Difference between revisions of "Front Range OWASP Conference 2013/Schedule"

From OWASP
Jump to: navigation, search
(Changed the speaker schedule to note Kevin Greene's withdrawal and David Willson's insertion)
Line 42: Line 42:
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]  
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]  
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Measuring Best Security Practices With OpenSAMM''' <br> ''Alan Jex]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
Line 49: Line 49:
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''CISPA: Why Privacy Advocates This Legislation''' <br> ''Maureen Donohue Feinroth]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
Line 59: Line 59:
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''
 
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''CISPA: Why Privacy Advocates This Legislation''' <br> ''Maureen Donohue Feinroth]]''
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Measuring Best Security Practices With OpenSAMM''' <br> ''Alan Jex]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''
 
  |-
 
  |-
Line 70: Line 70:
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''
 
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''
 
  |-
 
  |-

Revision as of 11:04, 21 March 2013

SnowFROC 2013 schedule

This schedule is subject to frequently changes as the conference draws nearer.


CFP Schedule

Abstract collection will begin January 14th and continue until all speaking slots are filled. Rolling evaluations will occur and selected papers will be announced each Monday beginning on February 11th.

Final presentations of accepted abstracts must be submitted for review by March 17th. Presentations will be delivered during the conference on March 28th.

(See the CFP section for additional dates and details.)


Day of Event Schedule


Thu, Mar 28 Technical Track Deep-Dive Track Management Track Legal Track
07:00-08:30 Registration and Morning Snacks
Sponsored by HP
08:00-08:15 Welcome and Kick-off
Brad Carvalho, Mark Major
08:15-08:30 State of OWASP
Jim Manico
08:30-09:30 Keynote Address
Neal Ziring, Technical Director for the National Security Agency’s Information Assurance Directorate (IAD)
09:30-10:00 Coffee Break and Sponsor Expo
Coffee provided by [SPONSORSHIP AVAILABLE]
CTF Kick-off
Chris Rossi, Mark Major
10:00-10:45 DevFu: The inner ninja in every application developer
Danny Chrastil
SIP Based Cloud Instances
Gregory Disney-Leugers
Digital Bounty Hunters - Decoding Bug Bounty Programs
Jon Rose
Electronic Discovery for System Administrators
Russell Shumway
CTF
Sponsored by Aerstone
10:55-11:40 Adventures in Large Scale HTTP Header Abuse
Zachary Wolff
How Malware Attacks Web Applications
Casey Smith
Linking Security to Business Value in the Customer Service Industry
Dan Rojas
Legal Issues of Forensics in the Cloud
David Willson
11:40-12:40 Lunch and Sponsor Expo
Lunch provided by [SPONSORSHIP AVAILABLE]
12:40-13:25 Angry Cars: Hacking the "Car as Platform"
Aaron Weaver
Top Ten Web Application Defenses
Jim Manico
Using SaaS and the Cloud to Secure the SDLC
Andrew Earle
CISPA: Why Privacy Advocates This Legislation
Maureen Donohue Feinroth
13:35-14:20 Real World Cloud Application Security
Jason Chan
A Demo of and Preventing XSS in .NET Applications
Larry Conklin
Measuring Best Security Practices With OpenSAMM
Alan Jex
Crafting a Plan for When Security Fails
Robert Lelewski
14:30-15:15 DevOps and Security: It's Happening. Right Now.
Helen Bravo
Data Mining a Mountain of Zero Day Vulnerabilities
Joe Brady
Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)
Jon McCoy
Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem
Tom Glanville
15:15-15:45 Coffee Break and Sponsor Expo
Coffee provided by [SPONSORSHIP AVAILABLE]
15:45-16:45 Moderated Panel Discussion
   Panelist Name, Company & Title
   Panelist Name, Company & Title
   Panelist Name, Company & Title
   Moderator: Jim Manico
16:45-17:00 Closing Statements
Brad Carvalho, Mark Major
17:00- Sponsor Raffles, Drawings, and Contests CTF Wrap-Up
Chris Rossi, Mark Major
19:00-22:00+ After-party at Tarantula Billiards
Sponsored by AppliedTrust
Tarantula is located 3 blocks from the Marriott at the corner of 15th and Stout (1520 Stout Street, Denver)
Awards Ceremony at Tarantula (20:00)


Fri, Mar 29 Training Birds of a Feather: A Birds of a Feather: B Capture the Flag
09:00-9:45 Secure Coding DevOps in Cloud environments (edit) BoaF 1b (edit) FLOSSHack: CTF VM
10:00-10:45 The modern threatscape: what have you seen? (edit) BoaF 2b (edit)
10:45-11:15 Coffee Break
Provided by [SPONSORSHIP AVAILABLE]
11:15-12:00 Access Control (edit) BoaF 3b (edit) FLOSSHack: CTF Scoreboard
12:15-13:00 COTS solutions for secure enterprise architectures (edit) BoaF 4b (edit)