Tuesday, September 04, 2007

WASC/BaySec Meet-Up (Bay Area)

Lots of local Bay Area events going on this year....

WASC is organizing another Meet-Up during the IT Security World Conference (Sep 17-18) in San Francisco @ O'Neills). As usual this will be an informal gathering. No agenda, slide-ware, or sponsors. Baysec is also organizing a meetup during that time and we are hoping to meet other security professionals from Bay Area. Everyone is welcome and it should be a really fun time!

Please RSVP by email ASAP, if you haven't done so already, so we can make the proper reservations: (anurag.agarwal _ _ _ _ a t _ _ _yahoo.com)

Time: Monday, Sep. 17 @ 7:00pm


O’Neills Irish Pub
747 3rd StSan Francisco,
CA 94107
Phone: (415) 777-1177


Unknown said...

- Jeremiah, Do you guys offer Blackbox and Whitebox testing? If so, can you help me approach the client, step by step on the phone what I would have to say to clearly state my message as in 'We offer this and that, which one do you want?' that to me, is unprofessional. Help? I don't want a resource like a website or survey, just from YOU. Thanks.

Jeremiah Grossman said...

You could just email these questions directly.

Anonymous said...

What e-mail do I respond to? Please don't do that blahblah[dsaf@]site.com stuff, just give me the email like lol@lol.com

Jeremiah Grossman said...

its my first name @whitehatsec.com

Unknown said...

Yeh, I sent you an email but I haven't gotten a response back -_- ?

Anonymous said...

Jeremiah, I can't seem to re-email you because it tells me that your black berry can't seem to receive it due to DNS issues or filtration of some sort.

Anonymous said...

He'll get it. That's an auto-responder from his BB.

WhiteHat is for the record a "BlackBox" or "runtime fault-injection" testing company.

Essentially, anything that uses the HTTP protocol and has a text-based API exposed through URI or PostData is fair game. This includes most rich clients that use HTTP and text-based APIs.

Flex and Flash 9's AMF, for example, is not. Proprietary, binary message streams and binary async message queues are out of scope.

We also perform SMTP analysis for out-of-band messaging and security decisions (e.g.-password reset tokens sent in emails etc.) and FTP for alternate data input points.