This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Atlanta Member Meeting 12.15.11"
(Created page with " ===December 2011 Meeting=== '''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls' '''WHEN::''' 15th of December 2011. 6-8pm ''...") |
|||
Line 32: | Line 32: | ||
'''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause. | '''''COST''''': Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause. | ||
+ | |||
+ | '''''PRESO'''': TBD |
Latest revision as of 17:07, 28 December 2011
December 2011 Meeting
WHAT:: December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'
WHEN:: 15th of December 2011. 6-8pm
WHERE:: Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/
WHO:: Anirudh Ramachandran is a networks and systems security researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a nascent data security startup. He has 6 years of experience developing solutions in areas such as data breach prevention, high speed traffic monitoring, network-level spam filtering, and botnet identification. He graduated with a PhD in Computer Science from Georgia Tech in 2011. http://www.cc.gatech.edu/~avr
ABSTRACT:: Data breaches through Web application vulnerabilities have become particularly rampant. Point solutions -- for example, a Web Application Firewall that scans requests destined to the Web app -- can only stop a limited number of attack patterns, and do not provide any protection from a breach once a vulnerability is eventually exploited. We have developed a complementary approach to prevent breaches based on the idea that, if sensitive data is tracked closely enough, a breach can be prevented without worrying about the Web application vulnerability that led to the breach.
In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database records and files, and uses an OS-level module to track the flow of tagged data through the various components of a Web application) and describe how we integrated SilverLine with a popular open source e-Commerce Web application, OSCommerce.
COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.
PRESO': TBD