BlackBox Vulnerability Scanners – Everything You’ve Ever Wanted to Know – Open Web Application Security Project(OWASP) Phoenix Chapter (Phoenix, AZ) – Meetup

No Comments

BlackBox Vulnerability Scanners – Everything You’ve Ever Wanted to Know

  • Everything You’ve Ever Wanted to Know About Black-Box Web Vulnerability Scanners (But Were Afraid to Ask)

    Speaker: Adam Doupe

    Please join us for our June meeting at ASU. Pizza will be provided. Make sure to account for time to find a parking spot http://www.asu.edu/map/interactive/?campus=tempe&building=BYAC

    Black-Box web vulnerability scanners, such as Acunetix, AppScan, and WebInspect, attempt to automatically find vulnerabilities in web applications. These tools promise to bring pentesting skills to the average developer, and they are frequently used as part of the pen testing process.

    However, despite their frequent usage, significant questions remain. How do these tools work? Are they effective at finding vulnerabilities? What research is being done to improve these tools? Can they handle modern client-side JavaScript web applications? In this talk, we’ll cover all these questions and more!

    Bio:

    Adam Doupé is an Assistant Professor in the School of Computing, Informatics, and Decision Systems Engineering at Arizona State University. He was awarded the Fulton Schools of Engineering Best Teacher Award Top 5% for 2015 from Arizona State University. His main research focus is in the area of automated vulnerability analysis of web applications using static analysis and dynamic analysis. Prior to joining ASU in 2014, Adam completed his PhD at UC Santa Barbara, where he competed at DEFCON CTF for four years with team Shellfish.

    https://www.owasp.org/index.php/Phoenix

OWASP Meeting in January – Title: DevOps and Security – A match made (and broken) in the cloud

No Comments

Screenshot from 2016-01-21 18:39:17

Date: Wed, 20 Jan 2016 10:17:30 -0700
From: Joaquin Fuentes <joaquin.fuentes@owasp.org>
To: owasp-phoenix@lists.owasp.org
Subject: [Owasp-phoenix] OWASP Meeting in January

Dear *Owasp-phoenix Subscribers,*

Happy New Year! I’m excited to announce our next OWASP Phoenix chapter meeting, which will be held at Early Warning on Thursday,  January 28.  Seth Law will be presenting on DevOps and Security – A  match made (and broken) in the cloud.

First time attendees should show up about 15-20 minutes early to  facilitate the badging process; a picture ID is required.  For return visitors, a RSVP through the meetup site will allow me to ask for your badge to be pre-printed.

Free pizza will be provided shortly before the presentation.

Notably, Seth Law is flying in to give us this presentation.  Thanks to
nVisium <https://nvisium.com> for sponsoring his travel.

Regards, Joaquin
If you use Meetup.com, please RSVP so that I know how many potential
attendees we might have.  http://www.meetup.com/owasp-phoenix

Details have been posted to the Chapter Page:
https://www.owasp.org/index.php/Phoenix

Jan 28: Seth Law

Title: DevOps and Security – A match made (and broken) in the cloud

Abstract: DevOps is the new Agile, allowing organizations to move faster and deploy code quicker. Yet in the quest for continuous delivery, security can fall by the wayside, opening an organization up to data exposure and malicious exploitation. This talk will cover current security research into the technology behind DevOps, examples of failures, and how to prevent the same from happening in your organization. Technologies discussed will include AWS, Git, Hudson/Jenkins, and more. In the end, the presentation should help attendees understand the risks involved in running a DevOps environment.

Bio: Seth Law is the Director of Research & Development at nVisium and
wrangles the research efforts into all areas of application security. An
experienced Application Security Professional with years of security
experience, Seth has worked in multiple disciplines, from software
development to network protection, as a manager, contributor, and speaker.
Seth explores the world of application security via @sethlaw.
————– next part ————–
An HTML attachment was scrubbed…
URL: <http://lists.owasp.org/pipermail/owasp-phoenix/attachments/20160120/c2276d8e/attachment-0001.html>

——————————

_______________________________________________
Owasp-phoenix mailing list
Owasp-phoenix@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-phoenix

End of Owasp-phoenix Digest, Vol 84, Issue 1