Presentaciones y Videos OWASP AppSes USA 2011

Paseándome por la red me encuentro con que se han publicado las presentaciones y videos de la OWASP AppSes USA 2011, y la verdad es que me gusta mucho la iniciativa OWASP que es un proyecto de código abierto dedicado al seguridad de aplicaciones Web. Si bien la documentación está en ingles, igual les dejo la noticia ya que están muy buenas.

El pasado 20 al 23 de septiembre se realizó en Minneapolis la OWASP AppSes USA 2011, la conferencia más grande de seguridad en aplicaciones y desarrollo de software. Ya se encuentran disponibles las presentaciones y videos para descarga:

• Mark Curphey
  Community - The Killer App (Video - starts at time marker 5:30, PDF)
• Andrés Riancho
  Web Application Security Payloads (PDF)
• Andy Murren
  SwA and the Cloud - Counting the Risks (PPTX)
• Patrick Tatro
  Principles of Patrolling: Applying Ranger School to Information Security (PPTX)
• Arian Evans
  Six Key Metrics: A look at the future of appsec
• Jim Manico
  Ghosts of XSS Past, Present and Future (PDF)
• Shankar Babu Chebrolu, PhD, CISSP
  Top Ten Risks with Cloud that will keep you Awake at Night (PPTX)
• Ryan W Smith
  STAAF: An Efficient Distributed Framework for Performing Large-Scale Android Application Analysis (PDF)
• Charles Henderson
  Global Security Report (PDF)
• Shreeraj Shah
  Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2) (PDF)
• Scott Matsumoto
  Threat Modeling in the Cloud: What You Don’t Know Will Hurt You! (PDF)
• Tom Fischer
  Lessons Learned Building Secure ASP.NET Applications (PDF)
• John Benninghoff
  Behavioral Security Modeling: Eliminating Vulnerabilities by Building Predictable Systems (PDF)
• Michael Coates (Video, PDF)
• Juan Galiana Lara
  Pwning intranets with HTML5 (PDF)
• Dan Cornell
  The Self Healing Cloud: Protecting Applications and Infrastructure with Automated Virtual Patching (PDF)
• Mike Park
  Android Security, or This is not the Kind of "Open" I Meant... (PPTX)
• Mike McCormick, Christophe Veltsos, Jeff Williams
  Making it in Information Security and Application Security (PPT)
• Todd Redfoot
  Keeping up with the Web-Application Security (PPTX)
• Matt Tesauro
  Testing from the Cloud: Is the Sky Falling? (PDF)
• Kevin Stadmeyer, Garrett Held
  Hacking (and Defending) iPhone Applications (PPTX)
• John B. Dickson, CISSP
  Software Security: Is OK Good Enough? (PDF)
• Jon McCoy (DigitalBodyGuard)
  Hacking .NET (C#) Applications: The Black Arts (PDF)
• Adrian Lane
  CloudSec 12-Step (PDF)
• Ashkan Soltani, Gerrit Padgham
  When Zombies Attack - a Tracking Love Story (PDF)
• Jeff Williams
  AppSec Inception - Exploiting Software Culture (Prezi [Flash])
• UNIVERSITY CHALLENGE WINNERS TALK! (Video, PPT)
• Ira Winkler (Video, PPT)
• Richard Struse
  Software Assurance Automation throughout the Lifecycle (PPTX)
• Michael Coates
  Pure AppSec, No Fillers or Preservatives - OWASP Cheat Sheet Series (PDF)
• Colin Watson
  OWASP Codes of Conduct (PDF)
• Dr. Bill Chu, Jing Xie
  Secure Programming Support in IDE (PDF)
• Brian Chess
  Gray, the New Black: Gray-Box Web Penetration Testing (PPTX)
• Ryan Stinson
  Improve your SDLC with CAPEC and CWE (PPTX)
• Jack Mannino, Zach Lanier, Mike Zusman
  OWASP Mobile Top 10 Risks (PPTX)
• Aditya K Sood, Richard Enbody
  The Good Hacker - Dismantling Web Malware (PDF)
• Chris Wysopal
  Application Security Debt and Application Interest Rates (PPT)
• Chuck Willis, Kris Britton
  Sticking to the Facts: Scientific Study of Static Analysis Tools (PDF)
• Simon Bennetts
  Introducing the OWASP Zed Attack Proxy (PPTX)
• Justin Collins, Tin Zaw
  Brakeman and Jenkins: The Duo Detect Defects in Ruby on Rails Code (PPTX)
• Mike Ware
  Simplifying Threat Modeling (PDF)
• Moxie Marlinspike (Video, PDF)
• Adam Meyers
  Mobile Applications Software Assurance (PDF)
• Anthony J. Stieber
  How NOT to Implement Cryptography for the OWASP Top 10 (PDF)
• Michael Coates
  Security Evolution - Bug Bounty Programs for Web Applications (PDF)
• Wendy Nather (moderator), Dinis Cruz, Chris Eng, Jerry Hoff, Darren Meyer, John Steven, Sean Fay
  Speeding Up Security Testing Panel (PPTX)
• Charles Schmidt
  You’re Not Done (Yet) - Turning Securable Apps into Secure Installations using SCAP (PPTX)
• Beef (Chris Schmidt), Kevin Wall
  ESAPI 2.0 - Defense Against the Dark Arts (PPT)
• Jason Li
  OWASP Projects Portal Launch! (5-10 Minutes) (PPTX)
• Srini Penchikala
  Messaging Security using GlassFish 3.1 and Open Message Queue (PDF)
• Glenn Leifheit (moderator), Andreas Fuchsberger, Ajoy Kumar, Richard Tychansky, Alessandro Moretti
  Application Security Advisory Board SDLC Panel (PPTX)
• Michelle Moss, Nadya Bartol
  Why do developers make these dangerous software errors? (PPTX)
• Ryan Barnett
  OWASP CRS and AppSensor Project (Prezi [Flash])
• Alex Smolen
  Application Security and User Experience (PDF)
• Gunnar Peterson
  Mobile Web Services

Fuente: http://blog.segu-info.com.ar/

Author & Editor

Ingeniero, me gusta la cyberseguridad, la programación y el blockchain.