This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Front Range OWASP Conference 2012

Jump to: navigation, search

2012 Presentations

OWASP Passfault
PCI vs Risk Management
What the Cyber Criminals are Doing on Your Website Right Now
Securing Data from the Web Tier
A Scalable Secure Development Program
State of Web Security: Monitored Attacks


Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference! Click here if you're looking for SnowFROC 2013

After successful FROC's in June of 2008, March of 2009, and 2010 we are back in Denver, Colorado USA on Thursday the 22nd of March!

This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. ALSO, on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives!

In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012.


Registration for SnowFROC is now open!

$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!

Click HERE to register now for SnowFROC!

Agenda and Presentations: 22 March 2012

The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.

March 22nd, 2012
07:45-08:30 Registration and Continental Breakfast in the Adirondack Room
08:30-08:45 Welcome to SnowFROC 2012 Conference

OWASP Denver and OWASP Boulder Chapter Leaders


State of OWASP

Matt Tesauro

09:10-10:10 Keynote: Point in Time Security

John Pirc, Co-Author of "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"

10:10-10:30 Break - Expo
Tech Track - Zenith Room 640 Management Track - Senate Chamber
10:30-11:15 OWASP Passfault

Cameron Morris

Managing IT Risk in a Cloud Environment

Karl Steinkamp

11:15-12:00 State of Web Security: Monitored Attacks

Robert Rowley

PCI vs Risk Management

Doug Landoll

12:00-13:00 Lunch - Expo
13:00-13:50 WebGoat.NET

Jerry Hoff

Securing Data from the Web Tier

Mike Fleck

13:50-14:40 Gray, the new black: Gray box vulnerability testing

Adam Hills

What the Cyber Criminals are Doing on Your Website Right Now.


14:40-15:00 BREAK
15:00-15:50 "The Mobile Top 10"

Mike Zussman

A Scalable Secure Development Program

Rajiv Sharma

15:50-16:30 End of Conference Panel Discussion:

Topic: The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?

Moderator: Andy Lewis Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others

16:30-17:30 Wrap up, vendor raffles!


Denver mountains.JPG

This year, the conference will again be held at University of Colorado, Denver at the Tivoli Student Union (900 Auraria Pkwy # 325E Denver, CO 80204).


OWASP is in the process of negotiating discounted rates with the uber-pimpin Hotel Teatro. Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC.

To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the link here.

How to get to the venue?
  • By taxi: taxi from the airport to venue is about $50 USD
  • From hotel: transport from the conference hotel (Hotel Teatro) by limo is free
  • By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants.

Call for Presentations

The call for presentations closed February 23rd. If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.

Conference Committee

FROC 2012 Planning Committee Chair: Kathy Thaxton - kthaxton at hosting dot com

Presentation Selection Committee:

  • Steve Kosten
  • Denver OWASP Board

Colorado Chapter Hosts:

  • Andy Lewis - OWASP Denver - alewis at owasp dot org
  • Mark Major - OWASP Boulder - mark dot major at owasp dot org
  • Might have a CO Springs chapter in time for SnowFROC; stay tuned...

Vendor Exhibition POC: Kathy Thaxton - kthaxton at hosting dot com


If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kthaxton at hosting dot com.

We are proud to have the following sponsors for this year's conference: