Front Range OWASP Conference 2010
File:Froc2010 sm.png? Welcome to FROC 2010, the third annual Front Range OWASP Application Security Conference!
After successful FROC's in June of 2008, and March of 2009, we are back in Denver, Colorado USA on Wednesday the 2nd of June 2010!
This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers.
In 2009, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2010. This year we are organizing the conference with the support of our colleagues at the Cloud Security Alliance, and will feature an AppSec track as well as a CloudSec/VirtSec track.
The Registration Site will be up soon. Due to the hard work of our organizers and the gracious support of our sponsors, FROC was a free event in 2008 and 2009. This year, due to challenging economic conditions, we unfortunately are unable to continue this tradition. The ticket price will be set when the registration site goes live, and will likely be between $25 and $50 USD.
Agenda and Presentations: 2 June 2010
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing panel discussions back in the main auditorium.
|June 2, 2010|
|07:30-08:30||Registration and Continental Breakfast in the Sponsor Expo Room|
|08:30-08:35|| Welcome to FROC 2010 Conference
David Campbell, OWASP Denver
|08:35-09:35|| Keynote: "Watching Software Run: Software Security Beyond Defect Elimination"
Brian Chess, Fortify Software
|09:35-10:00|| OWASP: State of the Union
Tom Brennan, OWASP Board
|10:00-10:20|| Cloud Security Alliance: State of the Union
Jim Reavis, Co-Founder, Cloud Security Alliance
|10:20-10:30||Break - Expo - CTF|
|AppSec/Technical Track: Room 1||Cloud/Mobile/Emerging Track: Room 2||Management / Executive Track: Room 3|
|10:30-11:15|| "2010: Web Hacking Odyssey - The Top Hacks of the Year"
Jeremiah Grossman and Elizabeth Laneri
| "Building a Secure, Compliant Cloud for the Enterprise"
Craig McClellan, CTO: Hosting.com
| "Fundamental Practices and Tools to implement a security development lifecycle"
|11:15-12:00|| "A Legal Minimum Standard of Due Care: The CAG and the Top 25 Most Dangerous Programming Errors"
Alan Paller, SANS
| "Adobe Flex, AMF 3 and BlazeDS: An Assessment"
Kevin Stadmeyer, Trustwave
|12:00-13:00||Lunch - Expo - CTF - Beatz by DJ Jackalope|
|Management / Executive Track: Room 1||Deep Technical Track: Room 2|
|13:00-13:50|| "Building an Effective Application Security Program"
Joey Peloquin, Fishnet Security
| "Bad Cocktail: Spear Phishing + Application Hacks"
Rohyt Belani, Intrepidus Group
|13:50-14:50|| "Automated vs. Manual Security: You can't filter The Stupid"
David Byrne & Charles Henderson, Trustwave
| "SQL injection: Not only AND 1=1"
Bernardo Damele Assumpcao Guimaraes, Portcullis Computer Security Ltd.
|14:50-15:00||Break - Expo - CTF - Beatz by DJ Jackalope|
|15:00-15:50|| "Security Policy Management: Best Practices for Web Services and Application Security"
Ray Neucom, IBM
| "Vulnerability Management in an Application Security World"
Dan Cornell & John Dickson, Denim Group
|15:50-16:30|| Panel: Emerging Threats and Enterprise Countermeasures
Moderator: John Dickson
|16:30-17:30||Conference Wrap Up, CTF Awards & Sponsor Raffles - CTF - Beatz by DJ Jackalope|
|17:30-21:00||OWASP Social Gathering: Dinner and Drinks @ TBD|
This year, the conference will again be held at the Tivoli Student Union in downtown 900 Auraria Pkwy # 325E Denver, CO 80204 (303) 556-6330
How to get to the venue?
See the Map.
- By taxi: taxi from the airport to venue is about $50 USD
- From hotel: TBD
- By car: there is plenty of parking at the Tivoli. Parking validation will be provided for registered FROC participants.
Call for Presentations
The call for presentations closed 31 March 2010. We are no longer accepting proposals for presentations. If you have already submitted a presentation you can, however update your abstract or submit additional information to clarify your proposal.
Capture the Flag (CTF)
This year FROC will again be hosting a capture the flag game / contest throughout the day. If you are interested in volunteering to assist with the CTF please contact eduprey at owasp dot org.
FROC 2010 Planning Committee Chair: Kathy Thaxton - kthaxton at owasp dot org
Presentation Selection Committee:
- Mark Bristow - OWASP Global Conference Committee
- David Campbell - OWASP Denver
- Eric Duprey - OWASP Denver
- Chris Hoff - Cloud Security Alliance
- Eoin Keary - Chair, OWASP Global Conference Committee
- Michael Sutton - Cloud Security Alliance
- Jim Reavis - Cloud Security Alliance
Colorado Chapter Hosts:
- David Campbell - OWASP Denver - dcampbell at owasp dot org
- Eric Duprey - OWASP Denver - eduprey at owasp dot org
Vendor Exhibition POC: Kathy Thaxton - kthaxton at owasp dot org
Capture the Flag POC: Eric Duprey - eduprey at owasp dot org
If you are interested in sponsoring this OWASP event, please contact Kathy Thaxton at kthaxton at owasp dot org.
More information about conference sponsorship is available here.