[Owasp-Houston] Third Mini-Con of 2013 on August 15th! Registration now open!

Paul Scott paul.scott at owasp.org
Mon Jul 29 17:12:35 UTC 2013


Please join us on August 15th for the third installment of OWASP Houston's
2013 Mini-Con series. Seating, food, and beverage are freely available for
guests that have signed up through eventbrite. If there are no tickets
available through eventbrite, a wait list for seating will be opened. If
you do not have a ticket and would like to come, please show up to the
event early. Limited standing room will be available for walkins.

To sign up through eventbrite click
here.<https://august-mini-con.eventbrite.com/>

Registration has only been open two hours and approximately twenty percent
of our reserved seats have been claimed. Register today to reserve your
seat!

Reception begins at 6:00PM. Our speakers at this event included Georgia
Weidman and Clint Pollack. Clint will open the evening at 7:00PM. Georgia
will end the evening with a presentation begining at 8:00PM.

To find out about future events, sign up for our meetup
group.<http://www.meetup.com/OWASP-Houston/>

Georgia Weidman will present:

*Can You Hear Me Now? Leveraging Mobile Devices on Pentests* BYOD is not a
new concept. From contractor laptops to an employee’s game console in the
break room, a compromised device in the corporate environment can lead to
all sorts of bad things. In this talk we will look at the unique threats
that BYOD for mobile devices brings to the table. The most security
conscious corporations are deploying the latest devices and policies to
stop attackers from breaching the perimeter and if they do to stop data
exfiltration. We will discuss how mobile devices on a corporate network
and/or handling company data undermines these efforts. We will look at
multiple mobile platforms gathering sensitive information, attacking other
devices such as other mobile devices, servers, and workstations, and using
out of band communication to perform data exfiltration and communicate with
internal devices. Multiple live demo scenarios will be shown and some
useful code for pentesters will be released.

*Speaker Bio:*

Georgia has worked in information security in both the public and private
sectors. She recently founded her own security firm, Bulb Security LLC
focusing on security training, research and development, and penetration
testing. She began speaking at security conferences at Shmoocon 2011 and
has had a full schedule ever since, presenting all over the world. To name
a few she has spoken at Security Zone, Takedowncon, Hacker Halted, Defcon
Wireless Village, and many Bsides events.

Georgia was recently awarded a DARPA Cyber Fast Track grant to continue her
smartphone security research. Georgia’s security work has been featured in
print articles including Ars Technica, PC World, and MIT Technology Review.
She’s also discussed security on television on programs such as Fox News
Live and 16×9 on Global TV Canada.


Clint Pollack will present:

*Tips for Building a Successful Application Security Program*
Application vulnerabilities are steeply on the rise. At $350 billion per
year software is the largest manufacturing industry in the world yet there
are no uniform standards or insight into security, risk or liability of the
final product.  The development environment is becoming increasingly
complex – application origin ranges from internally developed code,
outsourced, 3rd party, Open Source, and Commercial Off the Shelf software.
Ensuring these entities are creating secure software is becoming a daunting
task.  Lots of emphasis is placed on IT controls, patching, etc, but the
new attack vector is your applications.  During this presentation we will
recap the state of software security today and discuss detailed actions you
can take to build a successful application security program that is
centralized, policy-driven, and comprehensive.

* *

*Speaker Bio:***

Clint Pollock is a Senior Solutions Architect at Veracode. Since 1997, he
has also created security solutions for large-scale enterprise environments
on behalf of CREDANT Technologies and Netegrity. In his current role, Clint
helps globally distributed organizations evaluate, track, and mitigate
their application security risk.  Clint’s greatest strengths are his
enthusiasm, experience and determination to help customers succeed in
maintaining secure, compliant systems, and avoid the consequences and bad
headlines that come with application security breaches.



*FAQs*



*What are my parking options ?*

Parking is freely available in the garage behind the hotel. We will be
validating parking at registration. This benefit applies to everyone that
attends the event regardless of your ticket holding status.



*Do I have to bring my printed ticket to the event?*

You don't have to bring your ticket, but it might help speed up things. We
can verify the name you register with.



*The name on the registration/ticket doesn't match the attendee. Is that
okay?*

If you can't make it and want to print your ticket for a friend that can,
that's fine.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-houston/attachments/20130729/fd7a1182/attachment.html>


More information about the Owasp-Houston mailing list