HackDig : Dig high-quality web security articles for hacker

Lightning OWASP Project Presentations at AppSec EU 2015

2015-05-09 22:15

AppSec EU 2015 begins in two weeks. It is being held in Amsterdam at the Amsterdam RAI exhibition and conference centre.

Partial screen capture from the OWASP wiki showing part of the extensive project inventory

With the news yesterday that the number of conference attendee bookings has surpassed 400, together with the training, capture the flag competition, university challenge, application security hackathon, computer gaming, networking and organised social events, it looks like this year's event is shaping up very well.

As well as the project summit, some projects are being discussed in some of the main conference presentations.

When the call for papers was announced last year, I proposed having some sessions that gave the opportunity for a larger number of project leaders to explain their work, the target users, the benefits, and what materials are available. I am pleased to say the conference team liked the idea and allocated two 45-minute slots. These are being used to showcase innovation in OWASP projects to the main conference audience.

Both lightning talk sessions occur on Thursday 21st May. Each talk is 10 minutes long. The speakers and their projects are listed below.

14:30 - 15:15 hrs

  • Spyros GASTERATOS
    Hackademic Challenges, implementing realistic scenarios with known vulnerabilities in a safe, controllable environment.
  • Andrew VAN DER STOCK and Daniel CUTHBERT
    Application Security Verification Standard, providing a basis for assessing web application technical security controls, to establish a level of confidence in the security of web applications.
  • Jonathan CARTER
    Reverse Engineering and Code Modification Prevention, educating security architects, risks analysts, software engineers, and pen testers around binary risks from code integrity violation and reverse engineering.
  • Matteo MEUCCI
    Testing Guide, version 4 the de facto standard for performing web application penetration testing.

15:45 - 16:30 hrs

  • Jim MANICO
    Top 10 Proactive Controls, describing the most important control and control categories that every architect and developer should include in every project, and Cheat Sheet Series, providing a concise collection of high value information on specific web application security topics.
  • Tao SAUVAGE and Marios KOURTESIS
    Offensive Web Testing Framework (OWTF), making security assessments as efficient as possible by automating the manual uncreative part of pen testing, and providing out-of-box support for the OWASP Testing Guide, and NIST and PTES standards.
  • Ann RACUYA-ROBBINS and Luis ENRIQUEZ
    Knowledge Based Authentication Performance Metrics, establishing standard performance metrics for knowledge based authentication (KBA) in alignment the NSTIC guiding principles - at the intersection of security, identity and privacy.
  • Sebastien DELEERSNYDER
    Software Assurance Maturity Model (OpenSAMM), an open framework to help organizations measure, improve and manage their software security practice that is tailored to the specific risks facing the organization.

I will introduce each session, the speakers and keep time. I hope you can join me to hear about these contributions to application security directly from the leaders themselves. We will have time after the sessions for further discussion and questions.


Source: 5102-UE-ceSppA-ta-snoitatneserP-tcejorP-PSAWO-gninthgiL/8/5/5102/ku.rellewdnekrelc.www

Read:3686 | Comments:0 | Tags:requirements SDLC testing development owasp projects appsece

“Lightning OWASP Project Presentations at AppSec EU 2015”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud