This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP & WASC AppSec 2007 Conference"

From OWASP
Jump to: navigation, search
(Conference Schedule and Location)
 
(12 intermediate revisions by 3 users not shown)
Line 2: Line 2:
 
==Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007==
 
==Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007==
  
OWASP and [http://www.webappsec.org WASC] have agreed to join forces this year to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts will be in attendance presenting high quality web application security content. AppSec 2007 offers a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.
+
OWASP and [http://www.webappsec.org WASC] agreed to join forces to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts were in attendance presenting high quality web application security content. AppSec 2007 offered a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.
 
 
Registration is now open for the conference. See below for details.
 
  
 
==Conference Schedule and Location==
 
==Conference Schedule and Location==
  
The AppSec 2007 Conference will be held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.
+
The AppSec 2007 Conference was held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.
  
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training Days: November 12th-13th]]
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training Days: November 12th-13th]]
 +
 +
Cenzic Cocktail Party: Evening of November 12th - at eBay.
  
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Technology_Expo:_Tuesday-Wednesday_Nov_13th-14th | Tech Expo: November 13th-14th]]
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Technology_Expo:_Tuesday-Wednesday_Nov_13th-14th | Tech Expo: November 13th-14th]]
Line 25: Line 25:
 
==[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th]]==
 
==[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th]]==
  
The [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | agenda]] will follow the general OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.
+
The [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | agenda]] followed the general OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.
  
New Web Services Track: In addition, the conference will have a 3rd track on the first day. This track is focused on Web Services Security which is a new area for OWASP. If you are interested in speaking at this conference on a Web Services Security topic, please contact Gunnar Peterson, who is organizing that track.
+
New Web Services Track: In addition, the conference had a 3rd track on the first day. This track focused on Web Services Security which is a new area for OWASP. Gunnar Peterson organized this track.
  
This conference will include presentations from many different OWASP and WASC contributors and leading Application Security professionals, and will include closing panels each day.
+
This conference included presentations from many different OWASP and WASC contributors and leading Application Security professionals, and included closing panels each day.
  
 
==[[ 7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training: Monday-Tuesday - Nov 12th-13th]]==  
 
==[[ 7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training: Monday-Tuesday - Nov 12th-13th]]==  
  
We have arranged for a suite of two-day Application Security training courses to be offered prior to the conference. General details about all the tutorials including location and pricing is available [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | here]]. The tutorials being offered are:
+
OWASP arranged for a suite of two-day Application Security training courses to be offered prior to the conference. General details about all the tutorials including location and pricing is available [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | here]]. The tutorials being offered were:
  
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T1._Building_and_Testing_Secure_Web_Applications_-_2-Day_Course_-_Nov_12-13.2C_2007 | T1. Building and Testing Secure Web Applications]]
 
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T1._Building_and_Testing_Secure_Web_Applications_-_2-Day_Course_-_Nov_12-13.2C_2007 | T1. Building and Testing Secure Web Applications]]
Line 49: Line 49:
 
==Technology Expo: Tuesday-Wednesday Nov 13th-14th==
 
==Technology Expo: Tuesday-Wednesday Nov 13th-14th==
  
Leading vendors in the application security space will be at the conference for the first time this year giving technology demonstrations and providing access to their technical staff so they can answer in-depth questions and demonstrate the capabilities of their products or automated managed services.
+
Leading vendors in the application security space were at the conference for the first time giving technology demonstrations and providing access to their technical staff so they could answer in-depth questions and demonstrate the capabilities of their products or automated managed services.
  
The technology expo will be open from '''12PM - 2PM on Nov. 13th''' (and all tutorial attendees will be given a large lunch break during that time to attend the expo). It will also be open from '''11AM - 6PM on Nov. 14th''' which is the first day of the conference.
+
The technology expo was open from '''12PM - 2PM on Nov. 13th''' (and all tutorial attendees were given a large lunch break during that time to attend the expo). It was also open from '''11AM - 6PM on Nov. 14th''' which was the first day of the conference.
  
What can a conference attendee expect to get out of the Tech Expo?
+
What did conference attendees expect to get out of the Tech Expo?
* ''Hands-on time using a vendor's product'' - The goal is to be able to walk up to vendor with a USB stick of code/binaries/etc. and actually get a taste of how the tool(s) performs, technical features, applicability & appropriateness, etc.
+
* ''Hands-on time using a vendor's product'' - The goal was to be able to walk up to vendor with a USB stick of code/binaries/etc. and actually get a taste of how the tool(s) performs, technical features, applicability & appropriateness, etc.
* ''Evaluate in a non-sales environment'' - At the Expo, attendees will be provided information about the types of tools being exhibited and independent evaluation criteria where that exists (e.g. the [http://www.webappsec.org/projects/wafec/ WAFEC] from WASC, information from the [[OWASP_Tools_Project]], etc.). It's an opportunity to ask the hard questions and talk to technical folks from the vendors that can answer them.
+
* ''Evaluate in a non-sales environment'' - At the Expo, attendees were provided information about the types of tools being exhibited and independent evaluation criteria where that exists (e.g. the [http://www.webappsec.org/projects/wafec/ WAFEC] from WASC, information from the [[OWASP_Tools_Project]], etc.). It was an opportunity to ask the hard questions and talk to technical folks from the vendors that can answer them.
* ''Contact info exchange at your discretion'' - We will not be doing badge scanning and the like to provide vendors attendee information, so attendees are in control of who they want to follow-up with (via good, old-fashioned business card exchange).
+
* ''Contact info exchange at your discretion'' - We did not do badge scanning and the like, so attendees were in control of who they want to follow-up with (via good, old-fashioned business card exchange).
  
The tech expo vendors for this year's conference are: Applicure, Armorize, Art of Defense, Breach, Cenzic, Cisco, F5, Fortify, Ounce Labs, Veracode, Watchfire, and White Hat
+
The tech expo vendors for this year's conference were: Applicure, Armorize, Art of Defense, Breach, Cenzic, Cisco, F5, Fortify, Ounce Labs, Veracode, Watchfire, and White Hat
  
More information about conference sponsorship and participating in the technology expo is available [[OWASP AppSec Conference Sponsors | here]].
+
More information about conference sponsorship and participating in a technology expo is available [[OWASP AppSec Conference Sponsors | here]].
  
 
==Conference Fees==
 
==Conference Fees==
Line 71: Line 71:
  
 
Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
 
Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
 
==[http://guest.cvent.com/i.aspx?4W,M3,17e6e912-2dec-4de6-8946-aa005721c4dd Registration]==
 
 
Registration is now open!! Here is the [http://guest.cvent.com/i.aspx?4W,M3,17e6e912-2dec-4de6-8946-aa005721c4dd registration page].
 
  
 
==Social Events==
 
==Social Events==
Line 90: Line 86:
 
       6:30PM - ???PM
 
       6:30PM - ???PM
 
       Register for this event at the conference [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=17e6e912-2dec-4de6-8946-aa005721c4dd website].  
 
       Register for this event at the conference [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=17e6e912-2dec-4de6-8946-aa005721c4dd website].  
Microsoft and Aspect Security Cocktail Party: Evening of November 15th
+
Microsoft and Aspect Security Cocktail Party: Evening of November 15th [http://www.owasp.org/downloads/aspect_party.pdf PDF here]
 
     @ Holiday Inn
 
     @ Holiday Inn
 
       1740 N. First Street
 
       1740 N. First Street
Line 97: Line 93:
  
 
==Hotel and Transportation Info==
 
==Hotel and Transportation Info==
OWASP has negotiated rates at the following hotels (Please book hotel rooms by October 21st to ensure OWASP rates):
+
OWASP had negotiated rates at the following hotels:
  
 
  Holiday Inn-San Jose OWASP Rate $129/night King or Double Room
 
  Holiday Inn-San Jose OWASP Rate $129/night King or Double Room
Line 128: Line 124:
 
== [[OWASP AppSec Conference Sponsors | OWASP & WASC AppSec 2007 Conference Sponsors]]==
 
== [[OWASP AppSec Conference Sponsors | OWASP & WASC AppSec 2007 Conference Sponsors]]==
  
The following organizations are sponsors for this conference. If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.
+
The following organizations were sponsors for this conference. If you are interested in sponsoring future OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.
 
 
[http://www.aspectsecurity.com https://www.owasp.org/images/d/d1/Aspect_logo.gif]
 
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]
 
[http://www.paypal.com https://www.owasp.org/images/c/c9/Paypal_logo.gif]
 
[http://www.ebay.com https://www.owasp.org/images/e/e0/Ebay.gif]
 
[http://www.ouncelabs.com/ https://www.owasp.org/images/3/33/Ounce_labs.jpg]
 
[http://www.breach.com https://www.owasp.org/images/9/9c/Breach_logo.gif]
 
[http://www.whitehatsec.com https://www.owasp.org/images/4/4d/Whitehat.gif]
 
[http://www.ioactive.com https://www.owasp.org/images/4/46/IOActive.gif]
 
[http://www.artofdefence.com https://www.owasp.org/images/d/dc/AOD_Logo.gif]
 
[http://www.cenzic.com https://www.owasp.org/images/f/f3/CenzicLogo.gif]
 
[http://www.applicure.com/ https://www.owasp.org/images/4/42/Applicure_logo_no_technologies_web.jpg]
 
  
We are also going to have vendor booths at this conference for the first time. If you are interested in demonstrating your application security product to a sophisticated audience of application security professionals, please contact us for more information. Please contact either Dave Wichers (the OWASP Conferences Chair) or Pravir Chandra, who will be organizing the vendor area for this conference.
+
{{Template:OWASP_Conference_Sponsors_2007_San_Jose}}
  
 
More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].
 
More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].

Latest revision as of 18:43, 7 October 2008

Owasp wasc.gif

Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007

OWASP and WASC agreed to join forces to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts were in attendance presenting high quality web application security content. AppSec 2007 offered a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.

Conference Schedule and Location

The AppSec 2007 Conference was held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.

Training Days: November 12th-13th

Cenzic Cocktail Party: Evening of November 12th - at eBay.

Tech Expo: November 13th-14th

Breach Cocktail Party: Evening of November 13th

Main Conference: November 14th-15th

OWASP Conference Dinner: Evening of November 14th

Microsoft and Aspect Security Cocktail Party: Evening of November 15th

Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th

The agenda followed the general OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.

New Web Services Track: In addition, the conference had a 3rd track on the first day. This track focused on Web Services Security which is a new area for OWASP. Gunnar Peterson organized this track.

This conference included presentations from many different OWASP and WASC contributors and leading Application Security professionals, and included closing panels each day.

Training: Monday-Tuesday - Nov 12th-13th

OWASP arranged for a suite of two-day Application Security training courses to be offered prior to the conference. General details about all the tutorials including location and pricing is available here. The tutorials being offered were:

T1. Building and Testing Secure Web Applications

T2. Secure Coding for Java EE

T3. Secure Coding .NET Web Applications

T4. Web Services and XML Security

T5. Leveraging OWASP Tools and Documents to Secure Your Enterprise

T6. Open Source ModSecurity Training

Technology Expo: Tuesday-Wednesday Nov 13th-14th

Leading vendors in the application security space were at the conference for the first time giving technology demonstrations and providing access to their technical staff so they could answer in-depth questions and demonstrate the capabilities of their products or automated managed services.

The technology expo was open from 12PM - 2PM on Nov. 13th (and all tutorial attendees were given a large lunch break during that time to attend the expo). It was also open from 11AM - 6PM on Nov. 14th which was the first day of the conference.

What did conference attendees expect to get out of the Tech Expo?

  • Hands-on time using a vendor's product - The goal was to be able to walk up to vendor with a USB stick of code/binaries/etc. and actually get a taste of how the tool(s) performs, technical features, applicability & appropriateness, etc.
  • Evaluate in a non-sales environment - At the Expo, attendees were provided information about the types of tools being exhibited and independent evaluation criteria where that exists (e.g. the WAFEC from WASC, information from the OWASP_Tools_Project, etc.). It was an opportunity to ask the hard questions and talk to technical folks from the vendors that can answer them.
  • Contact info exchange at your discretion - We did not do badge scanning and the like, so attendees were in control of who they want to follow-up with (via good, old-fashioned business card exchange).

The tech expo vendors for this year's conference were: Applicure, Armorize, Art of Defense, Breach, Cenzic, Cisco, F5, Fortify, Ounce Labs, Veracode, Watchfire, and White Hat

More information about conference sponsorship and participating in a technology expo is available here.

Conference Fees

Standard: $400, OWASP Members: $350, Students: $225, Early Registration Discount (by Oct 12): $50 ($25 for students)

Conference Dinner (Evening of Nov 14th): $50

Conference Tutorial (Two day tutorials Nov 12-13): $1300, $1450 [If not attending the conference], Student Fee: $675

Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

Social Events

Breach Cocktail Party: Evening of November 13th

   @ Fahrenheit Ultra Lounge & Restaurant
     99 East San Fernando Street
     San Jose, CA 95113
     6:30PM - 8:30PM
     Space is Limited so please RSVP:  More info and how to RSVP available here. PDF here

OWASP Conference Dinner: Evening of November 14th

   @ Holiday Inn
     1740 N. First Street
     San Jose, CA 95112
     6:30PM - ???PM
     Register for this event at the conference website. 

Microsoft and Aspect Security Cocktail Party: Evening of November 15th PDF here

   @ Holiday Inn
     1740 N. First Street
     San Jose, CA 95112
     6:30PM - 8:30PM

Hotel and Transportation Info

OWASP had negotiated rates at the following hotels:

Holiday Inn-San Jose OWASP Rate $129/night King or Double Room
You can call reservations at 1-866-241-9878 and ask for the group "OWASP" or reserve your room online here.
Homewood Suites by Hilton- San Jose OWASP Rate $149/night (4+ nights) $169/night (3 or less nights)
King room w/ sleeper sofa (comes w/ fully equipped kitchen)
Call Maria Larios at 408-678-4481 and ask for the group OWASP or email her at [email protected]

Transportation Info:

From San Jose International Airport (SJC): eBay is located about a mile from this airport

From San Francisco International Airport (SFO): eBay is located 40 miles from this airport

Conference Committee

OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org

Web Services Security Track Chair: Gunnar Peterson - Arctec Group - gunnar 'at' arctecgroup.net

Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' list.org

2008 U.S. Planning Committee Chair: Tom Brennan - Access IT Group - jinxpuppy 'at' gmail.com

Refereed Papers Chair: Frank Piessens - KU Leuven - Frank.Piessens 'at' cs.kuleuven.ac.be

OWASP & WASC AppSec 2007 Conference Sponsors

The following organizations were sponsors for this conference. If you are interested in sponsoring future OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

Aspect_logo.gif Fortify.JPG Paypal_logo.gif Ebay.gif Ounce_labs.jpg Breach_logo.gif Whitehat.gif IOActive.gif AOD_Logo.gif CenzicLogo.gif Applicure_logo_no_technologies_web.jpg Watchfirelogo.gif Armorize_Logo.png 50px-F5_50px.jpg Veracode_logo_2color.jpg Cisco.jpg

More information about conference sponsorship is available here.