This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Software Assurance Day DC 2009

Jump to: navigation, search

Welcome to the OWASP Software Assurance Day DC 2009.

This single-day conference will be held on March 13th in conjunction with the Software Assurance Forum (March 10th-12th) sponsored by the US Department of Homeland Security, Department of Defense and National Institute of Standards and Technology.

We are pleased to invite OWASP members, attendees of the Software Assurance Forum and any other interested parties to join us for this event.

At this event, you will hear presentations from key leaders in the web application security domain on:

  • the state of the union for the Open Web Application Security Project
  • the current status of several ongoing OWASP projects
  • recently released knowledge resources to assist web application security programs in establishing a standard for minimum due care
  • recipes for leveraging OWASP resources in security testing efforts
  • the emerging importance of application security in the wireless domain
  • a state-of-the-art approach to automating multi-perspective application security assessment

You will also find out how you can leverage OWASP resources and participate in OWASP activities through local chapters in the DC/NOVA/Maryland area.

The co-located Software Assurance Forum is also a free conference and open to any attendees of OWASP Software Assurance Day DC 2009, though it will require separate registration.

For information on registration for the Software Assurance Forum, please contact Jennifer Brezovic.

Conference Location

The OWASP Software Assurance Day DC 2009 will be held in conjunction with the DHS/DOD/NIST Software Assurance Forum at MITRE Building 1, 7525 Colshire Drive, McLean, VA 22102.

Please use the Conference Center entrance.

Agenda and Presentations: 13 March 2009

March 13, 2009
08:15-08:30 OWASP Software Assurance Day DC kickoff

Sean Barnum, Conference Chair

08:30-09:00 Intro to OWASP (slides)

Tom Brennan, WhiteHat Security

09:00-09:45 Maturing Software Assessment Through Static Analysis (slides)

John Steven, Cigital

09:50-10:35 Don’t Write Your Own Security Code: The OWASP Enterprise Security API (slides)

Jeff Williams, Aspect Security

10:35-10:50 Morning Break
10:50-11:35 Cooking with OWASP: Recipes in Web Security Testing (slides)

Paco Hope, Cigital

11:40-12:25 OWASP Application Security Verification Standard (ASVS) (slides)

Dave Wichers, Aspect Security

12:25-13:40 Lunch – MITRE Cafeteria
13:45-14:30 CWE/SANS Top 25: Towards Minimum Due Care in Software Security (slides)

Steve Christey, Mitre

14:35-15:20 The Future of Mobile: Developing Secure Mobile Applications (slides)

Jason Rouse, Cigital

15:25-15:40 Afternoon Break
15:40-16:25 OWASP Live CD: An open environment for Web Application Security (slides)

Matt Tesauro, Texas Education Agency

16:25-16:45 Conference Wrap Up and Opportunities to Contribute


Venue: MITRE Building 1, 7525 Colshire Drive, McLean, VA 22102

Please use the Conference Center entrance.


The conference has not negotiated any special rates for hotel accommodation but the following hotels are near the conference venue:

McLean Hilton 7920 Jones Branch Drive McLean, VA Tel: 1-703-448-1234


Westin Hotel 7801 Leesburg Pike Falls Church, VA Tel: 1-703-893-1340


Marriott 8028 Leesburg Pike Vienna, VA Tel: 1-703-734-3200


Embassy Suites 8517 Leesburg Pike Vienna, VA Tel: 1-703-883-0707


The Crowne Plaza Tysons Corner (formerly the Holiday Inn) 1960 Chain Bridge Rd McLean, VA Tel: 1-703-893-2100


Sheraton Premiere Tysons 8661 Leesburg Pike Vienna, VA Tel: 1-703-506-2500


Transportation to the Conference

By plane

The venue area can be reached by commercial aviation through either Dulles International Airport or Reagan National Airport.

Both are roughly equidistant from the venue and offer a range of airline and flight options.

How to get to the venue?

See the map.

Registration and Conference Fees

OWASP Software Assurance Day DC 2009 will be a free conference.

Despite the fact that this is a free conference, we still need you to register to fulfill security requirements of the facility and to ensure that we don't exceed venue capacity.

Conference Contacts

For more information please contact the team below for conference details, sponsorship or registration.

Mr Sean Barnum (Conference Chair) , Cigital Federal, Inc.

Email: [email protected]

Mobile: 703-473-8262

Kate Hartmann

OWASP Operations Director

9175 Guilford Road, Suite 300

Columbia, MD 21046, USA

Phone: +1-301-575-0189

Facsimile: +1-301-604-8033

Email: [email protected]

Conference Sponsors

Under negotiation.

If you are interested in sponsoring this OWASP conference, please contact Sean Barnum.