Happy New Year! I’m excited to announce our next OWASP Phoenix chapter meeting, which will be held at Early Warning on Thursday, January 28. Seth Law will be presenting on DevOps and Security – A match made (and broken) in the cloud.
First time attendees should show up about 15-20 minutes early to facilitate the badging process; a picture ID is required. For return visitors, a RSVP through the meetup site will allow me to ask for your badge to be pre-printed.
Free pizza will be provided shortly before the presentation.
Notably, Seth Law is flying in to give us this presentation. Thanks to
nVisium <https://nvisium.com> for sponsoring his travel.
Title: DevOps and Security – A match made (and broken) in the cloud
Abstract: DevOps is the new Agile, allowing organizations to move faster and deploy code quicker. Yet in the quest for continuous delivery, security can fall by the wayside, opening an organization up to data exposure and malicious exploitation. This talk will cover current security research into the technology behind DevOps, examples of failures, and how to prevent the same from happening in your organization. Technologies discussed will include AWS, Git, Hudson/Jenkins, and more. In the end, the presentation should help attendees understand the risks involved in running a DevOps environment.
Bio: Seth Law is the Director of Research & Development at nVisium and
wrangles the research efforts into all areas of application security. An
experienced Application Security Professional with years of security
experience, Seth has worked in multiple disciplines, from software
development to network protection, as a manager, contributor, and speaker.
Seth explores the world of application security via @sethlaw.
————– next part ————–
An HTML attachment was scrubbed…
As you know, DEF CON 24’s theme is “Rise of the Machines”. To help you get up to speed on some of the ideas that inspired the theme, and get you thinking about the looming conflict between human and machine intelligences, we’re going to post some books, movies, and other media you might want to check out in advance of the con.
Wednesday, Oct 14
Time: 6:30 – 7:30 Location: Early Warning 16552 N 90th St Ste 100,
Scottsdale, AZ 85260
Room: Checkin with Security Officer, picture ID required
Title: *Hacking Corporate Em@il Systems*
Presenter(s): *Nate Power*
In this talk we will discuss current email system attack vectors and how
these systems can be abused and leveraged to break into corporate networks.
A penetration testing methodology will be discussed and technical
demonstrations of attacks will be shown. Phases of this methodology include
information gathering, network mapping, vulnerability identification,
penetration, privilege escalation, and maintaining access. Methods for
organizations to better protect systems will also be discussed.