OWASP AppSecAsiaPac 2012 April 11, 2012 to April 12, 2012, Sydney, Australia

Event Page

Tell us about missing data
Title Speakers Summary Topic Types
Web Crypto for the Developer Who Has Better Things To Do Adrian Hayes "Cryptography is easy to get wrong and can be a pain to implement. This presentation ... Security
Rethinking web-application architectures for the Cloud Arshad Noor Unless your organization is unique, not all your data is sensitive. This raises the question: ... Security
Effective Software Development in a PCI DSS Environment Bruce Ashton Compliance with the stringent Payment Card Industry Data Security Standards (PCI DSS) mandate a locked-down ... Security
Anatomy of a Logic Flaw Daniel Crowley , Charles Henderson Traditional vulnerabilities like SQL Injection, buffer overflows, etc, have well established techniques for discovery and ...
You Can't Filter "The Stupid" Daniel Crowley , Charles Henderson Everyone wants to stretch their security budget as far as possible; in recent years, automated ...
Shake Hooves With BeEF Christian "xntrik" Frichot When was the last time you performed a penetration test and were able to successfully ... Security
Advanced Mobile Application Code Review Techniques Prashant Verma , Dinesh Shetty Learn how Mobile experts blend their techniques in order to accelerate code reviews. While reviewing ...
HTTP Fingerprinting - the next generation Eldar Marcussen The next generation of HTTP Fingerprinting - builds on existing web server fingerprinting research to ... Security
Rise of the Planet of the Anonymous Errazudin Ishak "Welcome to Planet of the Anonymous. Where all system wranglers from every inch of Planet ... Security
Pentesting mobile Applications Frank Yuan Fan 1?iPhone&adnriod App Basics App development App distribution 2?Pentesting iPhone Apps Methodology Areas of focus 3?Pentesting ... Security
The risks that pen tests don't find Gary Gaskell "Penetrations tests are a crucial element of an organisation's security plan. This is not likely ... Security
Software Security goes Mobile Jacob West In the past decade, mobile devices have led one of the most rapid and widespread ... Security
Pentesting iOS Applications Jason Haddix 3rd party iOS applications are a tricky animal. In contrast to Android applications written in ... Security
How MITMproxy has been slaying SSL Dragons Jim Cheetham MITMproxy is an extensible HTTP/HTTPS interactive or programmable man-in-the-middle proxy, aimed at security researchers and ... Security
Static Code Analysis and Governance Jonathan Carter "Organisations love to use static code analysis tools to review their source code for application-security ... Security
Harder, Better, Faster, Stronger... Luke Jahnke SQL Injection vulnerabilities are common and relatively well-known, however, most current discussion of SQL injection ... Security
Security Testing on Web Applications - How to protect yourself and avoid getting owned Magno (logan) Rodrigues "Web Applications are the number one threat for companies and organizations today. And that's why ... Security
Data Breaches - when application security goes wrong Mark Goudie 2011 was another transformational year in computer security incidents with sensitive data being stolen by ... Security
Breaking is easy, preventing is hard Matias Madou Is security a losing battle? Breaking software seems to become easier over time, while protecting ... Security
Testing from the Cloud: Is the Sky Falling? Matt Tesauro "More and more IT is being moved to the cloud, why shouldn't your testing move ... Security
Mobile Security on iOS and Android - Where the bdies are buried Mike Park "This will be a continuation and expansion of my talk on Android Security from AppsecUSA ... Security
Application Security Logging and Monitoring - The Next Frontier Peter Freiberg Many applications have poor security logs and consequently have limited ability to detect attacks and ... Security
Modern software security assurance with OpenSAMM Pravir Chandra "For those that haven't seen it already, the Open Software Assurance Maturity Model (OpenSAMM) is ... Security
Overcoming the Quality vs Quantity Problem in Software Security Testing Rafal Los "The current state of software security poses a very serious problem when it comes to ... Security
OWASP Zed Attack Proxy (ZAP) Simon Bennetts The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool ... Security
Password Less Authentication, Authorization and Payments Srikar Sagi A Mobile is ONE\'S OWN Identity in 21st Century Authentication & Authorization, is done via ... Security
Securing the SSL channel against man-in-the-middle attacks: Future technologies - HTTP Strict Transport Security and Pinning of Certs Tobias Gondrom "Securing the SSL channel against man-in-the-middle attacks: Future technologies - HTTP Strict Transport Security and ... Security