for Papers
Submit your Talk Proposal here: Call for Papers Submission Form
발표 주제를 제출해 주시기 바랍니다. : 발표 주제 제출 양식
Please carefully fill out the CFP form to submit your talk for consideration at OWASP AppSec APAC 2013 in Jeju, South Korea.
The talks will be held February 21st and 22nd, 2013 at the Hyatt Regency (training is February 19th and 20th). Talks will be 50 minutes each. We will post your Display Name, Biography, Talk Title, and Talk Abstract to the appsecapac.org site if your talk is selected. If you provide a URL or Twitter handle, we will post that if your talk is selected, too.
The first round submission deadline for this Call for Papers is December 12, 2012. The final submission deadline is December 31, 2012. All talk acceptances will be confirmed by January 4, 2013.
If your talk is selected, we will contact you to confirm, and we will expect that your slides and other material will be sent to us no later than February 13, 2013 for our peer review. We peer review slides and other material for inclusion on the conference website (post-conference) and to verify general conformance to OWASP conference presentation guidelines.
If you would like to submit multiple presentations, please make multiple separate form submissions.
Speakers will receive free admission (nontransferable) to the conference in return for delivering a 50 minute talk.
By submitting your proposal for a talk/paper through our CFP, you are consenting to stay within the guidelines of the speaker agreement: https://www.owasp.org/index.php/Speaker_Agreement
Please contact us at appsecAPAC2013@owasp.org with any questions!
OWASP Project Track Opportunities
The AppSec APAC conference organizers, in conjunction with the Global Projects Division, is pleased to announce a Call for Entries for the 2013 OWASP Project Track (OPT).
We are offering a limited number of FREE speaking opportunities to open source projects this year, as well as FREE conference admission for the representatives of the chosen projects. We would like to invite ALL open source projects to apply.
About the AppSec APAC 2013 OWASP Projects Track
This is a great opportunity for OWASP Project Leaders to showcase their project as an official conference presenter. Please note that successful OPT applicants are responsible for developing and presenting in their designated timeslot at the conference.
For an opportunity to present your open source project through the OPT at AppSec APAC 2013, please submit your application using the OSPT APAC 2013 Application.
OWASP Project Leaders have the option of requesting financial assistance from the Foundation to cover travel and hotel expenses ONLY. This funding is only available to projects that have been selected to participate in the OPT at AppSec APAC 2013. Preference will be given to OWASP Project Leaders that are applying to present at the confernce that is closest to their region. Additionally, preference will be given to OWASP Project Leaders that have not presented or participated in the OPT forum.
Date and Times
OPT Applications are due: December 28, 2012
February 19-22, 2013
OPT DATE & TIME
All OPT Talks will be held between February 21-22, 2013.
Hyatt Regency Jeju
114,Jongmoongwangwang-ro 72 beon-gil,Seogwipo-si,
Jeju Special Self-Governing Province
Phone: +82 64 733 1234
If you have any questions, or if you simply need some more information, please do not hesitate to Contact Us.
To Be Announced.
AppSec APAC 2013 will be held at the Hyatt Regency in Jeju, South Korea.
Conference Registration is now open! Click Here to Register.
OWASP AppSec Asia Pacific features two days of training February 19-20, and two days of talks, February 21-22, 2013
Please note - all prices below appear in USD; however arrangements can be made for payment in South Korean Won.
Conference Registration Fees (not including training)
| Ticket Type
||Early (until January 18)||Regular Price|
|Non-Member||$295 USD||$395 USD|
|Non-Member plus 1-year OWASP Membership!||$295 USD||$395 USD|
|Active OWASP Member||$275 USD||$375 USD|
|Student||$75 USD||$100 USD|
|Training Only||(See pricing table below)|
| Course Length
|| Course Date(s)
|1-Day Class||Wednesday, Feb 20||$400 USD|
|2-Day Class||Tuesday and Wednesday, Feb 19-20||$800 USD|
Price per attendee. Please note that conference Registration is separate.
For more information on available training courses and trainer bios, please select the "Trainers and Training Schedule" tab.
Optional Conference Events
|| Date & Time
|1/2 Day Developer Workshop||Wednesday, Feb 20, 1-5pm||Complimentary|
|Chapter Leader Workshop||Wednesday, Feb 20, 6:30-9:30pm||Complimentary|
|Conference Networking Dinner||Thursday, Feb 21, 7-9pm||$50 USD|
Sign up for any of these optional items by registering for the conference.
10% off for groups of 10-19 20% off for groups of 20-29 30% off for groups of 30 or more
Please Contact Us for more information about registering a group.
We are pleased to offer $20 off admission for active OWASP members. Multiple discounts can not be applied.
Registration for Trainers and Speakers
If you have been selected to deliver a training or talk at the conference, you should have received a discount code for complimentary admission.
If you did not receive this code or have questions, please Contact Us.
Registration for OWASP Leaders
Complimentary admission to the conference is offered to active OWASP Chapter and Project Leaders. Additionally, two seats for each of the training courses are available at no cost to active OWASP Chapter and Project Leaders (available on a first come, first serve basis). To register as an active Chapter or Project leader, please select the general event registration option and enter discount code: OWASPLEADER.
Please note: conference and training registration using the OWASPLEADER discount code will be verified by the conference team and if you are not an active OWASP Chapter or Project Leader, you will be contacted regarding your status and your registration may be subject to cancellation.
We are looking for sponsors for 2013 edition of Global AppSec APAC.
If you are interested to sponsor Global AppSec APAC 2013, please contact the conference team: AppSecAPAC2013@owasp.org
Sponsorship Deadline is January 15, 2013.
To find out more about the different sponsorship opportunities please check the document below:
OWASP AppSec APAC 2013 Sponsorship Options - English
OWASP AppSec APAC 2013 Sponsorship Options - Korean
AppSec APAC 2013 will be held at the Hyatt Regency in Jeju, South Korea. We have secured a room block with the hotel.
The Global Chapter Committee invites all chapter leaders to participate in the upcoming Chapter Leader Workshops at AppSec APAC 2013.
- AppSec APAC – Jeju, South Korea – February 19-22, 2013
- January 7, 2013 - Appsec APAC Chapters Workshop sponsorships applications due - January 14 - Applicants notified of status
The Chapter Leader Workshop format will continue to follow the Q & A format used during AppSec USA and AppSec LATAM. Questions and discussion will focus on sections of the Chapter Leader Handbook, OWASP Global Chapter resources, and local chapter challenges.
- If you need financial assistance* to attend the Chapter Leader Workshops please contact us by the application deadline.
- Priority of sponsorships will be given to those not covered by sponsorship to attend a previous workshop. Additionally, we are looking for new or struggling chapter leaders who need assistance kick starting their chapter.
- When you apply for funding, please let us know *why we should sponsor you*. While we prefer that chapter leaders use their own chapter's funds before requesting a sponsorship, this is not a requirement for application.
- If your chapter has fund but will not be using them to sponsor your attendance, please include why you will not be using the funds for this purpose (i.e. what are the other plans for those funds?).
If any questions, please contact us
Kate Hartmann on behalf of the Global Chapters Committee
Contact Us for more details.