Difference between revisions of "EUTour2013 London Agenda"

From OWASP
Jump to: navigation, search
m (OWASP Europe Tour - London 2013)
m (OWASP Europe Tour - London 2013)
Line 87: Line 87:
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Teaching an Old Dog New Tricks: Securing Development with PMD
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Teaching an Old Dog New Tricks: Securing Development with PMD
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Justin Clarke
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Justin Clarke
| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Using static analysis to identify software bugs is not a new paradigm. For years, developers have used static analysis tools to identifying code quality issues. While these tools may not be specifically designed for identifying security bugs, in many cases their underlying analysis engine can be adapted to do so with custom rules. This presentation will discuss how custom security rules can be added to existing code quality tools to identify potential software security bugs. In many cases, developers are already familiar with these tools and run them during development on a regular basis. Armed with security rulesets, the tools can also be valuable to security code auditors and penetration testers. Writing custom software security rules for the popular Java code scanning tool PMD will be the focus of the presentation.
+
| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Using static analysis to identify software bugs is not a new paradigm. For years, developers have used static analysis tools to identifying code quality issues. While these tools may not be specifically designed for identifying security bugs. This presentation will discuss how custom security rules can be added to existing code quality tools to identify potential software security bugs. Writing custom software security rules for the popular Java code scanning tool PMD will be the focus of the presentation.
 
|-
 
|-
 
| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 2:00PM <br>(45 mins)
 
| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 2:00PM <br>(45 mins)

Revision as of 05:21, 20 May 2013

Eu tour1.png

OWASP EUROPE TOUR 2013

Tour Home Page
Tour Scheadule
Tour Organizers Resources
Mailing List

CONFERENCE AND TRAINING

OWASP Europe Tour - London 2013

Monday 3rd June

DESCRIPTION
OWASP Europe TOUR, is an event across the European region that promotes awareness about application security, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Apart from OWASP's Top 10, most OWASP Projects are not widely used and understood. In most cases this is not due to lack of quality and usefulness of those Document & Tool projects, but due to a lack of understanding of where they fit in an Enterprise's security ecosystem or in the Web Application Development Life-cycle.
  • This event aims to change that by providing a selection of mature and enterprise ready projects together with practical examples of how to use them.
OWASP MEMBERSHIP
During the OWASP Europe Tour you could become a member and support our mission.

Become an OWASP member by clicking here


London EUTour2013 Conference Day (Monday 3rd June)

Fecha Lugar
Monday 13th May Venue Location: Lion Court Conference Centre

Venue Address: 25 Procter Street, Holborn, London, WC1V 6NY
Venue Map: Google Maps

Price and registration
This event is FREE and open to all
Registration Link to the Europe Tour: REGISTER HERE!



Conference Details
Time Title Speaker Description
09:00 am
(45 mins)
Registration and Tea/Coffee
9:45 am
(15 mins)
Introduction & Welcome Justin Clarke - London OWASP Chapter Leader Introduction to OWASP & London Event Schedule for the Day
10:00AM
(45 mins)
TBD TBD TBD
10:45AM
(45 mins)
TBD TBD TBD
11:30AM
(45 mins)
PCI for Developers Fabio Cerullo TBD
12:15PM
(60 mins)
Lunch
1:15PM
(45 mins)
Teaching an Old Dog New Tricks: Securing Development with PMD Justin Clarke Using static analysis to identify software bugs is not a new paradigm. For years, developers have used static analysis tools to identifying code quality issues. While these tools may not be specifically designed for identifying security bugs. This presentation will discuss how custom security rules can be added to existing code quality tools to identify potential software security bugs. Writing custom software security rules for the popular Java code scanning tool PMD will be the focus of the presentation.
2:00PM
(45 mins)
TBD TBD TBD
2:45PM
(30 mins)
Tea/Coffee Break and Networking
3:15PM
(45 mins)
OWASP Cornucopia Colin Watson - Project Leader Microsoft's Escalation of Privilege (EoP) threat modelling card game has been refreshed into a new version more suitable for common web applications, and aligned with OWASP advice and guides. "OWASP Cornucopia - Ecommerce Web Application Edition" will be presented and used to demonstrate how it can help developers identify security requirements from the OWASP Secure Coding Practices - Quick Reference Guide. It is now referenced by a PCIDSS information supplement.
4:00PM
(45 mins)
TBD TBD TBD