[Owasp-denver] Reminder, OWASP meeting tomorrow

Steve Kosten steve.kosten at owasp.org
Tue May 19 21:25:24 UTC 2015


Denver OWASP Members,

I wanted to remind you that our May meeting which will take place tomorrow
on May 20th from 5:30 to 8:00 at Chinook Tavern.  This meeting is
generously sponsored by Solutions II.  Please RSVP at
http://www.meetup.com/Denver-OWASP/events/222364652/ to ensure we have
enough food and drinks.

For this meetup Greg Foss will be presenting on Honeypots for Active
Defense.

InfoSec analysts are all somewhat familiar with Honeypots. When they are
given the proper attention, care and feeding, they produce invaluable
information and can be a critical asset when it comes to defending the
network. This intel has been primarily used by security researchers and
organizations with advanced defensive capabilities to study their
adversaries and learn from their actions. But what about the rest of us?
Honeypots are a lot of work to configure, maintain, and monitor, right? Not
exactly; when deployed and monitored properly, Honeypots and Honey Tokens
are a simple way to alert on anomalous activity inside the network. But how
can an organization that is not focused on research gain valuable threat
intelligence using Honeypots and actively defend their network using
indicators generated from an internal Honeynet?

The answer is Honeypots for Active Defense. There are currently many open
source security tool distributions that come pre-loaded with Honeypots
among other useful tools, however the honeypot software is often not
deployed in an effective manner. This session will discuss techniques to
leverage Honeypots in ways that will not overburden the security team with
massive logs to sift through and focuses efforts on correlating active
threat data observed in the Honeypots with the production environment. When
deploying Honeypots effectively, this can give security analysts one
additional mechanism to tip them off to nefarious activity within their
network before they become the next headline.

Steve Kosten
OWASP Denver Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-denver/attachments/20150519/b36dc12b/attachment.html>


More information about the OWASP-DENVER mailing list