This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Front Range Web Application Security Summit Planning Page

Revision as of 02:45, 10 April 2008 by Andylew (talk | contribs)

Jump to: navigation, search

Front Range Web Application Security Summit Planning

The purpose of this page is to provide a workspace for Denver/Boulder OWASP members to collaborate and plan the upcoming Front Range Web Application Security Summit. It is official, and we have the meeting space reservation to prove it! Date: June 10, 2008 Location: Tivoli Baerresen Conference Rooms (located on the Auraria Campus in Downtown Denver) 900 Auraria Parkway Denver, CO 80204

Call For Papers

We are seeking presentations for both the Technical and Management tracks at the June 10th conference. A Call For Papers has been issued. The deadline for submissions is March 28th, and speakers who are selected will be notified the week of March 31st. Please download the Call for Papers here

Mission Statement

The purpose of the Front Range Web Application Security Summit is to provide a one-day workshop/conference during which individuals and organizations interested in Web Application Security can congregate to transfer knowledge, increase awareness of application layer security in the enterprise, and meet other like minded individuals.

Guiding Principles
No vendor soap boxes
Open, friendly environment
High quality content, professional delivery

FROCo8 Proposed Schedule – June 10th 2008

  • PLEASE NOTE - This is just a notional schedule. Speaker times/dates/topics WILL change once we have a full agenda.
June 10th, 2008
Tech Track: Management Track:
08:00-09:00 Registration Opens and Tech Expo
09:30-10:30 Opening Keynote - Not Just Another Security Conference - Ed Bellis, Chief Information Security Officer for Orbitz WorldWide
10:00-10:30 Visionary Speaker - You CAN "bolt-on" security after the fact - here's how
10:30-12:00 Joint Manager/Developer Hands-On session
13:00-14:15 TechTopic1 - tbd

Speaker tbd

MngmntTopic1 - Threat Modeling

MicroSoft ACE Team

14:30-15:30 TechTopic2 - tbd

Speaker tbd

Mngnt Topic 2 - Panel Discussion "Best-practices and lessons learned from integrating security into the SDLC"

Speaker list to be announced

15:40-16:00 Closing keynote - speaker and topic tbd; Raffles & Awards
16:00-16:45 After-conference refreshments (at Tivoli)
17:00+ (tbd) Reception/after-conference mixer

Planner Contact Info

Project Manager: Dariush Rusta

Project Leads:

Overall planning and coordination: Kathy Thaxton kthaxton at businesspartnersolutions d0t c0m

Tech track lead: David Campbell (dcampbell at owasp dot org)

Management track lead: tbd

Project Planning Site (Basecamp login required)

Speaker Bios

Ed Bellis, CISO, Orbitz Worldwide - Opening Keynote

Ed is responsible for the protection and security of all information and electronic assets as well as compliance and ethics across the wide array of business units that make up Orbitz Worldwide on a global basis. These assets include Orbitz, CheapTickets, eBookers,, HotelClub, RatesToGo, AsiaHotels, and Orbitz for Business.

With over 15 years of experience in information security and technology, Ed has worked with and been involved in protecting information assets at several Fortune 500 companies. Prior to joining Orbitz, Ed served as VP of Corporate Information Security for Bank of America within their Global Corporate and Investment Banking division. His credentials also include several security technology and management roles at organizations such as Ernst & Young, Ford Motor Company, and Young & Rubicam. Ed is a CISSP, CISM, a contributor to the ISM Community, and a member of ISC2, ISACA and the Chicago chapter of the ISSA.

Ed is a frequent speaker at information security events across North America and Europe. Past talks have included venues such as The MIS Institute, The Association of Information Technology Professionals, Technology Executives Club, and the National Business Travel Association.

Back to OWASP Denver

Back to OWASP Boulder