This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Software Assurance Day DC 2009"
(Initial page creation) |
KateHartmann (talk | contribs) |
||
(12 intermediate revisions by 4 users not shown) | |||
Line 18: | Line 18: | ||
The co-located Software Assurance Forum is also a free conference and open to any attendees of OWASP Software Assurance Day DC 2009, though it will require separate registration. | The co-located Software Assurance Forum is also a free conference and open to any attendees of OWASP Software Assurance Day DC 2009, though it will require separate registration. | ||
− | |||
For information on registration for the Software Assurance Forum, please contact [mailto:[email protected] Jennifer Brezovic]. | For information on registration for the Software Assurance Forum, please contact [mailto:[email protected] Jennifer Brezovic]. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
Line 39: | Line 33: | ||
! colspan="3" align="center" style="background:#4058A0; color:white" | March 13, 2009 | ! colspan="3" align="center" style="background:#4058A0; color:white" | March 13, 2009 | ||
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 08:15-08: | + | | style="width:10%; background:#7B8ABD" | 08:15-08:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''OWASP Software Assurance Day DC kickoff''' |
''Sean Barnum, Conference Chair'' | ''Sean Barnum, Conference Chair'' | ||
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 08:30-09:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''Intro to OWASP''' | + | | style="width:10%; background:#7B8ABD" | 08:30-09:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''Intro to OWASP''' [[Media:Brennan_-_OWASP_SwA_Day_DC_2009_-_OWASP_Intro_and_Overview.pdf| (slides)]] |
− | ''Tom Brennan'' | + | ''Tom Brennan, WhiteHat Security'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 09:00-09:45 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | | + | | style="width:10%; background:#7B8ABD" | 09:00-09:45 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[Maturing Software Assessment Through Static Analysis]][[Media:Maturing_Assessment_through_SA.ppt| (slides)]] |
− | '' | + | ''John Steven, Cigital'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 09:50-10:35 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | | + | | style="width:10%; background:#7B8ABD" | 09:50-10:35 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[Don’t Write Your Own Security Code: The OWASP Enterprise Security API]] ([http://www.owasp.org/images/f/f2/ESAPI_for_OWASP_Day.pptx slides]) |
''Jeff Williams, Aspect Security'' | ''Jeff Williams, Aspect Security'' | ||
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 10: | + | | style="width:10%; background:#7B8ABD" | 10:35-10:50 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Morning Break''' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 10:50-11:35 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[Cooking with OWASP: Recipes in Web Security Testing]][[Media:CookingWithOWASP-opt.pdf| (slides)]] |
− | '' | + | ''Paco Hope, Cigital'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 11:40-12:25 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP Application Security Verification Standard (ASVS)]][[Media:Wichers_-_About_OWASP_ASVS_Web_Edition_v2.pdf| (slides)]] |
− | '' | + | ''Dave Wichers, Aspect Security'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 12: | + | | style="width:10%; background:#7B8ABD" | 12:25-13:40 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Lunch – MITRE Cafeteria''' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 13:45-14:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[CWE/SANS Top 25: Towards Minimum Due Care in Software Security]][[Media:CWE_Top_25_Minimum_Due_Care.pdf| (slides)]] |
− | '' | + | ''Steve Christey, Mitre'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 14:35-15:20 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[The Future of Mobile: Developing Secure Mobile Applications]][[Media:Rouse_-_Securing_Mobile_Applications_(size_reduced).pdf| (slides)]] |
− | '' | + | ''Jason Rouse, Cigital'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 15:25-15:40 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Afternoon Break''' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | | + | | style="width:10%; background:#7B8ABD" | 15:40-16:25 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP Live CD: An open environment for Web Application Security]][[Media:OWASP_Live_CD.pdf| (slides)]] |
− | '' | + | ''Matt Tesauro, Texas Education Agency'' |
|- | |- | ||
− | | style="width:10%; background:#7B8ABD" | 16: | + | | style="width:10%; background:#7B8ABD" | 16:25-16:45 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | '''Conference Wrap Up and Opportunities to Contribute''' |
|} | |} | ||
− | |||
==Logistics== | ==Logistics== | ||
Line 138: | Line 131: | ||
Website: | Website: | ||
[http://www.starwoodhotels.com/sheraton/property/overview/index.html?propertyID=691 http://www.starwoodhotels.com/sheraton/property/overview/index.html?propertyID=691] | [http://www.starwoodhotels.com/sheraton/property/overview/index.html?propertyID=691 http://www.starwoodhotels.com/sheraton/property/overview/index.html?propertyID=691] | ||
+ | |||
==Transportation to the Conference== | ==Transportation to the Conference== | ||
Line 154: | Line 148: | ||
Despite the fact that this is a free conference, we still need you to register to fulfill security requirements of the facility and to ensure that we don't exceed venue capacity. | Despite the fact that this is a free conference, we still need you to register to fulfill security requirements of the facility and to ensure that we don't exceed venue capacity. | ||
− | |||
==Conference Contacts== | ==Conference Contacts== | ||
Line 161: | Line 154: | ||
− | Mr Sean Barnum (Conference Chair) , Cigital Federal, Inc. | + | '''Mr Sean Barnum (Conference Chair)''' , Cigital Federal, Inc. |
− | Email: [email protected] | + | Email: [mailto:[email protected] [email protected]] |
Mobile: 703-473-8262 | Mobile: 703-473-8262 | ||
− | Kate Hartmann | + | '''Kate Hartmann''' |
OWASP Operations Director | OWASP Operations Director | ||
Line 180: | Line 173: | ||
Facsimile: +1-301-604-8033 | Facsimile: +1-301-604-8033 | ||
− | Email: [email protected] | + | Email: [mailto:[email protected] [email protected]] |
+ | |||
==Conference Sponsors== | ==Conference Sponsors== |
Latest revision as of 18:32, 25 March 2009
Welcome to the OWASP Software Assurance Day DC 2009.
This single-day conference will be held on March 13th in conjunction with the Software Assurance Forum (March 10th-12th) sponsored by the US Department of Homeland Security, Department of Defense and National Institute of Standards and Technology.
We are pleased to invite OWASP members, attendees of the Software Assurance Forum and any other interested parties to join us for this event.
At this event, you will hear presentations from key leaders in the web application security domain on:
- the state of the union for the Open Web Application Security Project
- the current status of several ongoing OWASP projects
- recently released knowledge resources to assist web application security programs in establishing a standard for minimum due care
- recipes for leveraging OWASP resources in security testing efforts
- the emerging importance of application security in the wireless domain
- a state-of-the-art approach to automating multi-perspective application security assessment
You will also find out how you can leverage OWASP resources and participate in OWASP activities through local chapters in the DC/NOVA/Maryland area.
The co-located Software Assurance Forum is also a free conference and open to any attendees of OWASP Software Assurance Day DC 2009, though it will require separate registration.
For information on registration for the Software Assurance Forum, please contact Jennifer Brezovic.
Conference Location
The OWASP Software Assurance Day DC 2009 will be held in conjunction with the DHS/DOD/NIST Software Assurance Forum at MITRE Building 1, 7525 Colshire Drive, McLean, VA 22102.
Please use the Conference Center entrance.
Agenda and Presentations: 13 March 2009
March 13, 2009 | ||
---|---|---|
08:15-08:30 | OWASP Software Assurance Day DC kickoff
Sean Barnum, Conference Chair | |
08:30-09:00 | Intro to OWASP (slides)
Tom Brennan, WhiteHat Security | |
09:00-09:45 | Maturing Software Assessment Through Static Analysis (slides)
John Steven, Cigital | |
09:50-10:35 | Don’t Write Your Own Security Code: The OWASP Enterprise Security API (slides)
Jeff Williams, Aspect Security | |
10:35-10:50 | Morning Break | |
10:50-11:35 | Cooking with OWASP: Recipes in Web Security Testing (slides)
Paco Hope, Cigital | |
11:40-12:25 | OWASP Application Security Verification Standard (ASVS) (slides)
Dave Wichers, Aspect Security | |
12:25-13:40 | Lunch – MITRE Cafeteria | |
13:45-14:30 | CWE/SANS Top 25: Towards Minimum Due Care in Software Security (slides)
Steve Christey, Mitre | |
14:35-15:20 | The Future of Mobile: Developing Secure Mobile Applications (slides)
Jason Rouse, Cigital | |
15:25-15:40 | Afternoon Break | |
15:40-16:25 | OWASP Live CD: An open environment for Web Application Security (slides)
Matt Tesauro, Texas Education Agency | |
16:25-16:45 | Conference Wrap Up and Opportunities to Contribute |
Logistics
Venue: MITRE Building 1, 7525 Colshire Drive, McLean, VA 22102
Please use the Conference Center entrance.
Accommodations
The conference has not negotiated any special rates for hotel accommodation but the following hotels are near the conference venue:
McLean Hilton
7920 Jones Branch Drive
McLean, VA
Tel: 1-703-448-1234
Website: http://www1.hilton.com/en_US/hi/hotel/MCLMHHH-Hilton-McLean-Tysons-Corner-Virginia/index.do
Westin Hotel
7801 Leesburg Pike
Falls Church, VA
Tel: 1-703-893-1340
Website: http://www.starwoodhotels.com/westin/property/overview/index.html?propertyID=1750
Marriott
8028 Leesburg Pike
Vienna, VA
Tel: 1-703-734-3200
Website: http://www.marriott.com/hotels/travel/wastc-tysons-corner-marriott/
Embassy Suites
8517 Leesburg Pike
Vienna, VA
Tel: 1-703-883-0707
The Crowne Plaza Tysons Corner (formerly the Holiday Inn)
1960 Chain
Bridge Rd McLean, VA
Tel: 1-703-893-2100
Website: http://www.cptysonscorner.com/
Sheraton Premiere Tysons
8661 Leesburg Pike
Vienna, VA
Tel: 1-703-506-2500
Website: http://www.starwoodhotels.com/sheraton/property/overview/index.html?propertyID=691
Transportation to the Conference
By plane
The venue area can be reached by commercial aviation through either Dulles International Airport or Reagan National Airport.
Both are roughly equidistant from the venue and offer a range of airline and flight options.
How to get to the venue?
See the map.
Registration and Conference Fees
OWASP Software Assurance Day DC 2009 will be a free conference.
Despite the fact that this is a free conference, we still need you to register to fulfill security requirements of the facility and to ensure that we don't exceed venue capacity.
Conference Contacts
For more information please contact the team below for conference details, sponsorship or registration.
Mr Sean Barnum (Conference Chair) , Cigital Federal, Inc.
Email: [email protected]
Mobile: 703-473-8262
Kate Hartmann
OWASP Operations Director
9175 Guilford Road, Suite 300
Columbia, MD 21046, USA
Phone: +1-301-575-0189
Facsimile: +1-301-604-8033
Email: [email protected]
Conference Sponsors
Under negotiation.
If you are interested in sponsoring this OWASP conference, please contact Sean Barnum.