There isn’t a formal application security track at TRISC (yet!), so I thought I would put together a list of the application security-focused talks.
Please be sure to check out John Dickson’s talk Tuesday at 1:45 in the Amphitheatre titled “The Permanent Campaign: Driving a Secure Software Initiative” and also check out my talk on “Securing SharePoint” Tuesday at 3:15 in Ballroom B.
- 1:00: Ballroom A: Rohyt Belani – Phishing 2.0, Ballroom B: David Lissberger – Hacking Through a Firewall
- 2:00: Ballroom B: Josh Sokol – Using Proxies to Secure Applications and More
- 3:15: Ballroom B: Robert Hansen & Rob MacDougal – Assessing Your Web App Manually Without Hacking It
- 8:30: Keynote: Johnny Long
- 12:45: Ballroom A: Trey Ford – Top Website Vulnerabilities: Trends, Business Effects, How To Fight Them, Ballroom B: Mano Paul – Web 0wn3d (OWASP Top 10) In Depth & Demonstrated
- 1:45: Amphitheater: John Dickson – The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise, Ballroom B: Matt Tesauro – OWASP Live CD: An Open Environment for Web Application Security
- 3:15: Ballroom B: Dan Cornell – Securing SharePoint
- 4:15: Ballroom A: Joseph Krull – PCI Compliance – Convert Drudgery Into a Powerful Security Framework, Ballroom B: Erhan Kartaltepe & Ravi Ganesan – A New Standard for Establishing Trust in Cross Domain XHR
As I have mentioned before, OWASP members get a $100 discount on TRISC 2009 attendance. Seeing as how OWASP membership now costs $50 that is a great deal. Bailout! Contact me for more specific info. For OWASP San Antonio we will be treating TRISC as our March meeting (regular meetings to resume in April).
dan _at_ denimgroup.com