RIO DE LA PLATA 2015

OWASP APPSEC

The Best Application Security Conference in Latin America
2nd-3rd December 2015
MONTEVIDEO - URUGUAY

1 Training
Training on December 1st!

2nd-3rd December
Conference Days!

26 speakers
The best specialists

300 seats
Maximun capacity

Overview

The AppSec Rio de la Plata 2015 Conference will be a reunion of Information Security Latin American leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 300-400 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.

Only qualified speakers and experts

The AppSec Rio de la Plata 2015 Conference will be a reunion of Information Security Latin American leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 300-400 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.

Awesome Training!

TRAINING : Jacobo Tibaquirá - "From 0 to Ninja with Metasploit"

from DragonJar will be teaching the workshop "From 0 to Ninja with Metasploit" Metasploit is the most widely used Framework for Information Security Experts around the world. Who do not master this tool is losing a great resource that is freely available to make our work as Ethical Hackers or pentesters. In this course "From 0 to Ninja with Metasploit" you can shorten the learning curve tool, thanks to the transmission of knowledge and experience of the teachers you'll make the best of Metasploit from a level 0 / Novice to Ninja / Advanced

Awesome Keynotes
Jacobo Tibaquirá (DragonJar) / Cristian Borghello (Segu-Info)

Attacking the Attackers In this talk, Jacobo Tibaquirá, from DragonJar, will show his results on countermeasures that can be used if a system administrator detects an attacker on his network. Jacobo Tibaquirá from DragonJar will be teaching the workshop "From 0 to Ninja with Metasploit" Metasploit is the most widely used Framework for Information Security Experts around the world

We all are Ashley Madison In this talk, Cristian Borghello will present 2 cases where code review and the security consultant role are so critical and important. Which is the security consultant role? How can we motivate the team and show them that secure programming is possible? How can we prevent the same errors once and again? Cristian Borghello has been involved in computer security for more than 15 years, working on vulnerability research, pentesting, source code review and development. He is the CEO of Segu-Info

OWASP Chapter Leaders Workshop

Many OWASP Chapter Leaders from Latam will be here!

Great researchers
will be showing trends!

Many OWASP Project Leaders will be presenting their work and research.

26

Speakers

The best experts will perform for you

16

Hours

The most productive days for software security

1

Training

"From 0 to Ninja on Metasploit" by Jacobo Tibaquirá

1

Auditorium

Torre de las Comunicaciones de Antel

Schedule

Flexible and comfortable event program

Schedule: 1st day (2nd December)

Registration

Mateo Martinez Mateo Martinez

"Welcome and Introduction to OWASP"

Welcome to participants, Thanks to our Sponsors, and Introduction to OWASP

Jacobo_Tibaquira Jacobo Tibaquira

"Attacking the Attackers"

In this talk,he will discuss the results of his investigation on countermeasures that can be used if a system administrator detects an attacker on his network.

Matias Katz Matias Katz

"Mercado Negro de Registros Médicos"

Great Talk about the black market of health information.

Coffee break

Gaston Toth Gaston Toth

"Webapp pentesting"

An OWASP chapter leader approach to the OWASP Top 10

Andres Gomez Andres Gomez

"Root the Enemy"

Some ways to get the root when the intrusion is successful

Lunch break

Cristian Borghello Cristian Borghello

"We are all Ashley Madison"

Cristian Borghello will present 2 cases where code review and the security consultant role are so critical and important. Which is the security consultant role?

Maria Jose Viega María José Viega

"¿Has cometido algún delito informático?"

Coffee break

Mauro Flores Mauro Flores

"Cloud Security"

Elvin Mollinedo Elvin Mollinedo

"Creating Fake GSM Radio Bases with BTS Attacks"

will be one of the more trendy and interesting talk about fake cells!.

Camilo Fernandez Camilo Fernandez

"Where is my money? Real crime stories"

Reynaldo de la Fuente Reynaldo de la Fuente

Information Security Survey 2015

Sheila Berta Sheila Ayelen Berta

Threat Not Found

Antivirus evasion techniques

Gustavo Sorondo Gustavo Sorondo

Mobile Apps and how to pentest them

Coffee break

Hector Quartino Hector Quartino

Javascript Static Code Analyzer

Diego Bruno Diego Bruno

El pasaje gratis de los desarrolladores, la seguridad en aplicaciones y otros cuentos cortos

La charla va a ser de tipo "Reflexiva" y la temática y eje central de la misma va a estar dada por la "Económetria" asociada a la seguridad informática y el desarrollo en aplicaciones.

Download pptx, 901 Kb

Lunch break

Javier Antunez Javier Antunez

SSL & TLS .. a long horror story

Cristian Amicelli Cristian Amicelli

NLTK Syntax Analysis

Pablo Alzuri Pablo Alzuri

Nuts & Bolts of Function Level Access Control with GeneXus

Diego Cotelo Diego Cotelo

XSS - from alert to pwnage

Coffee break

Ricardo Supo Ricardo Supo

"Hacking Windows Networks"

Edgar Salazar Edgar/Jorge Salazar

Vamonos Pest

Martin Tartarelli Martin Tartarelli

Continuous Security Testing

John Vargas John Vargas

"OWASP Top 10"

Speakers

Top experts will be presenting advanced software security topics

Cristian Borghello

Cristian Borghello (ARGENTINA)Segu-Info CEO

"We are all Ashley Madison"In this talk, he will be presenting 2 cases where code review and the security consultant role were so critical and important.

Jacobo Tibaquira

Jacobo Tibaquirá (COLOMBIA)DragonJar

"Attacking the Attackers"In this talk,he will discuss the results of his investigation on countermeasures that can be used if a system administrator detects an attacker on his network.

Ricardo Supo

Ricardo Supo (PERU)OWASP Peru Chapter Leader

"Hacking Windows Networks" is that easy when Ricardo is in place! Hacking techniques plus Domainator tool!

Mateo Martinez

Mateo Martinez (URUGUAY)OWASP Uruguay

"SQL Injection Deep Dive"Welcome to a Deep Dive on SQL Injection. A full tour across the most used SQL Injection Techniques.

Josué Rojas Silva

Josué Rojas Silva (PERU)amn3s1a

"Browser hijacking 4 fun n profit"Will present Hooking Techniques for Web Browser Control

María José Viega

María José Viega (URUGUAY)AGESIC

"¿Has cometido delitos informáticos?"

Sheila Berta

Sheila Ayelen Berta (ARGENTINA)semecayounexploit.com

"Threat Not Found"is a great presentation about how can be possible to evade Antivirus.

Gaston Toth

Gaston Toth (ARGENTINA)OWASP Patagonia Chapter Leader

"Webapp pentesting"

John Vargas

John Vargas (PERÚ)OWASP PERÚ Chapter Leader

OWASP Top 10

Elvin Mollinedo

Elvin Mollinedo (BOLIVIA)OWASP Bolivia Chapter Leader

"Creating Fake GSM Radio Bases with BTS Attacks"will be one of the more trendy and interesting talk about fake cells!.

Matiaz Katz

Matias Katz (ARGENTINA)MKIT

"Mercado Negro de Registros Médicos"¿Quien hizo un pentest en los ultimos 6 meses?

Cristian Amicelli

Cristian Amicelli (ARGENTINA)MKIT

"NLTK Syntax Analysis"Gathering material from social networks using techniques for extracting semantic information from natural language.

Martin Tartarelli

Martin Tartarelli (ARGENTINA)OWASP Argentina Chapter

"Web Apps Continuous Scanning"Research about Continuos Scanning

Diego Cotelo

Diego Cotelo (URUGUAY)

"XSS - from alert to pwnage"

Javier Antunez

Javier Antunez (ARGENTINA)Porto y Asociados

"SSL & TLS .. a long horror story"

Diego Bruno

Diego Bruno (ARGENTINA)Blackmantis Security

"El pasaje gratis de los desarrolladores, la seguridad en aplicaciones y otros cuentos cortos"

Pablo Alzuri

Pablo Alzuri (Uruguay)Genexus

"Nuts & Bolts of Function Level Access Control with GeneXus"

Mauricio Campiglia

Mauricio Campiglia (Uruguay)Krav Maga Hacking

"Threats to applications over hostile networks"
What if your application's traffic needs to traverse hostile networks? Is encryption enough when you have "usaurs" at the other end?

Gustavo Sorondo

Gustavo Sorondo (Argentina)CTO Cinta Infinita

"Mobile Apps and how to pentest them"

Reynaldo de la Fuente

Reynaldo de la Fuente (Uruguay)Datasec

"Information Security Survey 2015"

Edgar/Jorge Salazar

Edgar Salazar / Jorge Salazar (Venezuela)OWASP Venezuela / Pyxis

"Vamonos Pest"How to remove the disgusting bugs that hide in the code of Java Developers

Andres Gomez

Andrés Gomez (Uruguay)Nexa

"Root the Enemy"Some ways to get the root when the intrusion is successful

Camilo Fernandez

Camilo Fernandez (Guatemala)OWASP Guatemala

"Where is my money? Real crime stories"

Hector Quartino

Hector Quartino (Uruguay)NetSuite

"Javascript Static Code Analyzer"

Do you have a great paper to present in this conference? Call for Papers is open! - Click Here

Conference and Trainings Fees

Great discounts for students!

(Conference entrance: USD 75, Trainings + Conference: USD 275)

Conference Ticket
USD 220 / all days

Seat and free entry

individual OWASP Membership

Free Wi-Fi

Coffe Break

Certificate

Purchase now
Not OWASP Member
USD 400 / all days

Seat and free entry

Free Wi-Fi

Coffe Break

Certificate

Purchase now
1-Day Training
USD 400 / all days

Conference Seat and free entry

Free Wi-Fi

Coffe Break

Certificate

1-Day Training Access

Purchase now
Registration + 1 year OWASP Membership
USD 400 / all days

Seat and free entry

Free Wi-Fi

Coffe Break

Certificate

Purchase now

Sign up right now!

Welcome to the best Application Security Conference in Latam!

Partners and Sponsors

OWASP is maintained by the OWASP Foundation, established in the United States as an 501(c)(3) Not-For-Profit entity. The US based foundation manages the financial resources of the global organization as well as this event. Sponsorship contributions should be made through bank wire or credit card payment to our US Foundation. Sponsorships are listed in USD, but we are happy to provide a quote and invoice in another currency.

We are actively looking for sponsors for the 2015 edition of AppSec Rio de la Plata. If you are interested in sponsoring this event, please contact Kelly Santalucia

To find out more about the different sponsorship opportunities please check the following document:

OWASP AppSec Rio de la Plata Sponsorship Options – English

Capture the Flag (CTF)

There are 3 CTF running at the same time:

1) CTF Online: CTF OWASP APPSEC RIO DE LA PLATA 2015 #1: Thanks to Gaston Toth! (OWASP Patagonia)

2) CTF Online: CTF OWASP APPSEC RIO DE LA PLATA 2015 #2: Thanks to Matías Katz!

3) CTF in-situ: Thanks to NEXA!

Conference Volunteer Team

The OWASP AppSec Rio de la Plata 2015 Conference was made with an awesome volunteer task-force with people from OWASP Uruguay Chapter and OWASP Argentina Chapter including:

Mateo Martinez

Mauro Flores

Felipe Zipitria

Maximiliano Alonzo

Rodrigo Martinez

Guillermo Skrilec

Gerardo Canedo

Martin Tartarelli

Mario Garcia

Edgar Salazar

Pablo Alzuri

Mauricio Papaleo

Thank you guys for making this event possible! You rock!

Special Thanks to OWASP Staff

Operations Director: Kate Hartmann

Membership and Business Liaison: Kelly Santalucia

Owasp Executive Director: Paul Ritchie

Owasp Board Member: Fabio Cerullo

Graphics

Background Photo: Romina Campos

Licence: Creative Commons 2.0

Contacts

You can reach the conference team. Feel free to contact us:

info@appsecriodelaplata.org