[Owasp-austin] OWASP Austin March Announcements

David Hughes david.hughes at owasp.org
Mon Mar 18 20:59:24 UTC 2013

 Austin OWASPers,

Below are two events and one job posting. :-)

Please RSVP for these events so we can plan for capacity!

    February Austin Security Professionals Happy Hour, Sponsored by Rapid7

*When:* Tuesday, March 19th, 5-7pm (we've had to adjust the date and day
of the week for Austin B-Sides and Spring Break)

*Where:* Sherlock's Baker Street Pub and Grill, 183 and Burnet.

*What:* The Austin Security Professionals Happy Hour is a monthly event
coordinated between the Austin ISSA and OWASP Chapters to provide
security professionals an opportunity to network and have a good time!

*Our Sponsor:* Rapid7

Your organization wants to move fast, but security is complex and you
may often feel like you're slamming on the brakes. If you don't have a
clear view of your environment, your user activity, and the threats you
face, it's hard to move forward with confidence.

That's where Rapid7 comes in. Our simple, innovative software solutions
give you visibility into the risk associated with your IT, your users
and the real threats you face. Our software helps you quickly prioritize
threats, manage risk, and take the right steps to improve your
organization's security. We understand every organization is different
and the best approach for you may not be the best approach for someone

With broad visibility and contextual insight into what's happening in
your information security environment, we give you the ability to adapt
to whatever obstacles rise up in the road before you so your
organization can go as fast as it needs.



    OWASP Austin March Chapter Meeting - Why UPnP is Awesome and
    Terrifying, Dan Crowley

*Please RSVP at the link below so we can plan for food. By doing this,
you will also be signed up for our monthly drawings!*

*When:* Tuesday, March 26th from 11:30a-1:30p

*Where:* National Instruments, 11500 N. Mopac.Building C

*Topic:*Why UPnP is Awesome and Terrifying

Abstract: UPnP daemons can be found on a wide range of devices these
days, from network devices to desktop OSes to network-attached
electrical outlets and more. While UPnP is mostly known for its use in
automated port forwarding, it serves as a general interface to allow
interaction with a host in a variety of ways determined by the host
providing the UPnP interface. This talk will explain how UPnP discovery
and interaction occurs, and demonstrate issues with various devices
running UPnP daemons.

*Speaker:* Dan Crowley, Trustwave Spiderlabs

Daniel (aka "unicornFurnace") is a Managing Consultant for Trustwave's
SpiderLabs team. Daniel denies all allegations regarding unicorn
smuggling and questions your character for even suggesting it.Daniel has
developed configurable testbeds such as SQLol and XMLmao for training
and research regarding specific vulnerabilities. Daniel enjoys climbing
large rocks. Daniel has been working in the information security
industry since 2004 and is a frequent speaker at conferences including
DEFCON, Shmoocon, and SOURCE. Daniel does his own charcuterie.


NSS Labs Job Posting -- Courtesy of Orlando Barrera

We have a few job positions opening up at NSS Labs and thought you could
pass along the information to some people at OWASP whom may be looking
for a job.  Point of contact is Krista Davis <kdavis at nsslabs.com>.

Position Duties:
?       Design,develop and maintain test harness for security products
?       Evaluate security products when needed
? Provide ongoing subject matter expert advice to  clients

Candidate Requirements:
?       Bachelors degree in an Information Technology related field of
?       2+ years of experience in information security with exposure to
?       Expert knowledge of information security principles, networks,
operating systems, web applications and a level of familiarity with
malicious code and common techniques used by hackers
?       Understanding of TCP/IP, basic networking concepts, and services
such as DNS, SMTP
? Solid understanding of End point products such as AV,HIPS etc
?       Good level of programming/scripting: Ruby,Shell Scripting
?       Solid Knowledge of vulnerability assessment tools such as
Metasploit, nessus, nmap, paros, burp,Backtrack
? Ability to document project designs.
?       A thirst for knowledge and the desire to continuously stay
abreast of new developments in the dynamic security space is a must
?       Excellent problem solving and analytical skills; outstanding
oral and written communication skills
?       Self-motivation and the ability to work under minimal
supervision are a must

Metasploit,TCP Replay,Wireshark,Vmware,nmap,Fiddler

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130318/92bcfa82/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1376 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20130318/92bcfa82/attachment.png>

More information about the Owasp-austin mailing list