RSA Conference Brochure 2008 - (Page 25) crEativE hElp for building sEcurE applications thursday, april 10 8:00 a.m. – 8:50 a.m. DEV-301 friday, april 11 9:00 a.m. – 9:50 a.m. DEV-401 (T) Effective integration of Fuzzing into Development life Cycle Michael Eddington | Principal Security Consultant, Leviathan Security Group (S) Securing the New Web 2.0 Frontier Ronald Woerner | Security Engineering Consultant, Information Security, TD Ameritrade ThinkTech Fuzzing is a common technique used by security researchers for finding security bugs. Chances are, while you have heard of fuzzing, you have little idea how to effectively use it during the development life cycle. This session is targeted at giving you some best practices and a methodology for how you can integrate fuzzing into your development life cycle. 9:10 a.m. – 10:20 a.m. DEV-302 Web 2.0 was created over time by users who tired of techies not giving them what they wanted. Its web sites are used by people all over the world, including people in your organization. This session will talk about the new Web 2.0 Internet, its business and technical risks, and what you can do to ensure your organization, its data and its people are properly protected. Are you ready for Web 2.0? dEvEloping With sEcurity 10:05 a.m. – 10:55 a.m. DEV-402 (T2) SOA/XMl Threat Model and New SOA/Web 2.0 Attacks/Threats (T2) Bypassing Web Application Security Arian Evans | Director of Operations, WhiteHat Security Controls: Encoded and Transcoded Attacks Steve Orrin | Director of Security Solutions, Intel Corporation This session will discuss unique security challenges to organizations implementing XML-based systems, web services and Web 2.0 applications. Web services, SaaS and SOA provide significant benefits and efficiencies to organizations that implement them; however, they also introduce new risk structures not seen in other applications or technology solutions before. 10:40 a.m. – 11:50 a.m. DEV-303 Many web application security controls can be bypassed today with relative ease by properly encoding a traditional attack, or by utilizing newer, undocumented transcoding attacks. This presentation will discuss how these attacks work from creation to exploit dependencies and what software they target, as well as demonstrate how to resolve these issues through modern software design and coding practices. 11:10 a.m. – 12:00 p.m. DEV-403 (T2) Security is Testability: Product Transparency (T1) Advanced intel Architecture & Security on the Shoulders of Giants Accelerators: A Performance Study Matt Frazier | Client Experience Architect, Mandiant Jason Shiffer | Systems Architect, Mandiant Pranav Mehta | Sr. Principal Engineer and CTO for the Embedded & Communications Processor Division, Intel Corp. Randy Smerik | CEO, Tarari, Inc. Hear how real-world, hands-on software artisans adopted the credo “Testability is Security,” and leveraged open standards and platforms to field an enterprise security software product. See how it was built and discuss the technology tradeoffs that were made during the entire development life cycle, with the goal of building secure software. And no, they’re not going to sell you anything. This session will explore the intersection between computing platform architecture and the performance of AV, IDS and XML security applications. A suite of public domain reference benchmarks will be described and created to measure the impact of the platform architecture. The performance characteristics of the Intel architecture with enhanced support for add-on accelerators (RegEx, XML, crypto) will be examined in depth. Sessions and speakers are subject to change without notice. sEssion codE AUTH - 303 Track Code Timeslot Code Day Code WWW.rsaconfErEncE.coM/2008/us 25 http://WWW.RSACONFERENCE.COM/2008/US
Table of Contents Feed for the Digital Edition of RSA Conference Brochure 2008 Table of Contents Who Should Attend & Why Keynote Speakers Agenda At-A-Glance Session Classification Special Events & Activities Connect & Network Highlights 1-Day Pre-Conference Tutorials 2-Day Pre-Conference Tutorials Tracks & Sessions Authentication Consumer Protection Business Trends & Impact Case Studies Cryptographers Deployment Strategies Developing with Security Enterprise Defense Hackers & Threats 1 Hackers & Threats 2 Identity & Access Management Industry Experts Law & Liability Policy & Government Professional Development Security-Oriented Architecture Standards Wireless Sponsor Sessions List of Exhibitors Registration Information Sponsors RSA Conference Brochure 2008 RSA Conference Brochure 2008 - (Page Cover1) RSA Conference Brochure 2008 - Table of Contents (Page Cover2) RSA Conference Brochure 2008 - Who Should Attend & Why (Page 1) RSA Conference Brochure 2008 - Keynote Speakers (Page 2) RSA Conference Brochure 2008 - Keynote Speakers (Page 3) RSA Conference Brochure 2008 - Agenda At-A-Glance (Page 4) RSA Conference Brochure 2008 - Session Classification (Page 5) RSA Conference Brochure 2008 - Special Events & Activities (Page 6) RSA Conference Brochure 2008 - Special Events & Activities (Page 7) RSA Conference Brochure 2008 - Connect & Network (Page 8) RSA Conference Brochure 2008 - Highlights (Page 9) RSA Conference Brochure 2008 - 1-Day Pre-Conference Tutorials (Page 10) RSA Conference Brochure 2008 - 1-Day Pre-Conference Tutorials (Page 11) RSA Conference Brochure 2008 - 2-Day Pre-Conference Tutorials (Page 12) RSA Conference Brochure 2008 - 2-Day Pre-Conference Tutorials (Page 13) RSA Conference Brochure 2008 - Authentication (Page 14) RSA Conference Brochure 2008 - Consumer Protection (Page 15) RSA Conference Brochure 2008 - Business Trends & Impact (Page 16) RSA Conference Brochure 2008 - Business Trends & Impact (Page 17) RSA Conference Brochure 2008 - Case Studies (Page 18) RSA Conference Brochure 2008 - Case Studies (Page 19) RSA Conference Brochure 2008 - Cryptographers (Page 20) RSA Conference Brochure 2008 - Cryptographers (Page 21) RSA Conference Brochure 2008 - Deployment Strategies (Page 22) RSA Conference Brochure 2008 - Deployment Strategies (Page 23) RSA Conference Brochure 2008 - Developing with Security (Page 24) RSA Conference Brochure 2008 - Developing with Security (Page 25) RSA Conference Brochure 2008 - Enterprise Defense (Page 26) RSA Conference Brochure 2008 - Enterprise Defense (Page 27) RSA Conference Brochure 2008 - Hackers & Threats 1 (Page 28) RSA Conference Brochure 2008 - Hackers & Threats 1 (Page 29) RSA Conference Brochure 2008 - Hackers & Threats 2 (Page 30) RSA Conference Brochure 2008 - Hackers & Threats 2 (Page 31) RSA Conference Brochure 2008 - Identity & Access Management (Page 32) RSA Conference Brochure 2008 - Identity & Access Management (Page 33) RSA Conference Brochure 2008 - Industry Experts (Page 34) RSA Conference Brochure 2008 - Industry Experts (Page 35) RSA Conference Brochure 2008 - Law & Liability (Page 36) RSA Conference Brochure 2008 - Law & Liability (Page 37) RSA Conference Brochure 2008 - Policy & Government (Page 38) RSA Conference Brochure 2008 - Policy & Government (Page 39) RSA Conference Brochure 2008 - Professional Development (Page 40) RSA Conference Brochure 2008 - Security-Oriented Architecture (Page 41) RSA Conference Brochure 2008 - Standards (Page 42) RSA Conference Brochure 2008 - Wireless (Page 43) RSA Conference Brochure 2008 - Sponsor Sessions (Page 44) RSA Conference Brochure 2008 - Sponsor Sessions (Page 45) RSA Conference Brochure 2008 - List of Exhibitors (Page 46) RSA Conference Brochure 2008 - List of Exhibitors (Page 47) RSA Conference Brochure 2008 - Registration Information (Page 48) RSA Conference Brochure 2008 - Registration Information (Page Cover3) RSA Conference Brochure 2008 - Registration Information (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.