APPSECUSA 2013

Presentaciones de OWASP AppSecUSA 2013



Otra de las remarcadas conferencias sobre seguridad informática, OWASP AppSecUSA 2013, fue celebrada en Nueva York del 18 al 21 de noviembre. Para los no privilegiados, aquí tenéis la lista de los vídeos (diapositivas con audio):

• OWASP Zed Attack Proxy - Simon Bennetts
• The Cavalry Is US: Protecting the public good - Josh Corman, Nicholas Percoco
• 2013 AppSec Guide and CISO Survey - Marco Morana, Tobias Gondrom
• Top Ten Proactive Controls - Jim Manico
• Forensic Investigations of Web Exploitations - Ondrej Krehel
• Big Data Intelligence - Ory Segal, Tsvika Klein
• All the network is a stage, and the APKs merely players - Daniel Peck
• BASHing iOS Applications - Jason Haddix, Dawn Isabel
• What You Didn't Know About XML External Entities Attacks - Timothy Morgan
• OWASP Hackademic - Konstantinos Papapanagiotou
• OWASP Periodic Table of Elements - James Landis
• Why is SCADA Security an Uphill Battle? - Amol Sarwate
• Making the Future Secure with Java - Milton Smith
• Tagging Your Code with a Useful Assurance Label - Robert Martin
• HTML5: Risky Business or Hidden Security Tool Chest? - Johannes Ullrich
• Thinking Differently About Security - Mary Ann Davidson
• The 2013 OWASP Top 10 - Dave Wichers
• PiOSoned POS - A Case Study in iOS based Mobile Point-of-Sale gone wrong - Mike Park
• Verify your software for security bugs - Simon Roses Femerling
• Insecure Expectations - Matt Konda
• Hacking Web Server Apps for iOS - Bruno Oliveira
• (Audio only) PANEL: Aim-Ready-Fire moderated by Wendy Nather
• AppSec at DevOps Speed and Portfolio Scale - Jeff Williams
• Application Security: Everything we know is wrong - Eoin Keary
• An Introduction to the Newest Addition to the OWASP Top 10 - Ryan Berg, Jeff Williams
• Mobile app analysis with Santoku Linux - Andrew Hoog
• Accidental Abyss: Data Leakage on The Internet - Kelly FitzGerald
• Mantra OS: Because The World is Cruel - Gregory Disney-Leugers
• (Audio only) Wassup MOM? Owning the Message Oriented Middleware - Gursev Singh Kalra
• Case Study: 10 Steps to Agile Development without Compromising Enterprise Security - Yair Rovek
• Contain Yourself: Building Secure Containers for Mobile Devices - Ron Gutierrez
• iOS Application Defense - iMAS - Gregg Ganley
• Pushing CSP to PROD - Brian Holyfield, Erik Larsson
• Leveraging OWASP in Open Source Projects - Aaron Weaver, David Ohsie, Bill Thompson
• HTTP Time Bandit - Vaagn Toukharian, Tigran Gevorgyan
• NIST - Missions and impacts to US industry, economy and citizens - James St. Pierre, Matthew Scholl
• Revenge of the Geeks: Hacking Fantasy Sports Sites - Dan Kuykendall
• Hack.me: a new way to learn web application security - Armando Romeo
• OWASP Broken Web Applications (OWASP BWA): Beyond 1.0 - Chuck Willis
• Can AppSec Training Really Make a Smarter Developer? - John Dickson
• The Perilous Future of Browser Security - Robert Hansen
• (Audio only) PANEL: Women in Information Security - moderated by Joan Goodchild
• (Audio only) Panel: Don't Tell Me Software Security - moderated by Mark Miller