Vendor Events

Participating Vendors

Breach Security, Inc.
2075 Las Palmas Drive
Carlsbad, CA 92011
Phone: 760-268-1924
Fax: 760-454-1746
Website: www.breach.com

Breach Security, Inc. is the leader in providing organizations with continuous, customized web application security. The company's web application firewalls protect against attacks bypassed by network security solutions and coding flaws to help keep organizations' sensitive information secure. Founded in 2004, the company is privately-held in Carlsbad, California.

Cenzic, Inc.
455 El Camino Real, Suite 100
Santa Clara, CA 95050
Phone: 866-4-CENZIC (866-423-6942)
Fax: 408 200-0701
Website: www.cenzic.com

Praised by Gartner and IDC; rated as the best solution by SD Magazine, eWeek and InfoWorld and nominated for "best product" by the Codie awards, Cenzic has the first and only application security assessment solution that goes beyond signature-based tools and provides next generation application testing and management - finding more, "real" application risks - fast.

Fortify Software
2300 Geng Road, Suite 102
Palo Alto, CA 94303
Phone: 650-213-5600
Fax: 650-843-1424
Website: www.fortifysoftware.com

Fortify Software is the software security vendor of choice of Fortune 500 companies government agencies and in a wide variety of industries. Fortify solutions include the industrys most proven, accurate and effective software security products including Fortify SCA, Fortify Manager, Fortify Tracer, and Fortify Defender. For more information, visit www.fortifysoftware.com

Ounce Labs, Inc.
100 Fifth Avenue
Waltham, MA 02451
Phone: 866-33-OUNCE
Fax: 781-290-5353
Website: www.ouncelabs.com

Ounce Labs, the leader in Software Risk Analysis, delivers products that allow customers to manage software risk across the enterprise, down to individual lines of code. The Ounce solution features patents-pending analysis technology, offering the only complete portfolio management, most accurate and complete results, fastest time-to-value, and greatest deployment flexibility.

SPI Dynamics
115 Perimeter Center Place, N.E.; Suite 1100
Atlanta, GA 30346
Phone: 866-774-2700
Fax: 678-781-4850
Website: www.spidynamics.com

SPI Dynamics' Web application security products and services help organizations build and maintain secure Web applications, preventing attacks that would go undetected by traditional Internet security measures. The company's products enable all phases of the software development lifecycle to build, test and deploy secure Web applications. For information, visit www.spidynamics.com.

Watchfire Corporation
880 Winter Street
Waltham, MA 02451
Phone: 781-810-1450
Fax: 781-890-2087
Website:www.watchfire.com

Watchfire is the leading provider of web application security software and the only company to offer an end-to-end solution including intelligent fix recommendations to evaluate, understand and resolve issues. Watchfire is headquartered in Waltham, MA. For more information, please visit www.watchfire.com.

Sunday, August 14

Dinner Reception and Early Registration
Dinner Reception - Hosted by Ounce Labs
- 5pm - 8pm, August 14

Get Jazzed up for the Application Security Summit sponsored by Ounce Labs. Join fellow attendees and Ounce Labs security experts for the smooth sounds of a jazz ensemble band along with a buffet dinner, drinks and lively discussion. Loosen up while you mix and mingle with your peers and discuss the latest on Application Security.

Special Technical Session - Hosted by Ounce Labs
- Making the Case for Sandboxed Environments (and Why Microsoft and Sun are Asleep at the Wheel)
- 8pm - 9pm, August 14

After a delicious Dinner Reception, join your colleagues for an enlightening special session by Dinis Cruz, Director of Advanced Technology for Ounce Labs. This strategic and technical presentation will focus on the need to have systems that execute code inside sandboxed environments. The presentation makes the case for the wide use of tools such as Microsoft's Code Access Security and will provide real solutions for many of the current exploit containment issues that are common to so many organizations.

Wednesday, August 15

Breakfast Reception - Hosted by Breach Security
- 7:30am - 8:45am, August 15

Join Breach Security for breakfast and learn more about how the company's products protect against attacks bypassed by network security solutions and coding flaws to keep organizations. sensitive information secure. Don't miss this opportunity to interact with Breach Security customers and Application Security Summit Panelists or ask in-depth questions of Breach Security's Vice President of Product Management, Kevin Overcash.

Lunch and Learns

- 12pm - 1pm, August 15

Make the most of your lunchtime. Lunch and Learn presentations provide you the opportunity to interact with leading application security vendors to gather substantive information to help in your selection and implementation processes. These sessions feature a light lunch provided by the vendor.

Fortify Lunch and Learn Presentation - Security Lessons From the Pros

What can you learn from the industry that knows the most about software security? Join Fortify Software for lunch and a presentation on Securing Online Banking: Security Lessons From the Pros and learn how the world's leading financial institutions balance risk against the pressures of delivering software to customers quickly, how developers are trained to write code securely and how software security tools, such as dynamic and static analysis, are deployed for optimal use.

Watchfire Lunch and Learn Presentation

Few can argue that web applications present significant threat of attacks for organizations. For IT Security Professionals, they also present a significant challenge. To stay ahead of hackers and protect sensitive data, security teams need to understand how vulnerabilities in applications are first exposed and then exploited by cyber-criminals for profit. Join Watchfire - the leading provider of web application vulnerability testing tools -- for lunch. We will discuss the importance of web application security - today's most significant online threat - and review the 3 most common web application attacks, manual versus automated approaches for scanning and identifying web application vulnerabilities. We will also demonstrate how AppScan 7.6, an automated vulnerability scanner, can help you automate more of what you are doing manually today.

Hospitality

- 5pm - 8pm, August 15

Join the vendors for the opportunity to discuss the latest in application security tools while enjoying an evening of food, drinks, and networking. You will meet industry leaders who are interested in your thoughts regarding new and future developments. In addition, you will be able to speak with their customers and learn how they are leveraging products to improve security.

Serve up Security

Slam a serve, fire a blazing backhand, and smash a forehand volley on your way to winning the Fortify victory cup competition. The champion will win the coveted Nintendo Wii. Not a Wii player? No worries, just enjoy a cocktail and watch the competition. Enter a drawing to win an ipod Shuffle and listen to your favorite i-tunes on center court.

The Battle Is On! "Fight Night"

Watchfire, an IBM Company, invites you to a cocktail reception and Wii^TM boxing championship. Bring your best to the battle to see if you've got what it takes to be one of the last two standing! If you are, you could walk away with the winnings: a Nintendo^® Wii!

Watchfire is the leading provider of web application security software and the only company to offer an end-to-end solution including intelligent fix recommendations to evaluate, understand and resolve issues. Visit www.watchfire.com for more information.

Casino Night

The SPI casino will be in full swing with blackjack, 5 card stud and craps - with an IPHONE, IPOD and NANO awarded to the big winners and a gift for everyone that attends. Cocktails and great food complete this party as the one not to be missed. Be there or hear about it next year!

Breaks

August 15

Visit the vendor tables to pick up the latest information on application security tools during the morning and afternoon breaks.

Thursday, August 16

Breakfast Reception - Hosted by Cenzic
- 7:30am - 8:45am, August 16

We cordially invite you to join Cenzic, leader in application risk management, for breakfast and an early look at it's latest products enabling your information security teams to significantly improve application security, achieve the latest regulatory compliance, and reduce costs.

Don't miss this opportunity to talk with Cenzic's customers and ask in-depth questions of Cenzic's app security representatives. You can learn about Cenzic's unique approach to both SDLC and production applications.

Lunch and Learns

- 12pm - 1:30pm, August 16

Make the most of your lunchtime. Lunch and Learn presentations provide you the opportunity to interact with leading application security vendors to gather substantive information to help in your selection and implementation processes. These sessions feature a light lunch provided by the vendor.

SPI Dynamics Lunch and Learn
Customer Case Study:

Listen to the real world experiences of how this SPI Dynamics customer drove Web application security across the enterprise and throughout the software development lifecycle. During this session you will here about:

• Key challenges to implementing a Web application assessment program
• How to limit false positives and increase accuracy
• Why engaging developers is critical to the security process
• Unique and practical security processes and approaches
• Common pitfalls and mistakes

Bonus: The 1st 25 attendees will receive Caleb Sima's book Hacking Exposed: Web Applications 2

Breaks

August 16

Visit the vendor tables to pick up the latest information on application security tools during the morning and afternoon breaks