Sebastien Deleersnyder
06/05/08, 19:15
Hi,
We would like to invite you to the European OWASP Application Security
Conference! After successful OWASP Conferences in the United States (San
Jose), Europe (Milan), Asia (Taiwan) and Australia (Queensland), we are back
in Belgium: 5 tutorials and 2 conference tracks in the historic center of
Ghent on May 19-22 2008!
More details and registration on http://www.owasp.org/index.php/AppSecEU08
The conference is stuffed with top notch presentations from industry
recognized speakers and technical experts on the latest application security
risks and trends.
Conference (May 21-22)
Keynotes
* The Great Information Security Scrap Yard Challenge (Mark Curphey)
* Software Security: State of the Practice 2008 (Gary McGraw)
Topics
* The OWASP ESAPI project - Dave Wichers
* Trends in Web Hacking Incidents: What's hot for 2008 - Ofer Shezaf
* Evaluation Criteria for Web Application Firewalls - Ivan Ristic
* HTML5 security - Thomas Roessler
* The OWASP Orizon Project internals - Paolo Perego
* Remo presentation (Input Validation) - Christian Folini
* Best Practices Guide: Web Application Firewalls (OWASP German chapter) -
Alexander Meisel
* Google-Hacking and Google-Shielding - Amichai Shulman
* NTLM Relay Attacks - Eric Rachner
* PHPIDS Monitoring attack surface activity - Mario Heiderich
* Security in Agile Development - Dave Wichers
* Security framework is not in the code - Sam Reghenzi
* Exploiting Online Games - Gary McGraw
* SHIELDS: metrics, tools and Internet services to improve security in
application developments - Domenico Rotondi
* Graph Analysis for WebApps: From Nodes to Edges - Simon Roses Femerling
* The OWASP Education Project - Martin Knobloch
* Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking -
Matias Madou
* Threat Modeling for Application Designers & Architects - Shay Zalalichin
* Scanstud: Evaluating static analysis tools - Martin Johns,
* Office 2.0: Software as a Service, Security on the Sidelines? - John
Heasman
* How Data Privacy affects Applications and Databases - Dirk De Maeyer
* The OWASP Anti-Samy project - Jason Li
* Input validation: the Good, the Bad and the Ugly - Johan Peeters
Refereed paper track
* Refereed paper track keynote
* Know Thyself! - Dieter Gollmann
* Refereed paper track selections:
* SWF and the Malware Tragedy - fukami and Ben Fuhrmannek
* Building and Stopping Next Generation XSS Worms - Arshan Dabirsiaghi
* Detecting Security Vulnerabilities in Web Applications Using Dynamic
Analysis with Penetration Testing - Andrew Petukhov and Dmitry Kozlov
* The Need for Fourth Generation Static Analysis Tools for Security: From
Bugs to Flaws - Evgeny Lebanidze
* Preventing SQL Injections in Online Applications: Study, Recommendations
and Java Solution Prototype Based on the SQL DOM - Etienne Janot and
Pavol Zavarsky
* Watch What You Write: Preventing Cross-Site Scripting by Observing
Program Output - Matias Madou, Edward Lee, Jacob West and Brian Chess
New for AppSec Europe: there is an expo with technical vendor demos and a
Capture the Flag event!
Tutorials (May 19-20)
* Building and Testing Secure Web Applications
* Leading the Development of Secure Applications
* Building Secure Rich Internet Applications
* Web Services and XML Security
* Open Source ModSecurity Training
OWASP Dinner (May 21)
At every conference we have an evening social event the first night. They
are always fun and allow participants to have some unstructured time to
mingle with the other attendees. This year's event will be a Flemish buffet
with special Belgian beers at the Monasterium (near the conference
location).
Cocktail Party (May 20)
In what is also becoming a tradition, there will be a cocktail party the
night before the conference begins, sponsored by Breach Security. The free
and open for all conference attendees event will be held at the Vintage Wine
Bar at 6:30pm (near the conference location). We would appreciate it if you
let us know if you are coming so we can be ready, please mail
ofers@breach.com to confirm.
The Open Web Application Security Project (OWASP) is a worldwide free and
open community focused on improving the security of application software.
Our mission is to make application security "visible," so that people and
organizations can make informed decisions about application security risks.
More details and registration on http://www.owasp.org/index.php/AppSecEU08
Hope to see you all in May!
Conference Committee
OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at'
owasp.org
2008 EU Planning Committee Chair: Sebastien Deleersnyder - Telindus - seba
'at' owasp.org
Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' cigital.com
Capture the Flag Chair: Pieter Danhieux - Ernst & Young - pieter.danhieux
'at' be.ey.com
Refereed Papers Chair: Lieven Desmet - KU Leuven - Lieven.Desmet 'at'
cs.kuleuven.ac.be
We would like to invite you to the European OWASP Application Security
Conference! After successful OWASP Conferences in the United States (San
Jose), Europe (Milan), Asia (Taiwan) and Australia (Queensland), we are back
in Belgium: 5 tutorials and 2 conference tracks in the historic center of
Ghent on May 19-22 2008!
More details and registration on http://www.owasp.org/index.php/AppSecEU08
The conference is stuffed with top notch presentations from industry
recognized speakers and technical experts on the latest application security
risks and trends.
Conference (May 21-22)
Keynotes
* The Great Information Security Scrap Yard Challenge (Mark Curphey)
* Software Security: State of the Practice 2008 (Gary McGraw)
Topics
* The OWASP ESAPI project - Dave Wichers
* Trends in Web Hacking Incidents: What's hot for 2008 - Ofer Shezaf
* Evaluation Criteria for Web Application Firewalls - Ivan Ristic
* HTML5 security - Thomas Roessler
* The OWASP Orizon Project internals - Paolo Perego
* Remo presentation (Input Validation) - Christian Folini
* Best Practices Guide: Web Application Firewalls (OWASP German chapter) -
Alexander Meisel
* Google-Hacking and Google-Shielding - Amichai Shulman
* NTLM Relay Attacks - Eric Rachner
* PHPIDS Monitoring attack surface activity - Mario Heiderich
* Security in Agile Development - Dave Wichers
* Security framework is not in the code - Sam Reghenzi
* Exploiting Online Games - Gary McGraw
* SHIELDS: metrics, tools and Internet services to improve security in
application developments - Domenico Rotondi
* Graph Analysis for WebApps: From Nodes to Edges - Simon Roses Femerling
* The OWASP Education Project - Martin Knobloch
* Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking -
Matias Madou
* Threat Modeling for Application Designers & Architects - Shay Zalalichin
* Scanstud: Evaluating static analysis tools - Martin Johns,
* Office 2.0: Software as a Service, Security on the Sidelines? - John
Heasman
* How Data Privacy affects Applications and Databases - Dirk De Maeyer
* The OWASP Anti-Samy project - Jason Li
* Input validation: the Good, the Bad and the Ugly - Johan Peeters
Refereed paper track
* Refereed paper track keynote
* Know Thyself! - Dieter Gollmann
* Refereed paper track selections:
* SWF and the Malware Tragedy - fukami and Ben Fuhrmannek
* Building and Stopping Next Generation XSS Worms - Arshan Dabirsiaghi
* Detecting Security Vulnerabilities in Web Applications Using Dynamic
Analysis with Penetration Testing - Andrew Petukhov and Dmitry Kozlov
* The Need for Fourth Generation Static Analysis Tools for Security: From
Bugs to Flaws - Evgeny Lebanidze
* Preventing SQL Injections in Online Applications: Study, Recommendations
and Java Solution Prototype Based on the SQL DOM - Etienne Janot and
Pavol Zavarsky
* Watch What You Write: Preventing Cross-Site Scripting by Observing
Program Output - Matias Madou, Edward Lee, Jacob West and Brian Chess
New for AppSec Europe: there is an expo with technical vendor demos and a
Capture the Flag event!
Tutorials (May 19-20)
* Building and Testing Secure Web Applications
* Leading the Development of Secure Applications
* Building Secure Rich Internet Applications
* Web Services and XML Security
* Open Source ModSecurity Training
OWASP Dinner (May 21)
At every conference we have an evening social event the first night. They
are always fun and allow participants to have some unstructured time to
mingle with the other attendees. This year's event will be a Flemish buffet
with special Belgian beers at the Monasterium (near the conference
location).
Cocktail Party (May 20)
In what is also becoming a tradition, there will be a cocktail party the
night before the conference begins, sponsored by Breach Security. The free
and open for all conference attendees event will be held at the Vintage Wine
Bar at 6:30pm (near the conference location). We would appreciate it if you
let us know if you are coming so we can be ready, please mail
ofers@breach.com to confirm.
The Open Web Application Security Project (OWASP) is a worldwide free and
open community focused on improving the security of application software.
Our mission is to make application security "visible," so that people and
organizations can make informed decisions about application security risks.
More details and registration on http://www.owasp.org/index.php/AppSecEU08
Hope to see you all in May!
Conference Committee
OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at'
owasp.org
2008 EU Planning Committee Chair: Sebastien Deleersnyder - Telindus - seba
'at' owasp.org
Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' cigital.com
Capture the Flag Chair: Pieter Danhieux - Ernst & Young - pieter.danhieux
'at' be.ey.com
Refereed Papers Chair: Lieven Desmet - KU Leuven - Lieven.Desmet 'at'
cs.kuleuven.ac.be