This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Front Range OWASP Conference 2013/Schedule"

From OWASP
Jump to: navigation, search
(Commented out "subject to change" disclaimer and CFP schedule.)
Line 41: Line 41:
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 10:00-10:45
 
  | style="background:#024C68; color:white" align="center" | 10:00-10:45
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]  
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]<br>[[Media: Chrastil.pptx| Slides ]]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''<br>[[Media: Disney-Leugers.odp| Slides ]]
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''<br>[[Media: Shumway.pptx| Slides ]]
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 10:55-11:40
 
  | style="background:#024C68; color:white" align="center" | 10:55-11:40
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''<br>[[Media: Wolff.pptx| Slides ]]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''<br>[[Media: Smith.pdf| Slides ]]
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''<br>[[Media: Willson.pdf| Slides ]]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
Line 59: Line 59:
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech1|'''Angry Cars: Hacking the "Car as Platform"''' <br> ''Aaron Weaver]]''
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech1|'''Angry Cars: Hacking the "Car as Platform"''' <br> ''Aaron Weaver]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''<br>[[Media: Earle.pptx| Slides ]]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''CISPA: Why Privacy Advocates Hate This Legislation''' <br> ''Maureen Donohue Feinroth]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''CISPA: Why Privacy Advocates Hate This Legislation''' <br> ''Maureen Donohue Feinroth]]''<br>[[Media: Feinroth.pptx| Slides ]]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''<br>[[Media: Bravo.pptx| Slides ]]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''<br>[[Media: Conklin.pptx| Slides ]]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Measuring Security Best Practices With OpenSAMM''' <br> ''Alan Jex]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Measuring Security Best Practices With OpenSAMM''' <br> ''Alan Jex]]''<br>[[Media: Jex.ppt| Slides ]]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''<br>[[Media: Lelewski.pdf| Slides ]]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 14:30-15:15
 
  | style="background:#024C68; color:white" align="center" | 14:30-15:15
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''<br>[[Media: Chan.pptx| Slides ]]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''<br>[[Media: Brady.pdf| Slides ]]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''<br>[[Media:McCoy.pdf| Slides ]]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''<br>[[Media: Glanville.pptx| Slides ]]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 15:15-15:45
 
  | style="background:#024C68; color:white" align="center" | 15:15-15:45

Revision as of 17:55, 9 April 2013

SnowFROC 2013 Schedule


Thu, Mar 28 Technical Track Deep-Dive Track Management Track Legal Track
07:00-08:30 Registration and Morning Snacks
Sponsored by HP
08:00-08:15 Welcome and Kick-off
Brad Carvalho, Mark Major
08:15-08:30 State of OWASP
Jim Manico
08:30-09:30 Keynote Address: Data Protection for the 21st Century
Neal Ziring, Technical Director for the National Security Agency’s Information Assurance Directorate (IAD)
09:30-10:00 Coffee Break and Sponsor Expo
Sponsored by Aerstone
CTF Kick-off
Chris Rossi, Mark Major
10:00-10:45 DevFu: The inner ninja in every application developer
Danny Chrastil

Slides
SIP Based Cloud Instances
Gregory Disney-Leugers

Slides
Digital Bounty Hunters - Decoding Bug Bounty Programs
Jon Rose
Electronic Discovery for System Administrators
Russell Shumway

Slides
CTF
Sponsored by Aerstone
10:55-11:40 Adventures in Large Scale HTTP Header Abuse
Zachary Wolff

Slides
How Malware Attacks Web Applications
Casey Smith

Slides
Linking Security to Business Value in the Customer Service Industry
Dan Rojas
Legal Issues of Forensics in the Cloud
David Willson

Slides
11:40-12:40 Lunch and Sponsor Expo
Sponsored by Aerstone
12:40-13:25 Angry Cars: Hacking the "Car as Platform"
Aaron Weaver
Top Ten Web Application Defenses
Jim Manico
Using SaaS and the Cloud to Secure the SDLC
Andrew Earle

Slides
CISPA: Why Privacy Advocates Hate This Legislation
Maureen Donohue Feinroth

Slides
13:35-14:20 DevOps and Security: It's Happening. Right Now.
Helen Bravo

Slides
A Demo of and Preventing XSS in .NET Applications
Larry Conklin

Slides
Measuring Security Best Practices With OpenSAMM
Alan Jex

Slides
Crafting a Plan for When Security Fails
Robert Lelewski

Slides
14:30-15:15 Real World Cloud Application Security
Jason Chan

Slides
Data Mining a Mountain of Zero Day Vulnerabilities
Joe Brady

Slides
Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)
Jon McCoy

Slides
Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem
Tom Glanville

Slides
15:15-15:45 Coffee Break and Sponsor Expo
Sponsored by Aerstone
15:45-16:45 Moderated Panel Discussion
   Aaron Weaver
   David Willson
   Dan Wilson
   Neal Ziring
   Moderator: Jim Manico
16:45-17:00 Closing Statements
Brad Carvalho, Mark Major
17:00- Sponsor Raffles, Drawings, and Contests CTF Wrap-Up
Chris Rossi, Mark Major
19:00-22:00+ After-party at Tarantula Billiards
Sponsored by AppliedTrust
Tarantula is located 3 blocks from the Marriott at the corner of 15th and Stout (1520 Stout Street, Denver)
Awards Ceremony at Tarantula (20:00)


Fri, Mar 29 Training Birds of a Feather: A Birds of a Feather: B Capture the Flag
09:00-9:45 Training: Secure Coding
Aaron Weaver
DevOps in Cloud environments (edit) BoaF 1b (edit) FLOSSHack: CTF VM
10:00-10:45 The modern threatscape: what have you seen? (edit) BoaF 2b (edit)
10:45-11:15 Coffee Break
Sponsored by Aerstone
11:15-12:00 Access Control (edit) BoaF 3b (edit) FLOSSHack: CTF Scoreboard
12:15-13:00 COTS solutions for secure enterprise architectures (edit) BoaF 4b (edit)