Front Range OWASP Conference 2009

Welcome to SnowFROC, the Winter 2009 Front Range OWASP Application Security Conference!

Thanks to our witty speakers, volunteer organizers, enthusiastic attendees, and gracious sponsors, the event was packed and full of energy. Thanks to those of you who completed the Survey. Survey results are here.

Front Range

After a successful FROC in June of 2008, we are back in Denver, Colorado USA on 5 March 2009!

This year we again present a full day, FREE multi-track conference, which will provide valuable information for managers and executives as well as developers and engineers.

In 2008, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2009. This year we organized the conference to occur during the peak of the Colorado ski season, so that speakers can head up to the nearby mountains before and/or after the conference to enjoy some of the legendary snow.

Conference Location


This year, the conference will be held at the Tivoli Student Union in downtown 900 Auraria Pkwy # 325E Denver, CO 80204 (303) 556-6330

Call for Presentations
The call for papers closed on 6 Feb 09. We received a tremendous response. Thanks to everybody who responded!

Agenda and Presentations: 5 March 2009
The agenda follows the successful OWASP conference two tracks format, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing panel discussions back in the main auditorium.

Capture the Flag (CTF)
CTF is OPEN!

If you are attending FROC, join WiFi network "Auraria Campus" and browse to the CTF main page. If you need help, email edupreyATowasp.org or visit the CTF lounge upstairs from the vendor area.

This year FROC will be hosting a capture the flag game / contest throughout the day. The CTF consists of a LAMP web server target and a scoreboard.

Your job as a player is to successfully attack the small vulnerable web applications we provide to obtain hidden codes (called "flags".) Enter a flag into the scoreboard and you're credited with the point value for that challenge.

An entrant can be a team or an individual. Small prizes will be given for the top three finishing entrants, but the greatest prize, of course, is bragging rights. Winners will be announced (and prizes awarded) at the end of the conference as part of the conference wrap-up.

Thanks to:


 * IBM for sponsoring this event and providing technical support.
 * Dan Guido and the rest of the team of students from Polytechnic University for developing the code the contest is based on. (this CTF is a modified version of the one they presented at OWASP NYC 2008)

CTF Rules
1. Don't attack other players. The contest is about finding and exploiting vulnerabilities in the applications provided. (yes, attacking application users is a real-world threat -- victims will be provided in the challenges where attacking a user is required.)

2. Don't attack the infrastructure. Networks, routers, and the scoreboard are all off-limits as targets of attack.

Anyone discovered breaking these rules will earn banning, forfeiture of all points, and very bad karma.

Logistics
Venue: Tivoli Student Union in downtown 900 Auraria Pkwy # 325E Denver, CO 80204 (303) 556-6330

Accommodations
OWASP has negotiated discounted rates with the Hotel Teatro. Rooms under the SnowFROC rate are $189/night and include courtesy Cadillac Escalade transportation to and from Auraria Campus. To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC. The discounted rate will be available until Monday, March 2.

By plane
Denver can be reached by commercial aviation through the Denver International Airport, which is a hub for United Airlines as well as Frontier.

How to get to the venue?
See the Map.


 * By taxi: taxi from the airport to venue is about $50 USD


 * From hotel: transport from the conference hotel (Hotel Teatro) by limo is free


 * By car: there is plenty of parking at the Tivoli. Parking validation will be provided for registered SnowFROC participants.

Registration and Conference Fees
Due to the hard work of our organizers and the gracious support of our sponsors, SNOWFROC will once again be a FREE CONFERENCE!!!

Despite the fact that this is a free conference, we still need you to register to ensure that we don't exceed venue capacity.

Conference Committee
OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org

SNOWFROC 2009 Planning Committee Chair: Kathy Thaxton - kthaxton 'at' owasp.org

Colorado Chapter Hosts:
 * David Campbell - OWASP Denver - dcampbell 'at' owasp.org
 * Eric Duprey - OWASP Denver - eduprey 'at' exploits.org

Vendor Exhibition Chair: Kathy Thaxton - kthaxton 'at' owasp.org

Capture the Flag Chair: Eric Duprey - eduprey 'at' exploits.org

CFP Chair: David Campbell - OWASP Denver - dcampbell 'at' owasp.org

Conference Sponsors
The following organizations are proud sponsors of this conference:
 * Accuvant
 * Breach
 * Business Partner Solutions
 * Denim Group


 * Fishnet Security


 * IBM
 * Imperva
 * Laz
 * Lares


 * Trustwave
 * WhiteHat Security

If you are interested in sponsoring this OWASP conference, please contact Kathy Thaxton at kthaxton 'at' owasp.org.

More information about conference sponsorship is available here.