[Owasp-board] Need Help with OWASP Italy Agenda

Andrew van der Stock vanderaj at owasp.org
Sun Mar 4 14:04:46 UTC 2007

Just in case Mike can¹t make it, we need an alternative headline key note. I
don¹t know Raoul that well, but if he wants to speak, he would be a good

Panel 1: Public site vulnerability research ­ good or evil? Ethics gradient
meet Springer; many sites like sl.ackers.org divulge a great deal of
information about XSS attacks on huge public websites. Discuss.

Panel 2: What is needed to fix web app sec vulnerabilities once and for all?
Why are we still handling the same crappy issues (XSS, SQL injection, etc)
we saw back in 2000, with a few new friends. Why are things not getting
better. Discuss ways to improve webappsec.

In terms of speakers, has a call for papers gone out yet? I¹d like for a
spread of papers to cover:

* Designing secure apps
* Coding Securely 
* Code Review 
* Testing 
* New attacks and vulnerabilities (like Amit¹s talk last year, or get
someone like pdp architect)

I wouldn¹t mind speaking, but May is pretty full for me in terms of travel.
I¹m not sure Tanya would be crazy for me going somewhere in my only week at
home during May.  


On 3/2/07 3:12 PM, "Dave Wichers" <dave.wichers at owasp.org> wrote:

> Guys,
> I think we have the venue located (a Marriott) and we are starting to work on
> the details there.  What I need now is quick help on the agenda.
> This is what I have so far:
> Keynote from Mike Howard Again (Hopefully)
> Dinis: Status of OWASP, AoC, and SPoC, new Top 10, and whatever else we think
> is appropriate (after Mike Howard)
> And this is what else I¹m planning for:
> Matteo Meuci ­ Testing Guide
> Dinis: A whirlwind tour of the OWASP tools and projects, Dinis Cruz, OWASP
> Chief Evangelist and .Net Projects Lead  (something like this)
> 2x 2 paper blocks for the refereed papers track
> 2 panels (Need panel proposals)
> Pravir Chandra ­ Something about his current with/enhancements to CLASP.
> Aspect ­ Potentially something about advanced Web App Security topics,
> Advanced XSS, CSRF, maybe AJAX/Web Services. Haven¹t thought through this deep
> enough yet.
> I¹d like to have lots more talks on OWASP projects: Can you please suggest
> which OWASP projects have made great progress that we should have them come
> and speak?
> I also need a 2nd keynote. Do you think Raoul Chiesa would be a good keynoter
> for day 2? His from Italy and is fairly well known there at least. Any other
> suggestions?
> Any topics that are especially critical that we cover?
> -Dave
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070304/1be3317f/attachment-0002.html>

More information about the Owasp-board mailing list