owaspapseccalifornia 2018 Jan. 28, 2018 to Jan. 29, 2018, california,usa
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
Advanced Web Hacking and Secure Coding | Vikram Salunke | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
Extended Web Application Hacking [Day 1 of 2] | Peter Kim | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
Intro To Web Hacking Using ZAP/Hacking APIs And The MEAN Stack | Tanya Janca , Nikki Becher | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
New OWASP Top 10 - Exploitation and Effective Safeguards [Day 1 of 2] | Jim Manico | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
Extended Web Application Hacking [Day 2 of 2] | Peter Kim | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
New OWASP Top 10 - Exploitation and Effective Safeguards [Day 2 of 2] | Jim Manico | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
So You Want to Run a Secure Service on AWS? | William Bengtson , Nag Medida | Please note: Training Sessions are not included in the Conference price. Sign up now! Check ... | |
Welcome Address | Richard Greenberg | Chapter Leader, OWASP Los AngelesHi everyone! I am the Chair for AppSec California and the ... | |
Opening Keynote - Flipping the script: Fighting Advanced Threats at their Software Roots | Eric Baize | Abstract: For almost two decades, software security practitioners have successfully defined advanced techniques and tools ... | |
The Best Flaw Didn't Make Into Production | Izar Tarandach | Security practitioners - the Sisyphus of information technology. We stand with a huge mass of ... | |
The Only Reason Security Really Matters for DevOps | Caroline Wong | Abstract :This talk begins by exploring the answer to the question, why does DevOps matter? ... | |
Authentication without Authentication | Omer Levi Hevroni | Authentication is important, but how do you authenticate when user interaction is not an option? ... | |
DevOps Is Automation, DevSecOps Is People | Mike Shema | Abstract: A lot of appsec boils down to DevOps ideals like feedback loops, automation, and ... | |
ReproNow - Save time Reproducing and Triaging Security bugs | Vinayendra Nataraja , Lakshmi Sudheer | Abstract :Crowdsourcing security aka Bug Bounty Programs are adapted by almost all companies today: big, ... | |
Robots with Pentest Recipes - Democratizing Security Testing Pipelines for DevOps Wins | Abhay Bhargav | Abstract :Application Security (AppSec) Teams are usually short-staffed. While this is no surprise in itself. ... | |
Threat Modeling Toolkit | Jonathan Marcil | Threat Modeling is a great way to analyze security early in software development by structuring ... | |
Leveraging Cloud SDNs to Solve OWASP Top Ten | John Studarus | Abstract :Historically, implementing network security controls within a virtualized cloud environment have been difficult to ... | |
Breaking Fraud & Bot Detection Solutions | Mayank Dhiman | Abstract: Browser fingerprinting and user behavior tracking are powerful techniques used by most fraud and ... | |
The Path Of DevOps Enlightenment For InfoSec | James Wickett | Abstract: Security as we have known it has completely changed. Through challenges from the outside ... | |
Threat Modeling Panel | Adam Shostack , Izar Tarandach , Jonathan Marcil , Haral Tsitsivas , Brook Schoenfield | N/A | |
Decrease Your Stress and Increase Your Reach with Appsec Champions | Coleen Coolidge | Abstract: Being the only person in the entire company who works the appsec program gets ... | |
MarkDoom: How I Hacked Every Major IDE in 2 Weeks. | Matt Austin | Abstract: JavaScript (and HTML) has completely conquered the Web, and now it’s taking over the ... | |
OWASP Top 10 | Andrew Stock | Director, OWASP FoundationAndrew is an in demand speaker and trainer, with past speaking engagements at ... | |
SecDevOps: Current Research and Best Practices | Clint Gibler | Abstract:The last decade has seen widespread changes in how organization develop and release software. It's ... | |
Seeing Through the Fog - Navigating the Security Landscape of a Cloud-First World | Ben Johnson | Abstract :The prospect of the cloud is extremely attractive to many enterprises, so it’s no ... | |
The Bug Hunters Methodology 2.0 | Jason Haddix | Abstract: Building on the Bug Hunter's Methodology 1.0 given at Defcon 23, 2.0 brings the ... | |
Costs of Coding to Compliance | Joel Cardella , Magen Wu | Abstract: The problem with most compliance, such as PCI, is that when you manage a ... | |
Edgeguard: Client-side DOM Security - detecting malice - AN Open Framework | Eoin Keary , Rahim Jina | Abstract :“Project edgeguard” is a open framework that allows you to detect when malicious content ... | |
How Privacy Violations, Fines and Economic Sanctions Create Darker Opportunities. | Christina Kubecka | Abstract: Welcome to 2018. Although there’s no flying car in every garage yet. We do ... | |
Closing Keynote - Digital Disease: How Healthcare Cybersecurity Challenges Can Claim -or Save- Lives | Christian quaddi Dameff | Abstract: Old “data security first” and HIPAA compliance paradigms in healthcare can’t address the patient ... | |
Keynote - Prove It! Quantitatively Confronting Security With Data | Richard Seiersen | Abstract:What would you see occurring that would let you know that your security capabilities are ... | |
Pack your Android: Everything you need to know about Android Boxing | Swapnil Deshmukh | Android malware authors may enforce one or a combination of protection techniques like obfuscators, packers ... | |
Architecting for Security in the Cloud | Josh Sokol | Abstract: The best part about creating new products and services in the cloud is the ... | |
Taking on the King: Killing Injection Vulnerabilities | Justin Collins | Abstract:How do we dismantle the reign of dangerous and prevalent vulnerabilities? "Injection" has crowned the ... | |
Prevention as a Business Strategy | Corey White | Abstract: The world of cybersecurity has changed. Cybercriminals target organizations and unleash a torrent of ... | |
Hunter – Optimize your Pentesters time | Kiran Shirali | Abstract: Is your pentest report filled with low risk items? Are these projects that you ... | |
Lessons From The Threat Modeling Trenches | Brook Schoenfield | Abstract: What wisdom percolates from building threat modeling practices across 4 organizations? This presentation is ... | |
Security After Death -- Not your problem, or is it? | Ty Shipman | Abstract :The talk covers practical solutions to storing passwords and secure ways to share those ... | |
What's new in TLS 1.3 | Alex Balducci | Abstract: TLS 1.3 is just about here ! This talk will cover the more notable ... | |
Predicting Random Numbers in Ethereum Smart Contracts | Arseny Reutov | Abstract:Smart contracts are not only about ICOs - various lotteries, roulettes and card games are ... | |
Panel: Women in Security | Caroline Wong , Christina Kubecka , Magen Wu , Coleen Coolidge , Kayva Pearlman | N/A | |
A Tour of API Underprotection | Skip Hovsmith | Abstract :Effective API protection is a growing concern, reflecting the popularity of RESTful Web APIs ... | |
Where, how, and why is SSL traffic on mobile getting intercepted? A look at ten million real-world SSL incidents | Alban Diquet | Abstract :Over the last two years, we've received and analyzed more than ten million SSL ... | |
European Vacation - Leveraging GDPR for Security | Anthony Trummer | Abstract: Our friends across the pond, love their privacy. Makes you wonder what they're up ... | |
Applied Deception Beyond the Honeypot: Moving Past 101 | Robert Wood | Abstract: Conflict in cyberspace moves quickly, is primarily asynchronous and can be carried out by ... | |
Unpoisoned Fruit: Seeding Trust into a Growing World of Algorithmic Warfare | Davi Ottenheimer | Abstract: Artificial Intelligence, or even just Machine Learning for those who prefer organic, is influencing ... | |
We Come Bearing Gifts: Enabling Product Security with Culture and Cloud | Patrick Thomas , Astha Singhal | Abstract :What would it look like if security never had to say “no”?This talk explores ... | |
Closing Keynote - A free, fair and open internet is a process, not a product. | Cory Doctorow | Abstract: We're never going to be finished with the great work of securing the internet, ... |