For my part, I attended a number of interesting sessions (especially the frighteningly entertaining talk by Francis Brown on using Google and Bing to hack (or protect) web properties). Due to scheduling challenges, I missed Andrew Wilson‘s talk on Reversing Web Applications, which I wanted to check out.
For my part, I offered a Birds-of-a-Feather session on Securing Applications in the Cloud (with examples drawn from Windows Azure Platform). In this session, I reviewed both pros and cons of cloud deployments from a security point of view, and attempted to make the case that, ultimately, either your applications will simply be safer in the cloud, or at least if you want them to be sufficiently safe, it will be more cost-effective to let the specialists at Microsoft (or some other trusted cloud vendor) handle much of the dirty work.
This session was interesting for me to put together and then go through with an intimate crowd (due, at least in part I suppose, to (me) changing the scheduled time slot after the conference schedule went to the printer… D’oh! … that combined with the seeming invisibility of the BoF sessions generally). Anyhow, it was still fun to discuss, and here is the slide deck I used: OWASP Boston – BoF – Securely Running Applications in Cloud (examples drawn from Windows Azure Platform) – Bill Wilder – 08-Oct-2011.