[Owasp-denver] Denver OWASP May Meeting and Job announcements

Steve Kosten steve.kosten at owasp.org
Thu May 7 03:40:54 UTC 2015

Denver OWASP Members,

I wanted to announce our May meeting which will take place on May 20th from
5:30 to 8:00 at Chinook Tavern.  This meeting is generously sponsored by
Solutions II.  Please RSVP at
http://www.meetup.com/Denver-OWASP/events/222364652/ to ensure we have
enough food and drinks.

For this meetup Greg Foss will be presenting on Honeypots for Active

InfoSec analysts are all somewhat familiar with Honeypots. When they are
given the proper attention, care and feeding, they produce invaluable
information and can be a critical asset when it comes to defending the
network. This intel has been primarily used by security researchers and
organizations with advanced defensive capabilities to study their
adversaries and learn from their actions. But what about the rest of us?
Honeypots are a lot of work to configure, maintain, and monitor, right? Not
exactly; when deployed and monitored properly, Honeypots and Honey Tokens
are a simple way to alert on anomalous activity inside the network. But how
can an organization that is not focused on research gain valuable threat
intelligence using Honeypots and actively defend their network using
indicators generated from an internal Honeynet?

The answer is Honeypots for Active Defense. There are currently many open
source security tool distributions that come pre-loaded with Honeypots
among other useful tools, however the honeypot software is often not
deployed in an effective manner. This session will discuss techniques to
leverage Honeypots in ways that will not overburden the security team with
massive logs to sift through and focuses efforts on correlating active
threat data observed in the Honeypots with the production environment. When
deploying Honeypots effectively, this can give security analysts one
additional mechanism to tip them off to nefarious activity within their
network before they become the next headline.



Sr. Application Security Engineer:

*Sports Authority:*

*Cigital*:  Cigital is looking for a full-time Managing Consultant to be
remote in the Denver, CO area to further the expansion of our security
consulting practice in this fast growing region of the U.S.  (Please see
attached for more info on this position.)

Steve Kosten
OWASP Denver Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-denver/attachments/20150506/8fb923dd/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Managing Consultant - Cigital.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 16384 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-denver/attachments/20150506/8fb923dd/attachment-0001.docx>

More information about the OWASP-DENVER mailing list