This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Front Range OWASP Conference 2012"
From OWASP
(→Agenda and Presentations: 22 March 2012: Added Matt Tesauro) |
m (→Welcome: added link to SnowFROC 2013) |
||
| (31 intermediate revisions by 4 users not shown) | |||
| Line 9: | Line 9: | ||
--> | --> | ||
<!-- Header --> | <!-- Header --> | ||
| + | ====2012 Presentations ==== | ||
| + | [[Media:CameronMorris_OwaspPassfault.pdf|OWASP Passfault]]<br> | ||
| + | [[Media:DougLandoll_PCI 2.0 Risk Management.pdf|PCI vs Risk Management]]<br> | ||
| + | [[Media:Laz_owasp_denver_FROC_032212.pdf|What the Cyber Criminals are Doing on Your Website Right Now]]<br> | ||
| + | [[Media:MikeFleckOWASP_Presentation.ppt|Securing Data from the Web Tier]]<br> | ||
| + | [[Media:RajivSharma_A_Scalable_Secure_Development_Program_OWASP.ppt|A Scalable Secure Development Program]]<br> | ||
| + | [[Media:RobertRowleyOWASPSNOWFROC2012.ppt|State of Web Security: Monitored Attacks]]<br> | ||
| + | |||
====Welcome==== | ====Welcome==== | ||
<!-- *** Update image [[Image:Froc2010_sm.png|200px]] | <!-- *** Update image [[Image:Froc2010_sm.png|200px]] | ||
--> | --> | ||
'''Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!''' | '''Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!''' | ||
| + | '''Click [[Front_Range_OWASP_Conference_2013|here]] if you're looking for SnowFROC 2013''' | ||
After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], and [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010 2010] we are back in Denver, Colorado USA on '''Thursday the 22nd of March'''! | After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], and [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010 2010] we are back in Denver, Colorado USA on '''Thursday the 22nd of March'''! | ||
| − | This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. | + | This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. '''ALSO''', on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives! |
In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012. <!-- This year we are organizing the conference with the support of our colleagues at the [http://www.cloudsecurityalliance.org/ Cloud Security Alliance], and will feature an AppSec track as well as a CloudSec/VirtSec track. | In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012. <!-- This year we are organizing the conference with the support of our colleagues at the [http://www.cloudsecurityalliance.org/ Cloud Security Alliance], and will feature an AppSec track as well as a CloudSec/VirtSec track. | ||
| Line 23: | Line 32: | ||
====Registration==== | ====Registration==== | ||
| − | [http://snowfroc2012.eventbrite.com Registration is now open!] | + | [http://snowfroc2012.eventbrite.com Registration for SnowFROC is now open!] |
$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference! | $20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference! | ||
| Line 29: | Line 38: | ||
--> | --> | ||
| − | Click [http://snowfroc2012.eventbrite.com HERE] to register now! | + | Click [http://snowfroc2012.eventbrite.com HERE] to register now for SnowFROC! |
| − | ====Agenda==== | + | <!-- FAIL - need to get our act together MUCH EARLIER if we're going to have OWASP training in conjunction w/SnowFROC! Click [[Denver,_Colorado|here]] to register for OWASP Deep Dives in Denver! |
| + | Specifically: | ||
| + | 1. Include Kate/OWASP Ops in SnowFROC planning | ||
| + | 2. AT A MINIMUM, GET THE SCHEDULE AND PUBLISH IT | ||
| + | 3. NEED a COUPLE of local chapter meetings to socialize/promote the ACTUAL CLASSES | ||
| + | --> | ||
| + | <!-- ====Agenda==== | ||
| − | ''' | + | '''CFP has closed; '''the agenda is being formed NOW and the draft agenda should be published SOON! |
| + | --> | ||
==Agenda and Presentations: 22 March 2012== | ==Agenda and Presentations: 22 March 2012== | ||
| Line 39: | Line 55: | ||
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room. | The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room. | ||
| − | {| style="width: | + | {| style="width:86%" border="0" align="center" |
! colspan="4" align="center" style="background:#4058A0; color:white" | March 22nd, 2012 | ! colspan="4" align="center" style="background:#4058A0; color:white" | March 22nd, 2012 | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 07: | + | | style="width:10%; background:#7B8ABD" | 07:45-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Adirondack Room |
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 08:30-08: | + | | style="width:10%; background:#7B8ABD" | 08:30-08:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to SnowFROC 2012 Conference |
| + | |||
''OWASP Denver and OWASP Boulder Chapter Leaders'' | ''OWASP Denver and OWASP Boulder Chapter Leaders'' | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 08: | + | | style="width:10%; background:#7B8ABD" | 08:45-09:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | |
| − | ''' | + | '''State of OWASP''' |
| − | '' | + | ''[[Matt_Tesauro|Matt Tesauro]]'' |
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 09: | + | | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote: Point in Time Security''' |
| + | |||
| + | ''[[John_Pirc|John Pirc]], Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]'' | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 10: | + | | style="width:10%; background:#7B8ABD" | 10:10-10:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo |
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Track | + | | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Tech Track - Zenith Room 640''' |
| − | | colspan="1" style="width:45%; background:#BCA57A" | '''Track | + | | colspan="1" style="width:45%; background:#BCA57A" | '''Management Track - Senate Chamber''' |
<!-- | style="width:22%; background:#C6E2FF" | '''Management / Exec Track: Room 3''' --> | <!-- | style="width:22%; background:#C6E2FF" | '''Management / Exec Track: Room 3''' --> | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | | + | | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | OWASP Passfault |
| − | '' | + | ''Cameron Morris'' |
| − | | style="width:45%; background:#BCA57A" align="left" | | + | | style="width:45%; background:#BCA57A" align="left" | Managing IT Risk in a Cloud Environment |
| − | '' | + | ''Karl Steinkamp'' |
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | <!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | ||
| Line 81: | Line 95: | ||
| − | | style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | | + | | style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | State of Web Security: Monitored Attacks |
| − | '' | + | |
| + | ''Robert Rowley'' | ||
| − | | style="width:45%; background:#BCA57A" align="left" | | + | | style="width:45%; background:#BCA57A" align="left" | PCI vs Risk Management |
| − | '' | + | ''Doug Landoll'' |
| − | <!-- | style="width:22%; background:#C6E2FF" align="left" | | + | <!-- | style="width:22%; background:#C6E2FF" align="left" | Securing Data from the Web Tier ''Mike Fleck'' --> |
|- | |- | ||
| + | |||
| style="width:10%; background:#7B8ABD" | 12:00-13:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo | | style="width:10%; background:#7B8ABD" | 12:00-13:00 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo | ||
| − | + | |- | |
| − | |||
| − | |||
| − | + | | style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:45%; background:#BC857A" align="left" | WebGoat.NET | |
| − | '' | + | |
| + | ''Jerry Hoff'' | ||
| + | | style="width:45%; background:#BCA57A" align="left" | Securing Data from the Web Tier | ||
| + | ''Mike Fleck'' | ||
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | <!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | ||
''TBD'' --> | ''TBD'' --> | ||
| Line 105: | Line 122: | ||
| − | | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | | + | | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | Gray, the new black: Gray box vulnerability testing |
| − | '' | + | ''Adam Hills'' |
| − | | style="width:45%; background:#BCA57A" align="left" | | + | | style="width:45%; background:#BCA57A" align="left" | What the Cyber Criminals are Doing on Your Website Right Now. |
| − | '' | + | ''LAZ'' |
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | <!-- | style="width:22%; background:#C6E2FF" align="left" | TBD | ||
| Line 119: | Line 136: | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | " | + | | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | "The Mobile Top 10" |
| − | '' | + | ''Mike Zussman'' |
| − | |||
| − | | style="width:45%; background:#BCA57A" align="left" | | + | | style="width:45%; background:#BCA57A" align="left" | A Scalable Secure Development Program |
| − | '' | + | ''Rajiv Sharma'' |
<!-- | <!-- | ||
| Line 130: | Line 146: | ||
''TBD'' | ''TBD'' | ||
--> | --> | ||
| + | |- | ||
| + | | style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | End of Conference Panel Discussion: | ||
| − | + | Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?'' | |
| − | + | ||
| − | Panelists: | + | '''Moderator:''' ''Andy Lewis'' |
| + | '''Panelists:''' ''Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others'' | ||
|- | |- | ||
|- | |- | ||
| − | | style="width:10%; background:#7B8ABD" | 16:30-17:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Wrap up, vendor raffles | + | | style="width:10%; background:#7B8ABD" | 16:30-17:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Wrap up, vendor raffles! |
|- | |- | ||
| Line 146: | Line 165: | ||
[[Image:Denver_mountains.JPG]] | [[Image:Denver_mountains.JPG]] | ||
| − | This year, the conference will again be held at University of Colorado, Denver at the Tivoli | + | This year, the conference will again be held at University of Colorado, Denver at the [http://maps.google.com/maps?hl=en&ie=UTF8&cid=0,0,17887458453474608109&fb=1&split=1&gl=us&dq=Tivoli+Student+Union+in+downtown+Denver,+CO&daddr=900+Auraria+Pkwy+%23+325E,+Denver,+CO+80204&geocode=2315206160437382962,39.746366,-105.007463&ei=jKOsSeKrM5O5twfLh4GDBg&z=16 Tivoli Student Union] (900 Auraria Pkwy # 325E Denver, CO 80204). |
<!-- *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]] | <!-- *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]] | ||
| Line 165: | Line 184: | ||
*By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants. | *By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants. | ||
| − | |||
| − | |||
====Call for Presentations==== | ====Call for Presentations==== | ||
| − | The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] is open until February 23rd 2012. | + | <!-- The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] is open until February 23rd 2012. --> |
| + | The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] closed February 23rd. If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration. | ||
| Line 192: | Line 210: | ||
Colorado Chapter Hosts: | Colorado Chapter Hosts: | ||
* Andy Lewis - OWASP Denver - alewis at owasp dot org | * Andy Lewis - OWASP Denver - alewis at owasp dot org | ||
| − | * Mark Major - OWASP Boulder | + | * Mark Major - OWASP Boulder - mark dot major at owasp dot org |
* Might have a CO Springs chapter in time for SnowFROC; stay tuned... | * Might have a CO Springs chapter in time for SnowFROC; stay tuned... | ||
| Line 207: | Line 225: | ||
--> | --> | ||
| − | + | We are proud to have the following sponsors for this year's conference: | |
<!-- | <!-- | ||
*Accuvant | *Accuvant | ||
| Line 233: | Line 251: | ||
*[http://www.hpenterprisesecurity.com/register/esp-grand-slam-camp-hpesp-homepage HP ESP] | *[http://www.hpenterprisesecurity.com/register/esp-grand-slam-camp-hpesp-homepage HP ESP] | ||
*[http://www.coalfire.com/Home Coalfire Systems] | *[http://www.coalfire.com/Home Coalfire Systems] | ||
| + | *[http://www.rapid7.com/ Rapid7] | ||
| + | *[http://www.silvertailsystems.com/ Silvertail Systems] | ||
| + | *[http://www.southseascorp.com/ South Seas Corporation] | ||
| Line 257: | Line 278: | ||
--> | --> | ||
| − | + | ||
Latest revision as of 16:30, 16 April 2012
2012 Presentations
OWASP Passfault
PCI vs Risk Management
What the Cyber Criminals are Doing on Your Website Right Now
Securing Data from the Web Tier
A Scalable Secure Development Program
State of Web Security: Monitored Attacks
Welcome
Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference! Click here if you're looking for SnowFROC 2013
After successful FROC's in June of 2008, March of 2009, and 2010 we are back in Denver, Colorado USA on Thursday the 22nd of March!
This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. ALSO, on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives!
In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012.
Registration
Registration for SnowFROC is now open!
$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!
Click HERE to register now for SnowFROC!
Agenda and Presentations: 22 March 2012
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.
| March 22nd, 2012 | |||
|---|---|---|---|
| 07:45-08:30 | Registration and Continental Breakfast in the Adirondack Room | ||
| 08:30-08:45 | Welcome to SnowFROC 2012 Conference
OWASP Denver and OWASP Boulder Chapter Leaders | ||
| 08:45-09:10 |
State of OWASP | ||
| 09:10-10:10 | Keynote: Point in Time Security
John Pirc, Co-Author of "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats" | ||
| 10:10-10:30 | Break - Expo | ||
| Tech Track - Zenith Room 640 | Management Track - Senate Chamber | ||
| 10:30-11:15 | OWASP Passfault
Cameron Morris |
Managing IT Risk in a Cloud Environment
Karl Steinkamp | |
| 11:15-12:00 | State of Web Security: Monitored Attacks
Robert Rowley |
PCI vs Risk Management
Doug Landoll | |
| 12:00-13:00 | Lunch - Expo | ||
| 13:00-13:50 | WebGoat.NET
Jerry Hoff |
Securing Data from the Web Tier
Mike Fleck | |
| 13:50-14:40 | Gray, the new black: Gray box vulnerability testing
Adam Hills |
What the Cyber Criminals are Doing on Your Website Right Now.
LAZ | |
| 14:40-15:00 | BREAK | ||
| 15:00-15:50 | "The Mobile Top 10"
Mike Zussman |
A Scalable Secure Development Program
Rajiv Sharma | |
| 15:50-16:30 | End of Conference Panel Discussion:
Topic: The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural? Moderator: Andy Lewis Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others | ||
| 16:30-17:30 | Wrap up, vendor raffles! | ||
Logistics
This year, the conference will again be held at University of Colorado, Denver at the Tivoli Student Union (900 Auraria Pkwy # 325E Denver, CO 80204).
Accomodation
OWASP is in the process of negotiating discounted rates with the uber-pimpin Hotel Teatro. Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC.
To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the iHotelier.com link here.
How to get to the venue?
- By taxi: taxi from the airport to venue is about $50 USD
- From hotel: transport from the conference hotel (Hotel Teatro) by limo is free
- By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants.
Call for Presentations
The call for presentations closed February 23rd. If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.
Conference Committee
FROC 2012 Planning Committee Chair: Kathy Thaxton - kthaxton at hosting dot com
Presentation Selection Committee:
- Steve Kosten
- Denver OWASP Board
Colorado Chapter Hosts:
- Andy Lewis - OWASP Denver - alewis at owasp dot org
- Mark Major - OWASP Boulder - mark dot major at owasp dot org
- Might have a CO Springs chapter in time for SnowFROC; stay tuned...
Vendor Exhibition POC: Kathy Thaxton - kthaxton at hosting dot com
Sponsors
If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kthaxton at hosting dot com.
We are proud to have the following sponsors for this year's conference:
- Accuvant
- Hosting.com
- Whitehat Security
- HP ESP
- Coalfire Systems
- Rapid7
- Silvertail Systems
- South Seas Corporation
