Hi, We would like to invite you to the European OWASP Application Security Conference! After successful OWASP Conferences in the United States (San Jose), Europe (Milan), Asia (Taiwan) and Australia (Queensland), we are back in Belgium: 5 tutorials and 2 conference tracks in the historic center of Ghent on May 19-22 2008! More details and registration on http://www.owasp.org/index.php/AppSecEU08 The conference is stuffed with top notch presentations from industry recognized speakers and technical experts on the latest application security risks and trends. Conference (May 21-22) Keynotes * The Great Information Security Scrap Yard Challenge (Mark Curphey) * Software Security: State of the Practice 2008 (Gary McGraw) Topics * The OWASP ESAPI project - Dave Wichers * Trends in Web Hacking Incidents: What's hot for 2008 - Ofer Shezaf * Evaluation Criteria for Web Application Firewalls - Ivan Ristic * HTML5 security - Thomas Roessler * The OWASP Orizon Project internals - Paolo Perego * Remo presentation (Input Validation) - Christian Folini * Best Practices Guide: Web Application Firewalls (OWASP German chapter) - Alexander Meisel * Google-Hacking and Google-Shielding - Amichai Shulman * NTLM Relay Attacks - Eric Rachner * PHPIDS Monitoring attack surface activity - Mario Heiderich * Security in Agile Development - Dave Wichers * Security framework is not in the code - Sam Reghenzi * Exploiting Online Games - Gary McGraw * SHIELDS: metrics, tools and Internet services to improve security in application developments - Domenico Rotondi * Graph Analysis for WebApps: From Nodes to Edges - Simon Roses Femerling * The OWASP Education Project - Martin Knobloch * Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking - Matias Madou * Threat Modeling for Application Designers & Architects - Shay Zalalichin * Scanstud: Evaluating static analysis tools - Martin Johns, * Office 2.0: Software as a Service, Security on the Sidelines? - John Heasman * How Data Privacy affects Applications and Databases - Dirk De Maeyer * The OWASP Anti-Samy project - Jason Li * Input validation: the Good, the Bad and the Ugly - Johan Peeters Refereed paper track * Refereed paper track keynote * Know Thyself! - Dieter Gollmann * Refereed paper track selections: * SWF and the Malware Tragedy - fukami and Ben Fuhrmannek * Building and Stopping Next Generation XSS Worms - Arshan Dabirsiaghi * Detecting Security Vulnerabilities in Web Applications Using Dynamic Analysis with Penetration Testing - Andrew Petukhov and Dmitry Kozlov * The Need for Fourth Generation Static Analysis Tools for Security: From Bugs to Flaws - Evgeny Lebanidze * Preventing SQL Injections in Online Applications: Study, Recommendations and Java Solution Prototype Based on the SQL DOM - Etienne Janot and Pavol Zavarsky * Watch What You Write: Preventing Cross-Site Scripting by Observing Program Output - Matias Madou, Edward Lee, Jacob West and Brian Chess New for AppSec Europe: there is an expo with technical vendor demos and a Capture the Flag event! Tutorials (May 19-20) * Building and Testing Secure Web Applications * Leading the Development of Secure Applications * Building Secure Rich Internet Applications * Web Services and XML Security * Open Source ModSecurity Training OWASP Dinner (May 21) At every conference we have an evening social event the first night. They are always fun and allow participants to have some unstructured time to mingle with the other attendees. This year's event will be a Flemish buffet with special Belgian beers at the Monasterium (near the conference location). Cocktail Party (May 20) In what is also becoming a tradition, there will be a cocktail party the night before the conference begins, sponsored by Breach Security. The free and open for all conference attendees event will be held at the Vintage Wine Bar at 6:30pm (near the conference location). We would appreciate it if you let us know if you are coming so we can be ready, please mail ofers@xxxxxxxxxx to confirm. The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks. More details and registration on http://www.owasp.org/index.php/AppSecEU08 Hope to see you all in May! Conference Committee OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org 2008 EU Planning Committee Chair: Sebastien Deleersnyder - Telindus - seba 'at' owasp.org Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' cigital.com Capture the Flag Chair: Pieter Danhieux - Ernst & Young - pieter.danhieux 'at' be.ey.com Refereed Papers Chair: Lieven Desmet - KU Leuven - Lieven.Desmet 'at' cs.kuleuven.ac.be
