This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Front Range Web Application Security Summit Planning Page"
(→FROCo8 Conference Schedule – June 10th 2008) |
(→FROCo8 Conference Schedule – June 10th 2008) |
||
Line 60: | Line 60: | ||
| style="width:30%; background:#BCA57A" align="left" | Offensive Assessing Financial Apps | | style="width:30%; background:#BCA57A" align="left" | Offensive Assessing Financial Apps | ||
''Daniel Cuthbert'' | ''Daniel Cuthbert'' | ||
− | |||
− | |||
|- | |- | ||
| style="width:10%; background:#7B8ABD" | 11:30-12:30 || style="width:30%; background:#BC857A" align="left" | Reverse Engineering .NET | | style="width:10%; background:#7B8ABD" | 11:30-12:30 || style="width:30%; background:#BC857A" align="left" | Reverse Engineering .NET |
Revision as of 18:09, 25 March 2008
Front Range Web Application Security Summit Planning
The purpose of this page is to provide a workspace for Denver/Boulder OWASP members to collaborate and plan the upcoming Front Range Web Application Security Summit. It is official, and we have the meeting space reservation to prove it! Date: June 10, 2008 Location: Tivoli Baerresen Conference Rooms (located on the Auraria Campus in Downtown Denver)
Call For Papers
We are seeking presentations for both the Technical and Management tracks at the June 10th conference. A Call For Papers has been issued. The deadline for submissions is March 28th, and speakers who are selected will be notified the week of March 31st. Please download the Call for Papers here
Mission Statement
The purpose of the Front Range Web Application Security Summit is to provide a one-day workshop/conference during which individuals and organizations interested in Web Application Security can congregate to transfer knowledge, increase awareness of application layer security in the enterprise, and meet other like minded individuals.
- Guiding Principles
- No vendor soap boxes
- Open, friendly environment
- High quality content, professional delivery
Proposed Summit Agenda
- 08:00 --> 09:00: Registration, coffee, etc.
- 09:00 --> 10:00: Opening Keynote
- 10:00 --> 10:30: Visionary Speaker
- 10:30 --> 12:00: Joint Manager/Developer Hands-on session
- 12:00 --> 13:00: Lunch
- 13:00 --> 14:30: Breakout Sessions: Tech :: Management/Policy
- 14:45 --> 15:45: Breakout Sessions (cont'd): Tech :: Management/Policy
- 16:00 --> 17:00: Closing Keynote
- 17:00 --> ??? Cocktails, etc.
Planner Contact Info
Project Manager: Dariush Rusta
Project Leads:
Overall planning and coordination: Kathy Thaxton kthaxton at businesspartnersolutions d0t c0m
Tech track lead: David Campbell (dcampbell at owasp dot org)
Management track lead: tbd
Project Planning Site (Basecamp login required)
Schedule
FROCo8 Conference Schedule – June 10th 2008
- PLEASE NOTE - This is just a notional schedule. Speaker times/dates/topics WILL change once we have a full agenda.
June 10th, 2008 | |||
---|---|---|---|
Tech Track: | Management Track: | ||
08:00-09:30 | Registration Opens and Tech Expo | ||
09:30-10:30 | Industry Outlook - Jennifer Bayuk-CISO Bear Stearns, Mark Clancy-EVP Citi, Jim Routh-CISO DTCC, Sunil Seshadri-CISO NYSE-Euronet (unconfirmed), Warren Axelrod-SVP Bank of America
Moderator - Mahi Dontamsetti | ||
10:30-11:30 | Logic Attacks and Inefficiencies of Robotic Detection
Robert "RSnake" Hansen |
Offensive Assessing Financial Apps
Daniel Cuthbert | |
11:30-12:30 | Reverse Engineering .NET
Adam Boulton |
JBroFuzz + Crypto not that hard…
Yiannis Pavlosoglou |
OWASP LABRAT
Joshua Perrymon |
12:30-13:30 | Black Art White Hat
Tom Brennan |
OWASP CLASP
Pravir Chandra |
.NET Ninja or Pirate?
Dinis Cruz |
13:30-14:30 | 1 HR BREAK / TECH EXPO / LUNCH BREAK | ||
14:30-15:30 | W3AF Web Application Attack and Audit Framework
Andres Riancho |
WASC Hacking Incidents
Ofer Shezaf |
OWASP CSRFTester Project
Dave Wichers |
15:30-16:30 | OWASP Enterprise Security API (ESAPI) Project
Jeff Williams |
Next Generation Cross Site Scripting Worms
Arshan Dabirsiaghi |
Application Security Forensics - Now What?
FBI Cybercrimes |
16:30-17:30 | Shhhh Don’t Tell Anybody
Petko D. Petkov, a.k.a. pdp |
Secure PHP
Hans Zaunere |
Payment Card Data Security and the new Enterprise Java
Dr. B. V. Kumar & Mr. Abhay |
17:30-18:30 | Notes Security
Jian Hui Wang |
Full Disclosure vs Non-disclosure vs Responsible Disclosure
Panel |
AppSec Techniques
JD Glaser |
18:30 | Web Application Capture the Flag (All Night – Bring it!!) | ||
20:00 | Tuesday Night Reception at NYC Famous Webster Hall | ||
Day 2 – Oct 8, 2008 | |||
08:00-09:30 | Web Application Capture the Flag Results | ||
09:30-10:00 | Keynote: OWASP Foundation Board – “This thing, we have” | ||
10:00-11:00 | Practical Advanced Threat Modeling
John Steven |
Taking the Risk out of Web 2.0
Tom Stracener |
Building Usable Security
Zed Abbadi |
11:00-12:00 | Offshoring Application Development? Security is Still Your Problem
Rohyt Belani |
OWASP Orizon Project
Paolo Perego |
NIST SAMATE Static Analysis Tool Exposition (SATE)
Vadim Okun |
12:00-13:00 | AppSec Research
Mano Paul |
Software Liability
Jack Danahy |
Cross-Site Scripting Filter Evasion
Alexios Fakos |
13:00-14:00 | 1 HR BREAK / TECH EXPO / LUNCH BREAK | ||
14:00-15:00 | Projects with OWASP
Steve Malson |
OWASP Pantera and Web Graph Analysis
Simon Roses |
Software-as-a-Service (SaaS)
James Landis |
15:00-16:00 | "Out of Band" Injection
Vijay Akasapu & Marshall Heilman |
OWASP V2 Testing Guide 4.2.3 Spidering and Googling in depth
Christian Heinrich |
Caution, Java ahead
Jeremiah Grossman |
16:00-17:00 | TOPIC
SPEAKERS |
TOPIC
SPEAKERS |
TOPIC
SPEAKERS |
17:00-18:00 | TOPIC
SPEAKERS |
TOPIC
SPEAKERS |
TOPIC
SPEAKERS |
18:30 | TBD | ||
21:00 | Closing Remarks / Awards / Raffles |