Thu, Mar 28
|
Technical Track
|
Deep-Dive Track
|
Management Track
|
Legal Track
|
|
07:00-08:30
|
Registration and Morning Snacks Sponsored by HP
|
08:00-08:15
|
Welcome and Kick-off Brad Carvalho, Mark Major
|
08:15-08:30
|
State of OWASP Jim Manico
|
08:30-09:30
|
Keynote Address: Data Protection for the 21st Century Neal Ziring, Technical Director for the National Security Agency’s Information Assurance Directorate (IAD) Video
|
09:30-10:00
|
Coffee Break and Sponsor Expo Sponsored by Aerstone
|
CTF Kick-off Chris Rossi, Mark Major
|
10:00-10:45
|
DevFu: The inner ninja in every application developer Danny Chrastil Slides Video
|
SIP Based Cloud Instances Gregory Disney-Leugers Slides Video
|
Digital Bounty Hunters - Decoding Bug Bounty Programs Jon Rose Slides Video
|
Electronic Discovery for System Administrators Russell Shumway Slides
|
CTF Sponsored by Aerstone
|
10:55-11:40
|
Adventures in Large Scale HTTP Header Abuse Zachary Wolff Slides Video
|
How Malware Attacks Web Applications Casey Smith Slides Video
|
Linking Security to Business Value in the Customer Service Industry Dan Rojas Slides Video
|
Legal Issues of Forensics in the Cloud David Willson Slides Video
|
11:40-12:40
|
Lunch and Sponsor Expo Sponsored by Aerstone
|
12:40-13:25
|
Angry Cars: Hacking the "Car as Platform" Aaron Weaver Slides Video
|
Top Ten Web Application Defenses Jim Manico Slides Video
|
Using SaaS and the Cloud to Secure the SDLC Andrew Earle Slides Video
|
CISPA: Why Privacy Advocates Hate This Legislation Maureen Donohue Feinroth Slides Video
|
13:35-14:20
|
DevOps and Security: It's Happening. Right Now. Helen Bravo Slides
|
A Demo of and Preventing XSS in .NET Applications Larry Conklin Slides Video
|
Measuring Security Best Practices With OpenSAMM Alan Jex Slides Video
|
Crafting a Plan for When Security Fails Robert Lelewski Slides Video
|
14:30-15:15
|
Real World Cloud Application Security Jason Chan Slides Video
|
Data Mining a Mountain of Zero Day Vulnerabilities Joe Brady Slides Video
|
Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix) Jon McCoy Slides Video
|
Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem Tom Glanville Slides Video
|
15:15-15:45
|
Coffee Break and Sponsor Expo Sponsored by Aerstone
|
15:45-16:45
|
Moderated Panel Discussion
Aaron Weaver
David Willson
Dan Wilson
Neal Ziring
Moderator: Jim Manico
Video
|
16:45-17:00
|
Closing Statements Brad Carvalho, Mark Major
|
17:00-
|
Sponsor Raffles, Drawings, and Contests
|
CTF Wrap-Up Chris Rossi, Mark Major
|
19:00-22:00+
|
After-party at Tarantula Billiards Sponsored by AppliedTrust Tarantula is located 3 blocks from the Marriott at the corner of 15th and Stout (1520 Stout Street, Denver)
|
Awards Ceremony at Tarantula (20:00)
|
|
|
|
Fri, Mar 29
|
Training
|
Birds of a Feather: A
|
Birds of a Feather: B
|
Capture the Flag
|
|
09:00-9:45
|
Training: Secure Coding Aaron Weaver
|
DevOps in Cloud environments (edit)
|
BoaF 1b (edit)
|
FLOSSHack: CTF VM
|
10:00-10:45
|
The modern threatscape: what have you seen? (edit)
|
BoaF 2b (edit)
|
10:45-11:15
|
Coffee Break Sponsored by Aerstone
|
11:15-12:00
|
Access Control (edit)
|
BoaF 3b (edit)
|
FLOSSHack: CTF Scoreboard
|
12:15-13:00
|
COTS solutions for secure enterprise architectures (edit)
|
BoaF 4b (edit)
|