Great day yesterday.
Dinis’ keynote went off great, but he got rid of all my images and loaded it up like an essay. Might need to encourage the OWASP presentation template to only contain a limited number of words per page, and increase the visual appeal of the slide pack. We don’t read slides, we present them.
The panel I sat on after the keynote was amazing – Microsoft sent in a sacrificial victim in the form of Alex Lucas, and he did really well. The crowd was a bit restless, but honestly, I think they saw the light by the end. The funny thing was that Microsoft was arguing for more stringent safeguards than most of the panel members, but even more funny is that the panel members agreed with the SDL (for the most part). This got a laugh from the audience when it was brought up, but also demonstrates how far Microsoft has come over the last few years.
Alex had a proof galley of the forthcoming SDL book from Lipner and Howard. I considered mugging Alex and stealing the book – it is totally awesome! This book is what everyone needs, particularly if you don’t have a strong security process today.
I went to a bunch of presentations (including my own!), and learnt a lot. I was particularly freaked out by Amit Klein’s talk on HTTP Request / Response | Smuggling / Splitting and peripheral devices. Awesome research.
My slides for my Ajax presentation are here.
After the day finished, we had a chapter leads meeting, where we discussed what we want to do over the next twelve months. We prioritized, and I think it’s going to be great. I’ll blog more on this in the next few weeks.
Last but not least, we had a fabulous dinner at the Faculty club. Leuven is very confusing, and the trip to the Faculty club was via taxi, leaving me confused where I was located. But that’s okay, a fine meal, good wine, and excellent company left me warm and fuzzy. I trundled into a taxi near 11 pm (when it was just going dark!) and made my way back to my hotel, where I promptly fell asleep.