Difference between revisions of "OWASP Software Assurance Day DC 2010"

From OWASP
Jump to: navigation, search
m
 
(5 intermediate revisions by 3 users not shown)
Line 5: Line 5:
  
 
Welcome to the '''OWASP Software Assurance Day DC 2010''' wiki page.
 
Welcome to the '''OWASP Software Assurance Day DC 2010''' wiki page.
 
''This page is still being updated with information please treat is as a draft''
 
  
 
This single-day training session will be held on '''September 27th''' as a part of the '''13th Semi-Annual Software Assurance Forum''' (September 27th - October 1st) sponsored by the US Department of Homeland Security (DHS), Department of Defense (DoD) and National Institute of Standards and Technology (NIST). The event will be held at the NIST campus in Gaithersburg Maryland.
 
This single-day training session will be held on '''September 27th''' as a part of the '''13th Semi-Annual Software Assurance Forum''' (September 27th - October 1st) sponsored by the US Department of Homeland Security (DHS), Department of Defense (DoD) and National Institute of Standards and Technology (NIST). The event will be held at the NIST campus in Gaithersburg Maryland.
Line 39: Line 37:
 
  ! colspan="3" align="center" style="background:#4058A0; color:white" | September 27th, 2010
 
  ! colspan="3" align="center" style="background:#4058A0; color:white" | September 27th, 2010
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 08:15-08:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''OWASP Software Assurance Day DC Introduction'''  
+
  | style="width:10%; background:#7B8ABD" | 08:30-08:35 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 Intro | OWASP Software Assurance Day DC Introduction]]'''  
 
''Doug Wilson, Mandiant''
 
''Doug Wilson, Mandiant''
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 08:30-09:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''Intro to OWASP'''  
+
  | style="width:10%; background:#7B8ABD" | 08:35-09:05 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 OWASP | Intro to OWASP]]'''  
 
''Jeff Williams, Aspect Security''
 
''Jeff Williams, Aspect Security''
 
  |-
 
  |-
  | style="width:10%; background:#7B8ABD" | 09:00-10:15 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[Getting Started with the Top Ten and OWASP Guides, a dialog]]
+
  | style="width:10%; background:#7B8ABD" | 09:05-10:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 Getting Started | Getting Started with OWASP: the Top Ten, ASVS and the Guides]]'''
 
''Dave Wichers, Aspect Security''
 
''Dave Wichers, Aspect Security''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 10:15-10:35 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Morning Break'''
+
  | style="width:10%; background:#7B8ABD" | 10:30-11:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Morning Break'''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 10:35-11:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[How to build a software assurance program with OpenSAMM]]
+
  | style="width:10%; background:#7B8ABD" | 11:00-12:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 OpenSAMM | How to build a software assurance program with OpenSAMM]]'''
''Pravir Chandra, Fortify''
+
''Shakeel Tufail, Fortify''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 11:30-1:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Lunch'''
+
  | style="width:10%; background:#7B8ABD" | 12:00-1:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 OWASP WTE | OWASP WTE: An Open Environment for Web Application Security]]'''
|-
+
| style="width:10%; background:#7B8ABD" | 1:00-1:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP Live CD]]
+
 
''Matt Tesauro, Trustwave''
 
''Matt Tesauro, Trustwave''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 1:30-2:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP ESAPI]]
+
  | style="width:10%; background:#7B8ABD" | 1:00-2:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Lunch'''
 +
|-
 +
| style="width:10%; background:#7B8ABD" | 2:00-2:45 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP DHS SWA Day 2010 ESAPI | OWASP ESAPI]]'''
 
''Jeff Williams, Aspect Security''
 
''Jeff Williams, Aspect Security''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 2:00-2:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP O2]]
+
  | style="width:10%; background:#7B8ABD" | 2:45-3:15 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Afternoon Break'''
''John Steven, Cigital''
+
|-
+
| style="width:10%; background:#7B8ABD" | 2:30-3:00 || colspan="2" style="width:80%; background:#C2C2C2" align="left" | '''Afternoon Break'''
+
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 3:00-4:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[OWASP in Action -- Implementing a DISA STIG with OWASP tools]]
+
  | style="width:10%; background:#7B8ABD" | 3:15-4:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | '''[[OWASP in Action: Tools for the DISA ASD STIG]]'''
''Jason Li (& Dave Wichers), Aspect Security''
+
''Jason Li, Aspect Security''
 
|-
 
|-
  | style="width:10%; background:#7B8ABD" | 4:00-5:00 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | [[Conclusion and Q&A]]
+
  | style="width:10%; background:#7B8ABD" | 4:00-4:30 || colspan="2" style="width:80%; background:#F2F2F2" align="left" | Conclusion and Q&A
''TBD''
+
''Doug Wilson''
 
|}
 
|}
  
 
====Registration====
 
====Registration====
 
 
The 13th Semi-Annual Software Assurance Forum is a free event, but no one will be admitted to the NIST campus if they have not [http://www.nist.gov/itl/ssd/software-assurance-forum.cfm registered] in advance.
 
The 13th Semi-Annual Software Assurance Forum is a free event, but no one will be admitted to the NIST campus if they have not [http://www.nist.gov/itl/ssd/software-assurance-forum.cfm registered] in advance.
  
Line 81: Line 75:
 
====Accommodations====
 
====Accommodations====
  
TBD
+
NIST has recommendations for [http://www.nist.gov/public_affairs/visitor/hotels.cfm local hotels in the Gaithersburg area on their website]
  
 
====Transportation====
 
====Transportation====
 
More information will be forthcoming about this subject.
 
  
 
==By plane==
 
==By plane==
 
The venue area can be reached by commercial aviation through either [http://www.metwashairports.com/Dulles/ Dulles International Airport] or [http://www.mwaa.com/national/ Reagan National Airport].  
 
The venue area can be reached by commercial aviation through either [http://www.metwashairports.com/Dulles/ Dulles International Airport] or [http://www.mwaa.com/national/ Reagan National Airport].  
 +
 +
Directions from local airports can be found on the NIST website: http://www.nist.gov/public_affairs/maps/directions.cfm
 +
 +
==Shuttle & Ground Transport==
 +
Information about local ground transportation can be found on the NIST website: http://www.nist.gov/public_affairs/visitor/transpor.cfm
  
 
==How to get to the venue?==
 
==How to get to the venue?==

Latest revision as of 16:32, 4 October 2010

Register | Directions to NIST | 13th Semi-Annual Software Assurance Forum

Welcome

Welcome to the OWASP Software Assurance Day DC 2010 wiki page.

This single-day training session will be held on September 27th as a part of the 13th Semi-Annual Software Assurance Forum (September 27th - October 1st) sponsored by the US Department of Homeland Security (DHS), Department of Defense (DoD) and National Institute of Standards and Technology (NIST). The event will be held at the NIST campus in Gaithersburg Maryland.

We are pleased to invite OWASP members, attendees of the Software Assurance Forum and any other interested parties to join us for this event.

At this day-long training, OWASP will be answering the questions of:

  • How do I get started in formulating an application security program using OWASP tools and resources?
  • What does OWASP have to offer for those interested in software assurance?
  • How do I engage with OWASP to effectively realize OWASP's potential and the wealth of resources OWASP makes freely available?
         (This will include upcoming OWASP events and contact information for local chapters in the DC/NOVA/Maryland area)

This day is a part of the 13th Semi-Annual Software Assurance Forum. The week-long event is free and open, but requires registration for participation in any or all days of the event, including the OWASP day on the 27th.

For more information about the Software Assurance Forum, please go to DHS "Build Security In" site, or go to the NIST site for the Software Assurance Forum to register.


Location

The OWASP Software Assurance Day DC 2010 is the first day of the DHS/DOD/NIST Software Assurance Forum at the NIST Campus in Gaithersburg, Maryland.

YOU MUST REGISTER IN ADVANCE IN ORDER TO BE ADMITTED TO THE NIST CAMPUS

Specific directions will be provided upon registration.

Further information about the area around the NIST campus is available here.

Agenda

Agenda and Presentations for 27 September 2010

September 27th, 2010
08:30-08:35 OWASP Software Assurance Day DC Introduction

Doug Wilson, Mandiant

08:35-09:05 Intro to OWASP

Jeff Williams, Aspect Security

09:05-10:30 Getting Started with OWASP: the Top Ten, ASVS and the Guides

Dave Wichers, Aspect Security

10:30-11:00 Morning Break
11:00-12:00 How to build a software assurance program with OpenSAMM

Shakeel Tufail, Fortify

12:00-1:00 OWASP WTE: An Open Environment for Web Application Security

Matt Tesauro, Trustwave

1:00-2:00 Lunch
2:00-2:45 OWASP ESAPI

Jeff Williams, Aspect Security

2:45-3:15 Afternoon Break
3:15-4:00 OWASP in Action: Tools for the DISA ASD STIG

Jason Li, Aspect Security

4:00-4:30 Conclusion and Q&A

Doug Wilson

Registration

The 13th Semi-Annual Software Assurance Forum is a free event, but no one will be admitted to the NIST campus if they have not registered in advance.

Despite the fact that this is a free conference, we still need you to register to fulfill security requirements of the facility and to ensure that we don't exceed venue capacity.

Accommodations

NIST has recommendations for local hotels in the Gaithersburg area on their website

Transportation

By plane

The venue area can be reached by commercial aviation through either Dulles International Airport or Reagan National Airport.

Directions from local airports can be found on the NIST website: http://www.nist.gov/public_affairs/maps/directions.cfm

Shuttle & Ground Transport

Information about local ground transportation can be found on the NIST website: http://www.nist.gov/public_affairs/visitor/transpor.cfm

How to get to the venue?

See the NIST directions and maps page.


Contact

For more information please contact the team below for conference details, sponsorship or registration.


Mr Doug Wilson (Event Organizer) , OWASP DC Chapter Lead, AppSec DC 2010 Organizer

Email: doug.wilson@owasp.org

Mobile: 301.814.1348


Kate Hartmann

OWASP Operations Director

9175 Guilford Road, Suite 300

Columbia, MD 21046, USA

Phone: +1-301-575-0189

Facsimile: +1-301-604-8033

Email: kate.hartmann@owasp.org


Conference Sponsors

If you are interested in sponsoring this OWASP event, please contact Doug Wilson.