Schedule – Friday

Open Source Security Showcase is taking place during the morning in parallel.

Friday, August 23 , 2013 Thursday, August 22 , 2013
Start – End “Freiraum”
“Großer Saal”
“Aussichtsreich”
 09:15 10:00 Keynote in “Großer Saal” Thomas Roessler: Secure all the things: fiction from the Web’s immediate future
10:00 10:25 Coffee Break
10:25 11:10 Nick Nikiforakis:
Web Fingerprinting: How, Who, and Why?
Erlend Oftedal: Securing a modern JavaScript based single page web application Fred Donovan: Q-Box and H-Box: Raspberry PI for the Infrastructure and Hacker
11:15 12:00 Milton Smith: Making the Future Secure with Java David Ross: Insane in the IFRAME – The case for client-side HTML sanitization Yvan Boily: Minion: Making Security Tools accessible for Developers
12:05 12:50 Dave Wichers: OWASP Top 10 – 2013 Stefano Di Paola: JavaScript libraries (in)security: A showcase of reckless uses and unwitting misuses Simon Bennetts: OWASP ZAP Innovations
12:50 14:05 Lunch Break
14:05 14:35 Achim Hoffmann, Ofer Shezaf: WAFECv2 – content and history of an unbiased project challenge Sebastian Lekies, Ben Stock: Clickjacking Protection Under Non-trivial Circumstances Dan Cornell: Do You Have a Scanner or a Scanning Program?
14:40 15:10 Reto Ischi: An Alternative Approach for Real-Life SQLi Detection Frederik Braun: Origin Policy Enforcement in Modern Browsers Abraham Aranguren: Introducing OWASP OWTF 5×5
15:15 15:45 Colin Watson: OWASP AppSensor – In Theory, In Practice and In Print Krzysztof Kotowicz: I’m in ur browser, pwning your stuff – Attacking (with) Google Chrome extensions Kostas Papapanagiotou, Spyros Gasteratos: OWASP Hackademic: a practical environment for teaching application security
15:50 16:20 Sahba Kazerooni: New OWASP ASVS 2013 Lieven Desmet, Nick Nikiforakis, Steven Van Acker: [R] Sandboxing JavaScript Luca Viganò, Luca Compagna: [R] The SPaCIoS Tool: property-driven and vulnerability-driven security testing for Web-based application scenarios
16:20 16:45 Coffee Break
16:45 17:30 Closing Note in “Aussichtsreich” Dieter Gollmann: Access Control of the Web – The Web of Access Control
17:30 17:45 Closing Ceremony (“Aussichtsreich”)

Details and Abstracts at sched.org.
First video icon represents 360p resolution, second 720p.