[Owasp-portuguese] IBWAS'09, Conferência em Segurança de Aplicações Web

Carlos Serrao carlos.j.serrao at gmail.com
Mon Nov 30 06:45:27 EST 2009

Caros membros,
agradeço a divulgação do seguinte evento.


First Iberic Conference on Web-Applications Security (IBWAS’09) 
Escuela Universitaria de Ingeniería Técnica de Telecomunicacíon - Universidad Politécnica de Madrid 
10th – 11th December 2009 
Madrid, Spain 
http://www.ibwas.com, http://www.owasp.org/index.php/OWASP_AppSec_Iberia_2009 
[organised by OWASP Spain and OWASP Portugal] 

There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use. 

As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core. 

This conference will bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers. 

Conference proceedings will be published by Springer in the "Communications in Computer and Information Science" (CCIS) series. 

Keynote Speakers 
* Bruce Schneier, acclaimed security guru, author, BT CSTO (confirmed) 
* Inspector Jorge Martín from the High Tech Crime Unit of the Spanish National Police (confirmed) 

* Justin Clarke, Gotham Digital Science
* Dinis Cruz, OWASP
* Luis Corrons, Panda Security
* Marc Chisinevski, OWASP
* Simon Roses, Microsoft
* Dave Harper, Fortify Software
* Raul Siles, Taddong
* Miguel Almeida, Independent Security Consultant
* Daniele Catteddu, ENISA
* Kuai Hinojosa, OWASP
* Fabio E Cerullo, OWASP
* Paulo Querido, Publico/Expresso
* Martin Knobloch, OWASP
* Javier Fernández-Sanguino, University Rey Juan Carlos

The agenda can be found in the following locations:

Who should attend?
- Academics
- Researchers
- Lifelong learning educators
- Technical staff
- Secondary, vocational, or tertiary educators
- Professionals from the private and public sector
- Technologists and Scientifics
- School counsellors, principals and teachers
- Education policy development representatives
- General personnel from vocational sectors
- Student counsellors
- Career/employment officers
- Education advisers
- Student Unions
- Bridging program lecturers & support staff
- Library personnel
- International support and services staff
- Open learning specialists
- Application Developers
- Application Testers and Quality Assurance
- Application Project Management and Staff
- Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
- Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
- Security Managers and Staff
- Executives, Managers, and Staff Responsible for IT Security Governance
- IT Professionals Interesting in Improving IT Security
...and any person interested in Web Application and Services Security and Information Security in general.

Conference Topics 
• Secure application development 
• Security of service oriented architectures 
• Security of development frameworks 
• Threat modelling of web applications 
• Cloud computing security 
• Web applications vulnerabilities and analysis (code review, pen-test, static analysis etc.) 
• Metrics for application security 
• Countermeasures for web application vulnerabilities 
• Secure coding techniques 
• Platform or language security features that help secure web applications 
• Secure database usage in web applications 
• Access control in web applications 
• Web services security 
• Browser security 
• Privacy in web applications 
• Standards, certifications and security evaluation criteria for web applications 
• Application security awareness and education 
• Security for the mobile web 
• Attacks and Vulnerability Exploitation 

http://www.ibwas.com, http://www.owasp.org/index.php/OWASP_AppSec_Iberia_2009 

E-mail: secretariat at ibwas.com 

Carlos Serrão, Ph.D., M.Sc.: ISCTE/DCTI Assistant Professor | NetMuST/Adetti Researcher - website - blog - allofads.com 
contacts | carlos.serrao at iscte.pt, carlos.j.serrao at gmail.com skype | pontocom msn | pontocom73 at hotmail.com | linkedin

More information about the Owasp-portuguese mailing list