[Owasp-Malaysia] OWASP AppSec Research 2010 - Slide Download

Mohd Fazli Azran mfazliazran at gmail.com
Sun Jul 18 23:47:21 EDT 2010


Dear Members,

Here the new link for item 18. Thanks

18) *Bradley Anstis and Vadim Pogulievsky, M86 Security - *Detecting and
Protecting Your Users from 100% of all Malware -
How?<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Detecting_100%25_Malware_by_Anstis_Pogulievsky.pdf>

On Sun, Jul 18, 2010 at 10:51 AM, Mohd Fazli Azran <mfazliazran at gmail.com>wrote:

> Thank for the feedback... I will check back the slide maybe MIA.. I will
> update to all. Thanks
>
>
> On Sat, Jul 17, 2010 at 11:10 AM, nuriah Omar <sitinuriah at gmail.com>wrote:
>
>> Got a 404 bad request for no 18.
>>
>> On Thu, Jul 15, 2010 at 1:03 PM, Mohd Fazli Azran <mfazliazran at gmail.com>wrote:
>>
>>> Dear Members,
>>>
>>> Here the list of slide that i compile from OWASP AppSec Research
>>> 2010, Stockholm, Sweden. Please download it for your information. Please
>>> spread to the people about this.Thanks
>>>
>>> Welcome Remark:
>>> 1) John Wilander & OWASP Global Board Members - Welcome to OWASP AppSec
>>> Research 2010 Conference<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Opening_Talk_by_Wilander.pdf>
>>>
>>> Keynote :
>>> 1) *Chris Evans, Information Security Engineer, and Ian Fette, Product
>>> Manager for Chrome Security, Google - *Cross-Domain Theft and the Future
>>> of Browser Security<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Keynote_1_by_Evans_and_Fette.pdf>
>>> 2) *Steve Lipner, Senior Director of Security Engineering Strategy,
>>> Microsoft Corporation - *The Security Development Lifecycle - The
>>> Creation and Evolution of a Security Development Process<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Keynote_2_by_Lipner.pdf>
>>>
>>> Track:
>>> 1) *Henrich Christopher Poehls, University of Passau - *BitFlip:
>>> Determine a Data's Signature Coverage from Within the Application<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_BitFlip_by_Poehls.pdf>
>>> 2) *Lieven Desmet and Philippe De Ryck, Katholieke Universiteit Leuven
>>> - *CsFire: Browser-Enforced Mitigation Against CSRF<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_CsFire_by_Desmet_and_DeRyck.pdf>
>>> <http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#CsFire:_Browser-Enforced_Mitigation_Against_CSRF>
>>> 3) *Chris Eng, Veracode - *Deconstructing ColdFusion<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Deconstructing_ColdFusion_by_Eng.pdf>
>>>
>>> 4) *M Decat, P De Ryck, L Desmet, F Piessens, W Joosen, Katholieke
>>> Universiteit Leuven - *Towards Building Secure Web Mashups<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Secure_Mashups_by_DeRyck.pdf>
>>>
>>> <http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#Towards_Building_Secure_Web_Mashups>
>>> 5) *Marco Balduzzi, Eurecom - *New Insights into Clickjacking<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Clickjacking_by_Balduzzi.pdf>
>>> <http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#New_Insights_into_Clickjacking>
>>> 6) *Ivan Ristic, Qualys - *How to Render SSL Useless<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/Ivan_Ristic_-_Breaking_SSL_-_OWASP.pdf>
>>>
>>> 7) *Gustav Rydstedt, Stanford Web Security Research - *Busting Frame
>>> Busting<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Busting_Frame_Busting_by_Rydstedt.pdf>
>>>
>>> 8) *Christian Hang and Lars Andren, Armorize Technologies - *Web
>>> Frameworks and How They Kill Traditional Security Scanning <http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Frameworks_Security_by_Hang.pdf>
>>> 9)  *Michael Boman, Omegapoint - *The State of SSL in the World <http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_State_of_SSL_by_Boman.pdf>
>>> 10) *Sergio Maffeis, Imperial College, London - *Object Capabilities and
>>> Isolation of Untrusted Web Applications<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Obj_Capabilities_by_Maffeis.pdf>
>>> <http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#.28New.29_Object_Capabilities_and_Isolation_of_Untrusted_Web_Applications>
>>> 11) *Jasvir Nagra and Mike Samuel, Google - *Beyond the Same-Origin
>>> Policy<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Beyond_SOP_by_Nagra_and_Samuel.pdf>
>>>
>>> 12) *Komal Randive, Symantec - *SmashFileFuzzer - a New File Fuzzer
>>> Tool <http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Smash_File_Fuzzer_by_Randive.pdf>
>>> 13) *Dan Bergh Johnsson, Omegapoint - *Value Objects a la Domain-Driven
>>> Security: A Design Mindset to Avoid SQL Injection and Cross-Site Scripting <http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_VOs_a_la_DDS_by_Johnsson.pdf>
>>> 14)  *Michael Schrank and Bastian Braun, University of Passau,  Martin
>>> Johns, SAP Research - *Session Fixation - the Forgotten Vulnerability? <http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Session_Fixation_by_Schrank_Braun_Johns_and_Poehls.pdf>
>>> 15) *Pravir Chandra, Fortify - *The Anatomy of Real-World Software
>>> Security Programs<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_OpenSAMM_by_Chandra.pdf>
>>>  16) *Juan José Conti, Universidad Tecnológica Nacional **Alejandro
>>> Russo, Chalmers Univ. of Technology - *A Taint Mode for Python via a
>>> Library<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Taint_Mode_for_Python_by_Conti_and_Russo.pdf>
>>>  17) *Nick Coblentz, OWASP Kansas City Chapter and AT&T Consulting - *Microsoft's
>>> Security Development Lifecycle for Agile Development<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Microsoft_SDL_Agile_by_Coblentz.pdf>
>>> 18) *Bradley Anstis and Vadim Pogulievsky, M86 Security - *Detecting and
>>> Protecting Your Users from 100% of all Malware - How?<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Detecting_100%_Malware_by_Anstis_Pogulievsky.pdf>
>>> 19) *Michael Craigue, Dell - *Secure Application Development for the
>>> Enterprise: Practical, Real-World Tips<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Real-World_Tips_by_Craigue.pdf>
>>> 20) *Cassio Goldschmidt, Symantec - *Responsibility for the Harm and
>>> Risk of Software Security Flaws<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Responsibility_for_Sec_Flaws_by_Goldschmidt.pdf>
>>> 21) *Thomas Jensen and David Pichardie, INRIA Rennes - Bretagne
>>> Atlantique - *Secure the Clones: Static Enforcement of Policies for
>>> Secure Object Copying<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Secure_Cloning_by_Jensen.pdf>
>>> 22) *Antti Vähä-Sipilä, Nokia - *Product Security Management in Agile
>>> Product Management<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Agile_Prod_Sec_Mgmt_by_Vaha-Sipila.pdf>
>>> 23) *Tom Brennan, WhiteHat Security and OWASP Foundation - *Hacking by
>>> Numbers<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Hacking_by_Numbers_by_Brennan.pdf>
>>> 24) *Jonas Magazinius, Phu H. Phung, and David Sands, Chalmers Univ. of
>>> Technology - S <http://goog_1243296956>*afe Wrappers and Sane Policies
>>> for Self Protecting JavaScript<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Safe_Wrappers_by_Magazinius.pdf>
>>> 25) *Chris Eng, Veracode - *Application Security Scoreboard in the Sky<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Appsec_Scoreboard_by_Eng.pdf>
>>> 26) *Johan Lindfors and Dag König, Microsoft - *Security Toolbox for
>>> .NET Development and Testing<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_NET_Toolbox_by_Lindfors_and_Konig.pdf>
>>> 27) *Wendel G. Henrique and Steve Ocepek, Trustwave - *Owning Oracle:
>>> Sessions and Credentials<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_Owning_Oracle_by_Henrique_and_Ocepek.pdf>
>>> 28) *David Lindsay, Cigital **Eduardo Vela Nava, sla.ckers.org - *Cross-Site
>>> Location Jacking (XSLJ)<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_Appsec_Research_2010_Redirects_XSLJ_by_Sirdarckcat_and_Thornmaker.pdf>
>>> 29) *Dave Wichers, Aspect Security and OWASP Foundation - *
>>> OWASP_Top_10_2010<http://www.owasp.my/OWASP/AppSecResearch2010/Sweden/OWASP_AppSec_Research_2010_OWASP_Top_10_by_Wichers.pdf>
>>>
>>>
>>> Regards,
>>> Mohd Fazli Azran
>>> OWASP Malaysia Chapter Leader
>>> [image: OWASP Malaysia] <http://www.owasp.org/Malaysia>
>>>
>>> _______________________________________________
>>> Owasp-Malaysia mailing list
>>> Owasp-Malaysia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>
>>> OWASP Malaysia Wiki
>>> http://www.owasp.org/index.php/Malaysia
>>>
>>> OWASP Malaysia Wiki Facebook
>>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>>
>>
>>  Regards,
> Mohd Fazli Azran
> OWASP Malaysia Chapter Leader.
>  Web   :  http://www.owasp.my
> Email   :  fazli at mysecurity.my
> Mobile  :   +6.013.204.8672
> [image: OWASP Malaysia] <http://www.owasp.my>
>
>
> Regards,
Mohd Fazli Azran
OWASP Malaysia Chapter Leader
[image: OWASP Malaysia] <http://www.owasp.org/Malaysia>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20100718/aeb612a8/attachment.html 


More information about the Owasp-Malaysia mailing list