This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Front Range OWASP Conference 2009"

Jump to: navigation, search
m (Agenda and Presentations: 5 March 2009)
m (Accommodations)
Line 95: Line 95:
OWASP has not yet reserved a room block at the conference hotel. When we do, the hotel information will be:
OWASP negotiated discounted rates at one or more hotels near the conference venue. Please email [email protected] for questions regarding accomodation.
The room block that we have (which includes breakfast) is:
Single Room: TBD $USD / night
Double Room: TBD $USD / night
==Transportation to the Conference==
==Transportation to the Conference==

Revision as of 21:07, 12 February 2009


Welcome to SnowFROC, the Winter 2009 Front Range OWASP Application Security Conference!

After a successful FROC in June of 2008, we are back in Denver, Colorado USA on 5 March 2009!

This year we again present a full day, FREE multi-track conference.

In 2008, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2009. This year we organized the conference to occur during the peak of the Colorado ski season, so that speakers can head up to the nearby mountains before and/or after the conference to enjoy some of the legendary snow.


Conference Location

Denver mountains.JPG

This year, the conference will be held at the Tivoli Student Union in downtown Denver, CO.

Call for Presentations

The call for papers closed on 6 Feb 09. We received a tremendous response. Thanks to everybody who responded!

Agenda and Presentations: 5 March 2009

The agenda follows the successful OWASP conference two tracks format, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing panel discussions back in the main auditorium.

March 5, 2009
07:30-08:30 Registration and Continental Breakfast in the Sponsor Expo Room
08:30-08:35 Welcome to SnowFROC AppSec 2009 Conference

David Campbell, OWASP Denver

08:35-09:45 Keynote: "The Top Ten Hacks of 2008: What's possible, not probable"

Jeremiah Grossman, Whitehat Security

09:45-10:15 OWASP State of the Union

Tom Brennan, OWASP Board

10:15-10:30 Break - Expo - CTF - Beatz by DJ Jackalope
Management / Executive Track: Room 1 Deep Technical Track: Room 2
10:30-11:15 "Doing More with Less: Automate or Die"

Ed Bellis, Orbitz

"Poor Man's Guide to Breaking PKI: Why You Don't Need 200 Playstations"

Mike Zusman, Intrepidus Group

11:15-12:00 "A Legal Minimum Standard of Due Care: The CAG and the Top 25 Most Dangerous Programming Errors"

Alan Paller, SANS

"Adobe Flex, AMF 3 and BlazeDS: An Assessment" (Tool Release!)

Kevin Stadmeyer, Trustwave

12:00-13:00 Lunch - Expo - CTF - Beatz by DJ Jackalope
Management / Executive Track: Room 1 Deep Technical Track: Room 2
13:00-13:50 "Building an Effective Application Security Program"

Joey Peloquin, Fishnet Security

"Bad Cocktail: Spear Phishing + Application Hacks"

Rohyt Belani, Intrepidus Group

13:50-14:50 "Vulnerability Management in an Application Security World"

John Dickson & Dan Cornell, Denim Group

"SQL injection exploitation internals: How do I exploit this web application injection point?" (Tool Release!)

Bernardo Damele, Portcullis

14:50-15:00 Break - Expo - CTF - Beatz by DJ Jackalope
15:00-15:50 "Security Policy Management: Best Practices for Web Services and Application Security"

Ray Neucom, IBM

"Automated vs. Manual Security: You can't filter the stupid"

David Byrne, Trustwave

15:50-16:30 Panel: Emerging Threats and Enterprise Countermeasures

Moderator: John Dickson
Panelists: Alan Paller, Joey Peloquin, Rohyt Belani, Ed Bellis, Laz, Ray Neucom

16:30-17:30 Conference Wrap Up, CTF Awards & Sponsor Raffles - CTF - Beatz by DJ Jackalope
17:30-21:00 OWASP Social Gathering: Dinner and Drinks @ TBD


Venue: Tivoli Student Union, Denver, CO USA


OWASP negotiated discounted rates at one or more hotels near the conference venue. Please email [email protected] for questions regarding accomodation.

Transportation to the Conference

By plane

Denver can be reached by commercial aviation through the Denver International Airport, which is a hub for United Airlines as well as Frontier.

How to get to the venue?

See the map.

By taxi:

  • taxi from the airport to venue is about $50 USD

Registration and Conference Fees

Due to the hard work of our organizers and the gracious support of our sponsors, SNOWFROC will once again be a FREE CONFERENCE!!!

Despite the fact that this is a free conference, we still need you to register to ensure that we don't exceed venue capacity.


Conference Committee

OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at'

SNOWFROC 2009 Planning Committee Chair: Kathy Thaxton - kthaxton 'at'

Colorado Chapter Hosts:

  • David Campbell - OWASP Denver - dcampbell 'at'
  • Eric Duprey - OWASP Denver - eduprey 'at'

Vendor Exhibition Chair: Kathy Thaxton - kthaxton 'at'

Capture the Flag Chair: Eric Duprey - eduprey 'at'

CFP Chair: David Campbell - OWASP Denver - dcampbell 'at'

Conference Sponsors

The following organizations are proud sponsors of this conference:

  • Accuvant
  • Breach
  • Business Partner Solutions
  • Denim Group
  • Fishnet Security
  • IBM
  • Imperva
  • Laz
  • Lares
  • Trustwave
  • WhiteHat Security

If you are interested in sponsoring this OWASP conference, please contact Kathy Thaxton at kthaxton 'at'

More information about conference sponsorship is available here.