Difference between revisions of "Front Range OWASP Conference 2013/Schedule"

From OWASP
Jump to: navigation, search
Line 41: Line 41:
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 10:00-10:45
 
  | style="background:#024C68; color:white" align="center" | 10:00-10:45
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]<br>[[Media: Chrastil.pptx| Slides ]]
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech1|'''DevFu: The inner ninja in every application developer''' <br> ''Danny Chrastil'']]<br>[[Media: Chrastil.pptx| Slides ]]<br>[https://vimeo.com/68082818 Video]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''<br>[[Media: Disney-Leugers.odp| Slides ]]
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Tech2|'''SIP Based Cloud Instances''' <br> ''Gregory Disney-Leugers]]''<br>[[Media: Disney-Leugers.odp| Slides ]]<br>[https://vimeo.com/68091563 Video]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt1|'''Digital Bounty Hunters - Decoding Bug Bounty Programs''' <br> ''Jon Rose]]''<br>[[Media: Rose.pdf | Slides]]<br>[https://vimeo.com/68107340 Video]
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''<br>[[Media: Shumway.pptx| Slides ]]
 
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess1_Mgmt2|'''Electronic Discovery for System Administrators''' <br> ''Russell Shumway]]''<br>[[Media: Shumway.pptx| Slides ]]
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
 
  | style="background:#C1DAD6" align="center" rowspan="9" | [[Front_Range_OWASP_Conference_2013/CTF|'''CTF''']] <br> ''Sponsored by [https://aerstone.com '''Aerstone''']''
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 10:55-11:40
 
  | style="background:#024C68; color:white" align="center" | 10:55-11:40
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''<br>[[Media: Wolff.pptx| Slides ]]
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech1|'''Adventures in Large Scale HTTP Header Abuse''' <br> ''Zachary Wolff]]''<br>[[Media: Wolff.pptx| Slides ]]<br>[https://vimeo.com/68071431 Video]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''<br>[[Media: Smith.pdf| Slides ]]
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Tech2|'''How Malware Attacks Web Applications''' <br> ''Casey Smith]]''<br>[[Media: Smith.pdf| Slides ]]<br>[https://vimeo.com/68107330 Video]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt1|'''Linking Security to Business Value in the Customer Service Industry''' <br> ''Dan Rojas]]''<br>[[Media: Rojas.pdf | Slides]]<br>[https://vimeo.com/68111318 Video]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''<br>[[Media: Willson.pdf| Slides ]]
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess2_Mgmt2|'''Legal Issues of Forensics in the Cloud''' <br> ''David Willson]]''<br>[[Media: Willson.pdf| Slides ]]<br>[https://vimeo.com/68082821 Video]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
 
  | style="background:#024C68; color:white" align="center" | 11:40-12:40
Line 57: Line 57:
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 12:40-13:25
 
  | style="background:#024C68; color:white" align="center" | 12:40-13:25
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech1|'''Angry Cars: Hacking the "Car as Platform"''' <br> ''Aaron Weaver]]''
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech1|'''Angry Cars: Hacking the "Car as Platform"''' <br> ''Aaron Weaver]]''<br>[[Media: Weaver.pdf | Slides]]<br>[https://vimeo.com/68071432 Video]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Tech2|'''Top Ten Web Application Defenses''' <br> ''Jim Manico]]''<br>[[Media: Manico.pdf | Slides]]<br>[https://vimeo.com/68091564 Video]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''<br>[[Media: Earle.pptx| Slides ]]
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt1|'''Using SaaS and the Cloud to Secure the SDLC''' <br> ''Andrew Earle]]''<br>[[Media: Earle.pptx| Slides ]]<br>[https://vimeo.com/68111315 Video]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''CISPA: Why Privacy Advocates Hate This Legislation''' <br> ''Maureen Donohue Feinroth]]''<br>[[Media: Feinroth.pptx| Slides ]]
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess3_Mgmt2|'''CISPA: Why Privacy Advocates Hate This Legislation''' <br> ''Maureen Donohue Feinroth]]''<br>[[Media: Feinroth.pptx| Slides ]]<br>[https://vimeo.com/68071433 Video]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
 
  | style="background:#024C68; color:white" align="center" | 13:35-14:20
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''<br>[[Media: Bravo.pptx| Slides ]]
 
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech1|'''DevOps and Security: It's Happening. Right Now.''' <br> ''Helen Bravo]]''<br>[[Media: Bravo.pptx| Slides ]]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''<br>[[Media: Conklin.pptx| Slides ]]
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Tech2|'''A Demo of and Preventing XSS in .NET Applications''' <br> ''Larry Conklin]]''<br>[[Media: Conklin.pptx| Slides ]]<br>[https://vimeo.com/68069847 Video]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Measuring Security Best Practices With OpenSAMM''' <br> ''Alan Jex]]''<br>[[Media: Jex.ppt| Slides ]]
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt1|'''Measuring Security Best Practices With OpenSAMM''' <br> ''Alan Jex]]''<br>[[Media: Jex.ppt| Slides ]]<br>[https://vimeo.com/68082823 Video]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''<br>[[Media: Lelewski.pdf| Slides ]]
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess4_Mgmt2|'''Crafting a Plan for When Security Fails''' <br> ''Robert Lelewski]]''<br>[[Media: Lelewski.pdf| Slides ]]<br>[https://vimeo.com/68071439 Video]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 14:30-15:15
 
  | style="background:#024C68; color:white" align="center" | 14:30-15:15
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''<br>[[Media: Chan.pptx| Slides ]]
+
  | style="background:#E8D0A9" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech1|'''Real World Cloud Application Security''' <br> ''Jason Chan]]''<br>[[Media: Chan.pptx| Slides ]]<br>[https://vimeo.com/68082826 Video]
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''<br>[[Media: Brady.pdf| Slides ]]
+
  | style="background:#DFC184" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Tech2|'''Data Mining a Mountain of Zero Day Vulnerabilities''' <br> ''Joe Brady]]''<br>[[Media: Brady.pdf| Slides ]]<br>[https://vimeo.com/68107333 Video]
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''<br>[[Media:McCoy.pdf| Slides ]]
+
  | style="background:#F2F2F2" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt1|'''Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)''' <br> ''Jon McCoy]]''<br>[[Media:McCoy.pdf| Slides ]]<br>[https://vimeo.com/68071440 Video]
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''<br>[[Media: Glanville.pptx| Slides ]]
+
  | style="background:#B7AFA3" align="center" | [[Front_Range_OWASP_Conference_2013/Sessions/Sess5_Mgmt2|'''Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem''' <br> ''Tom Glanville]]''<br>[[Media: Glanville.pptx| Slides ]]<br>[https://vimeo.com/68082819 Video]
 
  |-
 
  |-
 
  | style="background:#024C68; color:white" align="center" | 15:15-15:45
 
  | style="background:#024C68; color:white" align="center" | 15:15-15:45

Revision as of 11:03, 11 June 2013

SnowFROC 2013 Schedule


Thu, Mar 28 Technical Track Deep-Dive Track Management Track Legal Track
07:00-08:30 Registration and Morning Snacks
Sponsored by HP
08:00-08:15 Welcome and Kick-off
Brad Carvalho, Mark Major
08:15-08:30 State of OWASP
Jim Manico
08:30-09:30 Keynote Address: Data Protection for the 21st Century
Neal Ziring, Technical Director for the National Security Agency’s Information Assurance Directorate (IAD)
Video
09:30-10:00 Coffee Break and Sponsor Expo
Sponsored by Aerstone
CTF Kick-off
Chris Rossi, Mark Major
10:00-10:45 DevFu: The inner ninja in every application developer
Danny Chrastil

Slides
Video
SIP Based Cloud Instances
Gregory Disney-Leugers

Slides
Video
Digital Bounty Hunters - Decoding Bug Bounty Programs
Jon Rose

Slides
Video
Electronic Discovery for System Administrators
Russell Shumway

Slides
CTF
Sponsored by Aerstone
10:55-11:40 Adventures in Large Scale HTTP Header Abuse
Zachary Wolff

Slides
Video
How Malware Attacks Web Applications
Casey Smith

Slides
Video
Linking Security to Business Value in the Customer Service Industry
Dan Rojas

Slides
Video
Legal Issues of Forensics in the Cloud
David Willson

Slides
Video
11:40-12:40 Lunch and Sponsor Expo
Sponsored by Aerstone
12:40-13:25 Angry Cars: Hacking the "Car as Platform"
Aaron Weaver

Slides
Video
Top Ten Web Application Defenses
Jim Manico

Slides
Video
Using SaaS and the Cloud to Secure the SDLC
Andrew Earle

Slides
Video
CISPA: Why Privacy Advocates Hate This Legislation
Maureen Donohue Feinroth

Slides
Video
13:35-14:20 DevOps and Security: It's Happening. Right Now.
Helen Bravo

Slides
A Demo of and Preventing XSS in .NET Applications
Larry Conklin

Slides
Video
Measuring Security Best Practices With OpenSAMM
Alan Jex

Slides
Video
Crafting a Plan for When Security Fails
Robert Lelewski

Slides
Video
14:30-15:15 Real World Cloud Application Security
Jason Chan

Slides
Video
Data Mining a Mountain of Zero Day Vulnerabilities
Joe Brady

Slides
Video
Defending Desktop (.NET/C#) Applications: Mitigating in the Dark (A Case Study Remix)
Jon McCoy

Slides
Video
Information Control: The Critical Need for a Defensible Position - Securing the Information Ecosystem
Tom Glanville

Slides
Video
15:15-15:45 Coffee Break and Sponsor Expo
Sponsored by Aerstone
15:45-16:45 Moderated Panel Discussion
   Aaron Weaver
   David Willson
   Dan Wilson
   Neal Ziring
   Moderator: Jim Manico
   Video
16:45-17:00 Closing Statements
Brad Carvalho, Mark Major
17:00- Sponsor Raffles, Drawings, and Contests CTF Wrap-Up
Chris Rossi, Mark Major
19:00-22:00+ After-party at Tarantula Billiards
Sponsored by AppliedTrust
Tarantula is located 3 blocks from the Marriott at the corner of 15th and Stout (1520 Stout Street, Denver)
Awards Ceremony at Tarantula (20:00)


Fri, Mar 29 Training Birds of a Feather: A Birds of a Feather: B Capture the Flag
09:00-9:45 Training: Secure Coding
Aaron Weaver
DevOps in Cloud environments (edit) BoaF 1b (edit) FLOSSHack: CTF VM
10:00-10:45 The modern threatscape: what have you seen? (edit) BoaF 2b (edit)
10:45-11:15 Coffee Break
Sponsored by Aerstone
11:15-12:00 Access Control (edit) BoaF 3b (edit) FLOSSHack: CTF Scoreboard
12:15-13:00 COTS solutions for secure enterprise architectures (edit) BoaF 4b (edit)