Difference between revisions of "Lonestar Application Security Conference 2010"

From OWASP
Jump to: navigation, search
Line 92: Line 92:
 
==== Sessions  ====
 
==== Sessions  ====
  
 +
== Technical Track ==
 +
James Flom<br>
 +
Why ha.ckers.org Doesn’t Get Hacked<br>
 +
<br>
 +
Ha.ckers.org has suffered nearly every attack a website can.  These attacks include robots, sophisticated web-based attacks, brute force, denial of service, and network based attacks.  This speech will explain the other side of protecting high risk websites - the configurations, operating system, and network.<br>
 +
<br>
 +
 +
== Management Track ==
 +
Charlie Scott and Jay Paz<br>
 +
Conducting an Instiution-Wide, Multi-Department Application Security Assessment<br>
 +
<br>
 +
From early 2009 until mid-2010, the Information Security Office at the University of Texas at Austin conducted a security assessment of over 250 web applications, spanning over 30 departments.  The objectives of this assessment were to provide a thorough security review of existing applications, and act as an education and awareness exercise for the application developers.  This presentation covers the political, technical, and scheduling challenges encountered on this assessment, how they were overcome, the results of the assessment and the changes they brought about, and lessons learned by the assessment team.<br>
 +
<br>
 +
 +
== OWASP Etc Track ==
 +
Dean Bushmiller<br>
 +
OWASP Top 10: What is it all about?<br>
 +
<br>
 +
Everyone knows exactly what the OWASP top ten security threats are, right? Well sort of... I ask people if they have heard of the top ten they say yes. I ask them to name a few they pause, then they blurt out 2-3. Then I ask them to explain those 2-3 and they look at me like a deer-in-the-headlights. I want to make sure that everyone who walks out of the presentation can clearly define the top ten and be able to communicate to another what each of the top ten vulnerabilites are.<br>
 +
<br>
  
 
==== Speakers  ====
 
==== Speakers  ====
Line 192: Line 212:
 
==== Hotel  ====
 
==== Hotel  ====
  
We have partnered with the Embassy Suites in the Arboretum and you can book rooms at using the discount code: LAS at 1-800-362-2779 begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting or you can  
+
We have partnered with the Embassy Suites in the Arboretum and you can book rooms at using the discount code: LAS at 1-800-362-2779 begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting or you can  
 
[http://embassysuites.hilton.com/en/es/groups/personalized/AUSESES-LAS-20101025/index.jhtml?WT.mc_id=POG Book your room online.]
 
[http://embassysuites.hilton.com/en/es/groups/personalized/AUSESES-LAS-20101025/index.jhtml?WT.mc_id=POG Book your room online.]
  

Revision as of 16:32, 22 October 2010


LASCON 2010 Banner


LASCON is happening on October 29th, 2010 in Austin, TX

Registration Link | Speaker List Posted! | Follow LASCONATX on Twitter | Norris Conference Center


Welcome

Who Should Attend LASCON 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interested in Improving IT Security


LASCON 2010 Schedule

You can register for the conference here






Registration

Registration Is Now Open!

Register Here

OWASP Membership ($50 annual membership fee) gets you a discount on registration.

Non-Members (Includes a 1 year OWASP membership) $150 Until 10/26/2010 $200 After 10/26/2010
OWASP Members $100 Until 10/26/2010 $200 After 10/26/2010
Students with valid Student ID (must be shown at the door) $80 Until 10/26/2010 $2000 After 10/26/2010

Who Should Attend LASCON 2010:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security


For student discount, you must present proof of current enrollment when picking up your badge. No exceptions.

Sessions

Technical Track

James Flom
Why ha.ckers.org Doesn’t Get Hacked

Ha.ckers.org has suffered nearly every attack a website can. These attacks include robots, sophisticated web-based attacks, brute force, denial of service, and network based attacks. This speech will explain the other side of protecting high risk websites - the configurations, operating system, and network.

Management Track

Charlie Scott and Jay Paz
Conducting an Instiution-Wide, Multi-Department Application Security Assessment

From early 2009 until mid-2010, the Information Security Office at the University of Texas at Austin conducted a security assessment of over 250 web applications, spanning over 30 departments. The objectives of this assessment were to provide a thorough security review of existing applications, and act as an education and awareness exercise for the application developers. This presentation covers the political, technical, and scheduling challenges encountered on this assessment, how they were overcome, the results of the assessment and the changes they brought about, and lessons learned by the assessment team.

OWASP Etc Track

Dean Bushmiller
OWASP Top 10: What is it all about?

Everyone knows exactly what the OWASP top ten security threats are, right? Well sort of... I ask people if they have heard of the top ten they say yes. I ask them to name a few they pause, then they blurt out 2-3. Then I ask them to explain those 2-3 and they look at me like a deer-in-the-headlights. I want to make sure that everyone who walks out of the presentation can clearly define the top ten and be able to communicate to another what each of the top ten vulnerabilites are.

Speakers

Asad Ali Noa Bar-yosef Erik Pace Birkholz Dean Bushmiller Brad Causey Chris Eng James Flom Robert Hansen Charles Henderson Michael Howard Joe Jarzombek Samy Kamkar Karen Lu Ernest Mueller Jay Paz Pete Perfetti Rob Rachwald Charlie Scott Amichai Shulman Josh Sokol

Volunteers

Volunteers Needed!

Get involved!

We will take all the help we can get to pull off the best Web Application Security Conference of the year! Volunteers get free admission. This is your chance to rub elbows with the big players and mingle with potential networking contacts or even future employers!


Please contact james.wickett(at)owasp.org to volunteer for a specific area:

  • Room Monitors
  • Speakers and Trainers
  • Vendors
  • Registration
  • Facilities

More opportunities and areas will be added as time goes on. Our File:Volunteer Sheet.doc can be downloaded which outlines some of the responsibilities and available positions. Note: this document references the the DC conference last year, this is just for a general guideline. Updated document coming soon.


Sponsors

Platinum Sponsors

YOUR COMPANY NAME AND LOGO COULD BE HERE
 

Gold Sponsors

Gemalto.jpg Whitehat.jpg Splunk.jpg Impactsecurityllc.png
Impact Security LLC
 

Silver Sponsors

K2share.gif Dexa.jpg Expandingsecurity.jpg
Expanding Security
Trustwave.jpg
        Fortify.png Veracode.gif Praetorian.jpg Denim-group.png

Badge Sponsor

Gemalto.jpg
 


Venue

Norris Conference Center

LASCON 2010 will be taking place at the Norris Conference Center in Austin, TX.


Travel

Traveling to the Austin Metro Area

Hotel

We have partnered with the Embassy Suites in the Arboretum and you can book rooms at using the discount code: LAS at 1-800-362-2779 begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting begin_of_the_skype_highlighting              1-800-362-2779      end_of_the_skype_highlighting or you can Book your room online.

Embassy Suites Austin - Arboretum 9505 Stonelake Boulevard Austin, Texas 78759

The rooms are $139 for a double or queen, includes hot breakfast and shuttle to/from the event.

Book your room online with the LASCON discount.

Sponsorship Options

We are currently soliciting sponsors for the LASCON 2010 Conference. Please refer to our List of Sponsorship Opportunities

Please contact James Wickett for more information.

Slots are going fast so contact us to sponsor today!

LASCON 2010 Sponsors.jpg

LASCON 2010 Additional.jpg

Call for Papers

Sorry, the CFP has ended for LASCON 2010. Maybe next year?