This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "AppSec US 2010, CA"

From OWASP
Jump to: navigation, search
Line 187: Line 187:
 
==== Training  ====
 
==== Training  ====
  
There will be a total of five to seven classrooms over two days available at the conference. The cost for two day training is $1350 USD and the cost for one day training is $675 USD.  
+
{| style="width:80%" border="0" align="center"
 +
! align="center" style="background:#4058A0; color:white" | T1. Web Security Testing - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Joe Basirico, Security Innovation
 +
|-
 +
{| style="width:80%" border="0" align="center"
 +
! align="center" style="background:#4058A0; color:white" | T2. Building Secure Ajax and Web 2.0 Applications - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Summary
 +
Instructor: Dave Wichers: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]
 +
 
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T3. Web Services and XML Security - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software. [[:Category:OWASP_AppSec_Conference_Training#T3._Web_Services_and_XML_Security_-_2-Day_Course_-_Sep_22-23.2C_2008 | Learn More Here]]
 +
 
 +
Instructor: Gunnar Peterson''' [http://www.arctecgroup.net https://www.owasp.org/images/b/bf/Arctec.jpg]
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T4. Advanced Web Application Security Testing - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | Course Overview While all developers need to know the basics of web application security testing, application security specialists will want to know all the advanced techniques for finding and diagnosing security problems in applications. Aspect’s Advanced Web Application Security Testing training is based on a decade of work verifying the security of critical applications. The course is taught by an experienced application security practitioner in an interactive manner. [[:Category:OWASP_AppSec_Conference_Training#T4._Advanced_Web_Application_Security_Testing_-_2-Day_Course_-_Sep_22-23.2C_2008 | Learn More Here]]
 +
 
 +
Instructor: Eric Sheridan: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]'''
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T5. Leading the Development of Secure Applications 1-Day - Sept 22nd- $675
 +
|-
 +
| style="background:#F2F2F2" |  In this one-day management session you’ll get the answers to the ten key questions that most CIOs and development managers face when trying to improve security in the development process. The course provides proven techniques and valuable lessons learned that can be applied to projects at any phase of their application’s lifecycle. [[:Category:OWASP_AppSec_Conference_Training#T5._Leading_the_Development_of_Secure_Applications_-_1-Day_Course_-_Sep_22.2C_2008 | Learn More Here]]
 +
Instructor: John Pavone: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]'''
 +
|-
 +
{| style="width:80%" border="0" align="center"
 +
|-
 +
! align="center" style="background:#4058A0; color:white" | T6. Building Secure Rich Internet Applications 1-Day - Sept 23rd- $675
 +
|-
 +
| style="background:#F2F2F2" |  Rich Internet applications using technologies like Ajax, Flash, ActiveX, and Java Applets require special attention to secure. This one day training addresses the special issues that arise in this type of application development.  [[:Category:OWASP_AppSec_Conference_Training#T6._Building_Secure_Rich_Internet_Applications_-_1-Day_Course_-_Sep_23.2C_2008 | Learn More Here]]
 +
Instructor: Arshan Dabirsiaghi: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]'''
 +
|-
 +
{| style="width:80%" border="0" align="center"
 +
 
 +
! align="center" style="background:#4058A0; color:white" | T8. Secure Coding for .NET - 2-Days - $1350
 +
|-
 +
| style="background:#F2F2F2" | This course is similar to Aspect's Building and Testing Secure Web Applications except it includes a significant amount of .NET focused content, including:
 +
# .NET security overview,
 +
# All coding examples and recommendations are specifically focused on C#.NET and/or VB.NET and IIS servers, and
 +
# 3 additional hands on coding labs where the students find and then fix security vulnerabilities in a .NET application developed for the class. Both C# and VB.NET versions of the hands on coding labs are available.
 +
 
 +
[[:Category:OWASP_AppSec_Conference_Training#T8._Writing_Secure_Code_ASP.NET_-_Sep_22-23.2C_2008 | Learn More Here]]
 +
 
 +
Instructor: Jerry Hoff: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif]
 +
|}
  
 
==== Venue  ====
 
==== Venue  ====

Revision as of 14:49, 16 July 2010


AppSec USA 2010 Banner

UC Irvine Conference Center | CLICK HERE TO REGISTER


Welcome

Please Visit the AppSecUS 2010 Web Page for more information.

Registration is open!

https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=3c8f8c26-a4b3-40d6-9daa-1f541ea0ccc2

OWASP member registration $325 Non-member registration $375 Student registration (ID required at conference) $250

Call for papers/training extended to June 30th!

We are accepting presentation proposals!

http://www.owasp.org/index.php/AppSec_US_2010,_CA#tab=Call_for_Papers.2FTraining

News April 8th

Our final keynote has just accepted! Bill Cheswick from AT&T Research and Jeff Williams of Aspect Security round out our keynotes!

Lumetathumb.jpegJeffWilliams2.jpg


News March 25th

David Rice of Geekonomics and HD Moore of Metasploit/Rapid7 will be keynote speakers!

Hdm.hshot.white.jpgRice color small.jpg


Press Release January 23rd, 2010 -- Event Announced!

The Global Conferences Committee is excited to announce the date and location of the OWASP AppSec US 2010 Conference. AppSec US 2010 will be held September 7th through September 10th, 2010 and will be hosted by the Orange County and Los Angeles Chapters at the University of California, Irvine, the only school in the University of California system with a dedicated school of Information and Computer Science. More information, including the call for speakers & the call for training will be sent shortly.

Who Should Attend AppSec USA 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


The full AppSec USA Schedule coming soon.

You can register for the conference soon



| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | |}

Call for Papers/Training

Call for Papers/Training is closed now.

OWASP is currently soliciting papers and training curriculum for the OWASP AppSec USA, California 2010 Conference that will take place at the UC Irvine Conference Center in beautiful Orange County, CA on September 7th through 10th of 2010. There will be training courses on September 7th and 8th, followed by plenary sessions on the 9th and 10th with each day having at least three tracks. AppSec USA may also have BOF (Birds of Feathers, an informal adhoc meeting), break out, or speed talks in addition to the standard schedule depending on the submissions we receive.

We are seeking people and organizations that want to present on any of the following topics (in no particular order): 

 - Business Risks with Application Security.
- Starting and Managing Secure Development Lifecycle Programs.
- Web Services-, XML- and Application Security.
- Metrics for Application Security.
- Application Threat Modeling.
- Hands-on Source Code Review.
- Web Application Security Testing.
- OWASP Tools and Projects.
- Secure Coding Practices (J2EE/.NET).
- Privacy Concerns with Applications and Data Storage
- Web Application Security countermeasures
- Technology specific presentations on security such as AJAX, XML, etc.
- Anything else relating to OWASP and Application Security.

To make a submission you must include : 

 - Presenter(s) name(s)
- Presenter(s) Email and/or Phone number(s)
- Presenter(s) bio(s)
- Title
- Abstract
- Any supporting research/tools (will not be released outside of  CFP committee)

Optional: a link to a presentation video.

Call for Papers/Training is closed now.


Please forward to all interested practitioners and colleagues.


Registration

Registration Now Open!

CLICK HERE TO REGISTER

OWASP Membership ($50 annual membership fee) gets you a discount of $50.

$375 Until 7/31/2010 Non-Members After 7/31/2010 - $445
$325 Until 7/31/2010 OWASP Members After 7/31/2010 - $395
$250 Students with valid Student ID
$375 Until 7/31/2010 New Registration Option! Become an OWASP Member and attend the event!
$1350 2-Day Training Course
$675 1-Day Training Course

Who Should Attend AppSec USA 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


For student discount, attendees must present proof of enrollment when picking up your badge.

Volunteer

Volunteers Needed!

Get involved!

We will take all the help we can get to pull off the best Web Application Security Conference of the year! Volunteers get free admission and invitation to the VIP event. This is your chance to rub elbows with the big players and mingle with potential networking contacts or even future employers!


Please contact neil(at)owasp.org to volunteer for a specific area:

  • Security
  • Speakers and Trainers
  • Vendors
  • Facilities

More opportunities and areas will be added as time goes on. Our File:Volunteer Sheet.doc can be downloaded which outlines some of the responsibilities and available positions. Note: this document references the the DC conference last year, this is just for a general guideline. Updated document coming soon.


Training

T1. Web Security Testing - 2-Days - $1350
Summary

Instructor: Joe Basirico, Security Innovation

T2. Building Secure Ajax and Web 2.0 Applications - 2-Days - $1350
Summary

Instructor: Dave Wichers: Aspect_logo.gif

T3. Web Services and XML Security - 2-Days - $1350
The movement towards Web Services and Service Oriented architecture (SOA) paradigms requires new security paradigms to deal with new risks posed by these architectures. This session takes a pragmatic approach towards identifying Web Services security risks and selecting and applying countermeasures to the application, code, web servers, databases, application, and identity servers and related software. Learn More Here

Instructor: Gunnar Peterson Arctec.jpg

T4. Advanced Web Application Security Testing - 2-Days - $1350
Course Overview While all developers need to know the basics of web application security testing, application security specialists will want to know all the advanced techniques for finding and diagnosing security problems in applications. Aspect’s Advanced Web Application Security Testing training is based on a decade of work verifying the security of critical applications. The course is taught by an experienced application security practitioner in an interactive manner. Learn More Here

Instructor: Eric Sheridan: Aspect_logo.gif

T5. Leading the Development of Secure Applications 1-Day - Sept 22nd- $675
In this one-day management session you’ll get the answers to the ten key questions that most CIOs and development managers face when trying to improve security in the development process. The course provides proven techniques and valuable lessons learned that can be applied to projects at any phase of their application’s lifecycle. Learn More Here

Instructor: John Pavone: Aspect_logo.gif

T6. Building Secure Rich Internet Applications 1-Day - Sept 23rd- $675
Rich Internet applications using technologies like Ajax, Flash, ActiveX, and Java Applets require special attention to secure. This one day training addresses the special issues that arise in this type of application development. Learn More Here

Instructor: Arshan Dabirsiaghi: Aspect_logo.gif

T8. Secure Coding for .NET - 2-Days - $1350
This course is similar to Aspect's Building and Testing Secure Web Applications except it includes a significant amount of .NET focused content, including:
  1. .NET security overview,
  2. All coding examples and recommendations are specifically focused on C#.NET and/or VB.NET and IIS servers, and
  3. 3 additional hands on coding labs where the students find and then fix security vulnerabilities in a .NET application developed for the class. Both C# and VB.NET versions of the hands on coding labs are available.

Learn More Here

Instructor: Jerry Hoff: Aspect_logo.gif

Venue

UC Irvine Conference Center Center

AppSec USA 20010 will be taking place at the UC Irvine Conference Center in Irvine, CA.


Hotel

Hyatt main.gif

We have reached a deal with Hyatt Regency of Irvine. The standard room rate will be $109. The hotel will be offering a shuttle service to and from both the UC Irvine campus as well as the John Wayne Airport!

Space is limited so be sure to book sooner than later. Please use this link to reserve a room https://resweb.passkey.com/go/owasp2010

UC Irvine also has special arrangements with local  hotels here

Sponsors

Sponsors

We are currently soliciting sponsors for the AppSec US 2010 Conference. Please refer to our List of Sponsorship Opportunities (or PDF).

Please contact Kate Hartmann for more information.

Slots are going fast so contact us to sponsor today!

    

Platinum Sponsors

 [File:Qualys-468-60.png]
 

Gold Sponsors

 Ibmneg blurgb.jpg Fortify logo AppSec Research 2010.png
 

Silver Sponsors

 AppSecDC2009-Sponsor-fishnet.gif Acunetix logo 200.png Barracuda Color Logo.jpg
 
 

Organizational Sponsors

 Isc2 logo.gif
 

Reception Sponsors

Coffee Sponsors

Travel

Traveling to the OC Metro Area

Retrieved from "https://wiki.owasp.org/index.php?title=AppSec_US_2010,_CA&oldid=86574"