Open Source Security Showcase is taking place in parallel .
| Thursday, August 22, 2013 | Friday, August 23 , 2013 | |||
| Start – End | “Freiraum” | “Großer Saal” |
“Aussichtsreich” HackPra Track |
|
| 09:00 | 09:15 | Welcome Note and a manual to this conference (Dirk Wetter, Chair) in “Grosser Saal” | ||
| 09:15 | 10:00 | Keynote in “Großer Saal” Angela Sasse: Busting The Myth of Dancing Pigs: Angela’s Top 10 list of reasons why users bypass security measures   |
||
| 10:00 | 10:30 | OWASP Global Board: OWASP Introduction |
||
| 10:30 | ||||
| 11:00 | Coffee Break | Keynote Jörg Schwenk: Cryptography in Web Security: Stupid, Broken, and maybe Working? 10:45-11:00 |
||
| 11:00 | 11:45 | Henning Perl, Sascha Fahl, Michael Brenner and Matthew Smith [R] A Qualitative Comparison of SSL Validation Alternatives | Amir Alsbih: Experience made in Technical Due Diligence | Michele Orru’: Rooting your internals: Inter-Protocol Exploitation, custom shellcode and BeEF |
| 11:50 | 12:35 | Thomas Herlea, Nelis Boucké, Johan Peeters: Recipes for enabling HTTPS | Tobias Gondrom: OWASP – CISO Guide and CISO report 2013 for managers | Paul Stone: Precision Timing – Attacking browser privacy with SVG and CSS |
| 12:35 | 13:50 | Lunch Break | ||
| 13:50 | 14:35 | Tal Be’Ery: A perfect CRIME? Only time wil tell | Chris Eng, Ryan O’Boyle: From the Trenches: Real-World Agile SDLC | Nicolas Grégoire: Burp Pro: Real-life tips and tricks |
| 14:40 | 15:25 | Sascha Fahl, Marian Harbach and Matthew Smith: MalloDroid, Hunting Down Broken SSL in Android Apps | Jim Manico: OWASP Top 10 Proactive Controls | Roberto Suggi Liverani: Augmented Reality in your Web Proxy |
| 15:25 | 15:55 | Coffee Break | ||
| 15:55 | 16:40 | Marco Balduzzi, Vincenzo Ciangaglini and Robert McArdle: [R] HTTP(S)-Based Clustering for Assisted Cybercrime Investigations | Taras Ivashchenko: Content Security Policy – the panacea for XSS or placebo? | Erlend Oftedal: RESTful security |
| 16:45 | 17:30 | Philippe De Ryck, Lieven Desmet, Frank Piessens and Wouter Joosen [R] Improving the Security of Session Management in Web Applications | Florian Stahl and Johannes Stroeher: Security Testing Guidelines for mobile Apps | Eduardo Vela: Matryoshka |
| 17:35 | 18:20 | Bastian Braun, Christian V. Pollak and Joachim Posegga: A Doorman for Your Home – Control-Flow Integrity Means in Web Frameworks | Ben Stock: Eradicating DNS Rebinding with the Extended Same-Origin Policy |
Mario Heiderich: The innerHTML Apocalypse – How mXSS attacks change everything we believed to know so far |
| 19:00 | 00:30 | Conference Dinner at Can San Diego |
||
Details and Abstracts at sched.org.
First video icon represents 360p resolution, second 720p.