Presentaciones OWASP AppSec 2011 disponibles

El pasado 20 al 23 de septiembre se realizó en Minneapolis la OWASP AppSes USA 2011, la conferencia más grande de seguridad en aplicaciones y desarrollo de software. Ya se encuentran disponibles las presentaciones y videos para descarga:

• Mark Curphey
  Community - The Killer App (Video - starts at time marker 5:30, PDF)
• Andrés Riancho
  Web Application Security Payloads (PDF)
• Andy Murren
  SwA and the Cloud - Counting the Risks (PPTX)
• Patrick Tatro
  Principles of Patrolling: Applying Ranger School to Information Security (PPTX)
• Arian Evans
  Six Key Metrics: A look at the future of appsec
• Jim Manico
  Ghosts of XSS Past, Present and Future (PDF)
• Shankar Babu Chebrolu, PhD, CISSP
  Top Ten Risks with Cloud that will keep you Awake at Night (PPTX)
• Ryan W Smith
  STAAF: An Efficient Distributed Framework for Performing Large-Scale Android Application Analysis (PDF)
• Charles Henderson
  Global Security Report (PDF)
• Shreeraj Shah
  Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2) (PDF)
• Scott Matsumoto
  Threat Modeling in the Cloud: What You Don’t Know Will Hurt You! (PDF)
• Tom Fischer
  Lessons Learned Building Secure ASP.NET Applications (PDF)
• John Benninghoff
  Behavioral Security Modeling: Eliminating Vulnerabilities by Building Predictable Systems (PDF)
• Michael Coates (Video, PDF)
• Juan Galiana Lara
  Pwning intranets with HTML5 (PDF)
• Dan Cornell
  The Self Healing Cloud: Protecting Applications and Infrastructure with Automated Virtual Patching (PDF)
• Mike Park
  Android Security, or This is not the Kind of "Open" I Meant... (PPTX)
• Mike McCormick, Christophe Veltsos, Jeff Williams
  Making it in Information Security and Application Security (PPT)
• Todd Redfoot
  Keeping up with the Web-Application Security (PPTX)
• Matt Tesauro
  Testing from the Cloud: Is the Sky Falling? (PDF)
• Kevin Stadmeyer, Garrett Held
  Hacking (and Defending) iPhone Applications (PPTX)
• John B. Dickson, CISSP
  Software Security: Is OK Good Enough? (PDF)
• Jon McCoy (DigitalBodyGuard)
  Hacking .NET (C#) Applications: The Black Arts (PDF)
• Adrian Lane
  CloudSec 12-Step (PDF)
• Ashkan Soltani, Gerrit Padgham
  When Zombies Attack - a Tracking Love Story (PDF)
• Jeff Williams
  AppSec Inception - Exploiting Software Culture (Prezi [Flash])
• UNIVERSITY CHALLENGE WINNERS TALK! (Video, PPT)
• Ira Winkler (Video, PPT)
• Richard Struse
  Software Assurance Automation throughout the Lifecycle (PPTX)
• Michael Coates
  Pure AppSec, No Fillers or Preservatives - OWASP Cheat Sheet Series (PDF)
• Colin Watson
  OWASP Codes of Conduct (PDF)
• Dr. Bill Chu, Jing Xie
  Secure Programming Support in IDE (PDF)
• Brian Chess
  Gray, the New Black: Gray-Box Web Penetration Testing (PPTX)
• Ryan Stinson
  Improve your SDLC with CAPEC and CWE (PPTX)
• Jack Mannino, Zach Lanier, Mike Zusman
  OWASP Mobile Top 10 Risks (PPTX)
• Aditya K Sood, Richard Enbody
  The Good Hacker - Dismantling Web Malware (PDF)
• Chris Wysopal
  Application Security Debt and Application Interest Rates (PPT)
• Chuck Willis, Kris Britton
  Sticking to the Facts: Scientific Study of Static Analysis Tools (PDF)
• Simon Bennetts
  Introducing the OWASP Zed Attack Proxy (PPTX)
• Justin Collins, Tin Zaw
  Brakeman and Jenkins: The Duo Detect Defects in Ruby on Rails Code (PPTX)
• Mike Ware
  Simplifying Threat Modeling (PDF)
• Moxie Marlinspike (Video, PDF)
• Adam Meyers
  Mobile Applications Software Assurance (PDF)
• Anthony J. Stieber
  How NOT to Implement Cryptography for the OWASP Top 10 (PDF)
• Michael Coates
  Security Evolution - Bug Bounty Programs for Web Applications (PDF)
• Wendy Nather (moderator), Dinis Cruz, Chris Eng, Jerry Hoff, Darren Meyer, John Steven, Sean Fay
  Speeding Up Security Testing Panel (PPTX)
• Charles Schmidt
  You’re Not Done (Yet) - Turning Securable Apps into Secure Installations using SCAP (PPTX)
• Beef (Chris Schmidt), Kevin Wall
  ESAPI 2.0 - Defense Against the Dark Arts (PPT)
• Jason Li
  OWASP Projects Portal Launch! (5-10 Minutes) (PPTX)
• Srini Penchikala
  Messaging Security using GlassFish 3.1 and Open Message Queue (PDF)
• Glenn Leifheit (moderator), Andreas Fuchsberger, Ajoy Kumar, Richard Tychansky, Alessandro Moretti
  Application Security Advisory Board SDLC Panel (PPTX)
• Michelle Moss, Nadya Bartol
  Why do developers make these dangerous software errors? (PPTX)
• Ryan Barnett
  OWASP CRS and AppSensor Project (Prezi [Flash])
• Alex Smolen
  Application Security and User Experience (PDF)
• Gunnar Peterson
  Mobile Web Services

Cristian de la Redacción de Segu-Info

Suscríbete a nuestro Boletín