[Owasp-boston] June Announcements

OWASP Boston boston at owasp.org
Thu May 25 00:04:14 UTC 2017


Hi Folks,

Three announcements as of now:

   - We have a meeting coming up June 14th 6PM ET at Salesforce on RASP.
   To sign up, please visit:
      - https://www.meetup.com/owaspboston/events/240033562/


   - If your company would like to sponsor our June training by buying
   lunch for the attendees, please get in touch with us!  Also, if you'd like
   to sponsor a college student to attend the training, please let us know.
   For more info on the training, please visit:
      - https://www.meetup.com/owaspboston/events/237563002/


   - We are also looking to hold more training right before our annual
   conference (BASC), scheduled for October 21st.  If your company would like
   to host training or if you would like to put on Application/Web Application
   related training, please let us know!  The tentative dates would be October
   18th thru 20th for the training, with the Conference on the 21st.


Thanks,
Mike P.


On Fri, Apr 14, 2017 at 11:37 AM, OWASP Boston <boston at owasp.org> wrote:

> Hi Folks,
>
> Our Veterans, Active Military and Law Enforcement free spots, generously
> provided by the trainer have been all claimed.  We'd love to be able to
> open a 2nd round of free spots to others but to do so, WE NEED YOUR HELP in
> making sure this class runs with paid seats!
>
> *DISCOUNT #1 - OWASP MEMBERS $50 OFF*
>
> To get the OWASP rate itself, the signup asks for your OWASP Member
> number, available at: https://myowasp.force.com
>
> *DISCOUNT #2 - Until May 1st, Group Discounts of $50 OFF EACH student!*
>
> All registrants must pay via the same method, and its valid for 6 or more
> registrants at once. The $50 discount will be applied to each of the group
> registrants. Please don't email us asking if you can pay with different
> credit cards.  Its a group discount to encourage group signups.
>
> Please help us make sure that the Boston Tactical DevSecOps class runs!
>
> More details below on the training.
>
> Thanks,
> Mike
>
> This three-day course is designed to improve a person’s skills with
> manually testing web applications and monitoring the resulting logs. This
> course is focused on providing both testing and detection skills for
> attendees. The training is structured as a hands-on proficiency course,
> such that IT professionals of all skill levels should benefit. The course
> leverages the Samurai WTF environment as a test lab, and primarily focuses
> on the skillful use of interception proxies (Burp or ZAP) to efficiently
> perform tests. It also helps build detection and monitoring techniques to
> discover attacks against your web applications and infrastructure. The
> course culminates with a live-fire capture the flag that focuses on both
> testing the target application as well as reviewing real-world application
> logs for attacks.
>
> - Injection Attacks
>
>    OS Command Injection
>
>
>    SQL Injection
>
>
>    Other type of Injection
>
> - Automated Scanners
>
>    Fingerprinting
>
>
>    Components with Known Vulnerabilities
>
>
>    Critical Skills: Optimizing Automated Scans
>
> - Testing Web Services
>
>    Web Services Overview
>
>
>    Tools for testing Web Services
>
>
>    Critical Skills: Running Web Services
>
>
>    Web Service Vulnerabilities - XML External Entity (XXE)
>
> - Monitoring Implementation
>
>    Infrastructure
>
>
>    Event logging and analysis
>
>
>    ModSecurity
>
> - Monitoring, Analysis & Tuning
>
>    Log review
>
>
>    Tuning and signature development
>
> - Response
>
>    Preparing for an incident
>
>
>    Finding signs of compromise
>
> - Student Scavenger Hunt Challenge
>
> Student Knowledge and Computer Requirements
> Students will need laptops with VMWare installed and licensed (VMWare
> Player is fine), a minimum of 4GB RAM and 50GB free disk space. They should
> come to class with at least a high level understanding of basic network and
> web concepts, including: IP Addresses, Sockets and Ports, HTTP, HTML and
> Javascript. We strongly recommend you have ready access to Administrator
> rights if needed so you can change settings/disable firewall, tone down
> Antivirus etc. if needed.
>
> NOTE: Lunch is not provided nor included. There is a cafeteria on site
> with some menu options available for purchase. Light breakfast (e.g.,
> bagels, fruit and coffee each morning) is generously being provided by Dun
> & Bradstreet!
>
> We have met our allowance for free tickets for US Veterans, Active
> Military and Law Enforcement as of April 12th. We thank all our Veterans,
> Active Military, and Law Enforcement for their service!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20170524/c3478bd3/attachment.html>


More information about the Owasp-boston mailing list