AppSec EU 2015 begins in two weeks. It is being held in Amsterdam at the Amsterdam RAI exhibition and conference centre.
With the news yesterday that the number of conference attendee bookings has surpassed 400, together with the training, capture the flag competition, university challenge, application security hackathon, computer gaming, networking and organised social events, it looks like this year's event is shaping up very well.
When the call for papers was announced last year, I proposed having some sessions that gave the opportunity for a larger number of project leaders to explain their work, the target users, the benefits, and what materials are available. I am pleased to say the conference team liked the idea and allocated two 45-minute slots. These are being used to showcase innovation in OWASP projects to the main conference audience.
Both lightning talk sessions occur on Thursday 21st May. Each talk is 10 minutes long. The speakers and their projects are listed below.
14:30 - 15:15 hrs
- Spyros GASTERATOS
Hackademic Challenges, implementing realistic scenarios with known vulnerabilities in a safe, controllable environment.
- Andrew VAN DER STOCK and Daniel CUTHBERT
Application Security Verification Standard, providing a basis for assessing web application technical security controls, to establish a level of confidence in the security of web applications.
- Jonathan CARTER
Reverse Engineering and Code Modification Prevention, educating security architects, risks analysts, software engineers, and pen testers around binary risks from code integrity violation and reverse engineering.
- Matteo MEUCCI
Testing Guide, version 4 the de facto standard for performing web application penetration testing.
15:45 - 16:30 hrs
- Jim MANICO
Top 10 Proactive Controls, describing the most important control and control categories that every architect and developer should include in every project, and Cheat Sheet Series, providing a concise collection of high value information on specific web application security topics.
- Tao SAUVAGE and Marios KOURTESIS
Offensive Web Testing Framework (OWTF), making security assessments as efficient as possible by automating the manual uncreative part of pen testing, and providing out-of-box support for the OWASP Testing Guide, and NIST and PTES standards.
- Ann RACUYA-ROBBINS and Luis ENRIQUEZ
Knowledge Based Authentication Performance Metrics, establishing standard performance metrics for knowledge based authentication (KBA) in alignment the NSTIC guiding principles - at the intersection of security, identity and privacy.
- Sebastien DELEERSNYDER
Software Assurance Maturity Model (OpenSAMM), an open framework to help organizations measure, improve and manage their software security practice that is tailored to the specific risks facing the organization.
I will introduce each session, the speakers and keep time. I hope you can join me to hear about these contributions to application security directly from the leaders themselves. We will have time after the sessions for further discussion and questions.
Posted on: 08 May 2015 at 09:00 hrs