Accepted Presentations
The following submissions have so far been accepted for presentation at the owasp appsec research.
- Chris Eng, Data Mining a Mountain of Zero Day Vulnerabilities
- Tin Zaw, Cucumber and friends: techniques and tools for security that matters
- Colin Watson, Tricolour Alphanumerical Spaghetti
- Kachhadiya Rakeshkumar and Prof. Dr. Benoist Emmanuel, Development of Security Framework based on OWASP ESAPI for JSF2.0
- Stephen De Vries, BDD for Automating Web Application Testing
- Fred Donovan, Anticipating Surprise – Fundamentals of Intelligence Gathering
- Ofer Maor, I>S+D! – Integrated Application Security Testing (IAST), Beyond SAST/DAST
- Tony Ucedavelez, Real World Threat Modeling via the PASTA Methodology
- Justin Clarke, Teaching an Old Dog New Tricks Securing Development with PMD
- John Wilander, Advanced CSRF and Stateless Anti-CSRF
- David Byrne and Charles Henderson, Screw You and the Script You Rode in On
- Dan Cornell, Benchmarking Web Application Scanners for YOUR Organization
- Ashar Javed, CSP AiDer: An Automated Recommendation of Content Security Policy for Web Applications
- Ofer Shezaf, Can Correlations Secure Web Application?
- Ioannis Kakavas, The “cree.py” side of geolocation. Weaponizing your checkins
- Jerry Hoff, AppSec Training, Securing the SDLC, WebGoat.NET and the Meaning of Life
- Jim Manico, OWASP Top Ten Defensive Techniques
- Tsvika Klein, CISO’s Guide to Securing SharePoint
- Dave Wichers, Unraveling some of the Mysteries around DOMbased XSS
- Uri Fleyder, The Invisible Threat – MitB (Man in the Browser)
- Koechlin Thibault Naxsi, an open source WAF for NGINX
- Adrian Winckles and Ibrahim Jeries, Achieving Sustainable Delivery of Web Application Security Virtual Laboratory Resources for Distance Learning
- Paco Hope, Playing chess while wearing oven mitts: securing the lifecycle when it’s not your own
- Dinis Cruz, Making Security Invisible by Becoming the Developer’s Best Friends
- Matias Madou, Breaking is easy, preventing is hard
- Tom Brennan, 2012 Global Security Report
- Breno Pinto and Luiz Eduardo Santos, Using HASH-based message authentication code protocol to reduce web application attack surface
Please note that
This list is not final and will be constantly updated!!!
