Difference between revisions of "OWASP & WASC AppSec 2007 Conference"

From OWASP
Jump to: navigation, search
(Conference Schedule and Location)
 
(43 intermediate revisions by 6 users not shown)
Line 1: Line 1:
[[Image:Owasp_wasc.gif]]
+
[[Image:Owasp_wasc.gif|center]]
 
==Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007==
 
==Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007==
  
OWASP and [http://www.webappsec.org WASC] have agreed to join forces this year to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts will be in attendance presenting high quality web application security content. AppSec 2007 offers a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.
+
OWASP and [http://www.webappsec.org WASC] agreed to join forces to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts were in attendance presenting high quality web application security content. AppSec 2007 offered a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.
  
Registration is now open for the conference. See below for details.
+
==Conference Schedule and Location==
  
==Conference Location==
+
The AppSec 2007 Conference was held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.
  
The AppSec 2007 Conference will be held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training Days: November 12th-13th]]
  
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training Days: Novermber 12th-13th]]
+
Cenzic Cocktail Party: Evening of November 12th - at eBay.
  
Main Conference: November 14th-15th
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Technology_Expo:_Tuesday-Wednesday_Nov_13th-14th | Tech Expo: November 13th-14th]]
  
==Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th==
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Social Events | Breach Cocktail Party: Evening of November 13th]]
  
The [http://www.owasp.org/index.php/7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda agenda] will follow the (current) standard OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | Main Conference: November 14th-15th]]
  
New Web Services Track: In addition, the conference will have a 3rd track on the first day. This track is focused on Web Services Security which is a new area for OWASP. If you are interested in speaking at this conference on a Web Services Security topic, please contact Gunnar Peterson, who is organizing that track.
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Social Events | OWASP Conference Dinner: Evening of November 14th]]
  
This conference will include presentations from many different OWASP and WASC contributors and leading Application Security professionals, and will include one panel each day.
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007#Social Events | Microsoft and Aspect Security Cocktail Party: Evening of November 15th
 +
]]
  
The OWASP & WASC AppSec 2007 agenda is still being developed.
+
==[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th]]==
  
==Training: Monday-Tuesday - Nov 12th-13th==
+
The [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Agenda | agenda]] followed the general OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.
  
We have arranged for a suite of two day Application Security training courses to be offered prior to the conference. The tutorials being offered are:
+
New Web Services Track: In addition, the conference had a 3rd track on the first day. This track focused on Web Services Security which is a new area for OWASP. Gunnar Peterson organized this track.
  
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T1._Building_and_Testing_Secure_Web_Applications_-_2-Day_Course_-_Nov_12-13.2C_2007 | Building and Testing Secure Web Applications]]
+
This conference included presentations from many different OWASP and WASC contributors and leading Application Security professionals, and included closing panels each day.
  
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T2._Secure_Coding_for_Java_EE_-_2-Day_Course_-_Nov_12-13.2C_2007 | Secure Coding for Java EE]]
+
==[[ 7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | Training: Monday-Tuesday - Nov 12th-13th]]==
  
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T3._Advanced_Asp.Net_Exploits_and_Countermeasures_-_2-Day_Course_-_Nov_12-13.2C_2007 | Advanced Asp.Net Exploits and Countermeasures]]
+
OWASP arranged for a suite of two-day Application Security training courses to be offered prior to the conference. General details about all the tutorials including location and pricing is available [[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training | here]]. The tutorials being offered were:
  
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T4._Web_Services_and_XML_Security_-_2-Day_Course_-_Nov_12-13.2C_2007 | Web Services and XML Security]]
+
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T1._Building_and_Testing_Secure_Web_Applications_-_2-Day_Course_-_Nov_12-13.2C_2007 | T1. Building and Testing Secure Web Applications]]
 +
 
 +
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T2._Secure_Coding_for_Java_EE_-_2-Day_Course_-_Nov_12-13.2C_2007 | T2. Secure Coding for Java EE]]
 +
 
 +
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T3._Secure_Coding_.NET_Web_Applications_-_2-Day_Course_-_Nov_12-13.2C_2007 | T3. Secure Coding .NET Web Applications]]
 +
 
 +
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T4._Web_Services_and_XML_Security_-_2-Day_Course_-_Nov_12-13.2C_2007 | T4. Web Services and XML Security]]
 +
 
 +
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T5._Leveraging_OWASP_Tools_and_Documents_to_Secure_Your_Enterprise | T5. Leveraging OWASP Tools and Documents to Secure Your Enterprise ]]
 +
 
 +
[[7th_OWASP_AppSec_Conference_-_San_Jose_2007/Training#T6._Open_Source_ModSecurity_Training_-_2-Day_Course_-_Nov_12-13.2C_2007 | T6. Open Source ModSecurity Training ]]
  
 
==Technology Expo: Tuesday-Wednesday Nov 13th-14th==
 
==Technology Expo: Tuesday-Wednesday Nov 13th-14th==
  
Leading vendors in the application security space will be at the conference for the first time this year giving technology demonstrations and providing access to their technical staff so they can answer in-depth questions and demonstrate the capabilities of their products or managed services.
+
Leading vendors in the application security space were at the conference for the first time giving technology demonstrations and providing access to their technical staff so they could answer in-depth questions and demonstrate the capabilities of their products or automated managed services.
  
The technology expo will be open from 12PM - 2PM on Nov. 13th (and all tutorial attendees will be given a large lunch break during that time to attend the expo). It will also be open from 11AM until 5PM on Nov. 14th which is the first day of the conference.
+
The technology expo was open from '''12PM - 2PM on Nov. 13th''' (and all tutorial attendees were given a large lunch break during that time to attend the expo). It was also open from '''11AM - 6PM on Nov. 14th''' which was the first day of the conference.
  
More information about conference sponsorship and participating in the technology expo is available [[OWASP AppSec Conference Sponsors | here]].
+
What did conference attendees expect to get out of the Tech Expo?
 +
* ''Hands-on time using a vendor's product'' - The goal was to be able to walk up to vendor with a USB stick of code/binaries/etc. and actually get a taste of how the tool(s) performs, technical features, applicability & appropriateness, etc.
 +
* ''Evaluate in a non-sales environment'' - At the Expo, attendees were provided information about the types of tools being exhibited and independent evaluation criteria where that exists (e.g. the [http://www.webappsec.org/projects/wafec/ WAFEC] from WASC, information from the [[OWASP_Tools_Project]], etc.). It was an opportunity to ask the hard questions and talk to technical folks from the vendors that can answer them.
 +
* ''Contact info exchange at your discretion'' - We did not do badge scanning and the like, so attendees were in control of who they want to follow-up with (via good, old-fashioned business card exchange).
 +
 
 +
The tech expo vendors for this year's conference were: Applicure, Armorize, Art of Defense, Breach, Cenzic, Cisco, F5, Fortify, Ounce Labs, Veracode, Watchfire, and White Hat
 +
 
 +
More information about conference sponsorship and participating in a technology expo is available [[OWASP AppSec Conference Sponsors | here]].
  
 
==Conference Fees==
 
==Conference Fees==
Line 54: Line 72:
 
Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
 
Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.
  
==[http://guest.cvent.com/i.aspx?4W,M3,17e6e912-2dec-4de6-8946-aa005721c4dd Registration]==
+
==Social Events==
 +
Breach Cocktail Party: Evening of November 13th
 +
    @ Fahrenheit Ultra Lounge & Restaurant
 +
      99 East San Fernando Street
 +
      San Jose, CA 95113
 +
      6:30PM - 8:30PM
 +
      Space is Limited so please RSVP:  More info and how to RSVP available [http://www.breach.com/breach_security_party_owaspwasc_san_jose.html here]. [http://www.owasp.org/downloads/OWASPBreachPartyFlyer.pdf PDF here]
  
Registration is now open!! Here is the [http://guest.cvent.com/i.aspx?4W,M3,17e6e912-2dec-4de6-8946-aa005721c4dd registration page].
+
OWASP Conference Dinner: Evening of November 14th
 +
    @ Holiday Inn
 +
      1740 N. First Street
 +
      San Jose, CA 95112
 +
      6:30PM - ???PM
 +
      Register for this event at the conference [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=17e6e912-2dec-4de6-8946-aa005721c4dd website].  
 +
Microsoft and Aspect Security Cocktail Party: Evening of November 15th [http://www.owasp.org/downloads/aspect_party.pdf PDF here]
 +
    @ Holiday Inn
 +
      1740 N. First Street
 +
      San Jose, CA 95112
 +
      6:30PM - 8:30PM
  
 
==Hotel and Transportation Info==
 
==Hotel and Transportation Info==
 +
OWASP had negotiated rates at the following hotels:
  
We are currently negotiating rates with local hotels
+
Holiday Inn-San Jose OWASP Rate $129/night King or Double Room
 +
You can call reservations at 1-866-241-9878 and ask for the group "OWASP" or reserve your room [http://www.ichotelsgroup.com/h/d/hi/1/en/advancedsearch?whichtype=room&roomResult=none&hotelCode=sjcfs&quickRes=city&_GPC=OSP&checkInDate=11&checkOutMonthYear=102007&checkInMonthYear=102007&checkOutDate=16&_requestid=184025 online here].
 +
 
 +
Homewood Suites by Hilton- San Jose OWASP Rate $149/night (4+ nights) $169/night (3 or less nights)
 +
King room w/ sleeper sofa (comes w/ fully equipped kitchen)
 +
Call Maria Larios at 408-678-4481 and ask for the group OWASP or email her at maria.larios@dimdev.com
 +
 
 +
Transportation Info:
  
 
From San Jose International Airport (SJC):
 
From San Jose International Airport (SJC):
Line 76: Line 118:
 
Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' list.org
 
Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' list.org
  
Refereed Papers Chair: Frank Piessens - KU Leuven - Frank.Piessens 'at' cs.kuleuven.ac.be
+
2008 U.S. Planning Committee Chair: Tom Brennan - Access IT Group - jinxpuppy 'at' gmail.com
  
== [[OWASP AppSec Conference Sponsors | OWASP & WASC AppSec 2007 Conference Sponsors]]==
+
Refereed Papers Chair: Frank Piessens - KU Leuven - Frank.Piessens 'at' cs.kuleuven.ac.be
  
The following organizations are sponsors for this conference. If you are interested in sponsoring either of the 2007 OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.
+
== [[OWASP AppSec Conference Sponsors | OWASP & WASC AppSec 2007 Conference Sponsors]]==
  
[http://www.aspectsecurity.com https://www.owasp.org/images/d/d1/Aspect_logo.gif]
+
The following organizations were sponsors for this conference. If you are interested in sponsoring future OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.
[http://www.fortifysoftware.com https://www.owasp.org/images/d/d1/Fortify.JPG]
+
  
We are also going to have vendor booths at this conference for the first time. If you are interested in demonstrating your application security product to a sophisticated audience of application security professionals, please contact us for more information. Please contact either Dave Wichers (the OWASP Conferences Chair) or Pravir Chandra, who will be organizing the vendor area for this conference.
+
{{Template:OWASP_Conference_Sponsors_2007_San_Jose}}
  
 
More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].
 
More information about conference sponsorship is available [[OWASP AppSec Conference Sponsors | here]].

Latest revision as of 13:43, 7 October 2008

Owasp wasc.gif

Its now the OWASP & WASC AppSec 2007 Conference !!! @ eBay in San Jose, CA Nov 12-15, 2007

OWASP and WASC agreed to join forces to put together an incredible AppSec 2007 Conference for the application security community. A huge concentration of industry leading experts were in attendance presenting high quality web application security content. AppSec 2007 offered a unique opportunity for security professionals, software developers, and IT managers to get up to speed on the latest and greatest attack techniques, defense strategies, and industry trends in an atmosphere of peers. The conference format and venue is also perfect for networking and sharing experiences with others that are down in the trenches.

Conference Schedule and Location

The AppSec 2007 Conference was held at eBay at their facility at: 2211 North First Street in San Jose, CA Nov 12th-15th.

Training Days: November 12th-13th

Cenzic Cocktail Party: Evening of November 12th - at eBay.

Tech Expo: November 13th-14th

Breach Cocktail Party: Evening of November 13th

Main Conference: November 14th-15th

OWASP Conference Dinner: Evening of November 14th

Microsoft and Aspect Security Cocktail Party: Evening of November 15th

Agenda and Presentations: Wednesday-Thursday - Nov 14th-15th

The agenda followed the general OWASP conference format of two tracks, with opening keynotes and presentations in the main auditorium, split tracks in the middle of the day, and closing presentations back in the main auditorium both days.

New Web Services Track: In addition, the conference had a 3rd track on the first day. This track focused on Web Services Security which is a new area for OWASP. Gunnar Peterson organized this track.

This conference included presentations from many different OWASP and WASC contributors and leading Application Security professionals, and included closing panels each day.

Training: Monday-Tuesday - Nov 12th-13th

OWASP arranged for a suite of two-day Application Security training courses to be offered prior to the conference. General details about all the tutorials including location and pricing is available here. The tutorials being offered were:

T1. Building and Testing Secure Web Applications

T2. Secure Coding for Java EE

T3. Secure Coding .NET Web Applications

T4. Web Services and XML Security

T5. Leveraging OWASP Tools and Documents to Secure Your Enterprise

T6. Open Source ModSecurity Training

Technology Expo: Tuesday-Wednesday Nov 13th-14th

Leading vendors in the application security space were at the conference for the first time giving technology demonstrations and providing access to their technical staff so they could answer in-depth questions and demonstrate the capabilities of their products or automated managed services.

The technology expo was open from 12PM - 2PM on Nov. 13th (and all tutorial attendees were given a large lunch break during that time to attend the expo). It was also open from 11AM - 6PM on Nov. 14th which was the first day of the conference.

What did conference attendees expect to get out of the Tech Expo?

  • Hands-on time using a vendor's product - The goal was to be able to walk up to vendor with a USB stick of code/binaries/etc. and actually get a taste of how the tool(s) performs, technical features, applicability & appropriateness, etc.
  • Evaluate in a non-sales environment - At the Expo, attendees were provided information about the types of tools being exhibited and independent evaluation criteria where that exists (e.g. the WAFEC from WASC, information from the OWASP_Tools_Project, etc.). It was an opportunity to ask the hard questions and talk to technical folks from the vendors that can answer them.
  • Contact info exchange at your discretion - We did not do badge scanning and the like, so attendees were in control of who they want to follow-up with (via good, old-fashioned business card exchange).

The tech expo vendors for this year's conference were: Applicure, Armorize, Art of Defense, Breach, Cenzic, Cisco, F5, Fortify, Ounce Labs, Veracode, Watchfire, and White Hat

More information about conference sponsorship and participating in a technology expo is available here.

Conference Fees

Standard: $400, OWASP Members: $350, Students: $225, Early Registration Discount (by Oct 12): $50 ($25 for students)

Conference Dinner (Evening of Nov 14th): $50

Conference Tutorial (Two day tutorials Nov 12-13): $1300, $1450 [If not attending the conference], Student Fee: $675

Note: To save on processing expenses, all fees paid for the AppSec 2007 Conference are non-refundable. OWASP can accomodate transfers of registrations from one person to another, if such an adjustment becomes necessary.

Social Events

Breach Cocktail Party: Evening of November 13th

   @ Fahrenheit Ultra Lounge & Restaurant
     99 East San Fernando Street
     San Jose, CA 95113
     6:30PM - 8:30PM
     Space is Limited so please RSVP:  More info and how to RSVP available here. PDF here

OWASP Conference Dinner: Evening of November 14th

   @ Holiday Inn
     1740 N. First Street
     San Jose, CA 95112
     6:30PM - ???PM
     Register for this event at the conference website. 

Microsoft and Aspect Security Cocktail Party: Evening of November 15th PDF here

   @ Holiday Inn
     1740 N. First Street
     San Jose, CA 95112
     6:30PM - 8:30PM

Hotel and Transportation Info

OWASP had negotiated rates at the following hotels:

Holiday Inn-San Jose OWASP Rate $129/night King or Double Room
You can call reservations at 1-866-241-9878 and ask for the group "OWASP" or reserve your room online here.
Homewood Suites by Hilton- San Jose OWASP Rate $149/night (4+ nights) $169/night (3 or less nights)
King room w/ sleeper sofa (comes w/ fully equipped kitchen)
Call Maria Larios at 408-678-4481 and ask for the group OWASP or email her at maria.larios@dimdev.com

Transportation Info:

From San Jose International Airport (SJC): eBay is located about a mile from this airport

From San Francisco International Airport (SFO): eBay is located 40 miles from this airport

Conference Committee

OWASP Conferences Chair: Dave Wichers - Aspect Security - dave.wichers 'at' owasp.org

Web Services Security Track Chair: Gunnar Peterson - Arctec Group - gunnar 'at' arctecgroup.net

Vendor Exhibition Chair: Pravir Chandra - Cigital - chandra 'at' list.org

2008 U.S. Planning Committee Chair: Tom Brennan - Access IT Group - jinxpuppy 'at' gmail.com

Refereed Papers Chair: Frank Piessens - KU Leuven - Frank.Piessens 'at' cs.kuleuven.ac.be

OWASP & WASC AppSec 2007 Conference Sponsors

The following organizations were sponsors for this conference. If you are interested in sponsoring future OWASP conferences, please contact OWASP at: conferences 'at' owasp.org.

Aspect_logo.gif Fortify.JPG Paypal_logo.gif Ebay.gif Ounce_labs.jpg Breach_logo.gif Whitehat.gif IOActive.gif AOD_Logo.gif CenzicLogo.gif Applicure_logo_no_technologies_web.jpg Watchfirelogo.gif Armorize_Logo.png 50px-F5_50px.jpg Veracode_logo_2color.jpg Cisco.jpg

More information about conference sponsorship is available here.