Difference between revisions of "2019 BASC Homepage"

From OWASP
Jump to: navigation, search
(CFP link added)
(Fixed typos)
 
(10 intermediate revisions by 2 users not shown)
Line 11: Line 11:
 
NOTE: * Some workshops and training may have a separate fee.
 
NOTE: * Some workshops and training may have a separate fee.
  
 +
<!--
 
== Call for Papers/Workshops ==
 
== Call for Papers/Workshops ==
  
 
[https://www.owasp.org/index.php/BASC_2019_Call_For_Papers CFP/CFW link]   
 
[https://www.owasp.org/index.php/BASC_2019_Call_For_Papers CFP/CFW link]   
  
 +
-->
 
== Registration ==
 
== Registration ==
  
[https:// COMING SOON]
+
[https://www.eventbrite.com/e/boston-application-security-conference-basc-2019-tickets-71803643631 Register Here]
  
 
Registration is required for breakfast, lunch, and the evening social time. We will do everything possible to accommodate late registrants but the facility and food are limited.
 
Registration is required for breakfast, lunch, and the evening social time. We will do everything possible to accommodate late registrants but the facility and food are limited.
Line 27: Line 29:
 
== Keynotes ==
 
== Keynotes ==
  
 +
'''The Internet Sucks.  Should We Replace It?'''
 +
 +
'''Andy Ellis,''' Akamai
 +
 +
[[File:Andy-ellis_0532_1-2.jpg|left|frameless]]
 +
 +
50 years into the Internet, it’s become very clear that there are virtually no security goals designed into the underpinnings of the Internet, and even higher level protocols suffer from this lack.  As a result, existing on the Internet makes the Wild West look like a tame environment.  Should we attempt to redesign the Internet, and make it secure by default?  Let’s explore the dystopian world of an alternate Internet, and see why the Internet we have might actually be the best Internet we could hope for.
 +
 +
Andy Ellis is Akamai’s Chief Security Officer, and his mission is “making the Internet suck less.” Governing cybersecurity, compliance, and safety for Akamai’s planetary-scale cloud platform since 2000, he has also designed and brought to market Akamai’s TLS acceleration network, its DDoS defense offerings, and several of the core technologies behind its security solutions. Andy has also guided Akamai’s IT transformation from a flat password-based network to a distributed, zero-trust enterprise based on strong authentication.
 +
 +
Andy is a graduate of MIT with a degree in computer science, and has served as an officer in the United States Air Force with the 609th Information Warfare Squadron and the Electronic Systems Center.
 +
 +
Also active in Internet policy and governance circles, Andy has supported past and present Akamai CEOs in roles on the NIAC and NSTAC, as well as serving on the FCC’s Communications Security, Reliability, and Interoperability Council. He is an affiliate of Harvard’s Berkman Klein Center, and a guest lecturer in executive education at MIT and the Harvard Kennedy School. He is a frequent speaker on topics of Internet security, anthropocentric risk management, and security governance; and occasionally blogs at www.csoandy.com. He can be found on Twitter as @csoandy, where he discusses security, wine, American football, and hairstyling.
 +
 +
Andy is also an Advisor to YL Ventures’ YLV3 Fund, Uptycs, and Vulcan Cyber.
 +
 +
Andy has received The Spirit of Disneyland Award, The Wine Spectator’s Award of Excellence (as The Arlington Inn), the US Air Force Commendation Medal, and the CSO Compass Award.
 +
 +
 +
 +
'''Sandcastles in a Storm: Application Vulnerabilities and How They Weaken Our Organizations'''
 +
 +
'''Kevin Johnson,''' Secure Ideas
 +
 +
[[File:KevinJohnson.jpg|175px|left|frameless]]
 +
 +
In this presentation Kevin will walk through some of the issues we face as we move more and more of our life into applications and the Internet of Things.  We will explore the vulnerabilities, how they are attacked, and what it means to all of us.
 +
 +
 +
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute. 
 +
 +
 +
In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (Star Wars charity group)
 +
 +
Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
  
 
== Details ==
 
== Details ==
 
 
<!--
 
<!--
* [[2019_BASC_Workshops | Workshops]]
+
* Only Silver Sponsorships Remain [https://www.owasp.org/images/9/94/BASCSponsorship2019.pdf Sponsorship Kit]
 
-->
 
-->
 
* [[2019_BASC_Presentations | Presentations]]
 
* [[2019_BASC_Presentations | Presentations]]
Line 37: Line 73:
 
* [[2019_BASC_Speakers | Speakers]]
 
* [[2019_BASC_Speakers | Speakers]]
 
* [[2019_BASC_Agenda | Agenda]]
 
* [[2019_BASC_Agenda | Agenda]]
* LinkedIn [https://www.linkedin.com/groups/Boston-Application-Security-Conference-BASC-4631647 Group]
 
 
* Twitter: Follow [https://twitter.com/BASConf @BASConf] @[https://twitter.com/owaspboston OWASPBoston] HashTag: #basc2019
 
* Twitter: Follow [https://twitter.com/BASConf @BASConf] @[https://twitter.com/owaspboston OWASPBoston] HashTag: #basc2019
<!--
 
* [http:// Sponsorship Kit COMING]
 
-->
 
  
 
== OWASP Boston Chapter ==
 
== OWASP Boston Chapter ==

Latest revision as of 09:24, 12 October 2019

Boston-Banner-468x60.gif
Home | Agenda | Code of Conduct | Presentations | Workshops | Speakers | Twitter 32.png


Platinum Sponsors

NCC Group Ordr WhiteHat


Gold Sponsors

Auric Checkmarx HackerOne Netsparker Sonatype Tala


Silver Sponsor

Qualys

Individual Sponsor: Justin Olin


Please help us keep BASC free by viewing and visiting all of our sponsors.


Welcome

This is the homepage for the 2019 Boston Application Security Conference (BASC). Conference will take place 8:30am to 6:30pm on Saturday, October 19th at

The BASC will be a free*, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide-array of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors should be able to come to the BASC, learn, and hopefully enjoy themselves at the same time.


NOTE: * Some workshops and training may have a separate fee.

Registration

Register Here

Registration is required for breakfast, lunch, and the evening social time. We will do everything possible to accommodate late registrants but the facility and food are limited.

You may also register for one or more workshops, but workshop tickets are limited. Please be considerate of others and only register for a workshop if you plan to attend. If your plans change, please cancel your ticket to free the space up for others. Do not sign up for more than one session of the same workshop, or for workshops whose times overlap. If you do, conference organizers will cancel your ticket orders.


Keynotes

The Internet Sucks. Should We Replace It?

Andy Ellis, Akamai

Andy-ellis 0532 1-2.jpg

50 years into the Internet, it’s become very clear that there are virtually no security goals designed into the underpinnings of the Internet, and even higher level protocols suffer from this lack. As a result, existing on the Internet makes the Wild West look like a tame environment. Should we attempt to redesign the Internet, and make it secure by default? Let’s explore the dystopian world of an alternate Internet, and see why the Internet we have might actually be the best Internet we could hope for.

Andy Ellis is Akamai’s Chief Security Officer, and his mission is “making the Internet suck less.” Governing cybersecurity, compliance, and safety for Akamai’s planetary-scale cloud platform since 2000, he has also designed and brought to market Akamai’s TLS acceleration network, its DDoS defense offerings, and several of the core technologies behind its security solutions. Andy has also guided Akamai’s IT transformation from a flat password-based network to a distributed, zero-trust enterprise based on strong authentication.

Andy is a graduate of MIT with a degree in computer science, and has served as an officer in the United States Air Force with the 609th Information Warfare Squadron and the Electronic Systems Center.

Also active in Internet policy and governance circles, Andy has supported past and present Akamai CEOs in roles on the NIAC and NSTAC, as well as serving on the FCC’s Communications Security, Reliability, and Interoperability Council. He is an affiliate of Harvard’s Berkman Klein Center, and a guest lecturer in executive education at MIT and the Harvard Kennedy School. He is a frequent speaker on topics of Internet security, anthropocentric risk management, and security governance; and occasionally blogs at www.csoandy.com. He can be found on Twitter as @csoandy, where he discusses security, wine, American football, and hairstyling.

Andy is also an Advisor to YL Ventures’ YLV3 Fund, Uptycs, and Vulcan Cyber.

Andy has received The Spirit of Disneyland Award, The Wine Spectator’s Award of Excellence (as The Arlington Inn), the US Air Force Commendation Medal, and the CSO Compass Award.


Sandcastles in a Storm: Application Vulnerabilities and How They Weaken Our Organizations

Kevin Johnson, Secure Ideas

KevinJohnson.jpg

In this presentation Kevin will walk through some of the issues we face as we move more and more of our life into applications and the Internet of Things. We will explore the vulnerabilities, how they are attacked, and what it means to all of us.


Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.


In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (Star Wars charity group)

Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.

Details

OWASP Boston Chapter

BASC is presented by the OWASP Boston chapter.


You can find out more about this conference at the 2019 BASC Homepage
or by emailing boston-leaders@owasp.org
Twitter 32.png