OWASP AppSec Washington 2005

Agenda (two tracks)
The full conference schedule including Power Point presentations is now available here. Each of the speakers and what they have presented is listed below. For the first time, given the number of speakers, the conference was presented in two parallel tracks.

Location - NIST
The conference was held at the Main Campus of the National Institute of Standards and Technology (NIST), in Gaithersburg, MD, near Washington DC. This conference was sponsored by the NIST Software Assurance Metrics and Tool Evaluation (SAMATE) project, which is being run by Dr. Paul Black, who is also on the conference committee. OWASP extends its gratitude to NIST for offering to host our conference.

With a location near our nation's capital, OWASP intends to draw a wide contingent of attendees from the commercial, government, and academic arenas. The importance of application security has been growing immensely over the past few years and people from all three areas need to get together to discuss the state of the practice in application security and encourage others to get involved and do what needs to get done to protect the custom applications for which they are responsible.

Speakers and Training Day
This year's conference included a number of speakers from the government arena, including NIST, which we have not had represented at previous OWASP conferences.

For the first time, OWASP has arranged to have a one day training course on Web Application Security be offered the day prior to the course. More information about this one day tutorial is available here: The Foundations of Web Application Security. This course provides a great introduction for conference attendees into the fundamental security issues that are highly prevalent in today's Web Applications. The prevalence of such vulnerabilities is why OWASP was formed to raise awareness of and help organizations and individuals eliminate such vulnerabilities from their application code.

Evening Social Event - Oct. 11th
An optional social event for the evening of the 11th will be held at the Holiday Inn Gaithersburg, which is the same location where the training is to be held on the 10th, and where discounted rooms are being made available to all conference attendees (see Accommodations below).

This event involves a dinner at the hotel from 7PM-9PM (which is included in the event fee), followed by drinks at O'Malley's Irish Pub right in the hotel or out by the hotel's indoor pool adjacent to the pub.

Accommodations
NIST has arranged for a block of hotel rooms to be reserved for the conference at a significant discount at the nearby Gaithersburg Holiday Inn. Registration information for this hotel is available here. NIST buses will be available to take attendees back and forth between the hotel and the NIST campus during both days of the conference.

Gaithersburg Holiday Inn location

 * 2 MONTGOMERY VILLAGE AVE
 * GAITHERSBURG, MD 20879

Directions to NIST Main Campus
From northbound I-270 take Exit 10, Route 117 West, Clopper Road. Bear right at the first light onto Clopper Road/West Diamond Avenue. At the next light, turn left onto the NIST grounds.

From southbound I-270 take Exit 11, Route 124, Montgomery Village Avenue/Quince Orchard Road. Bear right at the first light onto Route 124 West, Quince Orchard Road. After you merge onto Rt. 124, Quince Orchard Road, turn left at the second light onto Route 117, West Diamond Avenue. Turn right at the first light onto NIST grounds.

Directions from local airports to the NIST Main Campus is available at: http://www.nist.gov/public_affairs/maps/directions.htm

NIST Check In Process
NIST will provide Security with a list of all conference attendees. Eveyone needs to stop by the Visitor Trailer on the first day of the conference to show picture id and get a gate pass. You will then be directed to the Administration Building where you will get your badge.

The conference will be in the Green Auditorium in the Administration Building.

Note: No onsite registrations will be allowed for this conference. It is against NIST policy to allow people to enter the NIST facility without preregistering for the conference.

Conference Committee

 * Dave Wichers, Aspect Security, (Conferences Chair)
 * Dr. Paul Black, NIST
 * Ken van Wyk, KRvW Associates
 * David A. Wheeler, IDA

If you have any questions about the conference please contact Dave Wichers, the OWASP Conferences Chair, at conferences 'at' owasp.org

Conference Sponsors
For the first time, OWASP is accepting sponsorships for the OWASP Conference. OWASP would like to thank the following organizations for sponsoring this conference:

Facility Sponsor:



Conference Sponsors:

http://www.owasp.org/images/3/30/100px-Aspect_Security_Logo.jpg http://www.owasp.org/docroot/owasp/img/sponsors/ounce_labs.jpg http://www.owasp.org/docroot/owasp/img/members/teros05.gif http://www.owasp.org/docroot/owasp/img/members/watchfirelogo.gif http://www.owasp.org/docroot/owasp/img/members/CenzicLogoTag4C.gif http://www.owasp.org/docroot/owasp/img/members/SS_logo.gif http://www.owasp.org/docroot/owasp/img/members/ps.jpg