OWASP Taiwan Day 2017

2017.07.11

講師介紹 SPEAKERS


07/11 OWASP Taiwan Day 2017

講師介紹

Ade Yoseman Putra

OWASP Indonesia Chapter

Ade Yoseman Putra was an information security addict. Researcher & also a Co-founder of Security Just Illusion(non-profit organization information security). He has more than 5 years’ experience in information security, experience in cert (computer emergency response team) as malware analysis. Besides that, he has experience as security consultant in Kuala Lumpur Malaysia (2014) finalist / 3rd Team Winner for Cyberlympics Asia-Australia (2012) www.cyberlympics.org. He has trainer in OWASP KL DAY 2016, University Kuala Lumpur Malaysia. He is OWASP Indonesia (Jakarta) Chapter Leader . Information Security Trainer in Kuala Lumpur, Malaysia and Indonesia. he has speaker at arsenal, blackhat asia singapore 2017.

https://www.owasp.org/index.php/Ade_Yoseman_Putra


--

OWASP Risk Rating Management Project

There are many methodologies that can be used for security assessments, particularly website security assessments. OWASP already has a methodology for website security assessments, called the “OWASP Risk Rating Methodology”. OWASP also provides an Excel template to calculate the risk score. But some users do not know how to assess their own websites. Some users may have difficulty understanding a methodology, or they do not understand the threat agent factor, the skill level or vulnerability factor, or ease of exploit. Another problem occurs when an owner must assess many websites; they must create multiple copies of the OWASP Risk score template, increasing the likelihood of losing the file or data in the process. The OWASP Risk Rating Management Project will help owners/developers to avoid these problems when they implement a website security assessment. Even if they have many websites to assess, the Risk Rating Management Project can handle and record the risk score into its database, allowing the owner to assess and manage each website more easily. The owner can also use this methodology in different contexts, for example in a penetration testing project, or a security assessment. http://owaspsummit.org/Working-Sessions/Owasp-Projects/Risk-Rating-Management.html


Jack Yu 余俊賢

互聯安睿資通

互聯安睿資通、承弘國際、阿碼科技、資安人雜誌主編


授課課程

● 華梵大學(檔案破解與鑑識、資料庫安全、滲透測試與封包解析、網路攻擊防禦、資安事件處理)業界講師

● 中國科大(行動App安全檢測)


研討會演講

● 2016 金融研訓院:資安資訊分享與分析中心 (ISAC)運作後之認知與挑戰

● 2016 軟體品質與安全測試研討會

● CSA 2015 研討會

● TWNIC 2013 研討會

● 第一屆、第二屆OWASP亞洲官方年會(OWASP AppSec Asia)

● 亞洲前瞻技術年會 SyScan'09 Taiwan


--

OWASP IoT Security發展現況

1. OWASP IoT Top 10

2. How to use IoT Testing Guide


胡辰澔

OWASP / 台灣分會研發長

胡辰澔先生,在資安界深耕超過20年,擅長於資料與惡意程式的稽核、分析與鑑識,為國內少數同時擁有資安背景及大數據領域的技術經理人。


其經歷豐富,涵跨國內大小金融、企業 SOC 建置、資料庫稽核系統、Hadoop 建置及規劃,現在更致力於資安及其他異量資料視覺化服務。胡辰澔先生現為安創資訊技術長、雲端安全聯盟台灣分會理事以及 OWASP 台灣分會研發長。


--

OWASP發展趨勢與未來


曾國韋 Wayne

果核數位 / 資安顧問

果核數位資安顧問,學生時期為國內資安社團NISRA成員,曾獲得2010資安技能競賽金盾獎第七名、2012資安技能競賽金盾獎四名。


--

以實際案例分析Web API設計常犯的錯誤

在網站前後端分離架構、APP盛行的現在,若產品所有前端共用API是節省成本也相對開發迅速的架構,但如果前後端於開發階段溝通不良,API設計架構不良的情況下,會產生什麼樣的結果呢?本議程將會快速探討目前實務上API遇到的種種問題。


Location

集思台大會議中心

GIS NTU Convention Center

/ 台北市106大安區羅斯福路四段85號B1


交通資訊

主辦單位

Top