Difference between revisions of "Front Range OWASP Conference 2010"

From OWASP
Jump to: navigation, search
(Undo revision 83108 by Dc (Talk))
(Undo revision 83107 by Dc (Talk))
Line 21: Line 21:
 
====Agenda====
 
====Agenda====
  
==Agenda and Presentations: 2 June 2010==
+
FIXME
 
 
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing panel discussions back in the main auditorium.
 
 
 
{| style="width:80%" border="0" align="center"
 
! colspan="4" align="center" style="background:#4058A0; color:white" | June 2, 2010
 
|-
 
| style="width:10%; background:#7B8ABD" | 07:30-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Sponsor Expo Room
 
|-
 
| style="width:10%; background:#7B8ABD" | 08:30-08:35 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to FROC 2010 Conference
 
''David Campbell, OWASP Denver''
 
|-
 
| style="width:10%; background:#7B8ABD" | 08:35-09:35 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Keynote: [[FROC2010_Abstract_Chess|"Watching Software Run: Software Security Beyond Defect Elimination"]]
 
''Brian Chess, Fortify Software''
 
 
 
<!-- [http://video.google.com/videoplay?docid=2875886330538461390 Video] -->
 
|-
 
| style="width:10%; background:#7B8ABD" | 09:35-10:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | OWASP: State of the Union
 
''Tom Brennan, OWASP Board''
 
|-
 
| style="width:10%; background:#7B8ABD" | 10:00-10:20 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Cloud Security Alliance: State of the Union
 
''Jim Reavis, Co-Founder, Cloud Security Alliance''
 
|-
 
| style="width:10%; background:#7B8ABD" | 10:20-10:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF
 
|-
 
| style="width:10%; background:#7B8ABD" | || style="width:22%; background:#BC857A" | AppSec/Technical Track: Room 1
 
| style="width:22%; background:#BCA57A" | Cloud/Mobile/Emerging Track: Room 2
 
| style="width:22%; background:#C6E2FF" | Management / Executive Track: Room 3
 
|-
 
| style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:22%; background:#BC857A" align="left" | "[[FROC2010_Abstract_Grossman|2010: Web Hacking Odyssey - The Top Hacks of the Year]]"
 
''Jeremiah Grossman and Elizabeth Laneri''
 
 
 
<!-- [http://video.google.com/videoplay?docid=-8396241750899139680 Video] -->
 
| style="width:22%; background:#BCA57A" align="left" | [[FROC2010_Abstract_McClellan|"Building a Secure, Compliant Cloud for the Enterprise"]]
 
''Craig McClellan, CTO: Hosting.com''
 
 
 
| style="width:22%; background:#C6E2FF" align="left" | [[FROC2010_Abstract_Goldschmidt|"Fundamental Practices and Tools to implement a security development lifecycle"]]
 
''Cassio Goldschmidt''
 
 
 
|-
 
| style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:40%; background:#BC857A" align="left" | [[SnowFROC_Abstract_Paller|"A Legal Minimum Standard of Due Care: The CAG and the Top 25 Most Dangerous Programming Errors"]]
 
''Alan Paller, SANS''
 
| style="width:40%; background:#BCA57A" align="left" | [[SnowFROC_Abstract_Stads|"Adobe Flex, AMF 3 and BlazeDS: An Assessment"]]
 
''Kevin Stadmeyer, Trustwave''
 
 
 
[http://video.google.com/videoplay?docid=1629208419122953007 Video]
 
|-
 
| style="width:10%; background:#7B8ABD" | 12:00-13:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Lunch - Expo - CTF - Beatz by [http://www.dj-jackalope.com/ DJ Jackalope]
 
|-
 
| style="width:10%; background:#7B8ABD" | || style="width:40%; background:#BC857A" | Management / Executive Track: Room 1
 
| style="width:40%; background:#BCA57A" | Deep Technical Track: Room 2
 
|-
 
| style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:40%; background:#BC857A" align="left" | [[SnowFROC_Abstract_Peloquin|"Building an Effective Application Security Program"]]
 
''Joey Peloquin, Fishnet Security''
 
 
 
[http://video.google.com/videoplay?docid=-2540122072368010669 Video]
 
| style="width:40%; background:#BCA57A" align="left" | [[SnowFROC_Abstract_Belani|"Bad Cocktail: Spear Phishing + Application Hacks"]]
 
''Rohyt Belani, Intrepidus Group''
 
 
 
[http://video.google.com/videoplay?docid=3127205451740977427 Video]
 
|-
 
| style="width:10%; background:#7B8ABD" | 13:50-14:50 || style="width:40%; background:#BC857A" align="left" | [[SnowFROC_Abstract_Byrne|"Automated vs. Manual Security: You can't filter The Stupid"]]
 
''David Byrne & Charles Henderson, Trustwave''
 
 
 
[http://video.google.com/videoplay?docid=7611144342490803641 Video]
 
| style="width:40%; background:#BCA57A" align="left" | [[SnowFROC_Abstract_Damele|"SQL injection: Not only AND 1=1"]]
 
''Bernardo Damele Assumpcao Guimaraes, Portcullis Computer Security Ltd.''
 
 
 
[http://video.google.com/videoplay?docid=129190988572738701 Video]
 
|-
 
| style="width:10%; background:#7B8ABD" | 14:50-15:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | Break - Expo - CTF - Beatz by [http://www.dj-jackalope.com/ DJ Jackalope]
 
|-
 
| style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:40%; background:#BC857A" align="left" | [[SnowFROC_Abstract_Neucom|"Security Policy Management: Best Practices for Web Services and Application Security"]]
 
''Ray Neucom, IBM''
 
 
 
[http://video.google.com/videoplay?docid=-4972597638535731442 Video]
 
| style="width:40%; background:#BCA57A" align="left" | [[SnowFROC_Cornell_Dickson_Abstract|"Vulnerability Management in an Application Security World"]]
 
''Dan Cornell & John Dickson, Denim Group''
 
 
 
[http://video.google.com/videoplay?docid=8588268474844052248 Video]
 
|-
 
| style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Panel: Emerging Threats and Enterprise Countermeasures
 
Moderator: John Dickson<br/>
 
Panelists: Alan Paller, Joey Peloquin, Rohyt Belani, Ed Bellis, Laz, Ray Neucom
 
|-
 
| style="width:10%; background:#7B8ABD" | 16:30-17:30 || colspan="2" style="width:40%; background:#F2F2F2" align="left" | Conference Wrap Up, CTF Awards & Sponsor Raffles - CTF - Beatz by [http://www.dj-jackalope.com/ DJ Jackalope]
 
|-
 
| style="width:10%; background:#7B8ABD" | 17:30-21:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | OWASP Social Gathering: Dinner and Drinks @ TBD
 
|}
 
 
 
 
 
<!-- Back to [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 SnowFROC Home] -->
 
  
  

Revision as of 15:19, 6 May 2010



Welcome

File:Froc2010 sm.png? Welcome to FROC 2010, the third annual Front Range OWASP Application Security Conference!

After successful FROC's in June of 2008, and March of 2009, we are back in Denver, Colorado USA on Wednesday the 2nd of June 2010!

This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers.

In 2009, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2010. This year we are organizing the conference with the support of our colleagues at the Cloud Security Alliance, and will feature an AppSec track as well as a CloudSec/VirtSec track.

Registration

The Registration Site will be up soon. Due to the hard work of our organizers and the gracious support of our sponsors, FROC was a free event in 2008 and 2009. This year, due to challenging economic conditions, we unfortunately are unable to continue this tradition. The ticket price will be set when the registration site goes live, and will likely be between $25 and $50 USD.

Agenda

FIXME


Logistics

Denver mountains.JPG

This year, the conference will again be held at the Tivoli Student Union in downtown 900 Auraria Pkwy # 325E Denver, CO 80204 (303) 556-6330


How to get to the venue?

See the Map.

  • By taxi: taxi from the airport to venue is about $50 USD
  • From hotel: TBD
  • By car: there is plenty of parking at the Tivoli. Parking validation will be provided for registered FROC participants.


Call for Presentations

The call for presentations closed 31 March 2010. We are no longer accepting proposals for presentations. If you have already submitted a presentation you can, however update your abstract or submit additional information to clarify your proposal.



Capture the Flag (CTF)

This year FROC will again be hosting a capture the flag game / contest throughout the day. If you are interested in volunteering to assist with the CTF please contact eduprey at owasp dot org.


Conference Committee

FROC 2010 Planning Committee Chair: Kathy Thaxton - kthaxton at owasp dot org

Presentation Selection Committee:

  • Mark Bristow - OWASP Global Conference Committee
  • David Campbell - OWASP Denver
  • Eric Duprey - OWASP Denver
  • Chris Hoff - Cloud Security Alliance
  • Eoin Keary - Chair, OWASP Global Conference Committee
  • Michael Sutton - Cloud Security Alliance
  • Jim Reavis - Cloud Security Alliance


Colorado Chapter Hosts:

  • David Campbell - OWASP Denver - dcampbell at owasp dot org
  • Eric Duprey - OWASP Denver - eduprey at owasp dot org


Vendor Exhibition POC: Kathy Thaxton - kthaxton at owasp dot org


Capture the Flag POC: Eric Duprey - eduprey at owasp dot org


Conference Sponsors

If you are interested in sponsoring this OWASP event, please contact Kathy Thaxton at kthaxton at owasp dot org.

More information about conference sponsorship is available here.