[Owasp-austin] Happy Hour Tonight + Other OWASP Announcements

David Hughes david.hughes at owasp.org
Thu Jul 11 12:30:28 UTC 2013


 

Austin OWASPers,

Below are some upcoming events. Enjoy!



* July Austin Security Professionals Happy Hour, Sponsored by Security
Innovation*

*When*: Thursday, July 11th, from 5:00pm - 7:00pm

*Where*: Sherlock's Baker Street Pub and Grill, 183 and Burnet.

*Wha**t: *The Austin Security Professionals Happy Hour is a monthly
event coordinated between the Austin ISSA and OWASP Chapters to provide
security professionals an opportunity to network and have a good time!
*
**Our Sponsor:* Security Innovation

Security Innovation solutions are based on the three pillars of a secure
Software Development Lifecycle (SDLC), which feed into one another to
create an ecosystem of repeatable, secure software development -
standards, education and assessment. For more than ten years, the
company has helped organizations build internal expertise and reduce
application risk.  The company's flagship products include TeamMentor,
the industry's largest library of application security eLearning
courses, and TeamMentor, "out of the box" secure development standards.

Bring your business cards and be entered into a drawing for a $50 B&N
Gift Card, courtesy of Security Innovation!
 
*RSVP:*  http://julysecurity.eventbrite.com/?s=15640627



*Early LASCON Training this month! *


Want two full days of LASCON Quality training at an amazing price?
Register for Dan Cornell's "Running a Software Security Program with
Open Source Tools" training class!  Registration is limited, so act fast!

http://lascon.org/training/pre-conference-training-running-a-software-security-program-with-open-source-tools/


Title: Running a Software Security Program With Open Source Tools
Trainer: Dan Cornell <http://www.denimgroup.com/about_team_dan.html>
Dates: July 22nd and 23rd, 9:00am to 5:00pm
Cost: $195/person
Location: Norris Conference Center, Austin, TX
Abstract:
Using the Software Assurance Maturity Model (OpenSAMM) as a framework,
this course walks through the major components of a comprehensive
software security program and highlights open source and other
freely-available tools that can be used to help implement the activities
involved in such a program. The focus of the course is on providing
hands-on demonstrations of the tools with an emphasis on integrating
tool results into the overall software security program. Attendees
should finish the course with a solid understanding of the various
components of a comprehensive software security program as well as
hands-on exposure to a variety of freely-available tools that they can
use to implement portions of these programs.


*July OWASP Austin Chapter Meeting -- Matt Tesauro, Rackspace*

*When*: Tuesday, July 30th, from 11:30am-1:30pm

*Where*: National Instruments, 11500 N. Mopac.Building C


*Title*: Testing at Cloud Speed:  Security Gone Agile


*Abstract*:
 
As the world of system and application deployment continues to change,
the sys admin and security community are changing with it. With agile
development, continuous deployment, the pace of change in IT has only
increased. After adding in Dev/Ops and cloud, the traditional sys admin
and security processes just don't work. How can you rapidly deliver
servers and applications while making sure they are built reliably and
securely. When you are deploying multiple times a day, there is no time
to fit in your week long security assessment.

A new concept of Test Driven Security, which is loosely based on the
tenants of Test Driven Development,  is beginning to emerge in the
application security community.  This talk will cover how Matt is
putting the practices in place  currently at Rackspace and how you can
architect your security work to be agile enough to keep up with the pace
of change today.  Even if you are not there today, you will be soon
enough.  Its time to embrace the change and say "Challenge Accepted".
*
**
**Speaker Bio*: Matt has been involved in the information technology and
application development for more than 10 years. He is currently the
Product Security Engineering lead at Rackspace. Prior to joining
Rackspace, Matt spent time as a application security consultant and
spent several years as the "appsec guy" at a government agency. Matt's
focus has been in application security including testing, code reviews,
design reviews and training. His background in web application
development and system administration helped bring a holistic focus to
Secure SDLC efforts he's driven.

He has taught both graduate level university courses and for large
financial institutions. Matt has presented and provided training a
various industry events including DHS Software Assurance Workshop, Agile
Austin, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil. Matt
is currently active with the OpenStack Security Group (OSSG) and a fomer
board member of the OWASP Foundation. He is highly involved in many
OWASP projects and committees. Matt is the project leader of the OWASP
OpenStack Security project - a project to bring the OpenStack and OWASP
communities together.

He has also run the OWASP WTE (Web Testing Environment) since 2008 which
is the source of the OWASP Live CD Project and Virtual Machines
pre-configured with tools and documentation for testing web applications
- all running on Linux (of course). Industry designations include the
RHCE, Linux+, Certified Information Systems Security Professional
(CISSP) and Certified Ethical Hacker (CEH). Matt Tesauro has a B.S. in
Economics and a M.S in Management Information Systems from Texas A&M
University.


*
**Cost:* Free!

*Lunch:* Provided by LASCON! Please RSVP so we can order enough food.
*
**RSVP: *http://owaspaustinjuly.eventbrite.com/?s=15964979

*Remote Webinar
Link: <https://www3.gotomeeting.com/register/371987886>*https://www3.gotomeeting.com/register/371987886




*
**2013 Lonestar Application Security Conference October 24th and 25th! *


Our fourth LASCON conference is bigger and better than ever! Two days of
top-notch training plus two days of the best talks available including
featured speakers <http://lascon.org/featured-speakers/>such as Robert
"Rsnake" Hansen from WhiteHat, Nick Galbreath, Richard Bejtlich from
Mandiant, Jason Chan from Netflix, Zane Lackey from Etsy.  We are
offering a reduced cost to the first 100 registrations and they are
filling up fast!

Call for Papers <http://lascon.org/schedule/cfp/>is open through July,
and we still have manysponsorship opportunities
<http://lascon.org/sponsorship/> available!

Gene Kim, founder and former CTO of Tripwire and a long time member of
the security community and a multiple award-winning entrepreneur said
the following of LASCON:

"Congratulations on putting together *the best security conference I've
ever attended! *  By attracting Dev, Ops, as well as infosec Builder and
Breakers, there was something to be learned by everyone."


Wendy Nather, Enterprise Security Research Director of 451 Research also
said the following of LASCON:

///"LASCON brings together people who are serious about application
security, creates a space for collaboration, and then wraps it all up in
local Austin flavor. Where else can you learn about mobile app hacking,
automated virtual patching, and rugged DevOps--and then ride the
mechanical bull? The //*great community and sense of purpose*//are the
key ingredients."/

Don't miss this amazing OWASP event!

http://www.lascon.org


bull








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130711/ba9345d3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 34590 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130711/ba9345d3/attachment-0001.png>


More information about the Owasp-austin mailing list