Difference between revisions of "Front Range OWASP Conference 2012"

From OWASP
Jump to: navigation, search
m (Welcome: added link to SnowFROC 2013)
 
(15 intermediate revisions by 2 users not shown)
Line 9: Line 9:
 
  -->
 
  -->
 
<!-- Header -->
 
<!-- Header -->
 +
====2012 Presentations ==== 
 +
[[Media:CameronMorris_OwaspPassfault.pdf|OWASP Passfault]]<br>
 +
[[Media:DougLandoll_PCI 2.0 Risk Management.pdf|PCI vs Risk Management]]<br>
 +
[[Media:Laz_owasp_denver_FROC_032212.pdf|What the Cyber Criminals are Doing on Your Website Right Now]]<br>
 +
[[Media:MikeFleckOWASP_Presentation.ppt|Securing Data from the Web Tier]]<br>
 +
[[Media:RajivSharma_A_Scalable_Secure_Development_Program_OWASP.ppt|A Scalable Secure Development Program]]<br>
 +
[[Media:RobertRowleyOWASPSNOWFROC2012.ppt|State of Web Security: Monitored Attacks]]<br>
 +
 
====Welcome====   
 
====Welcome====   
 
<!-- *** Update image [[Image:Froc2010_sm.png|200px]]  
 
<!-- *** Update image [[Image:Froc2010_sm.png|200px]]  
 
  -->
 
  -->
 
'''Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!'''
 
'''Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!'''
 +
'''Click [[Front_Range_OWASP_Conference_2013|here]] if you're looking for SnowFROC 2013'''
  
 
After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], and [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010 2010] we are back in Denver, Colorado USA on '''Thursday the 22nd of March'''!  
 
After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], and [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010 2010] we are back in Denver, Colorado USA on '''Thursday the 22nd of March'''!  
Line 31: Line 40:
 
Click [http://snowfroc2012.eventbrite.com HERE] to register now for SnowFROC!
 
Click [http://snowfroc2012.eventbrite.com HERE] to register now for SnowFROC!
  
Click [[Denver,_Colorado|here]] to register for OWASP Deep Dives in Denver!
+
<!-- FAIL - need to get our act together MUCH EARLIER if we're going to have OWASP training in conjunction w/SnowFROC! Click [[Denver,_Colorado|here]] to register for OWASP Deep Dives in Denver!
 
+
Specifically:
 +
1. Include Kate/OWASP Ops in SnowFROC planning
 +
2. AT A MINIMUM, GET THE SCHEDULE AND PUBLISH IT
 +
3. NEED  a COUPLE of local chapter meetings to socialize/promote the ACTUAL CLASSES
 +
-->
 
<!-- ====Agenda====
 
<!-- ====Agenda====
  
Line 54: Line 67:
 
'''State of OWASP'''  
 
'''State of OWASP'''  
  
''Matt Tesauro''
+
''[[Matt_Tesauro|Matt Tesauro]]''
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote:'''  
+
  | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote: Point in Time Security'''  
  
''John Pirc, Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]''
+
''[[John_Pirc|John Pirc]], Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]''
  
 
  |-
 
  |-
Line 138: Line 151:
 
Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?''   
 
Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?''   
  
Moderator: Andy Lewis
+
'''Moderator:''' ''Andy Lewis''
Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others
+
'''Panelists:''' ''Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others''
 
  |-
 
  |-
  
Line 152: Line 165:
 
[[Image:Denver_mountains.JPG]]
 
[[Image:Denver_mountains.JPG]]
  
This year, the conference will again be held at University of Colorado, Denver at the Tivoli Center.
+
This year, the conference will again be held at University of Colorado, Denver at the [http://maps.google.com/maps?hl=en&ie=UTF8&cid=0,0,17887458453474608109&fb=1&split=1&gl=us&dq=Tivoli+Student+Union+in+downtown+Denver,+CO&daddr=900+Auraria+Pkwy+%23+325E,+Denver,+CO+80204&geocode=2315206160437382962,39.746366,-105.007463&ei=jKOsSeKrM5O5twfLh4GDBg&z=16 Tivoli Student Union]  (900 Auraria Pkwy # 325E Denver, CO 80204).
  
 
<!--  *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]]
 
<!--  *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]]
Line 171: Line 184:
  
 
*By car: there is plenty of parking at the Tivoli.  Attendees should park at the Tivoli lot (as in past years).  Parking validation will be provided for registered FROC participants.
 
*By car: there is plenty of parking at the Tivoli.  Attendees should park at the Tivoli lot (as in past years).  Parking validation will be provided for registered FROC participants.
 
 
  
 
====Call for Presentations====
 
====Call for Presentations====
Line 240: Line 251:
 
*[http://www.hpenterprisesecurity.com/register/esp-grand-slam-camp-hpesp-homepage HP ESP]
 
*[http://www.hpenterprisesecurity.com/register/esp-grand-slam-camp-hpesp-homepage HP ESP]
 
*[http://www.coalfire.com/Home Coalfire Systems]
 
*[http://www.coalfire.com/Home Coalfire Systems]
 +
*[http://www.rapid7.com/ Rapid7]
 +
*[http://www.silvertailsystems.com/ Silvertail Systems]
 +
*[http://www.southseascorp.com/ South Seas Corporation]
  
  
Line 264: Line 278:
 
  -->
 
  -->
  
=== Speaker Bios ===
 
 
==== '''Laz''' =====
 
 
==== '''Mike Fleck''' ====
 
  
  

Latest revision as of 11:30, 16 April 2012


2012 Presentations

OWASP Passfault
PCI vs Risk Management
What the Cyber Criminals are Doing on Your Website Right Now
Securing Data from the Web Tier
A Scalable Secure Development Program
State of Web Security: Monitored Attacks

Welcome

Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference! Click here if you're looking for SnowFROC 2013

After successful FROC's in June of 2008, March of 2009, and 2010 we are back in Denver, Colorado USA on Thursday the 22nd of March!

This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. ALSO, on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives!

In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012.

Registration

Registration for SnowFROC is now open!

$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!

Click HERE to register now for SnowFROC!


Agenda and Presentations: 22 March 2012

The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.

March 22nd, 2012
07:45-08:30 Registration and Continental Breakfast in the Adirondack Room
08:30-08:45 Welcome to SnowFROC 2012 Conference

OWASP Denver and OWASP Boulder Chapter Leaders

08:45-09:10

State of OWASP

Matt Tesauro

09:10-10:10 Keynote: Point in Time Security

John Pirc, Co-Author of "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"

10:10-10:30 Break - Expo
Tech Track - Zenith Room 640 Management Track - Senate Chamber
10:30-11:15 OWASP Passfault

Cameron Morris

Managing IT Risk in a Cloud Environment

Karl Steinkamp

11:15-12:00 State of Web Security: Monitored Attacks

Robert Rowley

PCI vs Risk Management

Doug Landoll

12:00-13:00 Lunch - Expo
13:00-13:50 WebGoat.NET

Jerry Hoff

Securing Data from the Web Tier

Mike Fleck

13:50-14:40 Gray, the new black: Gray box vulnerability testing

Adam Hills

What the Cyber Criminals are Doing on Your Website Right Now.

LAZ

14:40-15:00 BREAK
15:00-15:50 "The Mobile Top 10"

Mike Zussman

A Scalable Secure Development Program

Rajiv Sharma

15:50-16:30 End of Conference Panel Discussion:

Topic: The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?

Moderator: Andy Lewis Panelists: Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others

16:30-17:30 Wrap up, vendor raffles!


Logistics

Denver mountains.JPG

This year, the conference will again be held at University of Colorado, Denver at the Tivoli Student Union (900 Auraria Pkwy # 325E Denver, CO 80204).


Accomodation

OWASP is in the process of negotiating discounted rates with the uber-pimpin Hotel Teatro. Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC.

To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the iHotelier.com link here.

How to get to the venue?
  • By taxi: taxi from the airport to venue is about $50 USD
  • From hotel: transport from the conference hotel (Hotel Teatro) by limo is free
  • By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants.

Call for Presentations

The call for presentations closed February 23rd. If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.



Conference Committee

FROC 2012 Planning Committee Chair: Kathy Thaxton - kthaxton at hosting dot com

Presentation Selection Committee:

  • Steve Kosten
  • Denver OWASP Board


Colorado Chapter Hosts:

  • Andy Lewis - OWASP Denver - alewis at owasp dot org
  • Mark Major - OWASP Boulder - mark dot major at owasp dot org
  • Might have a CO Springs chapter in time for SnowFROC; stay tuned...

Vendor Exhibition POC: Kathy Thaxton - kthaxton at hosting dot com


Sponsors

If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kthaxton at hosting dot com.

We are proud to have the following sponsors for this year's conference: