Difference between revisions of "Front Range OWASP Conference 2013"

From OWASP
Jump to: navigation, search
(Created page with "__NOTOC__ <!-- [http://froc2011.eventbrite.com/ Registration is NOW OPEN] --> <!-- FROC2010 was a major success! The [http://www.surveymonkey.com/sr.aspx?sm=Fn2UBK3eyju0z2k...")
 
(Initial edits for 2013)
Line 9: Line 9:
 
<br>  
 
<br>  
 
<!-- Header -->
 
<!-- Header -->
 +
<!--
 
====2012 Presentations ====   
 
====2012 Presentations ====   
 
[[Media:CameronMorris_OwaspPassfault.pdf|OWASP Passfault]]<br>
 
[[Media:CameronMorris_OwaspPassfault.pdf|OWASP Passfault]]<br>
Line 16: Line 17:
 
[[Media:RajivSharma_A_Scalable_Secure_Development_Program_OWASP.ppt|A Scalable Secure Development Program]]<br>
 
[[Media:RajivSharma_A_Scalable_Secure_Development_Program_OWASP.ppt|A Scalable Secure Development Program]]<br>
 
[[Media:RobertRowleyOWASPSNOWFROC2012.ppt|State of Web Security: Monitored Attacks]]<br>
 
[[Media:RobertRowleyOWASPSNOWFROC2012.ppt|State of Web Security: Monitored Attacks]]<br>
 
+
-->
 
====Welcome====   
 
====Welcome====   
 
<!-- *** Update image [[Image:Froc2010_sm.png|200px]]  
 
<!-- *** Update image [[Image:Froc2010_sm.png|200px]]  
 
  -->
 
  -->
'''Welcome to SnowFROC 2012, the fourth Front Range OWASP Application Security Conference!'''
+
'''Welcome to SnowFROC 2013, the fifth Front Range OWASP Application Security Conference!'''
'''Click [[Front_Range_OWASP_Conference_2013|here]] if you're looking for SnowFROC 2013'''
+
  
After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], and [https://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010 2010] we are back in Denver, Colorado USA on '''Thursday the 22nd of March'''!  
+
After successful FROC's in June of 2008, [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009 March of 2009], [[Front_Range_OWASP_Conference_2010|2010]] and [[Front_Range_OWASP_Conference_2012|2012]] we are back in Denver, Colorado USA on '''***some day in 2013'''!  
  
This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers.  '''ALSO''', on Friday March 23rd several instructors from OWASP will be conducting day-long deep-dives!
+
This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers.  '''ALSO''', we will try to engage several instructors from OWASP to conduct day-long deep-dives the next day!
  
In 2010, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2012.  <!-- This year we are organizing the conference with the support of our colleagues at the [http://www.cloudsecurityalliance.org/ Cloud Security Alliance], and will feature an AppSec track as well as a CloudSec/VirtSec track.
+
In 2012, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2013.  <!-- This year we are organizing the conference with the support of our colleagues at the [http://www.cloudsecurityalliance.org/ Cloud Security Alliance], and will feature an AppSec track as well as a CloudSec/VirtSec track.
 
-->
 
-->
  
 
====Registration====
 
====Registration====
 
+
<!--
 
[http://snowfroc2012.eventbrite.com Registration for SnowFROC is now open!]
 
[http://snowfroc2012.eventbrite.com Registration for SnowFROC is now open!]
  
 
$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!
 
$20 covers breakfast, lunch, and a WORLD-CLASS AppSec conference!
<!-- Due to the hard work of our organizers and the gracious support of our sponsors, FROC was a free event in 2008 and 2009.  This year, thanks to the generosity of our [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010#tab=Conference_Sponsors sponsors] we are offering tickets to the event on a DONATION basis.  Pay whatever you or your company can afford.
 
-->
 
  
 
Click [http://snowfroc2012.eventbrite.com HERE] to register now for SnowFROC!
 
Click [http://snowfroc2012.eventbrite.com HERE] to register now for SnowFROC!
 +
-->
  
 
<!-- FAIL - need to get our act together MUCH EARLIER if we're going to have OWASP training in conjunction w/SnowFROC! Click [[Denver,_Colorado|here]] to register for OWASP Deep Dives in Denver!
 
<!-- FAIL - need to get our act together MUCH EARLIER if we're going to have OWASP training in conjunction w/SnowFROC! Click [[Denver,_Colorado|here]] to register for OWASP Deep Dives in Denver!
Line 51: Line 50:
 
-->
 
-->
  
==Agenda and Presentations: 22 March 2012==
+
==Agenda and Presentations: tbd 2013==
  
 
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.
 
The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.
Line 60: Line 59:
 
  | style="width:10%; background:#7B8ABD" | 07:45-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Adirondack Room
 
  | style="width:10%; background:#7B8ABD" | 07:45-08:30 || colspan="3" style="width:80%; background:#C2C2C2" align="left" | Registration and Continental Breakfast in the Adirondack Room
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 08:30-08:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to SnowFROC 2012 Conference
+
  | style="width:10%; background:#7B8ABD" | 08:30-08:45 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | Welcome to SnowFROC 2013 Conference
  
 
''OWASP Denver and OWASP Boulder Chapter Leaders''
 
''OWASP Denver and OWASP Boulder Chapter Leaders''
Line 66: Line 65:
 
  | style="width:10%; background:#7B8ABD" | 08:45-09:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" |  
 
  | style="width:10%; background:#7B8ABD" | 08:45-09:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" |  
 
'''State of OWASP'''  
 
'''State of OWASP'''  
 
+
<!--
 
''[[Matt_Tesauro|Matt Tesauro]]''
 
''[[Matt_Tesauro|Matt Tesauro]]''
 +
-->
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote: Point in Time Security'''  
+
  | style="width:10%; background:#7B8ABD" | 09:10-10:10 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | '''Keynote: tbd'''  
  
''[[John_Pirc|John Pirc]], Co-Author of [http://www.amazon.com/Cybercrime-Espionage-Analysis-Subversive-Multi-Vector/dp/1597496138/ref=sr_1_1?s=books&ie=UTF8&qid=1330542019&sr=1-1 "Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats"]''   
+
''tbd''   
  
 
  |-
 
  |-
Line 79: Line 79:
  
 
  | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Tech Track - Zenith Room 640'''
 
  | style="width:10%; background:#7B8ABD" | || colspan="1" style="width:45%; background:#BC857A" | '''Tech Track - Zenith Room 640'''
  | colspan="1" style="width:45%; background:#BCA57A" | '''Management Track - Senate Chamber'''
+
  | colspan="1" style="width:45%; background:#BCA57A" | '''Management Track <!-- - Senate Chamber -->'''  
<!-- | style="width:22%; background:#C6E2FF" | '''Management / Exec Track: Room 3''' -->
+
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | OWASP Passfault
+
  | style="width:10%; background:#7B8ABD" | 10:30-11:15 || style="width:45%; background:#BC857A" align="left" | tbd
''Cameron Morris''
+
''tbd''
  
  | style="width:45%; background:#BCA57A" align="left" | Managing IT Risk in a Cloud Environment
+
  | style="width:45%; background:#BCA57A" align="left" | tbd Mngmnt
''Karl Steinkamp''
+
''tbd''
 
+
<!--  | style="width:22%; background:#C6E2FF" align="left" | TBD
+
''TBD''
+
-->
+
 
  |-
 
  |-
  
 
+
| style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | tbd tech
| style="width:10%; background:#7B8ABD" | 11:15-12:00 || style="width:45%; background:#BC857A" align="left" | State of Web Security: Monitored Attacks
+
 
   
 
   
''Robert Rowley''
+
''tbd''
  
| style="width:45%; background:#BCA57A" align="left" | PCI vs Risk Management  
+
| style="width:45%; background:#BCA57A" align="left" | tbd tech  
''Doug Landoll''   
+
''tbd''   
<!-- | style="width:22%; background:#C6E2FF" align="left" | Securing Data from the Web Tier ''Mike Fleck'' -->
+
  
 
  |-
 
  |-
Line 110: Line 103:
  
  
| style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:45%; background:#BC857A" align="left" | WebGoat.NET
+
| style="width:10%; background:#7B8ABD" | 13:00-13:50 || style="width:45%; background:#BC857A" align="left" | tbd tech
 
   
 
   
''Jerry Hoff''
+
''tbd''
 +
 
 +
| style="width:45%; background:#BCA57A" align="left" | tbd mngmnt 
 +
''tbd'' 
  
| style="width:45%; background:#BCA57A" align="left" | Securing Data from the Web Tier 
 
''Mike Fleck'' 
 
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
 
''TBD'' -->
 
  
 
  |-
 
  |-
  
  
  | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | Gray, the new black: Gray box vulnerability testing
+
  | style="width:10%; background:#7B8ABD" | 13:50-14:40 || style="width:45%; background:#BC857A" align="left" | tbd tech
''Adam Hills''
+
''tbd''
 +
 
 +
| style="width:45%; background:#BCA57A" align="left" | tbd mngmnt
 +
''tbd''
  
| style="width:45%; background:#BCA57A" align="left" | What the Cyber Criminals are Doing on Your Website Right Now.
 
''LAZ''
 
  
<!-- | style="width:22%; background:#C6E2FF" align="left" | TBD
 
''TBD''
 
-->
 
 
  |-
 
  |-
  
Line 136: Line 126:
 
  |-
 
  |-
  
  | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | "The Mobile Top 10"
+
  | style="width:10%; background:#7B8ABD" | 15:00-15:50 || style="width:45%; background:#BC857A" align="left" | tbd tech
''Mike Zussman''
+
''tbd''
  
  | style="width:45%; background:#BCA57A" align="left" | A Scalable Secure Development Program
+
  | style="width:45%; background:#BCA57A" align="left" | tbd Mngmnt
''Rajiv Sharma''
+
''tbd''
  
<!--
 
| style="width:22%; background:#C6E2FF" align="left" | TBD
 
''TBD''
 
-->
 
 
  |-
 
  |-
 
  | style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | End of Conference Panel Discussion:  
 
  | style="width:10%; background:#7B8ABD" | 15:50-16:30 || colspan="3" style="width:80%; background:#F2F2F2" align="center" | End of Conference Panel Discussion:  
  
Topic: ''The Crystal Ball and the 2-headed Calf - What's on the Horizon and Why Does It Seem So Unnatural?''   
+
Topic: ''Attendees' choice(s)?''   
  
'''Moderator:''' ''Andy Lewis''
+
'''Moderator:''' ''tbd''
'''Panelists:''' ''Laz, Matt Tesauro, John Pirc, Tanner Coltrin, René Agüero, Steve Kosten, others''
+
'''Panelists:''' ''tbd, others''
 
  |-
 
  |-
  
Line 164: Line 150:
 
====Logistics====
 
====Logistics====
 
[[Image:Denver_mountains.JPG]]
 
[[Image:Denver_mountains.JPG]]
 
+
<!--
 
This year, the conference will again be held at University of Colorado, Denver at the [http://maps.google.com/maps?hl=en&ie=UTF8&cid=0,0,17887458453474608109&fb=1&split=1&gl=us&dq=Tivoli+Student+Union+in+downtown+Denver,+CO&daddr=900+Auraria+Pkwy+%23+325E,+Denver,+CO+80204&geocode=2315206160437382962,39.746366,-105.007463&ei=jKOsSeKrM5O5twfLh4GDBg&z=16 Tivoli Student Union]  (900 Auraria Pkwy # 325E Denver, CO 80204).
 
This year, the conference will again be held at University of Colorado, Denver at the [http://maps.google.com/maps?hl=en&ie=UTF8&cid=0,0,17887458453474608109&fb=1&split=1&gl=us&dq=Tivoli+Student+Union+in+downtown+Denver,+CO&daddr=900+Auraria+Pkwy+%23+325E,+Denver,+CO+80204&geocode=2315206160437382962,39.746366,-105.007463&ei=jKOsSeKrM5O5twfLh4GDBg&z=16 Tivoli Student Union]  (900 Auraria Pkwy # 325E Denver, CO 80204).
 
+
-->
 
<!--  *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]]
 
<!--  *** need image, lat-long, directions [[File:Froc map.GIF|thumb|left]]
  
Line 173: Line 159:
  
 
=====Accomodation=====
 
=====Accomodation=====
OWASP is in the process of negotiating discounted rates with the uber-pimpin [http://www.hotelteatro.com/ Hotel Teatro].  Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC.
+
OWASP is in the process of negotiating discounted rates with the uber-pimpin [http://www.hotelteatro.com/ Hotel Teatro].  Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus. <!-- Currently a "petite queen" room will be reduced from $279/night to $149 by mentioning SnowFROC. -->
  
 
To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the [https://reservations.ihotelier.com/crs/g_reservation.cfm?groupID=464765&hotelID=14708 iHotelier.com link here].
 
To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the [https://reservations.ihotelier.com/crs/g_reservation.cfm?groupID=464765&hotelID=14708 iHotelier.com link here].
Line 187: Line 173:
 
====Call for Presentations====
 
====Call for Presentations====
 
<!-- The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] is open until February 23rd 2012. -->
 
<!-- The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] is open until February 23rd 2012. -->
The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] closed February 23rd.  If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.
 
  
 +
<!-- The [[Front_Range_OWASP_Conference_2012_CFP|call for presentations]] closed February 23rd.  If you've got a compelling presentation involving bleeding-edge research please contact steve dot kosten /\+ owasp d0+ org for consideration.
 +
-->
  
 
<!-- ===[[SnowFROC Tentative Schedule]]=== -->
 
<!-- ===[[SnowFROC Tentative Schedule]]=== -->
Line 200: Line 187:
  
 
====Conference Committee====
 
====Conference Committee====
 
+
tbd
FROC 2012 Planning Committee Chair: Kathy Thaxton -  kthaxton at hosting dot com
+
<!-- FROC 2012 Planning Committee Chair: Kathy Thaxton -  kathy.thaxton at owasp dot org
  
 
Presentation Selection Committee:
 
Presentation Selection Committee:
Line 213: Line 200:
 
* Might have a CO Springs chapter in time for SnowFROC; stay tuned...
 
* Might have a CO Springs chapter in time for SnowFROC; stay tuned...
  
Vendor Exhibition POC: Kathy Thaxton - kthaxton at hosting dot com
+
Vendor Exhibition POC: Kathy Thaxton - kathy.thaxton at owasp dot org
 
+
-->
  
 
<!-- Capture the Flag POC: Eric Duprey - eduprey at owasp dot org
 
<!-- Capture the Flag POC: Eric Duprey - eduprey at owasp dot org
Line 221: Line 208:
 
====Sponsors====
 
====Sponsors====
  
If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kthaxton at hosting dot com.
+
If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kathy.thaxton at owasp dot org.
 
<!-- [[File:Sponsors.PNG]]
 
<!-- [[File:Sponsors.PNG]]
 
  -->
 
  -->
  
We are proud to have the following sponsors for this year's conference:
+
We were proud to have the following sponsors for 2012's conference and hope to see them again:
 
<!--  
 
<!--  
 
*Accuvant
 
*Accuvant

Revision as of 12:23, 16 April 2012


Looking for the 2012 presentations? They are here


Welcome

Welcome to SnowFROC 2013, the fifth Front Range OWASP Application Security Conference!

After successful FROC's in June of 2008, March of 2009, 2010 and 2012 we are back in Denver, Colorado USA on ***some day in 2013!

This year we again present a full day, multi-track event, which will provide valuable information for managers and executives as well as developers and engineers. ALSO, we will try to engage several instructors from OWASP to conduct day-long deep-dives the next day!

In 2012, we attracted a packed venue with our great AppSec speakers, and we hope to achieve the same again in 2013.

Registration

Agenda and Presentations: tbd 2013

The agenda follows the successful OWASP conference multi track format, with opening keynotes and presentations in the main room, split tracks in the middle of the day, and closing panel discussions back in the main room.

March 22nd, 2012
07:45-08:30 Registration and Continental Breakfast in the Adirondack Room
08:30-08:45 Welcome to SnowFROC 2013 Conference

OWASP Denver and OWASP Boulder Chapter Leaders

08:45-09:10

State of OWASP

09:10-10:10 Keynote: tbd

tbd

10:10-10:30 Break - Expo
Tech Track - Zenith Room 640 Management Track
10:30-11:15 tbd

tbd

tbd Mngmnt

tbd

11:15-12:00 tbd tech

tbd

tbd tech

tbd

12:00-13:00 Lunch - Expo
13:00-13:50 tbd tech

tbd

tbd mngmnt

tbd


13:50-14:40 tbd tech

tbd

tbd mngmnt

tbd


14:40-15:00 BREAK
15:00-15:50 tbd tech

tbd

tbd Mngmnt

tbd

15:50-16:30 End of Conference Panel Discussion:

Topic: Attendees' choice(s)?

Moderator: tbd Panelists: tbd, others

16:30-17:30 Wrap up, vendor raffles!


Logistics

Denver mountains.JPG

Accomodation

OWASP is in the process of negotiating discounted rates with the uber-pimpin Hotel Teatro. Rooms under the FROC rate will be competitively priced and include courtesy Cadillac Escalade transportation to and from Auraria Campus.

To reserve a room, contact Hotel Teatro at +1.303.228.1100 and mention SnowFROC or use the iHotelier.com link here.

How to get to the venue?
  • By taxi: taxi from the airport to venue is about $50 USD
  • From hotel: transport from the conference hotel (Hotel Teatro) by limo is free
  • By car: there is plenty of parking at the Tivoli. Attendees should park at the Tivoli lot (as in past years). Parking validation will be provided for registered FROC participants.

Call for Presentations

Conference Committee

tbd


Sponsors

If you are interested in sponsoring the Front Range OWASP Conference, please contact Kathy Thaxton at kathy.thaxton at owasp dot org.

We were proud to have the following sponsors for 2012's conference and hope to see them again: