Here is a biased pick of some exciting talks at OWASP AppSec Research / EU
Keynote 22nd: Angela Sasse , Topic TBA
Keynote 23rd: Thomas Roessler @roessler Topic TBA
Closing Note: Dieter Gollmann Topic TBA
- David Ross @randomdross of Microsoft, inventor of anti-XSS filter in IE, will present why server side sanitization will never deliver the full 100% protection
- Stefano Di Paola @WisecWisec, well known as the DOM XSS guru, will showcase the reckless uses and unwitting misuses of JavaScript libs
- Taras Ivashchenko, Information Security Officer at Yandex — biggest search engine in Russia – talks about deployment experiences of CSP for millions of users
- Milton Smith @spoofzu , leader of the security program for Java platform products at Oracle, will divulge the future strategy of Java Security
- Jim Manico @manicode, Hawaiian resident on paper but missionary of web security in every spot of the earth, will release the “OWASP Top 10 Proactive Controls” at this conference, a major milestone enabling developers to get 90% right
- Yvan Boily @ygjb, Application Security Manager @ Mozilla, will talk about the new open source security testing platform Minion
- Simon Bennetts @psiinon, Security Automation Engineer @ Mozilla, is speaking about current and future innovations for the OWASP Zed Attack Proxy
- Nick Nikiforakis @nicknikiforakis from University of Leuven, will give us an in-depth insight about tracking and share privacy concerns
- Sascha, Marian and Matthew (Leibniz University Hanover) present borken SSL implementations in Android apps. A story which made it last year into Wall Street Journal. They’ll release their Mallodroid to the public at AppSec
- Dave Wichers (OWASP global board) will be presenting the new OWASP Top 10