This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "SnowFROC09 Planning Page"
(→Speaker Bios and Presentation Summaries) |
|||
| Line 91: | Line 91: | ||
== Speaker Bios and Presentation Summaries == | == Speaker Bios and Presentation Summaries == | ||
| − | Attilla D. Hun "pwning a continent" | + | === Attilla D. Hun "pwning a continent" === |
| − | Alexandar D. Great "pwning the Alps - lessons learned" | + | === Alexandar D. Great "pwning the Alps - lessons learned" === |
[https://www.owasp.org/index.php/Denver Back to OWASP Denver] | [https://www.owasp.org/index.php/Denver Back to OWASP Denver] | ||
[https://www.owasp.org/index.php/Boulder Back to OWASP Boulder] | [https://www.owasp.org/index.php/Boulder Back to OWASP Boulder] | ||
Revision as of 18:21, 21 August 2008
Front Range Web Application Security Summit Planning - SnowFROC09
Who, What, Where, When, How Much?
The speakers below will be presenting at (Location TBD) on (Day TBD). This is a (Cost TBD) event - (coverage ammount/percentage) expenses will be covered by our sponsors. Registration will be at www.snowfroc.com as soon as the site has been built.
SnowFROC09 Proposed Schedule – February 2009
- PLEASE NOTE - this is for PLANNING purposes only - speaker times/dates/topics may change so please check back from time-to-time.
| (February 2008) | |||
|---|---|---|---|
| (Maybe Tech) Track: | (Maybe Management) Track: | ||
| 08:00-09:00 | Registration Opens and Tech Expo | ||
| 09:00-9:30 | Opening Keynote - (Somebody from Somewhere Discussing Something in a MOTIVATED Fashion) | ||
| 9:40-10:40 | (Some crazy universally-compelling topic - (Hopefully) Jeremiah Grossman, CTO & Founder of WhiteHat Security | ||
| 10:50-11:50 | (Some other crazy universally-compelling topic) - (Some compelling speaker) | ||
| 11:50-13:00 | 1 HR BREAK / TECH EXPO / LUNCH BREAK | ||
| 13:00-14:15 | (Crazy Tech Topic) (Security Savant who can keep people awake after lunch) | (Crazy Management Topic)
(Management Savant who can keep people awake after lunch) | |
| 14:30-15:30 | (Leveraging iTunes™ for pen-testing) (The Other Security Savant who can keep people awake, plus some keep-awake tunes) | (Enthralling Management Topic) (The Other Management Savant) | |
| 15:40-16:00 | Raffles & Awards | ||
| 16:00-16:45 | After-conference refreshments (on the slopes?) | ||
| 17:00+ | (tbd) Reception/after-conference mixer | ||
The purpose of this page is to provide a workspace for Denver/Boulder OWASP members to collaborate and plan the upcoming SnowFROC09 (Snow Front Range Web Application Security Summit. It is official, and we have the meeting space reservation to prove it! Date: June 10, 2008 Location: TBD - probably on the Auraria Campus in Downtown Denver again 900 Auraria Parkway Denver, CO 80204
Call For Papers
We will be seeking presentations AND logo ideas. A Call For Papers has been issued. The deadline for submissions is tbd, and speakers who are selected will be notified in good time. Please download the Call for Papers here (OBSOLETE)
Mission Statement
The purpose of the Front Range Web Application Security Summit is to provide a one-day workshop/conference during which individuals and organizations interested in Web Application Security can congregate to transfer knowledge, increase awareness of application layer security in the enterprise, and meet other like minded individuals.
- Guiding Principles
- No vendor soap boxes
- Open, friendly environment
- High quality content, professional delivery
Planner Contact Info
Project Manager: Niki Nicholls (niki at ambassadorservices D0T com)
Project Leads:
Overall planning and coordination: Kathy Thaxton kthaxton at businesspartnersolutions d0t c0m
Tech track lead: tbd (probably David Campbell (dcampbell at owasp dot org)
Management track lead: tbd
Project Planning Site (Basecamp login required)
Panel Discussion Topics
These are preliminary ideas; PLEASE FEEL FREE TO CONTRIBUTE by logging in to the wiki... It seems likely that only one or two will be able to get in-depth discussion; the remainder may be subject to a "Lightning round."
- Biggest problem incorporating security into the SDLC and how/if it was overcome
- Cost-justification strategies - how did you sell this?
- If there was one thing you'd do differently...
- The secret to motivating developers, testers, and QA'ers to adopt secure coding practices...
- Was a launch really postponed due to security concerns? What's the rest of the story?
- What are the best resources or references for succeeding in this area?
- What do you look for when hiring someone or engaging a company to participate with your SDLC
- What's your favorite story about how your Security Ops or Management team REDUCED your overall security in the name of security?
- At what point should security be introduced into the SDLC?
- What are some of the ways the group has seen security tools used internally and externally?
- How much time is really needed for manual testing?
- How do I budget for security testing (manual or otherwise) on applications?
