OWASP AppSecDC 2012 April 2, 2012 to April 5, 2012, Washington DC, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Dan Geer Dan Geer’s Milestones: The X Window System and Kerberos (1988), the first information security consulting ... Security
DOMJacking Attack, Exploit and Defense Shreeraj Shah "Browser's architecture and usage are ever changing in today's world. Browser cannot be considered a ... Security
The Unfortunate Reality of Insecure Libraries Arshan Dabirsiaghi , Jeff Williams Many organizations have started application security programs to focus on finding and subsequently preventing vulnerabilities ...
Python Basics for Web App Pentesters Part 2 Justin Searle "Join me again and take a break from those talks that overstimulate your brain with ... Security
Integrating Application Security into your Lifecycle and Procurement Jim Manico The panel aims to explore how organizations track and improve their coverage of vulnerabilities when ... Security
Attacking CAPTCHAs for Fun and Profit Gursev Singh Kalra "CAPTCHAs are a potent mechanism to prevent web applications against automated form submissions. To analyze ... Security
Case Study: How New Software Assurance Policy Reduces Risk and Costs Rob Roy , John Keane Government leaders are operating on reduced budgets and uncertain futures. In this session, we will ...
Security is Dead. Long Live Rugged DevOps: IT at Ludicrous Speed Joshua Corman Cloud IT velocity is breathtaking: while most IT struggle with monthly releases, agile IT businesses ... Security
Hacking .NET(C#) Applications: The Black Arts Jon Mccoy This talk will focus on attacking .NET Desktop Applications(EXE/DLL/Live Memory) Both WhiteHat and BlackHat hacking ... Security
Security at scale: Web application security in a continuous deployment environment Zane Lackey Building a worldwide marketplace at scale, Etsy has overcome a number of application security challenges. ... Security
The Easy Button for Your Web Application Security Career Salvador Grec Note: I am open to other presentation options as well, including shortening it to be ... Security
Risk Analysis and Measurement with CWRAF Joe Jarzombek , Tom Brennan , Bob Martin , Walter Houser To better enable software stakeholders to reduce risks attributable to the most significant exploitable software ...
OWASP Broken Web Applications (OWASP BWA) 1.0 Release Chuck Willis "The OWASP Broken Web Applications (OWASP BWA) Project produces a free and open source virtual ... Security
Security Is Like An Onion, Thats Why It Makes You Cry Michele Chubirka "Why is the security industry so full of fail? We spend millions of dollars on ... Security
Anatomy of a Logic Flaw David Byrne , Charles Henderson Traditional vulnerabilities like SQL Injection, buffer overflows, etc, have well established techniques for discovery and ...
New and Improved Hacking Oracle from WebSumit Siddharth\tState of Web Security Robert Rowley "There are a number of attacks against Oracle database and in almost every other CPU ... Security
Old Webshells, New Tricks How Persistent Threats have revived an old idea, and how you can detect them. Ryan Kazanciyan "Web shells _ malicious scripts that provide an attacker with the ability to upload files, ... Security
Fed Panel Joe Jarzombek , Darren Death , Kris Britton , Ron Ross N/A
Unraveling some of the Mysteries around DOM-based XSS Dave Wichers "DOM-based XSS was first revealed to the world back in 2005 by Amit Klien, when ... Security
2012 Global Security Report Tom Percoco The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on ... Security
Survivable Software for Cyber-Physical Systems Karen Mercedes Goertzel Industrial control systems (ICS), embedded systems such as weapons systems, medical devices, avionics, etc., can ... Security
Pentesting Smart Grid Web Apps Justin Searle N/A Security
Friends dont let friends store passwords in source code Neil Matatall N/A Security
Smart Bombs: Mobile Vulnerability and Exploitation Kevin Johnson , Tom Eston , John Sawyer N/A
Overcoming the Quality vs. Quantity Problem in Software Security Testing Rafal Los N/A Security
Web Application Defense with Bayesian Attack Analysis Ryan C. Barnett N/A Security
Vulnerabilities in Industrial Control SystemsICS-CERT\tAccess Control Jim Manico N/A Security
Software Security Goes MobileJacob West\tBaking In Security, Sweet, Secure, Cupcakes Ken Johnson , Matt Ahrens N/A
AMI Security Don c. Weber , John Sawyer N/A
SharePoint Security 101 Rob Rachwald N/A Security
Behind Enemy Lines Practical& Triage Approaches to Mobile Security Abroad 2012 Edition Justin Morehouse N/A Security
Understanding IAST More Context, Better Analysis Jeff Williams N/A Security
Project Basecamp: News from Camp 4 Reid Wightman N/A Security
Enterprise Security API (ESAPI) for C Plus Plus Dan Amodio N/A Security
Whack-a-Mobile II: Mobile App Pen Testing with the MobiSec Live Environment Kevin Johnson , Tony Delagrange N/A
Proactive risk mitigation within the Software Development Lifecycle (SDLC) Joe White N/A Security
Real world backdoors on industrial devices Ruben Santamarta N/A Security
Dynamic DAST/WAF Integration Ryan C. Barnett N/A Security
An In-Depth Introduction to the Android Permissions Model and How to Secure Multi-Component Applications Jeff Six N/A Security
Teaching an Old Dog New Tricks: Securing Development with PMD Joe Hemler N/A Security
Denial of Surface. Eireann Leverett N/A Security
Cloud-based dWAF: A Real World Deployment Case Study Alexander Meisel N/A Security
Android in the Healthcare Workplace A Case Study Thomas Richards N/A Security
What can an Acquirer do to prevent developers from make dangerous software errors? Michele Moss , Don Davidson N/A
Securing Critical Infrastructure Francis Cianfrocca N/A Security
Using PHPIDS to Understand Attacks Trends Salvador Grec N/A Security
Mobile Application Security Who, how and why Charles Henderson , Mike Park N/A