OWASP AppSec Europe 2007 - Italy/Agenda

Revision as of 19:48, 25 March 2007 by Wichers (talk | contribs) (New page: == OWASP Milan Training Courses - May 15th 2007 == The tutorials and the conference itself were held at Marriott in Milan. {| style="width:80%" border="0" align="center" ! align="cente...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OWASP Milan Training Courses - May 15th 2007

The tutorials and the conference itself were held at Marriott in Milan.

T1. Foundations of Web Application Security - One Day Course - May 15th, 2007
This powerful one day course focuses on the most common web application security problems, including the OWASP Top Ten. The course will introduce and demonstrate hacking techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities into their code. Read more here!
T2. WebServices and XML Security - One Day Course - May 15th, 2007
Many enterprises are currently developing new Web Services and/or adding and acquiring Web Services functionality into existing applications -- now is the time to build security into the system! Read more here!
T3. Advanced ASP.NET Exploits and Countermeasures - One Day Course - May 15th, 2007
In this one day course you will push ASP.NET to the limit and will be shown how ASP.NET applications and environments can be exploited by skilled attackers. Advanced exploitation techniques will be presented together with low-level technical analysis of the .NET Framework. You will also learn advanced defense techniques such as: Building an ASP.NET Security Protection layer (also called a Web Application Firewall) and Real time patching of vulnerabilities in the target application, the .NET Framework or the CLR. Read more here!

6th OWASP AppSec Conference Schedule - May 16-17 (Milan 2007)

Day 1 - May 16, 2007
Track 1: Room TBA Track 2: Room TBA
08:00-09:00 Registration and Coffee
09:00-09:10 Welcome to 6th OWASP AppSec Conference: Dave Wichers, OWASP Conferences Chair
09:10-10:00 Keynote: The Benefits of the SDL initiative to Microsoft and its Customers – Alex Lucas, Senior Security Engineer, Microsoft
10:00-11:10 OWASP 2.0 - Enabling organizations to develop, maintain, and acquire applications they can trust, Dinis Cruz, OWASP .Net Project Lead
11:10-11:30 Break
11:30-12:30 The OWASP Testing Guide version 2 - Matteo Meucci OWASP PANTERA – Dissecting Web Applications – Simon Roses Femerling – Security Technologist - Microsoft
12:30-13:45 Lunch
13:45-15:00 TBD TBD
15:00-15:20 Break
15:20-16:30 OWASP WebGoat and WebScarab – the Autumn of Code 2006 Releases – Dave Wichers, COO, Aspect Security and OWASP Conferences Chair TBD
16:30-16:50 Break
16:50-18:00 Panel: "Public site vulnerability research - good or evil?”

Moderator: TBD Panelists: TBD

19:00-21:00 Social Gathering: Dinner and Drinks at Nearby Facility.
Day 2 - May 17, 2007
Track 1: Room TBD Track 2: Room TBD
08:00-09:00 Coffee
09:00-09:50 Keynote: Raoul Chiesa – CTO, ISECOM - The security level of Web Applications in Italy: data and stats from everyday experiences.
09:50-10:50 Protecting Web Applications from Universal PDF XSS: A discussion of how weird the web application security world has become – Ivan Ristic, Breach
10:50-11:10 Break
11:10-12:30 Advance Web Hacking Revealed, Petko D. Petkov (AKA PDP Architect), Senior Security Researcher

& Microsoft ACE Team – Application Security from the Core, Simon Roses Femerling – Security Technologist - Microsoft

Refereed Papers Track – Slot 1: Research Papers

1) TBA

2) TBA

12:30-13:45 Lunch
13:45-15:10 A whirlwind tour of the OWASP tools and projects, Dinis Cruz, OWASP Chief Evangelist and .Net Projects Lead Refereed Papers Track – Slot 2: Experience Papers

3) TBA

4) TBA

15:10-15:30 Break
15:30-16:30 Panel: “What is needed to fix web app sec vulnerabilities once and for all?”

Moderator: Gunnar Peterson – Arctec Group

Panelists: Dave Wichers, Aspect Security and others TBD

16:30-16:50 Break
16:50-17:30 Conference Wrap Up - Dave Wichers, OWASP Conferences Chair