Difference between revisions of "OWASP AppSec Asia 2007"

From OWASP
Jump to: navigation, search
(Dr. Ching-Chi Hsu)
(OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007))
 
(36 intermediate revisions by one user not shown)
Line 1: Line 1:
 
[[Image:MG_0476.jpg|733px]]
 
[[Image:MG_0476.jpg|733px]]
  
== OWASP AppSec Asia 2007 - September 27th, 2007==
+
== OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)==
  
 
[[Image:owasp_appsec_asia_2007.jpg|733px]]
 
[[Image:owasp_appsec_asia_2007.jpg|733px]]
  
= OWASP AppSec Asia 2007 - Conference Schedule (September 27th) =
+
= OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007) =
 
{| style="width:80%" border="0" align="center"
 
{| style="width:80%" border="0" align="center"
 
  ! colspan="4" align="center" style="background:#4F81BD; color:white" |  
 
  ! colspan="4" align="center" style="background:#4F81BD; color:white" |  
Line 12: Line 12:
 
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
 
| align="center" style="width:33%; background:#4F81BD; color:white" | '''TIME''' || style="width:33%; background:#4F81BD; color:white" align="center" | '''SESSION'''
 
  | style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''
 
  | style="width:33%; background:#4F81BD; color:white" align="center" | '''SPEAKER'''
 
 
   
 
   
 
  |-
 
  |-
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 hrs - 13:40 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''<BR>Opening Keynote<BR><br>'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:30 hrs - 13:40 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Keynote <BR>Opening Keynote]<BR><br>'''
 
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang Wayne Huang<br>Chair, OWASP Taiwan Chapter]<br>'''
 
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Wayne_Huang Wayne Huang<br>Chair, OWASP Taiwan Chapter]<br>'''
 
  |-
 
  |-
  
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:40 hrs - 13:50 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''<BR>Opening Remark<BR><br>'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:40 hrs - 13:50 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark]<BR><br>'''
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''Dr. Ching-Chi Hsu <br>Vice President, III Taiwan<br>'''
+
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Dr._Ching-Chi_Hsu Dr. Ching-Chi Hsu <br>Vice President, III Taiwan]<br>'''
 
  |-
 
  |-
  
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:50 hrs - 14:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''<BR>Opening Remark II<BR><br>'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''13:50 hrs - 14:00 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Opening_Remark <BR>Opening Remark II]<BR><br>'''
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''David Chang<br>Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan<br><br>'''
+
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" |  '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#David_Chang David Chang<br>Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan]<br><br>'''
 
  |-
 
  |-
  
| align="center" style="width:20%; background:#4F81BD; color:white" | ''Talk Session I ''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Changing Faces in Web Attacks''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''Talk Session I''' || colspan="3" style="width:80%; background:#4F81BD; color:white" align="center" | '''Changing Faces in Web Attacks'''
 
|-
 
|-
  
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:00 hrs - 14:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman_.28Founder_and_CTO.2C_WhiteHat_Security.29_.282:00pm-2:30pm.29 The Next Challenge to Web Security: Business Logic Flaws]<br>'''
+
| align="center" style="width:20%; background:#4F81BD; color:white" | '''14:00 hrs - 14:30 hrs''' || style="width:30%; background:#A7BFDE" align="center" | '''[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman The Next Challenge to Web Security: Business Logic Flaws]<br>'''
 
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman_.28Founder_and_CTO.2C_WhiteHat_Security.29_.282:00pm-2:30pm.29  Jeremiah Grossman <br>Founder and CTO, WhiteHat Security]<br><BR>'''  
 
  | style="width:40%; background:#EEF0F7; color:#4A4AFF" align="center" | '''<BR>[https://www.owasp.org/index.php/OWASP_AppSec_Asia_2007#Jeremiah_Grossman_.28Founder_and_CTO.2C_WhiteHat_Security.29_.282:00pm-2:30pm.29  Jeremiah Grossman <br>Founder and CTO, WhiteHat Security]<br><BR>'''  
 
  |-
 
  |-
Line 70: Line 69:
 
'''Chair, OWASP Taiwan Chapter'''
 
'''Chair, OWASP Taiwan Chapter'''
  
'''Bio''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
+
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
  
  
Line 82: Line 81:
  
 
====Dr. Ching-Chi Hsu====
 
====Dr. Ching-Chi Hsu====
'''Vice President, [http://www.iii.org/ Insurance Information Institute] Taiwan'''
+
'''Vice President, [http://www.iii.org/ Insurance Information Institute], Taiwan'''
 +
 
 +
Dr. Hsu was a professor of the [http://www.csie.ntu.edu.tw/ Department of Information Engineering] of [http://www.ntu.edu.tw National Taiwan University] for several years and became the Chairman of the Department in 2000.  After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of [http://www.knu.edu.tw/ Kai Nan University].  Nowadays, Dr. Hsu is the Executive Vice President of the [http://www.iii.org/ Institute for Information Industry], which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.
  
'''Bio''': Dr. Hsu was a professor of the [http://www.csie.ntu.edu.tw/ Department of Information Engineering] of [http://www.ntu.edu.tw National Taiwan University] for several years and became the Chairman of the Department in 2000.  After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of [http://www.knu.edu.tw/ Kai Nan University].  Nowadays, Dr. Hsu is the Executive Vice President of the [http://www.iii.org/ Institute for Information Industry], which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.
 
  
 
====David Chang====
 
====David Chang====
Secretary General, [http://www.cisanet.org.tw/ Information Service Industry Association of R.O.C (CISA)] Taiwan (1:50pm-2:00pm)
+
'''Secretary General, [http://www.cisanet.org.tw/ Information Service Industry Association of R.O.C (CISA)] Taiwan'''
  
  
Line 99: Line 99:
  
 
====Jeremiah Grossman====
 
====Jeremiah Grossman====
'''Founder and CTO, WhiteHat Security (2:00pm-2:30pm)'''
+
'''Founder and CTO, WhiteHat Security '''
  
 
'''Talk Title''': '''''The Next Challenge to Web Security: Business Logic Flaws'''''
 
'''Talk Title''': '''''The Next Challenge to Web Security: Business Logic Flaws'''''
Line 109: Line 109:
  
 
====Daniel Hsu====
 
====Daniel Hsu====
'''(Manager Security Service - North East Asia, Global Security, American Express) (2:30pm-3:00pm)'''
+
'''Manager Security Service - North East Asia, Global Security, American Express'''
  
 
'''Talk Title''': '''''From a user perspective, what are CSOs' real concerns?'''''
 
'''Talk Title''': '''''From a user perspective, what are CSOs' real concerns?'''''
Line 115: Line 115:
 
'''Previous Talks''': Asia Security Weeks, SecuTech Expo
 
'''Previous Talks''': Asia Security Weeks, SecuTech Expo
  
'''Bio''': Daniel Hsu have been in corporate security professional field for over a decade.  After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's ''Information Security Management'' magazine, and is the editor of the Chinese version ''Introduction to Security Management'' book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.
+
Daniel Hsu have been in corporate security professional field for over a decade.  After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's ''Information Security Management'' magazine, and is the editor of the Chinese version ''Introduction to Security Management'' book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.
 +
 
  
 
====Jack Yu====
 
====Jack Yu====
'''(Editor-In-Chief, InfoSecurity Magazine Taiwan) (3:00pm-3:30pm)'''
+
'''Editor-In-Chief, InfoSecurity Magazine Taiwan'''
  
 
'''Talk Title''': '''''Live in Battle:  The NetArmy and Cross-Straight Digital Warfare'''''
 
'''Talk Title''': '''''Live in Battle:  The NetArmy and Cross-Straight Digital Warfare'''''
  
 +
 +
----
 
===Talk Session II:  Current Best Practices and Solutions===
 
===Talk Session II:  Current Best Practices and Solutions===
==== Mike Shema (Lead Security Researcher, Qualys) (4:00pm-4:30pm)====
 
  
 +
----
 +
 +
----
 +
 +
==== Mike Shema====
 +
'''Lead Security Researcher, Qualys
 +
'''
  
 
'''Talk Title''': '''''Automated Tools: Are They Any Good for Enterprises?'''''
 
'''Talk Title''': '''''Automated Tools: Are They Any Good for Enterprises?'''''
Line 132: Line 141:
 
'''Publications''':Author of 9 best-selling books
 
'''Publications''':Author of 9 best-selling books
  
 +
Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
  
  
'''Bio''': Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.
+
====Wayne Huang====
<hr>
+
'''Founder and CEO, [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies Inc.]'''
 
+
====Wayne Huang, (Founder and CEO, [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies])(4:30pm-5:00pm)====
+
 
+
  
 
'''Talk Title''': '''''Secure Web Developing using Static Analysis'''''
 
'''Talk Title''': '''''Secure Web Developing using Static Analysis'''''
Line 146: Line 153:
 
'''Publications''': Security in the 21st Century, Several IEEE/ACM papers
 
'''Publications''': Security in the 21st Century, Several IEEE/ACM papers
  
 +
Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
  
'''Bio''': Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of [http://www.armorize.com/?utm_source=HIT&utm_medium=web Armorize Technologies]. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.
+
 
<hr>
+
----
  
 
===Round Table Panel Discussion (5:00pm-5:30pm)===
 
===Round Table Panel Discussion (5:00pm-5:30pm)===
  
=Free Registration=
+
----
Please email to [mailto:info@owasp.org.tw?subject=OWASP_Taiwan_Registration info@owasp.org.tw] and provide the following information:
+
 
#Name:
+
----
#Company:
+
 
#Title:
+
=Registration=
#Email:
+
 
#Phone:
+
This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon.
  
 
=Venue=
 
=Venue=
Line 165: Line 173:
 
=Sponsors=
 
=Sponsors=
  
The following organizations are sponsors for this conference. If you are interested in sponsoring an OWASP conference, please contact OWASP at: conferences 'at' owasp.org.
+
[http://www.owasp.org/index.php/Taiwan https://www.owasp.org/images/f/f0/OWASP_Taiwan.png]
 
+
[http://www.iii.org.tw/english/ https://www.owasp.org/images/7/75/III.png]
[http://www.owasp.org/index.php/Taiwan http://www.owasp.org/images/9/9a/OWASP_TW_Banner.png]
+
[http://web.cisanet.org.tw/ https://www.owasp.org/images/6/64/CISA.png]
[http://www.iii.org.tw/english/ http://www.iii.org.tw/english/images/logo_iii.gif]
+
[http://www.isecutech.com.tw/main/index.aspx https://www.owasp.org/images/2/2b/Infosec2.png]
[http://www.isecutech.com.tw/main/index.aspx http://www.isecutech.com.tw/images/logo.jpg]  
+
[http://web.cisanet.org.tw/ http://web.cisanet.org.tw/GB/banner.gif]
+

Latest revision as of 06:12, 30 September 2008

MG 0476.jpg

Contents

OWASP AppSec Asia 2007 - Conference Brochure (September 27th, 2007)

Owasp appsec asia 2007.jpg

OWASP AppSec Asia 2007 - Conference Schedule (September 27th, 2007)

TIME SESSION SPEAKER
13:30 hrs - 13:40 hrs
Opening Keynote


Wayne Huang
Chair, OWASP Taiwan Chapter

13:40 hrs - 13:50 hrs
Opening Remark


Dr. Ching-Chi Hsu
Vice President, III Taiwan

13:50 hrs - 14:00 hrs
Opening Remark II


David Chang
Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan


Talk Session I Changing Faces in Web Attacks
14:00 hrs - 14:30 hrs The Next Challenge to Web Security: Business Logic Flaws

Jeremiah Grossman
Founder and CTO, WhiteHat Security


14:30 hrs - 15:00 hrs From a user perspective, what are CSOs' real concerns?
Daniel Hsu
Manager Security Service - North East Asia, Global Security, American Express


15:00 hrs - 15:30 hrs Live in Battle: The NetArmy and Cross-Straight Digital Warfare
Jack Yu
Editor-In-Chief, InfoSecurity Magazine Taiwan


Talk Session II Current Best Practices and Solutions
16:00 hrs - 16:30 hrs Automated Tools: Are They Any Good for Enterprises?
Mike Shema
Lead Security Researcher, Qualys


16:30 hrs - 17:00 hrs Secure Web Developing using Static Analysis
Wayne Huang,
Founder and CEO, Armorize Technologies


17:00 hrs - 17:30 hrs Round Table Panel Discussion

Opening Keynote



Wayne Huang

Chair, OWASP Taiwan Chapter

Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.



Opening Remark



Dr. Ching-Chi Hsu

Vice President, Insurance Information Institute, Taiwan

Dr. Hsu was a professor of the Department of Information Engineering of National Taiwan University for several years and became the Chairman of the Department in 2000. After over 25 years serving at National Taiwan University, Dr. Hsu was promoted as the President of Kai Nan University. Nowadays, Dr. Hsu is the Executive Vice President of the Institute for Information Industry, which provides the innovative R&D, software technologies and interoperability standards for Taiwan ICT industries on fostering development of the ICT industry.


David Chang

Secretary General, Information Service Industry Association of R.O.C (CISA) Taiwan



Talk Session I: Changing Faces in Web Attacks



Jeremiah Grossman

Founder and CTO, WhiteHat Security

Talk Title: The Next Challenge to Web Security: Business Logic Flaws

Previous Talks:BlackHat Briefings, Defcon, ISACA, CSI, OWASP, Vanguard, ISSA

Publications:XSS Attacks


Daniel Hsu

Manager Security Service - North East Asia, Global Security, American Express

Talk Title: From a user perspective, what are CSOs' real concerns?

Previous Talks: Asia Security Weeks, SecuTech Expo

Daniel Hsu have been in corporate security professional field for over a decade. After his successful naval career, he has been the head and/or founder of the corporate security department for UPS (East Asia), FarEasTone Telecom (Corporate), Taipei 101 (Corporate) and American Express (North & East Asia). Daniel is a regular contributor and editorial advisor to several security professional magazines. He has his own column in Taiwan's Information Security Management magazine, and is the editor of the Chinese version Introduction to Security Management book. He is a veteran lecturer/speaker in several local and international security related conferences and seminars. He serves as the Chairperson of Taiwan Chapter, ASIS International since 2003. He has been elected and served as Steering Committee Member for Asia Crisis & Security Group since 2006. Daniel is the first Taiwanese who's been accredited the Certified Protection Professional (CPP) credential from ASIS International. Daniel holds MSc in Maritime Operations at LJMU, UK and EMBA in Risk Management at NCCU, Taiwan ROC. He is also a licensed naval engineer and airplane pilot.


Jack Yu

Editor-In-Chief, InfoSecurity Magazine Taiwan

Talk Title: Live in Battle: The NetArmy and Cross-Straight Digital Warfare



Talk Session II: Current Best Practices and Solutions



Mike Shema

Lead Security Researcher, Qualys

Talk Title: Automated Tools: Are They Any Good for Enterprises?

Previous Talks:BlackHat 2004, RSA 2005, IT Underground 2006, and SACIS 2007. Training at BlackHat conferences in the U.S. and Europe

Publications:Author of 9 best-selling books

Mr. Shema is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit, and the author of Hack Notes: Web Application Security. Mr. Shema worked for several years as a consultant and trainer at Foundstone where he conducted information security assessments across a variety of technologies and industries. He also worked at NT Objectives to develop assessment and mitigation strategies for all aspects of web application security. While his security background ranges across network penetration testing, wireless auditing, code review, and training, Mr. Shema primarily focuses on web application security. Mr. Shema is currently employed by Qualys, developing tools that automate the web application audit process.


Wayne Huang

Founder and CEO, Armorize Technologies Inc.

Talk Title: Secure Web Developing using Static Analysis

Previous Talks: RSA, ACM/W3C WWW, IEEE DSN, IEEE ISSRE, Hacks in Taiwan

Publications: Security in the 21st Century, Several IEEE/ACM papers

Wayne Huang is first author of two award-winning security papers in the International WWW Conference (2003, 2004) and the co-author of "Computer Security in the 21st Century". Wayne is the founder and CEO of Armorize Technologies. He received the Microsoft Research Fellowship in 2005. He is a Ph.D. candidate at EE, National Taiwan University. He was the first author of many well-cited papers on web application security.



Round Table Panel Discussion (5:00pm-5:30pm)



Registration

This event is over, the registration for OWASP AppSec Asia 2008 will be announced soon.

Venue

NTUH International Convention Center, Taipei, Taiwan

Sponsors

OWASP_Taiwan.png III.png CISA.png Infosec2.png