OWASP - User contributions [en]

Atlanta Georgia

2012-12-17T14:15:45Z

Shauvik:

[[Image:OwaspAtl.png]]

{{Chapter Template|chaptername=Atlanta|extra=The chapter leader is [mailto:tonyuv@owasp.org Tony UcedaVelez]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Atlanta|emailarchives=http://lists.owasp.org/pipermail/owasp-Atlanta}}

[[Category:OWASP Chapter]]

== '''Join OWASP ATL via our Meetup Group''' ==

From Jan 2012, we have moved to a [http://www.meetup.com/OWASP-Atlanta/ Meetup group]. MeetUp.com will replace the traditional subscriber email list eventually (referenced above in the top of this page). It allows us to better communicate with members, RSVP for events, and announce meetings - all in one place. Click on the following link to visit our meetup page and signup.

[http://www.meetup.com/OWASP-Atlanta/?a=shareimg http://img.meetup.com/img/logo_82.png]

== Atlanta Georgia OWASP Chapter Leaders ==

<ul>
<li>[http://www.owasp.org/index.php/User:Versprite Tony UcedaVelez] - Chapter Leader </li>
<li>Steven Schwartz - Chapter Lead</li>
<li>[https://www.owasp.org/index.php/User:Shauvik Shauvik Roy-Choudhary] - Chapter Lead</li>
<li>Jon Bango - Chapter Lead</li>
<li>Russell Eubanks - Chapter Lead</li>
</ul>



== Becoming a Member or Sponsor ==
On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

<br>
== Thank You to Our 2012 Supporters ==

We're looking for sponsors in 2012. Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2012.

<ul>
<table cellpadding="15" cellspacing="0">
<tr>
<td>[[Image:whitehat.jpg]]</td>
<td>[[Image:dellswrx.jpg]]</td>
<td>[[Image:versprite.jpg]]</td>
<td>[[Image:wipro.jpg]]</td>
</tr>
<tr>
<td>[[Image:Trustwave.jpg|200px]]</td>
<td>[[Image:WiKID_logo.jpg|200px]]</td>
</tr>
</table>
</ul>

== 2011 OWASP Atlanta Member Survey ==
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. [[Image:Owasp surv2011.jpg]]

==== Chapter Meetings ====

== '''Future Meetings''' ==

Please check http://www.meetup.com/OWASP-Atlanta/events/ for a list of upcoming future meetings.

----

= Meeting Archive on Meetup.com =

[http://www.meetup.com/OWASP-Atlanta/events/88009182/ Nov 2012 - Web Security CTF (primer)]

[http://www.meetup.com/OWASP-Atlanta/events/90863212/ AppSec for CISOs Breakfast]

[http://www.meetup.com/OWASP-Atlanta/events/88192022/ 2012 Metro Atlanta ISSA Conference]

[http://www.meetup.com/OWASP-Atlanta/events/87110162/ Oct 2012 - Security Testing Techniques]

[http://www.meetup.com/OWASP-Atlanta/events/77080162/ Sep 2012 - Social Networks & Fake Accounts: New Heaven for Spammers & Attackers]

[http://www.meetup.com/OWASP-Atlanta/events/77588622/ August 2012 - HD Moore presents 'The Long Tail of Security']

[http://www.meetup.com/OWASP-Atlanta/events/71686572/ July 2012 - HTML5 Security: A Beautiful Disaster]

[http://www.meetup.com/OWASP-Atlanta/events/60876802/ June 2012 - Is There An End to Testing Ourselves Secure?]

[http://www.meetup.com/OWASP-Atlanta/events/64176042/ May 2012 - Attack Chaining: Advanced Maneuvers for Hack Fu ]

[http://www.meetup.com/OWASP-Atlanta/events/50563772/ April 2012 - Practical Android Security (Jack Mannino, nVisium Security)]

[http://www.meetup.com/OWASP-Atlanta/events/54085342/ March 2012 - Trustwave 2012 Global Security Report - Trustwave]

[http://www.meetup.com/OWASP-Atlanta/events/45830712/ February 2012 - Scanning Web2.0 – web applications aren’t web sites anymore (Kiril Mendelev, HP)]

[http://www.meetup.com/OWASP-Atlanta/events/45830712/ January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)]

== Old meeting pages (before 2012) ==

[[Atlanta Member Meeting 12.15.11 | December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc) ]]

[[Atlanta Member Meeting 11.17.11 | November 2011 - HowTo Talk on Assessing Mobile Apps ]]

[[Atlanta Member Meeting 10.27.11 | October 2011 - Fuzzin' w/ JBroFuzz (Tony UV) ]]

[[Atlanta Member Meeting 08.18.11 | August 2011 - Mobile Security for the Enterprise (Billy Graham) ]]

[[Atlanta Member Meeting 05.25.11 | May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize) ]]

[[Atlanta Member Meeting 04.21.11 | Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting) ]]

[[Atlanta Member Meeting 03.17.11 | Mar 2011 - Online Privacy (Samy Kamkar) ]]

[[Atlanta Member Meeting 02.28.11 | Feb 2011 - Separated by a Common Language (Business-Geek Communication) ]]

[[Atlanta Member Meeting 01.27.11 | Jan 2011 - OWASP Tool Medley (Tony UV]]

[[Atlanta Member Meeting 12.16.10 | Dec 2010 - December Social Event]]

[[Atlanta Member Meeting 10.13.10 | Oct 2010 - Rapid Development of Web Security Tools using SpiderSense]]

[[Atlanta Member Meeting 09.15.10 | Sep 2010 - Search Engine Hacking]]

[[Atlanta Member Meeting 08.12.10 | Aug 2010 - OWASP Guided Tour & Using the O2 Platform]]

[[Atlanta Member Meeting 06.26.10 | Jun 2010 - Security Six Flags Outing]]

[[Atlanta Member Meeting 05.24.10 | May 2010 - Clubbing WebApps with Botnets]]

[[Atlanta Member Meeting 03.24.10 | Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps]]

[[Atlanta Member Meeting 02.25.10 | Feb 2010 - Embedded Malicious JavaScript]]

[[Atlanta Member Meeting 02.15.10 | Feb 2010 - DNS Security]]

[[Atlanta Member Meeting 01.29.10 | Jan 2010 - Owasp Top 10 (Tony UV)]]

[[Atlanta Member Meeting 10.13.09 | Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)]]

[[Atlanta Member Meeting 09.15.09 | Sept 2009 - Securing WebServices (Tony UV)]]

[[Atlanta Member Meeting 08.17.09 | Aug 2009 - ISSA Event]]

[[Atlanta Member Meeting 06.03.09 | June 2009 - OWASP LIVE CD Workshop]]

[[Atlanta Member Meeting 04.25.09 | Apr 2009 - Filter Evasion Techniques (Workshop)]]

[[Atlanta Member Meeting 04.02.09 | Apr 2009 - Chapter Rebirth meeting]]

[[Atlanta ISACA OWASP Meeting 03.27.09]]

[[Atlanta Leadership Meeting 03.05.09]]

[[Atlanta Leadership Meeting 02.26.09]]

[[Atlanta OWASP May 2007 Meeting]]

[[Atlanta OWASP December 06 Social]]

[[Atlanta OWASP April Meeting]]

[[Chapter Meeting March 29th 2006]]

[[October 26th Meeting]]

[[April 27th, Chapter meeting a SUCCESS!]]

[[March 30th, 2005]]

[[February Meeting]]

[[June 2005]]

[[Category:Georgia]]

Atlanta Georgia

2012-05-31T18:30:09Z

Shauvik:

File:WiKID logo.jpg

2012-05-31T18:28:39Z

Shauvik: Logo for WiKID systems

Logo for WiKID systems

2012-01-28T02:04:25Z

Shauvik:

File:Wipro.jpg

2012-01-28T02:03:20Z

Shauvik:

2011-12-28T16:24:50Z

Shauvik: Created page with " ===December 2011 Meeting=== '''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls' '''WHEN::''' 15th of December 2011. 6-8pm ''..."

Atlanta Member Meeting 11.17.11

2011-11-30T10:29:05Z

Shauvik:

===November 2011 Meeting===
'''WHAT::''' November Chapter Meeting - 'HowTo Talk on Assessing Mobile Apps'

'''WHEN::''' 17th of November 2011. 6-8pm

'''WHERE::''' Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

'''WHO::''' Jeremy Allen is the Chief Technology Officer with the Intrepidus Group. Jeremy is a regular speaker at popular security conferences such as BlackHat, SOURCE and OWASP AppSec. He is currently the lead on the development of the SANS “Secure Mobile Application Development: iOS App Security” course. He has conducted numerous application assessments against iOS applications.

'''ABSTRACT::'''
This talk will focus on mobile application assessment techniques. The assessment techniques will focus on how to test applications for the OWASP Mobile Top 10 issues. Mitigation techniques for both Android and iOS will be discussed. Mallory, Intrepidus Group’s Man in The Middle tool designed to test mobile devices and applications, will be demonstrated throughout the presentation. Additionally, usage of other open source tools will be demonstrated. Both iOS and Android will be discussed.

'''''COST''''': Free to all. Bring a Friend.

'''SLIDES & VIDEOS''' available [http://intrepidusgroup.com/insight/2011/11/owasp-atl-mobile-application-assessment-presentation/ here]

Atlanta Georgia

2011-11-21T21:48:51Z

Shauvik:

[[Image:OwaspAtl.png]]

{{Chapter Template|chaptername=Atlanta|extra=The chapter leader is [mailto:tonyuv@owasp.org Tony UcedaVelez]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Atlanta|emailarchives=http://lists.owasp.org/pipermail/owasp-Atlanta}}

[[Category:OWASP Chapter]]

==== '''Local News''' ====

== Latest News ==
So we have hit a bit of a lull over the past two months as you can probably tell. August meeting was really low attendance and September was a non-event since I largely have been out of town and so have a lot of the other co-leads. Nonetheless, get ready to resume meetings. Next one is Dec 15th at the Tilted Kilt @ Cumberland. Make a note and check out details in the Chapter Meetings page above.

FYI - We are trying to reach out to more developers, quality assurance engineers, and software architects so if you have colleagues in those areas, please invite them to come. For next meeting information, please visit the Chapter Meetings tab and RSVP in the link provided.

== Staying in Touch ==
There is an OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm
<br>

The Atlanta mailing list provides a low volume update to monthly events and also allows for members to post questions related to challenges in using and adopting OWASP related material/ tools. To join the Atlanta Mailing List, please sign up here: http://lists.owasp.org/mailman/listinfo/owasp-Atlanta

== Becoming a Member or Sponsor ==
On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

<br>
== Thank You to Our 2011 Supporters ==

Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2011.

<ul>
<table cellpadding="15" cellspacing="0">
<tr>
<td>[[Image:GTISC logo2.jpg]]</td>
<td>[[Image:versprite.jpg]]</td>
<td>[[Image:stachliu.jpg]]</td>
<td>[[Image:whitehat.jpg]]</td>
</tr>
</table>
<table cellpadding="15" cellspacing="0">
<tr>
<td>[[Image:imperva.jpg]]</td>
<td>[[Image:adp.jpg]]</td>
<td>[[Image:iptrust.jpg]]</td>
<td>[[Image:dellswrx.jpg]]</td>
<td>[[Image:accuvant.jpg]]</td>
</tr>
</table>
</ul>

== 2011 OWASP Atlanta Member Survey ==
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. [[Image:Owasp surv2011.jpg]]

==== Chapter Meetings ====

== '''Future Meetings''' ==

===December 2011 Meeting===
'''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'

'''WHEN::''' 15th of December 2011. 6-8pm

'''WHERE::''' Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

'''WHO::''' Anirudh Ramachandran is a networks and systems security
researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a
nascent data security startup. He has 6 years of experience developing
solutions in areas such as data breach prevention, high speed traffic
monitoring, network-level spam filtering, and botnet identification.
He graduated with a PhD in Computer Science from Georgia Tech in 2011.
http://www.cc.gatech.edu/~avr

'''ABSTRACT::''' Data breaches through Web application vulnerabilities have become
particularly rampant. Point solutions -- for example, a Web
Application Firewall that scans requests destined to the Web app --
can only stop a limited number of attack patterns, and do not provide
any protection from a breach once a vulnerability is eventually
exploited. We have developed a complementary approach to prevent
breaches based on the idea that, if sensitive data is tracked closely
enough, a breach can be prevented without worrying about the Web
application vulnerability that led to the breach.

In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database
records and files, and uses an OS-level module to track the flow of
tagged data through the various components of a Web application) and
describe how we integrated SilverLine with a popular open source
e-Commerce Web application, OSCommerce.

'''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

===January 2012 Meeting===
'''WHAT::''' 'Ninja Assessments: Stealth Security Testing for Organizations'

'''WHEN::''' January 19, 2012. 6-8pm

'''WHERE::''' Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

'''WHO::''' Kevin Johnson is a security consultant with Secure Ideas. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin's involvement in open-source projects is spread across a number of projects and efforts. He is the founder of many different projects and has worked on others. He founded BASE, which is a Web front-end for Snort analysis. He also founded and continues to lead the SamuraiWTF live DVD. This is a live environment focused on Web penetration testing. He also founded Yokoso and Laudanum, which are focused on exploit delivery. Kevin is a senior instructor for SANS and the author of Security 542: Web Application Penetration Testing and Ethical Hacking. He also presents at industry events, including DEFCON and ShmooCon, and for various organizations, like Infragard, ISACA, ISSA, and the University of Florida.

'''ABSTRACT::''' Organizations today need to be able to easily integrate security testing
within their existing processes. In this talk, Kevin Johnson of Secure Ideas
will explore various techniques and tools to help organizations assess the
security of the web applications. These techniques are designed to be
implemented easily and with little impact on the work load of the staff.

'''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.



----
===Google Calendar===
[https://www.google.com/calendar/embed?src=o5j6b323c225duhohd2uctcofk%40group.calendar.google.com&ctz=America/New_York&mode=AGENDA HTML] |
[https://www.google.com/calendar/ical/o5j6b323c225duhohd2uctcofk%40group.calendar.google.com/public/basic.ics ICAL] |
[https://www.google.com/calendar/feeds/o5j6b323c225duhohd2uctcofk%40group.calendar.google.com/public/basic XML]

----

== Past Meetings ==

[[Atlanta Member Meeting 11.17.11 | November 2011 - HowTo Talk on Assessing Mobile Apps ]]

[[Atlanta Member Meeting 10.27.11 | October 2011 - Fuzzin' w/ JBroFuzz ]]

[[Atlanta Member Meeting 08.18.11 | August 2011 - Mobile Security for the Enterprise (Billy Graham) ]]

[[Atlanta Member Meeting 05.25.11 | May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize) ]]

[[Atlanta Member Meeting 04.21.11 | Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting) ]]

[[Atlanta Member Meeting 03.17.11 | Mar 2011 - Online Privacy (Samy Kamkar) ]]

[[Atlanta Member Meeting 02.28.11 | Feb 2011 - Separated by a Common Language (Business-Geek Communication) ]]

[[Atlanta Member Meeting 01.27.11 | Jan 2011 - OWASP Tool Medley ]]

[[Atlanta Member Meeting 12.16.10 | Dec 2010 - December Social Event]]

[[Atlanta Member Meeting 10.13.10 | Oct 2010 - Rapid Development of Web Security Tools using SpiderSense]]

[[Atlanta Member Meeting 09.15.10 | Sep 2010 - Search Engine Hacking]]

[[Atlanta Member Meeting 08.12.10 | Aug 2010 - OWASP Guided Tour & Using the O2 Platform]]

[[Atlanta Member Meeting 06.26.10 | Jun 2010 - Security Six Flags Outing]]

[[Atlanta Member Meeting 05.24.10 | May 2010 - Clubbing WebApps with Botnets]]

[[Atlanta Member Meeting 03.24.10 | Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps]]

[[Atlanta Member Meeting 02.25.10 | Feb 2010 - Embedded Malicious JavaScript]]

[[Atlanta Member Meeting 02.15.10 | Feb 2010 - DNS Security]]

[[Atlanta Member Meeting 01.29.10 | Jan 2010 - Owasp Top 10]]

[[Atlanta Member Meeting 10.13.09 | Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)]]

[[Atlanta Member Meeting 09.15.09 | Sept 2009 - Securing WebServices]]

[[Atlanta Member Meeting 08.17.09 | Aug 2009 - ISSA Event]]

[[Atlanta Member Meeting 06.03.09 | June 2009 - OWASP LIVE CD Workshop]]

[[Atlanta Member Meeting 04.25.09 | Apr 2009 - Filter Evasion Techniques (Workshop)]]

[[Atlanta Member Meeting 04.02.09 | Apr 2009 - Chapter Rebirth meeting]]

[[Atlanta ISACA OWASP Meeting 03.27.09]]

[[Atlanta Leadership Meeting 03.05.09]]

[[Atlanta Leadership Meeting 02.26.09]]

[[Atlanta OWASP May 2007 Meeting]]

[[Atlanta OWASP December 06 Social]]

[[Atlanta OWASP April Meeting]]

[[Chapter Meeting March 29th 2006]]

[[October 26th Meeting]]

[[April 27th, Chapter meeting a SUCCESS!]]

[[March 30th, 2005]]

[[February Meeting]]

[[June 2005]]

==== Atlanta Georgia OWASP Chapter Leaders ====

<ul>
<li>[http://www.owasp.org/index.php/User:Versprite Tony UcedaVelez] - Chapter Leader </li>
<li>Steven Schwartz - Chapter Lead</li>
<li>[https://www.owasp.org/index.php/User:Shauvik Shauvik Choudhary] - Chapter Lead</li>
<li>Jon Bango - Chapter Lead</li>
<li>Russell Eubanks - Chapter Lead</li>
</ul>

<headertabs />

[[Category:Georgia]]

Atlanta Georgia

2011-11-21T21:47:45Z

Shauvik:

[[Image:OwaspAtl.png]]

{{Chapter Template|chaptername=Atlanta|extra=The chapter leader is [mailto:tonyuv@owasp.org Tony UcedaVelez]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Atlanta|emailarchives=http://lists.owasp.org/pipermail/owasp-Atlanta}}

[[Category:OWASP Chapter]]

==== '''Local News''' ====

== Latest News ==
So we have hit a bit of a lull over the past two months as you can probably tell. August meeting was really low attendance and September was a non-event since I largely have been out of town and so have a lot of the other co-leads. Nonetheless, get ready to resume meetings. Next one is Dec 15th at the Tilted Kilt @ Cumberland. Make a note and check out details in the Chapter Meetings page above.

FYI - We are trying to reach out to more developers, quality assurance engineers, and software architects so if you have colleagues in those areas, please invite them to come. For next meeting information, please visit the Chapter Meetings tab and RSVP in the link provided.

== Staying in Touch ==
There is an OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm
<br>

The Atlanta mailing list provides a low volume update to monthly events and also allows for members to post questions related to challenges in using and adopting OWASP related material/ tools. To join the Atlanta Mailing List, please sign up here: http://lists.owasp.org/mailman/listinfo/owasp-Atlanta

== Becoming a Member or Sponsor ==
On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

<br>
== Thank You to Our 2011 Supporters ==

Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2011.

<ul>
<table cellpadding="15" cellspacing="0">
<tr>
<td>[[Image:GTISC logo2.jpg]]</td>
<td>[[Image:versprite.jpg]]</td>
<td>[[Image:stachliu.jpg]]</td>
<td>[[Image:whitehat.jpg]]</td>
</tr>
</table>
<table cellpadding="15" cellspacing="0">
<tr>
<td>[[Image:imperva.jpg]]</td>
<td>[[Image:adp.jpg]]</td>
<td>[[Image:iptrust.jpg]]</td>
<td>[[Image:dellswrx.jpg]]</td>
<td>[[Image:accuvant.jpg]]</td>
</tr>
</table>
</ul>

== 2011 OWASP Atlanta Member Survey ==
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. [[Image:Owasp surv2011.jpg]]

==== Chapter Meetings ====

== '''Future Meetings''' ==

===December 2011 Meeting===
'''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'

'''WHEN::''' 15th of December 2011. 6-8pm

'''WHERE::''' Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

'''WHO::''' Anirudh Ramachandran is a networks and systems security
researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a
nascent data security startup. He has 6 years of experience developing
solutions in areas such as data breach prevention, high speed traffic
monitoring, network-level spam filtering, and botnet identification.
He graduated with a PhD in Computer Science from Georgia Tech in 2011.
http://www.cc.gatech.edu/~avr

'''ABSTRACT::''' Data breaches through Web application vulnerabilities have become
particularly rampant. Point solutions -- for example, a Web
Application Firewall that scans requests destined to the Web app --
can only stop a limited number of attack patterns, and do not provide
any protection from a breach once a vulnerability is eventually
exploited. We have developed a complementary approach to prevent
breaches based on the idea that, if sensitive data is tracked closely
enough, a breach can be prevented without worrying about the Web
application vulnerability that led to the breach.

In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database
records and files, and uses an OS-level module to track the flow of
tagged data through the various components of a Web application) and
describe how we integrated SilverLine with a popular open source
e-Commerce Web application, OSCommerce.

'''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

===January 2012 Meeting===
'''WHAT::''' 'Ninja Assessments: Stealth Security Testing for Organizations'

'''WHEN::''' January 19, 2012. 6-8pm

'''WHERE::''' Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

'''WHO::''' Kevin Johnson is a security consultant with Secure Ideas. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin's involvement in open-source projects is spread across a number of projects and efforts. He is the founder of many different projects and has worked on others. He founded BASE, which is a Web front-end for Snort analysis. He also founded and continues to lead the SamuraiWTF live DVD. This is a live environment focused on Web penetration testing. He also founded Yokoso and Laudanum, which are focused on exploit delivery. Kevin is a senior instructor for SANS and the author of Security 542: Web Application Penetration Testing and Ethical Hacking. He also presents at industry events, including DEFCON and ShmooCon, and for various organizations, like Infragard, ISACA, ISSA, and the University of Florida.

'''ABSTRACT::''' Organizations today need to be able to easily integrate security testing
within their existing processes. In this talk, Kevin Johnson of Secure Ideas
will explore various techniques and tools to help organizations assess the
security of the web applications. These techniques are designed to be
implemented easily and with little impact on the work load of the staff.

'''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.



----
===Google Calendar===
[https://www.google.com/calendar/embed?src=o5j6b323c225duhohd2uctcofk%40group.calendar.google.com&ctz=America/New_York&mode=AGENDA HTML] |
[https://www.google.com/calendar/ical/o5j6b323c225duhohd2uctcofk%40group.calendar.google.com/public/basic.ics ICAL] |
[https://www.google.com/calendar/feeds/o5j6b323c225duhohd2uctcofk%40group.calendar.google.com/public/basic XML]

----

== Past Meetings ==

[[Atlanta Member Meeting 10.27.11 | October 2011 - Fuzzin' w/ JBroFuzz ]]

[[Atlanta Member Meeting 08.18.11 | August 2011 - Mobile Security for the Enterprise (Billy Graham) ]]

[[Atlanta Member Meeting 05.25.11 | May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize) ]]

[[Atlanta Member Meeting 04.21.11 | Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting) ]]

[[Atlanta Member Meeting 03.17.11 | Mar 2011 - Online Privacy (Samy Kamkar) ]]

[[Atlanta Member Meeting 02.28.11 | Feb 2011 - Separated by a Common Language (Business-Geek Communication) ]]

[[Atlanta Member Meeting 01.27.11 | Jan 2011 - OWASP Tool Medley ]]

[[Atlanta Member Meeting 12.16.10 | Dec 2010 - December Social Event]]

[[Atlanta Member Meeting 10.13.10 | Oct 2010 - Rapid Development of Web Security Tools using SpiderSense]]

[[Atlanta Member Meeting 09.15.10 | Sep 2010 - Search Engine Hacking]]

[[Atlanta Member Meeting 08.12.10 | Aug 2010 - OWASP Guided Tour & Using the O2 Platform]]

[[Atlanta Member Meeting 06.26.10 | Jun 2010 - Security Six Flags Outing]]

[[Atlanta Member Meeting 05.24.10 | May 2010 - Clubbing WebApps with Botnets]]

[[Atlanta Member Meeting 03.24.10 | Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps]]

[[Atlanta Member Meeting 02.25.10 | Feb 2010 - Embedded Malicious JavaScript]]

[[Atlanta Member Meeting 02.15.10 | Feb 2010 - DNS Security]]

[[Atlanta Member Meeting 01.29.10 | Jan 2010 - Owasp Top 10]]

[[Atlanta Member Meeting 10.13.09 | Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)]]

[[Atlanta Member Meeting 09.15.09 | Sept 2009 - Securing WebServices]]

[[Atlanta Member Meeting 08.17.09 | Aug 2009 - ISSA Event]]

[[Atlanta Member Meeting 06.03.09 | June 2009 - OWASP LIVE CD Workshop]]

[[Atlanta Member Meeting 04.25.09 | Apr 2009 - Filter Evasion Techniques (Workshop)]]

[[Atlanta Member Meeting 04.02.09 | Apr 2009 - Chapter Rebirth meeting]]

[[Atlanta ISACA OWASP Meeting 03.27.09]]

[[Atlanta Leadership Meeting 03.05.09]]

[[Atlanta Leadership Meeting 02.26.09]]

[[Atlanta OWASP May 2007 Meeting]]

[[Atlanta OWASP December 06 Social]]

[[Atlanta OWASP April Meeting]]

[[Chapter Meeting March 29th 2006]]

[[October 26th Meeting]]

[[April 27th, Chapter meeting a SUCCESS!]]

[[March 30th, 2005]]

[[February Meeting]]

[[June 2005]]

==== Atlanta Georgia OWASP Chapter Leaders ====

<ul>
<li>[http://www.owasp.org/index.php/User:Versprite Tony UcedaVelez] - Chapter Leader </li>
<li>Steven Schwartz - Chapter Lead</li>
<li>[https://www.owasp.org/index.php/User:Shauvik Shauvik Choudhary] - Chapter Lead</li>
<li>Jon Bango - Chapter Lead</li>
<li>Russell Eubanks - Chapter Lead</li>
</ul>

<headertabs />

[[Category:Georgia]]

2011-03-10T04:22:51Z

Shauvik: Created page with "===February 2011 Meeting=== '''WHAT::''' February Chapter Meeting - Separated By A Common Language '''WHEN::''' 28th February 2011. 6-8pm '''WHERE::''' Tilted Kilt http://tiny..."

===February 2011 Meeting===
'''WHAT::''' February Chapter Meeting - Separated By A Common Language

'''WHEN::''' 28th February 2011. 6-8pm

'''WHERE::''' Tilted Kilt http://tinyurl.com/4oh2thj

'''WHO::''' Beau Woods

Beau Woods is in the Security and Risk Consulting group within SecureWorks. His experience has given him insight into solving the complex real-world problems organizations face worldwide. Beau has over 10 years of experience providing services in the information technology field, with the last five years dedicated to security, risk and compliance. A seasoned speaker at information security conferences, Beau is often invited to present at industry events.

'''ABSTRACT:: '''
Separated By A Common Language

George Bernard Shaw said that about the US and England. And there’s perhaps nowhere in Information Security where that is more true than in Web App Sec. Though business people and geeks use a common language, we don’t have a common understanding. It’s not what’s said; it’s what’s heard that counts! It’s not enough to just understand the words, the listener has to understand the concepts and how they are put into practice. This talk goes through these challenges on both sides of the equation and gives a framework that can even give a CEO a working knowledge of the OWASP Top 10.

'''RSVP::''' https://www.regonline.com/february_2011_owasp_atl_meeting

'''''COST''''': Free to all.

Atlanta Georgia

2011-02-22T19:00:52Z

Shauvik:

Atlanta Georgia

2011-02-22T17:02:55Z

Shauvik:

Atlanta Georgia

2011-02-03T22:14:52Z

Shauvik:

[[Image:OwaspAtl.png]]

{{Chapter Template|chaptername=Atlanta|extra=The chapter leader is [mailto:tonyuv@owasp.org Tony UV]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Atlanta|emailarchives=http://lists.owasp.org/pipermail/owasp-Atlanta}}

[[Category:OWASP Chapter]]

==== '''Local News''' ====

== Latest News ==
Happy New Year everyone!! This month, as part of a 2 year traditional, I'll be leading the next OWASP meeting and presenting on a medley of different OWASP projects, tools, and frameworks that you can use out of the box. We will most likely convene at the Tilted Kilt off of Cobb Pkwy so save the date of January 27,2010. Looking forward to seeing everyone there and please spread the word amongst your work and school settings so that we can further the education on what OWASP has to offer.

== Staying in Touch ==
There is an OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm
<br>

== Becoming a Member or Sponsor ==
On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

<br>
== Thank You to Our Supporters ==

Thanks to the following list of supportive organizations for their financial contributions and hosting our chapter meetings.

<ul>
<li>Georgia Tech Information Security Center: [[Image:GTISC logo2.jpg]]
</ul>

== 2009 OWASP Atlanta Member Survey ==
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2009. More detailed results will be provided and discussed briefly during our first meeting, April 2nd, 2009. [[Image:Owasp surv.jpg]]

==== Chapter Meetings ====

== '''Future Meetings''' ==

===February 2011 Meeting===
'''WHAT::''' February Chapter Meeting - Separated By A Common Language

'''WHEN::''' 24th February 2011. 6-8pm

'''WHERE::''' Tilted Kilt http://tinyurl.com/4oh2thj

'''WHO::''' Beau Woods

Beau Woods is in the Security and Risk Consulting group within SecureWorks. His experience has given him insight into solving the complex real-world problems organizations face worldwide. Beau has over 10 years of experience providing services in the information technology field, with the last five years dedicated to security, risk and compliance. A seasoned speaker at information security conferences, Beau is often invited to present at industry events.

'''ABSTRACT:: '''
Separated By A Common Language

George Bernard Shaw said that about the US and England. And there’s perhaps nowhere in Information Security where that is more true than in Web App Sec. Though business people and geeks use a common language, we don’t have a common understanding. It’s not what’s said; it’s what’s heard that counts! It’s not enough to just understand the words, the listener has to understand the concepts and how they are put into practice. This talk goes through these challenges on both sides of the equation and gives a framework that can even give a CEO a working knowledge of the OWASP Top 10.

'''RSVP::''' https://www.regonline.com/february_2011_owasp_atl_meeting

'''''COST''''': Free to all.



----
== Past Meetings ==

[[Atlanta Member Meeting 01.27.11 | Jan 2011 - OWASP Tool Medley ]]

[[Atlanta Member Meeting 12.16.10 | Dec 2010 - December Social Event]]

[[Atlanta Member Meeting 10.13.10 | Oct 2010 - Rapid Development of Web Security Tools using SpiderSense]]

[[Atlanta Member Meeting 09.15.10 | Sep 2010 - Search Engine Hacking]]

[[Atlanta Member Meeting 08.12.10 | Aug 2010 - OWASP Guided Tour & Using the O2 Platform]]

[[Atlanta Member Meeting 06.26.10 | Jun 2010 - Security Six Flags Outing]]

[[Atlanta Member Meeting 05.24.10 | May 2010 - Clubbing WebApps with Botnets]]

[[Atlanta Member Meeting 03.24.10 | Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps]]

[[Atlanta Member Meeting 02.25.10 | Feb 2010 - Embedded Malicious JavaScript]]

[[Atlanta Member Meeting 02.15.10 | Feb 2010 - DNS Security]]

[[Atlanta Member Meeting 01.29.10 | Jan 2010 - Owasp Top 10]]

[[Atlanta Member Meeting 10.13.09 | Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)]]

[[Atlanta Member Meeting 09.15.09 | Sept 2009 - Securing WebServices]]

[[Atlanta Member Meeting 08.17.09 | Aug 2009 - ISSA Event]]

[[Atlanta Member Meeting 06.03.09 | June 2009 - OWASP LIVE CD Workshop]]

[[Atlanta Member Meeting 04.25.09 | Apr 2009 - Filter Evasion Techniques (Workshop)]]

[[Atlanta Member Meeting 04.02.09 | Apr 2009 - Chapter Rebirth meeting]]

[[Atlanta ISACA OWASP Meeting 03.27.09]]

[[Atlanta Leadership Meeting 03.05.09]]

[[Atlanta Leadership Meeting 02.26.09]]

[[Atlanta OWASP May 2007 Meeting]]

[[Atlanta OWASP December 06 Social]]

[[Atlanta OWASP April Meeting]]

[[Chapter Meeting March 29th 2006]]

[[October 26th Meeting]]

[[April 27th, Chapter meeting a SUCCESS!]]

[[March 30th, 2005]]

[[February Meeting]]

[[June 2005]]

==== Atlanta Georgia OWASP Chapter Leaders ====

<ul>
<li>[http://www.owasp.org/index.php/User:Versprite Tony UcedaVelez] - Chapter Lead
<li>Steven Schwartz - Meeting Chairperson
<li>Shauvik Roy Choudhary - Marketing Chairperson __NOTOC__ <headertabs />

[[Category:Georgia]]

Atlanta Member Meeting 01.27.11

2011-02-03T22:14:18Z

Shauvik: moved Atlanta Member Meeting 1.27.11 to Atlanta Member Meeting 01.27.11

===January 2011 Meeting===
'''WHAT::''' January Chapter Meeting - OWASP Tool Medley - Overview of OWASP Tools and Solutions for use today

'''WHEN::''' 27th January 2011. 7-9pm

'''WHERE::''' Tilted Kilt http://tinyurl.com/4oh2thj

'''WHO::''' [http://www.owasp.org/index.php/User:Versprite Tony UcedaVelez] (OWASP Chapter Lead)

Tony is managing partner to VerSprite - ATL based Security Consulting Firm. Pen Tester. Web Application Engineer. Security Trainer. OWASP enthusiast. I'll cover some key tools that you can take away to work, school, or beyond.

'''RSVP::''' https://www.regonline.com/january_2011_owasp_atl_meeting_owasp_tools_medley

'''''COST''''': Free to all. Bring a Friend.