This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "AppSec US 2010, CA"

From OWASP
Jump to: navigation, search
Line 60: Line 60:
 
| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | |} <!-- End Banner -->  
 
| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | |} <!-- End Banner -->  
  
==== Agenda/Schedule ====
+
==== Training  ====
 +
 
 +
{| style="width:80%" border="0" align="center"
 +
! align="center" style="background:#4058A0; color:white" | T1. Web Security Testing - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Joe Basirico, Security Innovation
 +
|-
 +
{| style="width:80%" border="0" align="center"
 +
! align="center" style="background:#4058A0; color:white" | T2. Building Secure Ajax and Web 2.0 Applications - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Dave Wichers: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T3. Assessing and Exploiting Web Applications with Samurai - WTF - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Justin Serle, InGuardians
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T4. Application Security Leadership Essentials - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Jeff Williams: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]'''
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T5. Software Security Remediation:  How to Fix Application Vulnerabilities 1-Day - Sept 7th- $675
 +
|-
 +
| style="background:#F2F2F2" |  Summary
 +
Instructor: Dan Cornell:  [http://www.denimgroup.com  http://www.owasp.org/images/a/a7/AppSecDC2009-Sponsor-denim.gif]
 +
|-
 +
{| style="width:80%" border="0" align="center"
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T6. Live CD 1-Day - Sept 8th- $675
 +
|-
 +
| style="background:#F2F2F2" |  Summary
 +
Instructor: Matt Tesauro:  [http://www.trustwave.com http://www.owasp.org/images/7/77/TrustwaveLogo.jpg]
 +
 
 +
|}
 +
 
 +
 
 +
==== Schedule September 9th ====
  
 
{| border="0" align="center" style="width: 80%;"
 
{| border="0" align="center" style="width: 80%;"
Line 144: Line 183:
  
 
|}
 
|}
 +
 +
==== Schedule September 10th ====
 +
 +
{| border="0" align="center" style="width: 80%;"
 +
|-
 +
| align="center" colspan="4" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''Conference Day 1 - September 9th, 2010'''
 +
 +
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 +
| style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Track 1 - Crystal Cove Auditorium
 +
| style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Track 2 - Pacific Ballroom
 +
| style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Track 3 - Doheny Beach
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 07:30-08:30
 +
| align="left" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Registration and Breakfast + Coffee
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:30-08:45
 +
| align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(242, 242, 242);" | Welcome to OWASP AppSec US, 2010 (Crystal Cove Auditorium)
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 08:45-9:30
 +
| align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | #Keynote: Jeff Williams (Crystal Cove Auditorium)
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 9:30-10:15
 +
| align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | #Keynote: Chenxi Wang (Crystal Cove Auditorium)
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:15-10:35
 +
| align="left" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break - Expo - CTF kick-off (Emerald Bay)
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 10:35-11:20
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | How I met your Girlfriend, ''Sammy Kamkar''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Solving Real-World Problems with an Enterprise Security API (ESAPI), ''Chris Schmidt, ServiceMagic''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Microsoft Security Development Lifecycle for Agile Development, ''Nick Coblentz, AT&T''
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:20-11:30
 +
| align="left" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break - Expo - CTF
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 11:30-12:15
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | State of SL on the Internet - 2010 Survey, Results and Conclusions, ''Ivan Ristic, Qualys''<br>
 +
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Into the Rabbit Hole:  Execution Flow-based Web Application Testing, ''Rafal Los, Hewlett-Packard''<br>
 +
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | Threat Modeling Best Practices, Robert Zigweid, IOActive<br>
 +
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 12:15-13:15
 +
| align="left" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Lunch - Expo - CTF
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 13:30-14:15
 +
| align="center" colspan="3" style="width: 80%; background: none repeat scroll 0% 0% rgb(252, 252, 150);" | Bill Cheswick (Crystal Cove Auditorium)
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:15-14:25
 +
| align="left" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break - Expo - CTF
 +
|-
 +
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 14:25-15:10
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | P0w3d for Botnet CnC, ''Gunter Ollmann, Damballa''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Cloud Computing, A Weapon of Mass Destruction?, ''David Bryan''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | The Secure Coding Practices Quick Reference Guide, ''Keith Turpin, Boeing''
 +
|-
 +
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:10-15:30
 +
| align="left" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Coffee Break - Expo - CTF
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 15:30-16:15
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 133, 122);" | Smart Phones with Dumb Apps:  Threat Modeling for Mobile Applications, ''Dan Cornell, Denim Group''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(188, 165, 122);" | Assessing, Testing and Validating Flash Content, ''Peleus Uhley, Adobe''<br>
 +
 +
| align="left" style="width: 30%; background: none repeat scroll 0% 0% rgb(153, 255, 153);" | OWASP State of the Union, ''Tom Brennan, OWASP''
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:15-16:25
 +
| align="left" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | Break - Expo - CTF
 +
|-
 +
| style="width: 10%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | 16:25-17:10
 +
| align="center" colspan="3" style="width: 90%; background: none repeat scroll 0% 0% rgb(242, 242, 242);" | Panel Discussion: Security Trends:  Jeremiah Grossman, Robert Hansen, TBD...Moderator:  Stuart Schwartz
 +
 +
|}
 +
 
==== Registration  ====
 
==== Registration  ====
  
Line 207: Line 332:
 
<br>  
 
<br>  
  
==== Training  ====
 
 
{| style="width:80%" border="0" align="center"
 
! align="center" style="background:#4058A0; color:white" | T1. Web Security Testing - 2-Days - $1350
 
|-
 
| style="background:#F2F2F2" | Summary
 
Instructor: Joe Basirico, Security Innovation
 
|-
 
{| style="width:80%" border="0" align="center"
 
! align="center" style="background:#4058A0; color:white" | T2. Building Secure Ajax and Web 2.0 Applications - 2-Days - $1350
 
|-
 
| style="background:#F2F2F2" | Summary
 
Instructor: Dave Wichers: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]
 
|-
 
! align="center" style="background:#4058A0; color:white" | T3. Assessing and Exploiting Web Applications with Samurai - WTF - 2-Days - $1350
 
|-
 
| style="background:#F2F2F2" | Summary
 
Instructor: Justin Serle, InGuardians
 
|-
 
! align="center" style="background:#4058A0; color:white" | T4. Application Security Leadership Essentials - 2-Days - $1350
 
|-
 
| style="background:#F2F2F2" | Summary
 
Instructor: Jeff Williams: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]'''
 
|-
 
! align="center" style="background:#4058A0; color:white" | T5. Software Security Remediation:  How to Fix Application Vulnerabilities 1-Day - Sept 7th- $675
 
|-
 
| style="background:#F2F2F2" |  Summary
 
Instructor: Dan Cornell:  [http://www.denimgroup.com  http://www.owasp.org/images/a/a7/AppSecDC2009-Sponsor-denim.gif]
 
|-
 
{| style="width:80%" border="0" align="center"
 
|-
 
! align="center" style="background:#4058A0; color:white" | T6. Live CD 1-Day - Sept 8th- $675
 
|-
 
| style="background:#F2F2F2" |  Summary
 
Instructor: Matt Tesauro:  [http://www.trustwave.com http://www.owasp.org/images/7/77/TrustwaveLogo.jpg]
 
 
|}
 
  
 
==== Venue  ====
 
==== Venue  ====

Revision as of 19:05, 16 July 2010


AppSec USA 2010 Banner

UC Irvine Conference Center | CLICK HERE TO REGISTER


Welcome

Please Visit the AppSecUS 2010 Web Page for more information.

Registration is open!

https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=3c8f8c26-a4b3-40d6-9daa-1f541ea0ccc2

OWASP member registration $325 Non-member registration $375 Student registration (ID required at conference) $250

Early-bird rates available till July 31.


Press Release January 23rd, 2010 -- Event Announced!

The Global Conferences Committee is excited to announce the date and location of the OWASP AppSec US 2010 Conference. AppSec US 2010 will be held September 7th through September 10th, 2010 and will be hosted by the Orange County and Los Angeles Chapters at the University of California, Irvine, the only school in the University of California system with a dedicated school of Information and Computer Science. More information, including the call for speakers & the call for training will be sent shortly.

Who Should Attend AppSec USA 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security

| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | |}

Training

T1. Web Security Testing - 2-Days - $1350
Summary

Instructor: Joe Basirico, Security Innovation

T2. Building Secure Ajax and Web 2.0 Applications - 2-Days - $1350
Summary

Instructor: Dave Wichers: Aspect_logo.gif

T3. Assessing and Exploiting Web Applications with Samurai - WTF - 2-Days - $1350
Summary

Instructor: Justin Serle, InGuardians

T4. Application Security Leadership Essentials - 2-Days - $1350
Summary

Instructor: Jeff Williams: Aspect_logo.gif

T5. Software Security Remediation: How to Fix Application Vulnerabilities 1-Day - Sept 7th- $675
Summary

Instructor: Dan Cornell: AppSecDC2009-Sponsor-denim.gif

T6. Live CD 1-Day - Sept 8th- $675
Summary

Instructor: Matt Tesauro: TrustwaveLogo.jpg


Schedule September 9th

Conference Day 1 - September 9th, 2010



Track 1 - Crystal Cove Auditorium Track 2 - Pacific Ballroom Track 3 - Doheny Beach
07:30-08:30 Registration and Breakfast + Coffee
08:30-08:45 Welcome to OWASP AppSec US, 2010 (Crystal Cove Auditorium)
08:45-9:30 #Keynote: Jeff Williams (Crystal Cove Auditorium)
9:30-10:15 #Keynote: Chenxi Wang (Crystal Cove Auditorium)
10:15-10:35 Break - Expo - CTF kick-off (Emerald Bay)
10:35-11:20 How I met your Girlfriend, Sammy Kamkar
 Solving Real-World Problems with an Enterprise Security API (ESAPI), Chris Schmidt, ServiceMagic
 Microsoft Security Development Lifecycle for Agile Development, Nick Coblentz, AT&T
11:20-11:30 Break - Expo - CTF
11:30-12:15 State of SL on the Internet - 2010 Survey, Results and Conclusions, Ivan Ristic, Qualys


 Into the Rabbit Hole: Execution Flow-based Web Application Testing, Rafal Los, Hewlett-Packard


 Threat Modeling Best Practices, Robert Zigweid, IOActive
12:15-13:15 Lunch - Expo - CTF
13:30-14:15 Bill Cheswick (Crystal Cove Auditorium)
14:15-14:25 Break - Expo - CTF
14:25-15:10 P0w3d for Botnet CnC, Gunter Ollmann, Damballa
 Cloud Computing, A Weapon of Mass Destruction?, David Bryan
 The Secure Coding Practices Quick Reference Guide, Keith Turpin, Boeing
15:10-15:30 Coffee Break - Expo - CTF
15:30-16:15 Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications, Dan Cornell, Denim Group
 Assessing, Testing and Validating Flash Content, Peleus Uhley, Adobe
 OWASP State of the Union, Tom Brennan, OWASP
16:15-16:25 Break - Expo - CTF
16:25-17:10 Panel Discussion: Security Trends: Jeremiah Grossman, Robert Hansen, TBD...Moderator: Stuart Schwartz

Schedule September 10th

Conference Day 1 - September 9th, 2010



Track 1 - Crystal Cove Auditorium Track 2 - Pacific Ballroom Track 3 - Doheny Beach
07:30-08:30 Registration and Breakfast + Coffee
08:30-08:45 Welcome to OWASP AppSec US, 2010 (Crystal Cove Auditorium)
08:45-9:30 #Keynote: Jeff Williams (Crystal Cove Auditorium)
9:30-10:15 #Keynote: Chenxi Wang (Crystal Cove Auditorium)
10:15-10:35 Break - Expo - CTF kick-off (Emerald Bay)
10:35-11:20 How I met your Girlfriend, Sammy Kamkar
 Solving Real-World Problems with an Enterprise Security API (ESAPI), Chris Schmidt, ServiceMagic
 Microsoft Security Development Lifecycle for Agile Development, Nick Coblentz, AT&T
11:20-11:30 Break - Expo - CTF
11:30-12:15 State of SL on the Internet - 2010 Survey, Results and Conclusions, Ivan Ristic, Qualys


 Into the Rabbit Hole: Execution Flow-based Web Application Testing, Rafal Los, Hewlett-Packard


 Threat Modeling Best Practices, Robert Zigweid, IOActive
12:15-13:15 Lunch - Expo - CTF
13:30-14:15 Bill Cheswick (Crystal Cove Auditorium)
14:15-14:25 Break - Expo - CTF
14:25-15:10 P0w3d for Botnet CnC, Gunter Ollmann, Damballa
 Cloud Computing, A Weapon of Mass Destruction?, David Bryan
 The Secure Coding Practices Quick Reference Guide, Keith Turpin, Boeing
15:10-15:30 Coffee Break - Expo - CTF
15:30-16:15 Smart Phones with Dumb Apps: Threat Modeling for Mobile Applications, Dan Cornell, Denim Group
 Assessing, Testing and Validating Flash Content, Peleus Uhley, Adobe
 OWASP State of the Union, Tom Brennan, OWASP
16:15-16:25 Break - Expo - CTF
16:25-17:10 Panel Discussion: Security Trends: Jeremiah Grossman, Robert Hansen, TBD...Moderator: Stuart Schwartz

Registration

Registration Now Open!

CLICK HERE TO REGISTER

OWASP Membership ($50 annual membership fee) gets you a discount of $50.

$375 Until 7/31/2010 Non-Members After 7/31/2010 - $445
$325 Until 7/31/2010 OWASP Members After 7/31/2010 - $395
$250 Students with valid Student ID
$375 Until 7/31/2010 New Registration Option! Become an OWASP Member and attend the event!
$1350 2-Day Training Course
$675 1-Day Training Course

Who Should Attend AppSec USA 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


For student discount, attendees must present proof of enrollment when picking up your badge.

Volunteer

Volunteers Needed!

Get involved!

We will take all the help we can get to pull off the best Web Application Security Conference of the year! Volunteers get free admission and invitation to the VIP event. This is your chance to rub elbows with the big players and mingle with potential networking contacts or even future employers!


Please contact neil(at)owasp.org to volunteer for a specific area:

  • Security
  • Speakers and Trainers
  • Vendors
  • Facilities

More opportunities and areas will be added as time goes on. Our File:Volunteer Sheet.doc can be downloaded which outlines some of the responsibilities and available positions. Note: this document references the the DC conference last year, this is just for a general guideline. Updated document coming soon.



Venue

UC Irvine Conference Center Center

AppSec USA 20010 will be taking place at the UC Irvine Conference Center in Irvine, CA.


Hotel

Hyatt main.gif

We have reached a deal with Hyatt Regency of Irvine. The standard room rate will be $109. The hotel will be offering a shuttle service to and from both the UC Irvine campus as well as the John Wayne Airport!

Space is limited so be sure to book sooner than later. Please use this link to reserve a room https://resweb.passkey.com/go/owasp2010

UC Irvine also has special arrangements with local  hotels here

Sponsors

Sponsors

We are currently soliciting sponsors for the AppSec US 2010 Conference. Please refer to our List of Sponsorship Opportunities (or PDF).

Please contact Kate Hartmann for more information.

Slots are going fast so contact us to sponsor today!

    

Platinum Sponsors

 [File:Qualys-468-60.png]
 

Gold Sponsors

 Ibmneg blurgb.jpg Fortify logo AppSec Research 2010.png
 

Silver Sponsors

 AppSecDC2009-Sponsor-fishnet.gif Acunetix logo 200.png Barracuda Color Logo.jpg
 
 

Organizational Sponsors

 Isc2 logo.gif
 

Reception Sponsors

Coffee Sponsors

Travel

Traveling to the OC Metro Area

Retrieved from "https://wiki.owasp.org/index.php?title=AppSec_US_2010,_CA&oldid=86596"