From: The SANS Institute (Webcastsans.org)
Date: Mon Apr 09 2007 - 13:37:23 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

********************************************************
Please join us this week for TWO informative FREE SANS Webcasts that
you won't want to miss!

(1) Internet Storm Center: Wednesday, April 11, 2007 at 1:00 PM EDT
(1700 UTC/GMT) "SQL Injection: The Hacker's Gold Mine"

(2) Ask The Expert Webcast: Thursday, April 12, 2007 at 1:00 PM EDT
(1700 UTC/GMT) "The Truth About Log Management."

You can now download or subscribe to the SANS webcast calendar -
http://www.sans.org/webcasts/calendar.ics

SANS live webcasts allow you to hear a knowledgeable speaker while
viewing presentation slides you can download in advance. If you've
never tuned in to a SANS webcast, see the simple instructions at the
end of this message to learn how to connect to the SANS Portal and
join us for these free educational webcasts.

********************************************************
WEBCAST 1

Internet Storm Center Webcast: "SQL Injection: The Hacker's Gold Mine"
Wednesday, April 11, 2007 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Johannes Ullrich and Dennis Hurst
https://www.sans.org/webcasts/show.php?webcastid=90791
Sponsored by: SPI Dynamics

Learn what SQL injection is, how it happens, and how to protect your
organization from it.

Johannes Ullrich: As Chief Research Officer for the SANS Institute,
Johannes is currently responsible for the SANS Internet Storm Center
(ISC) and the GIAC Gold program. He founded DShield.org in 2000, which
is now the data collection engine behind the ISC. His work with the
ISC has been widely recognized, and in 2004, Network World named him
one of the 50 most powerful people in the networking industry. Prior
to working for SANS, Johannes worked as a lead support engineer for
a web development company and as a research physicist. Johannes holds
a Ph.D. in Physics from SUNY Albany and is located in Jacksonville FL.

Dennis Hurst: Dennis Hurst is a Developer Security Evangelist for
SPI Dynamics where he is responsible for working with developers to
educate them on the need for Web application security and practical
ways to protect Web applications from hacking attacks. Dennis is
also the head of SPI Dynamics' Security Engineering group, where
he leads a team of Web application security experts that assist
prospective and current SPI Dynamics' customers with their Web
application security requirements. With more than 15 years experience
in the Information Systems/Application Development industry, Dennis
is an expert in system design, implementation and maintenance of
complex multi-vendor, multi-platform computer applications and
networks. He was the lead developer of SPI Dynamics' flagship Web
application vulnerability assessment product, WebInspectT, during
the initial years of the product's development, and now works with
other development organizations evangelizing the need to integrate
security into the Software Development Lifecycle (SDLC). Dennis is a
Microsoft Certified Solution Developer (MSCD) and a Certified Novell
Engineer (CNE). Furthermore, he is a notable industry speaker on Web
application security and a published author.

********************************************************
WEBCAST 2

Ask The Expert Webcast: "The Truth About Log Management"
Thursday, April 12, 2007 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Alan Paller and Brian Contos
https://www.sans.org/webcasts/show.php?webcastid=91021
Sponsored by: ArcSight

Log Management was one of the hottest security technologies last
year and its popularity continues. Join this briefing to explore
recent survey data about how organizations are using log management
systems to strengthen their security posture and meet regulatory
requirements. You'll also learn where the highest payoffs are and
how to avoid the biggest log management mistakes.

Alan Paller is the Director of Research for the SANS Institute,
responsible for overseeing all research projects ranging from the SANS
Step-by-Step guides to the SANS digests to the Top Twenty Internet
Security Threats. He the founder of the CIO Institute, and earned
his degrees in Computer Science and Engineering from Cornell and
MIT. Alan is the author of the EIS Book: Information Systems for
Top Managers and How to Give the Best Presentation of Your Life. In
2001 the President named Alan as one of the original members of the
National Infrastructure Advisory Council, and this year the Federal
CIO Council chose him as its 2005 Azimuth Award winner recognizing
his vision and outstanding service to federal information technology.

Brian Contos: Mr. Contos has over a decade of real-world security
engineering and management expertise developed in some of the
most sensitive and mission-critical environments in the world. As
ArcSight's CSO he advises government organizations and Global 1,000s
on security strategy related to Enterprise Security Management (ESM)
solutions while being an evangelist for the ESM space. He has spoken
at forums worldwide on insider threats and most recently published
a book on the subject, titled - Enemy at the Water Cooler. He has
written countless articles and been interviewed for publications such
as: Forbes, The London Times, Computerworld, SC Magazine, Tech News
World, Financial Sector Technology and the Sarbanes-Oxley Compliance
Journal. Mr. Contos has held management and engineering positions at
Riptech, Lucent Bell Labs, Compaq Computers and the Defense Information
Systems Agency (DISA).

********************************************************
Additional FREE SANS Webcasts coming in April 2007

SANS Special Webcast: "Penetration Testing with Confidence: 10 Keys to
Success" Tuesday, April 17, 2007 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Lenny Zeltser
https://www.sans.org/webcasts/show.php?webcastid=91101
Sponsored by: Core Security

WhatWorks Webcast: "WhatWorks in Vulnerability Management and Penetration
Testing: Building Better Bridges to Meet SOX Requirements" Thursday, April
19, 2007 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Alan Paller & Dave Bixler
https://www.sans.org/webcasts/show.php?webcastid=91111
Sponsored by: Qualys

Ask The Expert Webcast: "Application Security: "FIX" the code or deploy a
"WAF" - a debate to help you prioritize." Thursday, April 26, 2007 at 1:00
PM EDT (1700 UTC/GMT)
Featuring: James Tarala and David Hoelzer
https://www.sans.org/webcasts/show.php?webcastid=91116
Sponsored by: NetContinuum

********************************************************
For additional information on any of the above webcasts, please go
to http://www.sans.org/webcasts

********************************************************
In order to access these webcasts, you will need a SANS portal
account and either Real Audio Player or Windows Media Player
(free downloads are available at our website). If you do not
already have a portal account, just go to http://portal.sans.org
and fill in the simple registration form, it's free! Your account
gives you access to the archive of past webcasts. Log on to
http://www.sans.org/webcasts/archive.php

********************************************************

SANSFIRE 07 in Washington DC Features the Internet Storm Center Experts

No one knows the newest attacks better than the Internet Storm Center
Incident Handlers, and they are sharing the newest attacks and defenses
in evening sessions during SANSFIRE in Washington DC, July 25-August 7,
2007. Anyone who attends a course can also attend Internet Storm Center
Threat Updates. For a list of courses http://www.sans.org/sansfire07/

If you cannot come to Washington or can't wait that long, SANS award
winning security training is available in more than 70 cities in nine
countries just in the next four months. Better still, you can schedule
SANS training on-site or even take it live online or on demand.
*Complete schedule:
http://www.sans.org/training/bylocation/index_all.php
*SANS courses on site at your facility: http://www.sans.org/onsite/
********************************************************

SANS is pleased to announce our new Training and Events Calendar -
an easy way to see what opportunities are available to you during the
coming month! The current calendars are now available for download
from http://www.sans.org/info/1372.

To change your subscription, address, or other information, visit
http://portal.sans.org. If you wish to have your name removed from
our mailing list, visit the site above, click on "update your account"
and check the box "Do not send any email".

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]