Difference between revisions of "OWASP AppSec DC 2012/Schedule/4-5-2012"

From OWASP
Jump to: navigation, search
 
Line 47: Line 47:
 
| align=center width=200 valign=middle height=60 bgcolor=#a0c0e0 align=center  | [[OWASP_AppSec_DC_2012/WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment|Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec
 
| align=center width=200 valign=middle height=60 bgcolor=#a0c0e0 align=center  | [[OWASP_AppSec_DC_2012/WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment|Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec
 
Live Environment]]<br>video | [[media: ASDC12-WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment.pdf|slides]]<br><br>Kevin Johnson and Tony Delagrange
 
Live Environment]]<br>video | [[media: ASDC12-WhackaMobile_II_Mobile_App_Pen_Testing_with_the_MobiSecLive_Environment.pdf|slides]]<br><br>Kevin Johnson and Tony Delagrange
| align=center width=200 valign=middle height=60 bgcolor=#b3ff99 align=center  | [[OWASP AppSec DC 2012/Proactive risk mitigation within the Software Development Lifecycle (SDLC)|Proactive risk mitigation within the Software Development Lifecycle (SDLC)]]<br>video | slides<br><br>Joe White
+
| align=center width=200 valign=middle height=60 bgcolor=#b3ff99 align=center  | [[OWASP AppSec DC 2012/Proactive risk mitigation within the Software Development Lifecycle (SDLC)|Proactive risk mitigation within the Software Development Lifecycle (SDLC)]]<br>video | [[media:ASDC12-Proactive_Risk_Mitigation_within_the_Software_Development_Lifecycle.pdf|slides]]<br><br>Joe White
 
|-  
 
|-  
 
|  width=72 valign=middle bgcolor=#7b8abd | 2:20 PM - 2:30 PM
 
|  width=72 valign=middle bgcolor=#7b8abd | 2:20 PM - 2:30 PM

Latest revision as of 11:48, 4 May 2012

Plenary Day 2 - 4/5/2012
Critical Infrastructure
Room 201
Defend!
Room 202A
On the Go
Room 202B
SDLC
Room 206
7:30 AM - 9:00 AM Registration
9:00 AM - 9:50 AM Pentesting Smart Grid Web Apps
video | slides

Justin Searle
Friends don't let friends store passwords in source code
video | slides

Neil Matatall
Smart Bombs: Mobile Vulnerability and Exploitation
video | slides

Kevin Johnson, John Sawyer and Tom Eston
Overcoming the Quality vs. Quantity Problem in Software Security Testing
video | slides

Rafal Los
Web Application Defense with Bayesian Attack Analysis
video | slides

Ryan Barnett
9:50 AM - 10:00 AM Coffee Break
10:00 AM - 10:50 AM Vulnerabilities in Industrial Control Systems
video | slides

Kevin Hemsly
Access Control Designs and Pitfalls
video | slides

Jim Manico
Software Security Goes Mobile
video | slides

Jacob West
Baking In Security, Sweet, Secure, Cupcakes
video | slides

Ken Johnson and Matt Ahrens
10:50 AM - 11:00 AM Coffee Break
11:00 AM - 11:50 AM AMI Security
video | slides

John Sawyer and Don Weber
SharePoint Security 101
video | slides

Rob Rachwald, Amichai Shulman and Noa Bar-Yosef
Behind Enemy Lines - Practical& Triage Approaches to Mobile Security Abroad - 2012 Edition
video | slides

Justin Morehouse
Understanding IAST - More Context, Better Analysis
video | slides

Jeff Williams
11:50 AM - 1:30 PM No-Host Lunch
1:30 PM - 2:20 PM Project Basecamp: News from Camp 4
video | slides

Reid Wightman
Enterprise Security API (ESAPI) for C Plus Plus
video | slides

Dan Amodio
Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment
video | slides

Kevin Johnson and Tony Delagrange
Proactive risk mitigation within the Software Development Lifecycle (SDLC)
video | slides

Joe White
2:20 PM - 2:30 PM Coffee Break
2:30 PM - 3:20 PM Real world backdoors on industrial devices
video | slides

Ruben Santamarta
Dynamic DAST/WAF Integration
video | slides

Ryan Barnett
An In-Depth Introduction to the Android Permissions Model, and How to Secure Multi-Component Applications
video | slides

Jeff Six
Teaching an Old Dog New Tricks: Securing Development with PMD
video | slides

Joe Hemler
3:20 PM - 3:30 PM Coffee Break
3:30 PM - 4:20 PM Denial of Surface.
video | slides

Eireann Leverett
Cloud-based dWAF: A Real World Deployment Case Study
video | slides

Alexander Meisel
Android in the Healthcare Workplace: A Case Study
video | slides

Thomas Richards
What can an Acquirer do to prevent developers from make dangerous software errors?
No video avail | slides

Michele Moss and Don Davidson
4:20 PM - 4:30 PM Coffee Break
4:30 PM - 5:20 PM Securing Critical Infrastructure
video | slides

Francis Cianfrocca and Bob Lam
Using PHPIDS to Understand Attacks Trends
video | slides

Salvador Grec
Mobile Application Security - Who, how and why
video | slides

Mike Park and Charles Henderson
Private information Protection in Cloud Computing _ Laws, Compliance and Cloud Security Misconceptions
video | slides

Mikhail Utin and Daniil Utin
5:20 PM Closing Remarks
Room 202A