Difference between revisions of "Front Range OWASP Conference 2012"

From OWASP
Jump to: navigation, search
(Agenda and Presentations: 22 March 2012: Added final schedule as of March 1st)
Line 41: Line 41:
 
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.
 
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.
  
{| style="width:80%" border="0" align="center"
+
{| style="width:86%" border="0" align="center"
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | March 22nd, 2012
 
  ! colspan="4" align="center" style="background:#4058A0; color:white" | March 22nd, 2012
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 07:30-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Sponsor Expo Room
+
  | style="width:10%; background:#7B8ABD" | 07:45-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Adirondack Room
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 08:30-08:35 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to SnowFROC 2012 Conference
+
  | style="width:10%; background:#7B8ABD" | 08:30-08:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to SnowFROC 2012 Conference
 +
 
 
''OWASP Denver and OWASP Boulder Chapter Leaders''
 
''OWASP Denver and OWASP Boulder Chapter Leaders''
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 08:35-09:35 || colspan="3" style="width:80%; background:#F2F2F2" align="center" |  
+
  | style="width:10%; background:#7B8ABD" | 08:45-09:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" |  
'''Keynote:'''  
+
'''State of OWASP'''  
  
''John Pirc, Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]''
+
''Matt Tesauro''
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 09:35-10:00 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''State of OWASP'''  
+
  | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote:'''
 +
 
 +
''John Pirc, Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]''
  
Matt Tesauro
 
<!-- *** above -->
 
|-
 
| style="width:10%; background:#7B8ABD" | 10:00-10:20 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | TBD
 
''TBD, TBD''
 
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 10:20-10:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo
+
  | style="width:10%; background:#7B8ABD" | 10:10-10:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Break - Expo
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Track 1'''
+
  | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Tech Track - Zenith Room 640'''
  | colspan="1" style="width:45%; background:#BCA57A" | '''Track 2'''  
+
  | colspan="1" style="width:45%; background:#BCA57A" | '''Management Track - Senate Chamber'''  
 
<!-- | style="width:22%; background:#C6E2FF" | '''Management / Exec Track: Room 3''' -->
 
<!-- | style="width:22%; background:#C6E2FF" | '''Management / Exec Track: Room 3''' -->
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | "TBD"
+
  | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | OWASP Passfault
''TBD''
+
''Cameron Morris''
  
  | style="width:45%; background:#BCA57A" align="left" | TBD
+
  | style="width:45%; background:#BCA57A" align="left" | Managing IT Risk in a Cloud Environment
''TBD''
+
''Karl Steinkamp''
  
 
<!--  | style="width:22%; background:#C6E2FF" align="left" | TBD
 
<!--  | style="width:22%; background:#C6E2FF" align="left" | TBD
Line 83: Line 81:
  
  
| style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | "TBD"
+
| style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | State of Web Security: Monitored Attacks
''TBD''
+
 +
''Robert Rowley''
  
| style="width:45%; background:#BCA57A" align="left" | TBD
+
| style="width:45%; background:#BCA57A" align="left" | PCI vs Risk Management 
''TBD''   
+
''Doug Landoll''   
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD ''TBD'' -->
+
<!-- | style="width:22%; background:#C6E2FF" align="left" | Securing Data from the Web Tier ''Mike Fleck'' -->
  
 
  |-
 
  |-
Line 95: Line 94:
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:45%; background:#BC857A" align="left" | "TBD"
+
  | style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:45%; background:#BC857A" align="left" | Panel Discussion - Favorite tools and techniques - pen-testing, static analysis, code reviews
''TBD''
+
''Panelists''
  
  | style="width:45%; background:#BCA57A" align="left" | TBD
+
  | style="width:45%; background:#BCA57A" align="left" | Securing Data from the Web Tier
''TBD''
+
''Mike Fleck''
  
 
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
 
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
Line 107: Line 106:
  
  
  | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | "TBD"
+
  | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | Gray, the new black: Gray box vulnerability testing
''TBD''
+
''Adam Hills''
  
  | style="width:45%; background:#BCA57A" align="left" | TBD
+
  | style="width:45%; background:#BCA57A" align="left" | Web Session Intelligence
''TBD''
+
 
 +
''LAZ''
  
 
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
 
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
Line 121: Line 121:
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | "TBD"
+
  | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | "The Mobile Top 10"
''TBD''
+
''Mike Zussman''
  
 
+
  | style="width:45%; background:#BCA57A" align="left" | A Scalable Secure Development Program
  | style="width:45%; background:#BCA57A" align="left" | TBD
+
''Rajiv Sharma''
''TBD''
+
  
 
<!--  
 
<!--  
Line 132: Line 131:
 
''TBD''
 
''TBD''
 
  -->
 
  -->
 
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | End of Conference Panel Discussion:  
+
  | style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="3" style="width:80%; background:#F2F2F2" align="left" | End of Conference Panel Discussion:  
  
 
Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?''   
 
Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?''   
  
Moderator: Andy Lewis
+
Moderator: Steve Kosten or Andy Lewis
Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, others
+
Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, Steve Kosten, others
 
+
 
  |-
 
  |-
  

Revision as of 22:50, 1 March 2012


Welcome

Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!

After successful FROC's in June of 2008, March of 2009, and 2010 we are back in Denver, Colorado USA on Thursday the 22nd of March!

This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. ALSO, on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives!

In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012.

Registration

Registration for SnowFROC is now open!

$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!

Click HERE to register now for SnowFROC!

Click here to register for OWASP Deep Dives in Denver!

Agenda

CFP has closed; the agenda is being formed NOW and the draft agenda should be published SOON!

Agenda and Presentations: 22 March 2012

The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.

March 22nd, 2012
07:45-08:30 Registration and Continental Breakfast in the Adirondack Room
08:30-08:45 Welcome to SnowFROC 2012 Conference

OWASP Denver and OWASP Boulder Chapter Leaders

08:45-09:10

State of OWASP

Matt Tesauro

09:10-10:10 Keynote:

John Pirc, Co-Author of "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"

10:10-10:30 Break - Expo
Tech Track - Zenith Room 640 Management Track - Senate Chamber
10:30-11:15 OWASP Passfault

Cameron Morris

Managing IT Risk in a Cloud Environment

Karl Steinkamp

11:15-12:00 State of Web Security: Monitored Attacks

Robert Rowley

PCI vs Risk Management

Doug Landoll

12:00-13:00 Lunch - Expo
13:00-13:50 Panel Discussion - Favorite tools and techniques - pen-testing, static analysis, code reviews

Panelists

Securing Data from the Web Tier

Mike Fleck


13:50-14:40 Gray, the new black: Gray box vulnerability testing

Adam Hills

Web Session Intelligence

LAZ

14:40-15:00 BREAK
15:00-15:50 "The Mobile Top 10"

Mike Zussman

A Scalable Secure Development Program

Rajiv Sharma

15:50-16:30 End of Conference Panel Discussion:

Topic: The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?

Moderator: Steve Kosten or Andy Lewis Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, Steve Kosten, others

16:30-17:30 Wrap up, vendor raffles!


Logistics

Denver mountains.JPG

This year, the conference will again be held at University of Colorado, Denver at the Tivoli Center.


Accomodation

OWASP is in the process of negotiating discounted rates with the uber-pimpin Hotel Teatro. Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC.

To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the iHotelier.com link here.

How to get to the venue?
  • By taxi: taxi from the airport to venue is about $50 USD
  • From hotel: transport from the conference hotel (Hotel Teatro) by limo is free
  • By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants.


Call for Presentations

The call for presentations closed February 23rd. If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.



Conference Committee

FROC 2012 Planning Committee Chair: Kathy Thaxton - kthaxton at hosting dot com

Presentation Selection Committee:

  • Steve Kosten
  • Denver OWASP Board


Colorado Chapter Hosts:

  • Andy Lewis - OWASP Denver - alewis at owasp dot org
  • Mark Major - OWASP Boulder
  • Might have a CO Springs chapter in time for SnowFROC; stay tuned...

Vendor Exhibition POC: Kathy Thaxton - kthaxton at hosting dot com


Sponsors

If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kthaxton at hosting dot com.

We are proud to have the following sponsors for this year's conference:


Promoters