Difference between revisions of "OWASP EU Summit 2008"

From OWASP
Jump to: navigation, search
m (ACTUAL AGENDA)
Line 284: Line 284:
 
  | style="background:#7B8ABD" | 11:00 || colspan="2" style="background:#80FF80" align="center" | OWASP Skavenger Project
 
  | style="background:#7B8ABD" | 11:00 || colspan="2" style="background:#80FF80" align="center" | OWASP Skavenger Project
 
Matthias Rohr
 
Matthias Rohr
  | colspan="3" style="background:#80FF80 " align="center" | OWASP AntiSAMI
+
  | colspan="3" style="background:#80FF80 " align="center" | OWASP AntiSamy.NET
Arshan Dabirsiaghi
+
Marcin Wielgoszewski
 
  |-
 
  |-
 
  | style="background:#7B8ABD" | 11:15 || colspan="5" style="background:#B36B00" align="center" | Coffee Break
 
  | style="background:#7B8ABD" | 11:15 || colspan="5" style="background:#B36B00" align="center" | Coffee Break

Revision as of 16:16, 19 November 2008

Contents

OWASP EU Summit Portugal 2008.jpg
'SETTING THE WEB APPLICATION SECURITY AGENDA FOR 2009'
4th - 7th November 2008

funds to OWASP earmarked for EU 08 Donation.

OWASP EU SUMMIT 2008 OVERVIEW - WATCH VIDEO

  • OWASP Summit EU 2008 is a worldwide gathering of OWASP leaders and Key Industry Players to present and discuss the latest OWASP Tools and documentation projects.
  • In addition to 40+ presentations from the OWASP Leaders granted 250,000 USD for web application security research, the summit will host multiple Working Sessions designed to improve collaboration, achieve specific objectives and decide roadmaps for OWASP projects, chapters and for the OWASP community itself.
  • Containing both technical and business tracks, the Summit is the perfect place to learn what resources OWASP has available for use today.
  • And with the confirmed presence of its most active leaders (OWASP is partially covering their expenses), the Summit will provide a relaxed but professional environment to meet the OWASP Leaders and to contribute to those project’s roadmaps for 2009.
  • Following and expanding the tradition started at OWASP conferences, the Summit will also host the largest offering of training courses, covering multiple OWASP specific and Web Application Security Topics.

Marketing information: 6 page brochure or this 33 page brochure.

COST & REGISTRATION

There are multiple options available for participation (OWASP members get 20% Discount):

  • Working Sessions and Conference (4 days: 4th,5h,6th and 7th): €500 Euros ($700.00 USD)
  • Conference only (2 days: 6th and 7th) €350 Euros ($500 USD)
  • Training:
    • 2 days: €950 ($1350 USD)
    • 1 day: €475 ($675 USD)
    • 1/2 day €235 (335 USD)
  • Students
    • Working Session, and Conference: €150 Euros ($200 USD)
    • Training: €100 Euros per day ($130 USD)

To register and pay for your participation please use: Register.gif

A currency converter can be found at xe.com/ucc.

SPONSORSHIP OPPORTUNITIES

For information on sponsoring see OWASP EU Summit 2008 Sponsors.

SPONSORS

AOD_Logo_2c.gif Mnemonic_logo.png Softtek_logo.gif

FORMER AGENDA

Click here to see.

ACTUAL AGENDA

Agenda for Monday, November 3rd, 2008
13:00 Lunch
Training Sessions
15:00 to 17:00 Securing WebGoat with ModSecurity

Stephen Craig Evans

WebSec Apps for Managers and Executives

Mano Paul

OWASP Testing Guide

Matteo Meucci

19:00 Summit Briefing

Dinis Cruz and Summit Organization Team

20:00 OWASPers Dinner


Agenda for Tuesday, November 4th, 2008
08:00 Registration
09:00 Summit Keynote

Dinis Cruz and Summit Organization Team

Documents Tools
09:30 OWASP Testing Guide

Matteo Meucci

OWASP JSP Testing Tool

Jason Li

09:45 OWASP Code Review Guide

Eoin Keary

OWASP Orizon Project

Paolo Perego (a.k.a. thesp0nge)

10:00 OWASP Application Security Desk Reference (ADSR)

Leonardo Cavallari Militelli

OWASP Live CD

Matt Tesauro

10:15 OWASP Spanish Project

Juan Carlos Calderon

WebScarab-NG

Rogan Dawes

10:30 Coffee Break
10:45 .NET ESAPI

Alex Smolen

JBroFuzz

Yiannis

11:00 Working Sessions Briefing

Dinis Cruz

Working Sessions
11:15 Documentation Projects/Guides Integration and Unified 4.0 Version

Chair: Eduardo Neves

Browser Security

Chair: Arshan Dabirsiaghi Secretary: Kuai Hinojosa

Tools Projects

Chair: Matt Tesauro

13:00 Lunch
14:00 Training Sessions
The Art and Science of Threat Modeling Web Applications

Mano Paul

Web Server Hardening SELinux

Pavol Luptak

Offensive WebApp Hacking

Marco Slaviero

16:00 Coffee Break
Working Sessions
16:30 ESAPI

Chair: Jeff Williams Secretary: Arshan Dabirsiaghi

18:30 ASDR

Chair: Leonardo Cavallari

.NET Project

Chair: Dinis Cruz


Agenda for Wednesday, November 5th, 2008
09:15 Daily Briefing:

Dinis Cruz

Standards and Education

(Room 1)

Tools

(Room 2)

10:00 OWASP Positive Security (SoC 08)

Eduardo Vianna de Camargo Neves

OWASP Access Control Rules Tester Project

Andrew Petukhov

10:15 OWASP Education

Sebastien Deleersnyder, Martin Knobloch

OWASP Teachable Static Analysis Workbench

Dmitry Kozlov

10:30 OWASP Internationalization Guidelines

Juan Carlos Calderon

OWASP AppSensor

Michael Coates

10:45 PASSWD:Metrics and Vulnerabilities

Lucilla Mancini

OWASP Backend Security Project

Carlo Pelliccioni

11:00 OWASP Open Review Project

Dan Cornell

OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project

Dmitry Kozlov

11:15 OWASP Global Committee Elections

(Room 1)

11:30 Coffee Break
Working Sessions
12:45 OWASP Working Session Education Project
Chair: Sebastien Deleersnyder
(Room 1)
Testing Guide

Chair: Matteo Meucci (Room 2)

Web Application Framework Security

Chair: Arshan Dabirsiaghi Secretary: Kuai Hinojosa (Room 3)

14:45 Lunch During Working Sessions
15:00 Training Sessions
15:00 Flash Player Security

Peleus Uhley (Room 1)

OWASP Top 10

Sebastien Deleersnyder and Martin Knobloch (Room 2)

Uncovering WebScarab's Secret Treasures

Rogan Dawes (Sala Bella Vista)

Hacking the Orizon

Paolo Perego (Room 3)

17:00 Coffee Break
Working Sessions
17:30 Code Review Guide

Chair: Eoin Keary (Room 2)

EU Funding for OWASP Projects

Chair: Carlos Serrao (Sala Bella Vista)

OWASP Certification

Chair: Tom Brennan (Room 1)

Software Assurance Maturity Model

Chair: Pravir Chandra (Room 3)

19:00 OWASP Website

Chair: Favio Cerull (Room 1)

Metrics & Vulnerabilities

Chair: Lucilla Mancini (Room 2)

OWASP Orizon

Paolo Perego (Room 3)


Agenda for Thursday, November 6th, 2008
09:15 Daily Briefing:

Dinis Cruz

Technology Tools
10:00 OWASP Classic ASP Security Project

Juan Carlos Calderon

OWASP Source Code Review

James Walden

10:15 OWASP Ruby on Rails Security Project

Heiko Webers

OWASP Enigmaform and mod_Openpgp

Arturo Alberto Busleiman (a.k.a. Buanzo)

10:30 OWASP Webslayer Project

Christian Martorella

OWASP Securing WebGoat using ModSecurity

Stephen Evans and Christian Folini

11:00 OWASP Skavenger Project

Matthias Rohr

OWASP AntiSamy.NET

Marcin Wielgoszewski

11:15 Coffee Break
Working Sessions
11:30 Top 10

2009 Chair: Dave Wichers Secretary: Jeff Williams (Room 1)

Intra Governmental Affairs

Chair: David Campbell (Room 2)

SAMM v2

(Room 3)

Web Site

12:15 Executive Room

Handling Web MalWare

12:15 Sala Bella Vista

13:00 Lunch During Working Sessions
14:00 Training Sessions
Ajax Security

(Room 1)

Auditing Flash Applications

Peleus Uhley (Room 2)

WebApp Assessment

Vicente Aguilera Diaz (Room 3)

Mod Security

Lucas C. Ferreira (Executive Room)

13:00 Coffee Break
Working Sessions
16:30 Strategic Planning and Business Models compatible with OWASP values

Chair: Jeff Williams, Dinis Cruz, Dave Wichers, Sebastien Deleersnyder, and Tom Brennan Secretary: Kate Hartmann and Paulo Combra

18:30 2-Way Internationalization

Chair: Juan Carlos Calderon and Sebastien Deleersnyder (Room 1)

Best Practices for Chapter Leaders

Chair: Georg Hess (Room 2)

Portuguese Public & Private Organizations

Chair: Carlos Serrao (Room 3)

Live CD & DVD

Chair: Matt Tesauro (Sala Bella Vista)

OWASP Awards

Chair: Colin Watson (Executive Room)

20:00 Gala Dinner - Restaurante de Real
22:00 OWASP Band - LE CLUB


Agenda for Friday, November 7th, 2008
10:00 OWASP AppSec Agenda 2009: Working Session Outcomes

Dinis Cruz

10:15 Results Presentations
Documentation Projects/Guides Integration and Unified 4.0 Version

Chair: Eduardo Neves

Browser Security

Chair: Arshan Dabirsiaghi

ESAPI

Chair: Jeff Williams

Tools Projects

Chair: Matt Tesauro

Code Review Guide

Chair: Eoin Keary

OWASP Certification

Chair: Tom Brennan

Software Assurance Maturity Model

Chair: Pravir Chandra

Top 10 2009

Chair: Dave Wichers

Intra Governmental Affairs

Chair: David Campbell

Best Practices for Chapter Leaders

Chair: Georg Hess

11:15 Coffee Break and vote break (put your dots on the wall)
11:30 Live CD & DVD

Chair: Matt Tesauro

ADSR

Chair: Leonardo Cavallari

Education Project

Chair: Sebastien Deleersnyder

Web Application Framework Security

Chair: Arshan Dabirsiaghi

Testing Guide

Chair: Matteo Meucci

OWASP Censorship

Chair: Tom Brennan

EU Funding for OWASP Projects

Chair: Carlos Serrao

OWASP Website

Chair: Fabio Cerull

OWASP Orizon

Chair: Paolo Perego

Handling Web MalWare
2-Way Internationalization

Chair: Juan Carlos Calderon

Portuguese Public & Private Organizations

Chair: Carlos Serrao

12:45 Winter of Code 2009

Chair: Dinis Cruz and Sebastien Deleersnyder Secretary: Paulo Combra

13:00 Lunch - During Winter of Code
14:00 Board Meeting
17:00 Announcement of Summit Procedings

VENUE & TRAVEL ARRANGEMENTS

The OWASP European Summit 2008 will be hosted at the 5 start Resort in Algarve Portugal (Grande Real Santa Eulália Resort & Hotel). We suggest the hotel booking and the travel arrangements be handled via Diplomata Tours, the assigned travel agency.


The venue address:

Praia de Santa Eulália

PO Box 2445

Albufeira, Portugal

8200-916

Google Maps Link

Nearest Airport: Faro

U.S. Absentee Voting Information

U.S. citizens attending the Summit on 4 November (Election Day) may vote absentee. You may find the information you need here, here or here, or on your home state/territory or foreign embassy/consulate web site. These links are provided for your information only; OWASP does not endorse any political party, candidate, etc. and is not able to provide you with instructions or assistance in voting or registering.