All presentations which have been received are shown below
All presentations which have been received are shown below
Workshops are hands-on training sessions where participants can learn a new skill by doing, instead of just listening.
Workshops are meant to be an opportunity for you get to participate and apply your knowledge to learn a new skill or sharpen an old one.
There are four (4) scheduled workshops for SnowFROC 23: API Security Controls and Testing by Secure Ideas, OWASP ZAP by Secure Ideas, a CTF by Security Innovations, and Secure Code Warriors. This is what you can expect:
Jennifer Shannon will lead this interactive intermediate workshop designed to complement a student’s understanding of traditional Web Application Security. It focuses on modern application API security features and tactics to protect APIs and microservices from attacks. The material in this course is approached both from the perspective of an adversary and a defender. This workshop will run for approximately two hours.
OWASP ZAP: Tips and Tricks to Using Our Favorite Web PenTesting Tool!
Aaron Moss (@hotdogggitty) will explore the various features of OWASP ZAP and walk through how to use it for testing web applications and finding vulnerabilities. The workshop will consist mostly of practical examples and demonstrations so that attendees can follow-along. Attendees will need to download and install SamuraiWTF (https://github.com/SamuraiWTF/samuraiwtf) before the workshop. Vulnerable targets will include DVWA. Attendees will learn how to use ZAP as an interception and attack proxy to identify and exploit common web application vulnerabilities in these deliberately vulnerable webapps. If you ever wanted to learn how to do some basic webapp PenTesting, here’s your chance! This workshop will run for approximately two hours.
Shred Skateboards: Retail eCommerce Web Site
Shred eCommerce includes 35 challenges of varying difficulty levels. Through SQL Injection, Weak Cryptography, Parameter Tampering, and other vulnerabilities, players can buy items in an unintended way, crack passwords, tamper with other user’s functionality, and conduct other nefarious acts.
More details Here.
Improve your secure coding skills by joining our live Secure Coding Tournament by Secure Code Warrior. The tournament allows you to compete against other participants in a series of vulnerable code challenges that ask you to identify a problem, locate insecure code, and fix a vulnerability.
Secure Coding Tournament
Secure Code Warrior brings you a defensive security-based tournament from a developer's perspective. The tournament allows you to test your skill against the other participants in a series of vulnerable code challenges that ask you to identify a problem, locate insecure code, and fix a vulnerability. You don’t need extensive programming knowledge as this will be a great way to learn the foundations and intermediates of leveraging code that is not only functional but is also secure.
You can find the tournament step-by-step guide here: https://youtu.be/o8XhKK_eOOs
The tournament is run virtually so you can join through your laptop. It should take only a few hours, drop-in as you see fit during the duration of the event to complete all the challenges and win prizes! 🥇 🥈 🥉
Instructions for playing:
The Secure Code Warrior platform will be open before and after the tournament, so feel free to practice in the "Training" tab. Monitor the live leaderboard to see how you're performing!
Please see below for the schedule of events for SnowFROC 2023. This schedule will be updated as required to depict the most accurate information on presentations, room locations and general event scheduling information. It's meant to be concise and easy to consume: Details on the presentations and speakers are here.
SnowFROC (Front Range OWASP Conference) is Denver's premier application security conference. It is an annual, one-day conference which draws about 400 people. For SnowFROC 2023
the event was on Thursday March 2nd. While billed as, "Denver's premier application security conference",
SnowFROC's presentations and workshops focus on many facets of cybersecurity and over the years, SnowFROC
has come to be known for its exceptional value: Hands-on training, excellent food, spectacular networking,
great location/venue and professional orchestration. For reference, tickets cost between $75 and $105 per person.
2023's keynote speaker was: Kevin Johnson!
SnowFROC includes breakfast, lunch, presentations, vendor giveaways, a panel discussion and optional hands on training and workshops.
The location of this event was The Cable Center on the University of Denver campus near I-25 and University.
Check out our Slack Channel Join our slack channel
Every year the Denver OWASP team works diligently to bring our cybersecurity security community the very best. This 100% volunteer team is comprised of:
The Denver OWASP Chapter is proud to present SnowFROC '23! LIVE AND IN-PERSON!
SnowFROC (Front Range OWASP Conference) is Denver Colorado's premier application security conference and is taking place Thursday March 2rd, 2023 for one day only. The location of this event is The Cable Center on the University of Denver campus near I-25 and University.
This Call For Papers (CFP) is open to anyone that would like to submit a presentation. Use the form below to submit your presentation.
Please ensure your topic falls under the realm of information security: (appsec, cloud, crypto, emerging trends/tech, privacy, compliance, technology, etc.). The basic guidelines are as follow:
Presentations are slotted for 25 or 55 minutes which accounts for your presentation time, Q&A and to ensure the next presenter has time to setup and start promptly. Please plan your talk accordingly.
HDMI adapters, necessary dongles and microphones will be provided for your use.
Sales pitches, presentations focusing on commercial tools or vendors, and the like will not be accepted. You will be expected to submit your slide-deck (if applicable) prior to the event and use a standard OWASP template for presentations (which will be provided to you).
As we are aiming for 400+ attendees, expect an audience of 50+ for your presentation. Presentations are chosen using a blind selection process. This CFP closes on January 27, 2023 and we'll aim to have speakers selected by January 31, 2023. Use the form below to submit your presentation.
A request was made for all SnowFROC 20 Presenters to share their presentation. See below for those presentations and note that some PDFs are large in size.