SecurityOrb_Staff

SANS AppSec Summit 2012 Call For Papers

/0 Comments/in /by

 

Hi everyone,

We’re happy to announce that the sixth annual SANS AppSec Summit will be
held in Las Vegas, Nevada on April 30 – May 1, 2012.

The theme for this conference is “Application Security at Scale”.

Billions of records in the cloud. Millions of smart mobile devices.
Millions of developers writing new code. Hundreds of apps in your
enterprise. Untold numbers of existing bugs. Unknown numbers of
“sophisticated” attackers exploiting your software. What cutting edge
techniques are attackers using? How do large enterprises handle these
problems at scale? And how do small companies manage it all with fewer
resources?

We invite you to submit presentations in the following areas:

– Cloud Security
– Mobile Security
– Security in the SDLC
– Secure Coding
– Security Architecture
– Securing Legacy Applications
– Securing Open Source Frameworks
– Program Development
– Security Metrics
– Security Testing
– Penetration Testing
– Cutting Edge Attacks
– Cutting Edge Defense
– Case Studies
– Any topic related to Application Security

Submission Deadline
February 1, 2012

Submit papers via EasyChair (account required). Talks will be 50 minutes
in length.
https://www.easychair.org/conferences/?conf=sansappsec2012

For additional information please visit the conference web site or
contact us via email.
https://www.sans.org/appsec-2012/
callforpapers-appsec@sans.org

Please forward to anyone who might be interested in speaking.

Thanks!

The SANS AppSec 2012 Team

 

fdesir

Cyber Security Summit

/0 Comments/in , /by
4 interactive webinars featuring end users, analysts & other top experts
Live online November 9th, or afterward on demand
Cyber security features prominently in the mainstream media with news stories regularly getting in front of end users and boardrooms alike. The information security and risk market has responded with a range of solutions to tackle these issues and to bring comfort to business leaders. Engage live with IT security experts at this online event to learn about the latest threats to your business, how to effectively manage breaches and how to safeguard your organization from cybercriminals all over the world.
SUMMIT LINEUP INCLUDES:

  • How Information Security Can Become a Corporate Profit Center
    Alex Holden, Director of Enterprise Security, Cyopsis
  • Cyber Security: What You Should Know to Stay Safe
    John Skinner, Director of Secure Enterprise and Cloud Initiative, Intel Americas Inc.
  • Hardening the Education IT Environment: A Security Root of Trust 
    Eran Feigenbaum, Director of Security, Google Enterprise
  • Improving Your Organization’s Defense Posture And Strategy 
    Vladimir Jirasek, Senior Enterprise Security Architect, Nokia
Register here

You can attend any or all of the webinars at no cost, and will be able to submit real-time questions to presenters and vote in audience polls during the live online event. If you are unable to attend the webcasts live, you can also view them afterward on demand.  Each presentation will consist of slides and audio streaming live over the Web, and you can tune in from anywhere you have Internet access.
Sponsors:
            
In association with:
The LinkedIn Virtualization & Cloud Computing Group LinkedIn Virtualization and Cloud Security Community   LinkedIn Information Security Network Group
SecurityOrb_Staff

October Issue of BSD Magazine is Out!

/0 Comments/in /by

ARTICLES IN THIS ISSUE:

iXsystems Announces Release of FreeNAS™ Version 8.0.1
Josh Paetzel
Release features back end changes and bugfixes, as well as new front end user features
More…

Configuring a FreeBSD Stealth Logging Server
Michael Shirk
The collection of log files provides security administrators with the ability to have an audit trail for the behavior of an information system. In the event that a system is compromised, remote logging provides a forensic trail to determine what occurred on the system.
More…

DragonflyBSD news: Recovering data with hammer
Justin C. Sherrill
It’s been a while since we had a straightforward news report for DragonFly; the time since then has been filled with reports on Hammer and bulk pkgsrc builds.
More…

Using Openmaps data with Geoserver
Rob Somerville
In this article in our GIS series, we will examine how to import Openmaps data. Open Street Map (openstreetmap.org) founded in July 2004 by Steve Coast, is a treasure trove of worldwide street maps available under the Creative Commons licence.
More…

ONMP on OpenBSD 4.9
Toby Richards
OpenBSD is my BSD of choice. In fact, it is my OS of choice wherever possible. I always challenge those who disagree with me to name another OS with a similar track record for security.
More…

OSSEC on OpenBSD (ONMP) 4.9
Toby Richards
It is worth saying up front that these instructions assume that you’re running Nginx compiled from source vice Apache or Nginx from Ports or Packages.
More…

Taking a Peek Under the Hood Without Compromising Security – LibGTop and OpenBSD
Jasper Lievisse Adriaanse
LibGTop allows developers to peek under the hood of the kernel and export lots of system data in a convenient and easy to use library.
More…

Protecting Apache From Dos And Ddos Attacks
Stavros N. Shaeles
DOS(Denial of Service) or DDOS(Distributed Denial of Service), it is an attack where multiple compromised systems (which are usually infected with a Trojan) are used to target a single system in attempt to make the system resources(cpu,memory,network) unavailable to its intended users and causing system to crash.
More…

The Inevitability of IPv6, Part 1 & 2
Paul Ammann
Part 1: A switch from IPv4 to IPv6 is on your horizon. Are you ready for it?
Part 2: Configure IPv6 in your network – even if your routing infrastructure doesn’t yet support it.
More…

Download it here.

 

admin

What’s New in Nexpose 5.0: The Next Generation in Vulnerability Management

/0 Comments/in /by

This is from a Rapid7 email address we received today:

What’s New in Nexpose 5.0: The Next Generation in Vulnerability Management

Organizations across all industries and government agencies (at both the federal and state level) are struggling to mitigate constant cyber threats and comply with legislative or regulatory mandates. That’s nothing new in today’s information security landscape. What is new is that the new release of Rapid7 Nexpose provides a security risk intelligence solution that represents a paradigm shift in vulnerability management solutions.

With Nexpose 5.0, organizations can implement a proactive approach to risk management that leverages unique capabilities for:

• Continuous discovery of virtualized assets
• Clear identification of misconfigurations, malware threats and exploit exposure
• Effective prioritization of remediation tasks, and
• Customizable risk trending analytics across an entire IT infrastructure.

register_now.gif

This integrated approach to security risk intelligence enables greater foresight into potential risks, addresses the increasingly complex security needs emerging from the widespread adoption of virtualization techniques and increases the efficiency and effectiveness of risk mitigation strategies.

Please join Kelly Martin, Director of Product Management for Rapid7 on Wednesday October 26 at 2pm to learn about the patent-pending new features of Nexpose 5.0 and see how they can help you improve your overall risk posture.

SecurityOrb_Staff

Vulnerability Management eSymposium

/0 Comments/in /by

SC Magazine is offering you a new opportunity to earn CPE credits at no cost and with no travel required.

SC eSymposium: Vulnerability management

Date: Tuesday, November 8
Location: Your computer

Earn CPE credits for attending*

Click on the link below to register for FREE:
http://sc.haymarketcomm.net/r/?ZXU=1732217&ZXD=124841221

Cybercriminals frequently take advantage of vulnerabilities in web and other applications to gain entrance to wider corporate infrastructures. With breaches now happening on a regular basis using these methods, critical information of all kinds is being exposed. We learn from experts want companies can do to mitigate against these threats.

Platinum sponsors:
Lumension
NetIQ
Qualys

SC World Congress 24/7 exhibitors:
Damballa
LogRhythm
Secunia
Solutionary
Sophos

Click on the link below to register for FREE:
http://sc.haymarketcomm.net/r/?ZXU=1732218&ZXD=124841221

For more information, please e-mail mailto:maggie.keller@haymarketmedia.com

*SC Magazine is a designated (ISC)2 CPE provider. CPE credits will be issued to only live attendees with (ISC)2 credentials.

SecurityOrb_Staff

Hacker Halted Miami – Last Chance to Register

/0 Comments/in /by
LAST CHANCE TO REGISTER FOR ONE OF THE SECURITY EVENTS OF THE YEAR!

Not many platforms allow for a participant to learn from so many of the best the industry has to offer. This year, we are very proud to have some of the very best presenting at our event. The very impressive panel of speakers include Bruce Schneier (Internationally acclaimed security guru), Jeremiah Grossman (CTO – WhiteHat Security), George Kurtz (Global CTO – McAfee), Dr. Charlie Miller (Accuvant), Barnaby Jack (McAfee), Moxie Marlinspike (WhisperCore), and many others. We have lined up more than 70 speakers for this year’s event, and designed a very comprehensive agenda covering major hot topics surrounding information security across 4 dedicated tracks. To find out more about this event, please visit: www.hackerhalted.com/2011
Register

There’s still time for you to get your iPad 2!

Hacker Halted USA 2011 | EC-Council | 6330 Riverside Plaza Ln NW Suite 210, Albuquerque, NM, USA 8712Copyright © 2011 EC-Council
Privacy Statement