Presentaciones de la Conferencia OWASP AppSec 2009

Ya están disponibles las presentaciones de la conferencia anual Europea de seguridad en aplicaciones de OWASP, celebrada los pasados 13 y 14 de Mayo en Polonia.

Os dejo los enlaces:

- Welcome to OWASP AppSec 2009 Conference (PPT)

- Web App Security – The Good, the Bad and the Ugly (PPT)

- OWASP State of the Union (PPT)

- OWASP Live CD: An open environment for Web Application Security (PPT)

- Leveraging agile to gain better security (PPT)

- The OWASP Orizon project: new static analysis in HiFi (PPT)

- OWASP Application Security Verification Standard (ASVS) Project (PPT)

- Tracking the effectiveness of an SDL program: lessons from the gym (PPT)

- The Bank in the Browser - Defending web infrastructures from banking malware (PDF)

- Threat Modeling (PPT)

- Web Application Harvesting (PPT)

- Maturing Beyond Application Security Puberty (PPT)

- Exploiting Web 2.0 – Next Generation Vulnerabilities (PDF)

- The Truth about Web Application Firewalls: What the vendors do not want you to know (PPT)

- The Software Assurance Maturity Model (SAMM) (PPT)

- Advanced SQL injection exploitation to operating system full control (PDF)

- When Security Isn’t Free: The Myth of Open Source Security (PPT)

- OWASP Projects (PPT)

- Beyond security principles approximation in software architectures (PPT)

- OWASP Enterprise Security API (ESAPI) Project (PPT)

- w3af, A framework to 0wn the web (PPT|Video)

- OWASP ROI: Optimize Security Spending using OWASP (PPT)

- CSRF: the nightmare becomes reality? (PPT)

- I thought you were my friend Evil Markup, browser issues and other obscurities (PDF / PPT)

- HTTP Parameter Pollution (PDF)

- OWASP Source Code Flaws Top 10 Project (PPT)

- Business Logic Attacks: Bots and Bats (PPT)

- Factoring malware and organized crime in to Web application security (PDF1-PDF2 )

- Real Time Defenses against Application Worms and Malicious Attackers (PPT)

- Can an accessible web application be secure? Assessment issues for security testers, developers

and auditors (PPT)

Web del evento

Extraído de