OWASP Day 2

"The State of the Art of the Web Application Security and the OWASP guidelines in the Companies"

OWASP http://mastersecurity.uniroma1.it

Monday 31 March 2008

Centro Congressi
Università degli Studi di Roma “La Sapienza”
Via Salaria, 113
Rome 00198 Italy

The conference represents a day of Web App Sec debate for all the OWASP chapters in the world during the week from 31st March to 5th April.

We are proud to host for the second year the Italian Meeting in our Department.

OWASP Day 2 is an all day Conference.

Topics

  • The evolution of attacks and countermeasures for the security in the Web Application.
  • Case studies of how the Companies have adopted the OWASP Guidelines in their SDLC.

Organization and goals

  • The event will show several points of discussion: during the first phase we will talk from a higher level of the topic, and then we will discuss the problem from a technical point of view.
  • As conclusion of the day, we will organize a round table with international guests discussing the more interesting subjects come out during the event.
  • Conference goal is that to create a debate on which will be the evolution of the Web Application Security.

Entrance is FREE for all the subscribed persons.

Conference program and presentations

Welcome and opening of the works
Speaker: Prof. Luigi V. Mancini - Direttore del Master in Sicurezza, Università di Roma “La Sapienza”
Download the slides of this talk


Introduction to the OWASP Day II
Speaker: Matteo Meucci - OWASP-Italy Chair, CEO Minded Security
Download the slides of this talk


L'approccio di Telecom Italia allo sviluppo sicuro delle applicazioni
Speaker: Marco Bavazzano - CISO TELECOM Italia


SQL Injection tricks: building the bridge between the Web App and the Operating System
Speaker: Alberto Revelli - Portcullis Computer Security
Download the slides of this talk


Le problematiche di Web Application Security: la visione di ABI Lab
Speaker: Matteo Lucchetti - ABI Lab
Download the slides of this talk


OWASP Backend Security Project
Speaker: Carlo Pelliccioni - Spike Reply
Download the slides of this talk


Web Services and SOA Security
Speaker: Laurent Petroque - F5
Download the slides of this talk


How to start a software security initiative within your organization: a maturity based and metrics driven approach.
Speaker: Marco Morana - OWASP USA Chapter Lead, TISO Citigroup
Download the slides of this talk


Secure Programming with Static Analysis
Speaker: Jacob West - Head of Fortify Software's Security Research Group
Download the slides of this talk


The Owasp Orizon project: internals and hands on
Speaker: Paolo Perego - Spike Reply
Download the slides of this talk


Internet Banking and Web Security
Speaker: Giorgio Fedon - Minded Security
Download the slides of this talk


Round table: Quali sono le contromisure che le aziende stanno adottando ai nuovi possibili attacchi? Responsible disclosure: quale è il miglior approccio? Come si può implementare un ciclo di vita del software con processi di sicurezza garantendo un adeguato ROSI? La sensibilizzazione degli utenti: leva fondamentale al fine di implementare controlli di sicurezza?

Panelist:

  • Raoul Chiesa - CTO @ MediaService.net
  • Matteo Flora - Security Evangelist, Direttore OPSI
  • Marco Morana - OWASP USA Chapter Lead, TISO Citigroup
  • Stefano Di Paola - CTO Minded Security
  • Paolo Cravino - Senior IT Specialist Rational Software IBM Software Group.

Keynote:

  • Matteo Meucci - OWASP-Italy Chair, CEO Minded Security

Official Web Site: Italy OWASP day 2 at owasp.org

Gallery

Logo Dipartimento Informatica http://mastersecurity.uniroma1.it Logo Sapienza

Print/export