| Time |
Track 1 |
Track 2 |
Track 3 |
|
| 8:00-8:45 am |
Registration and Continental Breakfast |
| 8:45-9:00 |
Introduction, TBA |
| 9:00-9:45 |
Keynote: Building a Cost-Effective Application Security Capability, John Viega |
| 9:45-10:00 |
Coffee Break |
|
| |
Programming and Scripting Security |
SDLC, Management & Development Process |
Attacking Secure Applications |
| 10:00-11:10 |
RESURRECTING THE DEAD: Integrating and Securing Legacy COBOL Applications, James Foster |
COTS vs. In-house: To build or not to build!, Willie Gonzalez |
Emerging Web 2.0 Application Security Trends, Jon Rose |
| 11:20-12:30 |
Top 10 Mistakes When Implementing an SDL, Vincent Liu |
Models for Security Testing in the Software Development Lifecycle, Ryan Berg |
Fuzzing the Corporate World, Gadi Evron |
| 12:30-1:30 |
Lunch: Ballroom |
| 1:30-2:40 |
Using Open Source Frameworks to Create Secure J2EE Applications, Rohit Sethi & Nish Bhalla |
Offshoring Development: Financial Dream or Security Nightmare? Rohyt Belani |
Deeper Injections: Command Injection Attacks Beyond SQL, Bryan Sullivan |
| 2:50-4:00 |
|
Meeting Regulatory Requirements through Proper System Development, Rex Booth |
New Types of Attacks and Vulnerabilities in the Public Record, Steven Christey |
| 4:00-4:15 |
Coffee Break and Book Signing! |
| 4:15-5:30 |
|
Beyond the Coding Errors - The Complete View of Software Security, Jack Danahy |
|
| 6:00-7:30 |
Sponsored Happy Hour |
| 8:00-Midnight |
VIP Party TBD |
| Time |
Track 1 |
Track 2 |
Track 3 |
|
| 8:00-8:30 am |
Registration and Continental Breakfast |
| 8:30-9:15 am |
Keynote: Software Security: Building Security In, Gary McGraw |
|
| |
Programming and Scripting Security |
Secure Software Tips & Tricks |
Enterprise Application Defense |
| 9:15-10:05 |
Secure Development with ASP.NET AJAX, Bryan Sullivan |
The Self-Defeating Network: Applications, Richard Bejtlich |
Can Secure Programming Skills Be Measured? Alan Paller |
| 10:05-10:50 |
|
|
Practical Threat Modeling, Jeff Williams |
| 10:50-11:00 |
Coffee Break |
| 11:00-12:00 |
|
Secure Development of Web Applications Using PHP, Sebastien Diebler |
SCIT Architecture to Enhance Security by Reducing Exposure Time, Arun Sood |
| 12:00-12:15 |
Secure Development World: Comedy Standup! |
| 12:15-1:30 |
Lunch: Ballroom |
| 1:30-2:40 |
|
Essential Custom Rules for Any Organization's Adoption of a Static Analysis Tool, John Steven |
Key Tools and Techniques for Building Secure Applications, Dave Wichers |
| 2:50-4:00 |
Secure Coding in C and C++: Integral Security, Robert Seacord |
|
Certifying Applications for Known Software Security Weaknesses, Robert Martin |
| 4:00-4:15 |
Coffee Break, Book Signing #2 |
| 4:15-5:30 |
|
|
|
| 5:30-5:45 |
Conference Wrap, TBA |
