SecurityByte and OWASP Asia AppSec Conference 2009

From OWASP
Revision as of 13:17, 9 November 2009 by Puneetm (Talk | contribs)

Jump to: navigation, search
SB OWASP 2009 banner.gif
Hotel Crowne Plaza | Registrations


  • Only One Week Left ! Register Online today to grab your seat for India's best Security Conference.

  • Honorable Former President of India, Dr. A.P.J Abdul Kalam to Inaugrate the India Technology Leadership Summit 2009. This event is an Invitation ONLY event.


Click Here for more information.

Welcome

Securitybyte & OWASP are proud to welcome you to the annual international information security conference – Securitybyte & OWASP AppSec Asia Conference 2009, Nov 17th through Nov 20th in Delhi & NCR, India.

This is a landmark event, as both Securitybyte and OWASP join hands to present India’s largest InfoSec event with world renowned and most regarded international speakers.

Securitybye & OWASP AppSec Asia Conference 2009 will be held at Hotel Crowne Plaza, Gurgaon, NCR, India. on 17th November through 20th November 2009.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

  • Application Developers
  • Security Researchers
  • Application Testers and Quality Assurance
  • Penetration Testers
  • Application Project Management and Staff
  • IT Security Professionals
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security

About

About Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel conference talks to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular talk. Conference talks are being delivered by world renowned and most regarded speakers from around the world.

About Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.

Registrations

Registration is now open!

You can register here

Please check out our Exclusive Discount Offer, available Starting October 6th - 15th, 2009. "SAVE BIG NOW !"

The below pricing reflects the Standard Registration Prices .

Two Days of Conference (17th and 18th November 2009)
Rs.8,500/- INR General Public
Two Days of Conference (17th and 18th November 2009)
Rs.5,000/- INR Students
Two-Day Training Tracks (19th and 20th November 2009)
Rs.25,000/- INR
One-Day Training Tracks (19th OR 20th November 2009)
Rs.12,500/- INR

** Service Tax @ 10.3% will be charged extra.

  • ISC2 Members can avail a Special 15% discount on Conference & Training Registration.

(Please provide your ISC2 Certification ID number to avail the above Discount) For Registrations contact us at registrations@securitybyte.org

Exclusive Offers

- Group / Team Discounts available: Kindly contact us at registrations@securitybyte.org

Special University Student discount

- University Students can register for two days of conference for just Rs. 5000 (including taxes)
- Special 15 % Discounts for Training registration


Click here for details on the training courses that are available.

Who Should Attend Securitybyte & OWASP AppSec Asia Conference 2009:

  • Application Developers
  • Security Researchers
  • Application Testers and Quality Assurance
  • Penetration Testers
  • Application Project Management and Staff
  • IT Security Professionals
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


For student discount, attendees must present proof of enrollment when picking up your badge.

Schedule

Three parallel conference talks are scheduled for 17th & 18th November 2009 in three different halls. Training tracks have been divided in one-day tracks scheduled for 19th or 20th November 2009 and two-day tracks those are schedule to continue for two days both on 19th & 20th November 2009. Follow the tabs to learn the details on both conference and trainings.

  • Click here to view the Conference Schedule for 17th & 18th November 2009.
  • Click here to view Training Schedule on 19th & 20th November 2009.

Conference

Two Days Conference

Securitybyte and OWASP AppSec Asia Conference 2009 comprise of three parallel conference talks to be conducted in 3 separate halls for two days i.e . 17th & 18th November 2009. Attendees will carry the freedom to switch the halls as per their interest towards a particular talk. Conference talks are being delivered by world renowned and most regarded speakers from around the world. Below is the detailed schedule for the two days of conference.

Day 1 - 17th Nov, 2009
  Where> Conference Hall - I Conference Hall - II Conference Hall - III
  Who> (Security Researchers & Enthusiasts) (Security Auditors, Developers, QA teams, Architects) (Leaders, Managers, C&S professionals)
8:00 AM - 9:00 AM Registrations
  Schedule Topic
Speaker
Topic
Speaker
Topic
Speaker
9:00 AM - 10:30 AM Keynote
10:30 AM - 11:00 PM Tea Break
11:00 AM - 12:00 PM TBD
TBD
How To Blackbox Test Almost Anything
Aviram Jenik, Beyond Security
The International State of Cyber Security, Risk reduction in a high threat world


Prof. Howard A. Schmidt, Former Cyber Security Advisor to the White house
12:00 PM - 1:00 PM Client Side Hacks
Dino Covotsos & Charleton Smith, Telspace Systems
Risk Based Penetration testing
K. K. Mookhey, Founder & Principal Consultant, NII Consulting
Applications, the source for CyberThreats
Mano Paul,Software Assurance Advisor,(ISC)2
1:00PM - 2:00PM Lunch
2:00 PM - 3:00 PM Exploiting Firefox Extensions
Roberto Suggi Liverani, Security-Assessment.com
Threat Modeling
Varun Sharma,Microsoft India
Enterprise Application Security Program
TBD
3:00 PM - 4:00 PM SQL Server Forensics 2.0
Kevvie Fowler, TELUS & Ringzero
OWASP SAMM
Pravir Chandra, Director of Strategic Services,
Fortify
Business Case - Risk Management/Compliance at leading Education Group AMITY (Rapid Fire: 30 Min talk)
Dr. JS Sodhi, CIO, AMITY Group
4:00 PM - 5:00 PM Ownage 2.0 - How to own the World
Saumil Shah, NetSquare Solutions
"Do you want to play a Game" - Game theory and Cyberwar
Bryan K. Fite, HackSecKlahn
Usability and Privacy in Security
Dr. Ponnurangam Kumaraguru, Asst. Professor - IIIT (Rapid Fire : 30 Min talk)
5:00 PM - 6:00 PM Tea and Snacks on the Exhibition floor
7:00 PM - 10:00 PM CXO Event (Exclusive by invitation only) - Information Security Concerns for Offshoring



Day 2 - 18th Nov, 2009
  Where> Conference Hall - I Conference Hall - II Conference Hall - III
  Who> (Security Researchers & Enthusiasts) (Security Auditors, Developers, QA teams, Architects) (Leaders, Managers, C&S professionals)
8:00 AM - 9:00 AM Registrations
9:00 AM - 10:00 AM Round Table with Speakers / Industry Panel - "Security Today & Tomorrow'
10:00 AM - 10:30 AM Tea Break
  Schedule Topic
Speaker
Topic
Speaker
Topic
Speaker
10:30 AM - 11:30 AM All your Packets belong to us
Daniel Mende, Security Researcher, ERNW
SANS Dshield Webhoneypot Project
Jason Lam, Independent Security Researcher
Critical Infrastructure Security “Danger Without borders”
John Bumgarner, US Cyber Consequence Unit (USCCU)
11:30 AM - 12:30 PM Hacking Oracle From Web
Sid, Independent Security Researcher
Testing JSON Applications For Security Holes
Aviram Jenik, Beyond Security
Critical Infrastructure Security “Danger Without borders”
John Bumgarner, US Cyber Consequence Unit (USCCU)
12:30PM - 1:30PM Lunch
1:30 PM - 2:30 PM
Lust 2.0 – Desire for free WiFi and the threat of the Imposter
Lava Kumar Kuppan, Independent Security Researcher
Cloud Hacking - Distributed Attacks & Exploits
Shreeraj Shah, Blueinfy Solutions
TBD
Cedric Blancher, EADS Innovation Works
2:30 PM - 3:30 PM Xprobe3 - What's New? Going Application Level
Fyodor Yarochkin, Armorize
Vbootkit 2.0: Attacking Windows 7 Via Boot Sectors
Nitin Kumar/Vipin Kumar, Independent Security Researchers, NVlabs
Behind the Scenes at Microsoft Security Response Center
Dave Midturi,MSRC, Microsoft Corp.
3:30PM - 4:00PM Tea Break
4:00 PM - 5:00 PM TBD
TBD
TBD
TBD
TBD
TBD
5:00 PM - 6:00 PM Closing Keynotes - "OWASP & Securitybyte"



Trainings

Two Day Trainings

Two days post-conference are dedicated towards best-of-breed trainings being conducted in association with SANS, ISC2 and other organizations. Trainings tracks have been made available as One-Day tracks and Two-Day tracks scheduled for 19th & 20th November 2009.


Day 1 - 19th Nov, 2009 Day 2 - 20th Nov, 2009
Course ID Course Duration

(# of Days)

Course Title Instructor Course ID Course Duration

(# of Days)

Course Title Instructor
One Day Training Tracks
SB1DHSO 1 Day
ORACLE Hacking & Security
Sumit Sidharth,
Sb logo.png

SB1DAWH 1 Day
Advanced Web Hacking -Securing AJAX, RIA & SOA
Shreeraj Shah
Blueinfy logo.png

SB1DAFT
1 Day
Advanced Forensics Techniques
Dr. Chandrasekhar Umapathy,
Sb logo.png

SB1DIAT
1 Day
In-depth Assessment Techniques: Design, Code, and Runtime

Fydor Yarochkin,

Logo Armorize.JPG

Two Day Training Tracks
SB2DNST 2 Days
Building advanced Network Security Tools
Daniel Mende,
Ernw logo.png
 
SB2DNST 2 Days
Building advanced Network Security Tools
Daniel Mende,
Ernw logo.png
 
SB2DCBC 2 Days
(ISC)2 CSSLP CBK Boot camp
Mano Paul,
Isc logo.png
 
SB2DCBC 2 Days
(ISC)2 CSSLP CBK Boot camp
Mano Paul,
Isc logo.png
 
SB2DSCJ / SANS Course ID : DEV530 2 Days Essential Secure Coding in Java / JEE
Sans logo.png
 
SB2DSCJ / SANS Course ID : DEV530 2 Days Essential Secure Coding in Java / JEE
Sans logo.png
 
SB2DWPT / SANS Course ID : DEV538 2 Days Web Application Pen Testing Hands-On Immersion
Sans logo.png
 
SB2DWPT / SANS Course ID : DEV538 2 Days Web Application Pen Testing Hands-On Immersion
Sans logo.png
 
SB2DSAB / SANS Course ID : AUD429 2 Days IT Security Audit Essentials Bootcamp
Sans logo.png
 
SB2DSAB / SANS Course ID : AUD429 2 Days IT Security Audit Essentials Bootcamp
Sans logo.png
 


Venue

Four Days Event is planned out at:

Hotel Crowne Plaza,
Site - 2, Sector - 29,
Gurgaon-122001 (National Capital Region), India
Hotel Front Desk: 91-124-4534000
Hotel Fax: 91-124-4304800

Sponsors


Co-Sponsor "Leadership Summit 2009"

CTF (Capture The Flag) Sponsor

Education  Partner

ISC2

         
Appin.jpg

         
BRIP-Logo.jpg

|                                      | Left



Associate Sponsors Media Partners Supporters
Torridn.jpg
SSecurity india small.gif
HITB.jpg

SecurityCompass.JPG
HNS-web.jpg
Sector.jpg

Logo Armorize.JPG

Infosecurity.jpg

Clubhack.gif

Eventavenue Logo.jpg

Itmagz.jpg
 
Electronicsf.jpg
Crowne plaza.jpg



 

Hotel & Travel

Hotel Stay & Travel Information

To help our valued delegates with Hotel and Travel services, we have negotiated with some of the best and Budget Category Guest houses in Gurgaon that are located within a radius of 3 - 4 Kms from the venue.

Limited cheaper accommodation is available near the venue hotel in budget hotels/apartments area. The tariff of these hotels ranges from Rs.2000 onwards per room night (inclusive of Room Rent, Breakfast and Luxury Tax). Interested delegates / students can send a formal request for the desired accommodations and dates to our official travel agent.


OFFICIAL TRAVEL AGENT

Dreamz conference Management Pvt.Ltd will look after your hotel accommodation in Gurgaon and New Delhi, pre & post conference tours / travel needs in India for delegates and visitors independently. If you wish to go for sightseeing tour within New Delhi and around it to places like Agra, Jaipur, Rajasthan etc. However, we would encourage you to make early bookings which will be done on “first – come - first service” basis and let us know of your interest, since that would ultimately work in your favour. Early reservation is strongly recommended as November being a high demand period for hotels in Gurgaon.


For further details please contact:

DREAMZ CONFERENCE MANAGEMENT PVT.LTD

406, Ansal’s Majestic Tower, Vikas Puri, New Delhi – 110018

Tel: 91 – 11 – 41586401, 402, Fax: 91 – 11 – 41586400

Email: info@dreamztravel.net / dreamztravelindia@yahoo.com

Website: www.dreamztravel.net

Contact Person: Jitin Batra ( +91 9810558569 )



Capture the Flag

HackHunt 2009

India's foremost Hacking Challenge

Your Shot to the Title of India's best hacker along with Prize money of more than Rs 150,000 up for grabs!


Search for India’s Best Ethical Hacker

HackHunt is India’s leading hacking competition and aims at awarding the best ethical hackers in the country. The competition is brought to you by Appin Security Group, a leading Information Security and Ethical Hacking Company and Securitybyte, a global Information Security Conference Company.

The competition will be conducted in 3 phases. The 1st two rounds will be online and the 3rd and final round will take place at“Securitybyte & OWASP Appsec Asia 2009” on November 17, 2009at Crowne Plaza, Gurgaon.

Level 1 – Knowledge Check All the participants will be answering a quiz and based on the score top 10% will be shortlisted to 2nd round.

Level 2 – Skill Check This stage will require an attacker to get to the final FLAG file which he/she would need to register for the event.

Level 3 – Final Round This stage will require the attackers to exploit a pre-announced SSID which has WPA (or wpa 2).


To participate and for more details visit website :- http://www.hackerscouncil.org/

PacketWars

First time in India brought to you by Securitybyte!
About PacketWars

PacketWars is an intense, real-time information warfare simulation. Unlike other “capture the flag” games, the battlegrounds featured in PacketWars use the same software and hardware you would encounter in the real world.

PacketWars is designed to operate like a sport. Think Formula One Racing meets professional golf with a dash of Ultimate Fighting thrown in for good measure. Serious fun!

Visit http://packetwars.com/ for more details. How To Play?

PacketWars is a Sport like nothing you have ever experienced! Games known as “BATTLES” pit individual players and teams against each other in a race to achieve defined objectives.

The rules of engagement are simple: - Illegal activity of any kind is prohibited - Protect yourself at all times - Battles are designed to be of a low, medium or high difficulty level based on the battle objectives and battle duration - Primary, Secondary and Tertiary objectives are defined and assigned points based on difficulty - Battles have time limits and other defined constraints - Constraints are sometimes known to the combatants and other times are not - Anything that is not expressly prohibited is allowed - Points are awarded for FLARE

Equipment Needed: - Most combants use a notebook and a BackTrack CD however you are only limited by your imagination and bank account - You need a battle field and a PacketMaster…Oh yeah, skillz come in handy also!How To Play

<b.How can I participate?</b>
PacketWars to be held at the Hotel Crowne Plaza, Gurgaon on Nov 17 & Nov 18, 2009. Participation is FREE! Schedule will be announced soon.

WebWar III

About Hackers attack, coders defend, when you get them together you end up with Web War III. WWIII is designed to put your Web Application attack and defense skills to the test.

Teams Each team consists of two players, an attacker and a defender. The attacker would be capable of identifying Web Application Vulnerabilities (OWASP Top 10). The defender would be capable of writing secure Java code.


Game Format

The game has two stages:

Stage 1: Each team is given a VM Ware image containing a web server hosting a vulnerable web application. During this stage each team identifies the vulnerabilities in their application. They try to fix the identified vulnerabilities by making code changes.

Stage 2: The IP addresses of the Web Server's of all the teams is announced. Each team looks for vulnerabilities in the Web Applications of the other teams. Vulnerabilities found on the opponents' application get positive points. Vulnerabilities found by the opponents on your application get negative points.

Team with the highest points at the end of Stage 2 wins.

Tools and Equipments

Each team should bring their own laptop with VM Ware installed. The attacker can use any tools they bring. The applications come with ESAPI to help the defenders fix the code quicker.

Leadership Summit 2009

India's top technology thought leaders coming together to discuss "Security concerns in off-shoring"

Honored Guests
-Honorable Former President of India, Dr. A.P.J Abdul Kalam to inaugrate the Leadership Summit 2009.
-Prof. Howard A. Schmidt(Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House)
-Mr. Hord Tipton, Executive Director (ISC)2

About the Event
An elite gathering of 200 technology leaders, decision makers & InfoSec experts from leading service providers, government agencies and various industry verticals.
Two hours of panel discussions between three panels of 12 distinguished industry experts representing outsourcing companies, service providers and the regulatory bodies. Panel discussions will be followed by networking dinner & cocktails.

Prof Howard A. Schmidt (Advisor, NIST; Former Vice Chair - President’s Critical Infrastructure Board; Former Special Advisor – Cyberspace Security for White House) will facilitate the panel discussions. Thought leaders participating in the panel discussions are:

Outsourcing Organizations
Mr. Raghavendra Vaidya, CIO - GE Capital India
Mr. CRN Vairavelu, VP - Ford Technology Services India
Mr. Pankaj Agrawal, CISO - Aircel Limited
TBD

Service Providers
Mr. Terry Thomas, Partner - Ernst & Young
Mr. Debashis Ghosh, Head (LS&H ISU) - Tata Consultancy Services
Mr. Sunil Gujral, EVP & CTO - Quatrro
Mr. Sunil Goyal, COO - Sopra group

Regulatory Bodies
Dr. Kamlesh Bajaj, CEO - DSCI (a NASSCOM initiative)
Dr. Gulshan Rai, Director - CERT-in
Mr. Hord Tipton, Executive Director - ISC2 (ex CIO, US Department of Interior)
Mr. Vakul Sharma, Lawyer - Supreme Court

The event is exclusive to industry leaders and is by private invitation only. If you are interested in attending the event, please email your business card to info@securitybyte.org This e-mail address is being protected from spambots.

Venue - Hotel Crowne Plaza, Gurgaon | Timings - 5:30PM - 9:00PM

Please contact Chair - OWASP India for sponsorship opportunities.

Category: OWASP India