OWASP IBWAS'10, the 2nd. OWASP Ibero-American Web Application Security conference will be held in Lisbon (Portugal), on the 16th and 17th December 2010 (16th.  will be the Training Day that requires a separate registration).

The conference will take place at the ISCTE - Lisbon University Institute. The location details can be found here.

This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.

In addition to the technical issues of the conference programme, our website provides you with tourist information on the city of Lisbon, unique for its cultural and historical richness, lovely surroundings and other nice places to visit around the city.

Conference Topics

The following topics will be covered by the conference:

• Secure application development
• Security of service oriented architectures
• Security of development frameworks
• Threat modelling of web applications
• Cloud computing security
• Web applications vulnerabilities and analysis (code review, pen-test, static analysis etc.)
• Metrics for application security
• Countermeasures for web application vulnerabilities
• Secure coding techniques
• Platform or language security features that help secure web applications
• Secure database usage in web applications
• Access control in web applications
• Web services security
• Browser security
• Privacy in web applications
• Standards, certifications and security evaluation criteria for web applications
• Application security awareness and education
• Security for the mobile web
• Attacks and Vulnerability Exploitation