This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Atlanta Georgia

From OWASP

Revision as of 05:10, 9 November 2011 by Shauvik (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

1 OWASP Atlanta
2 Participation
3 Sponsorship/Membership
- 3.1 Local News
4 Latest News
5 Staying in Touch
6 Becoming a Member or Sponsor
7 Thank You to Our Supporters
8 2011 OWASP Atlanta Member Survey
- 8.1 Chapter Meetings
9 Future Meetings
- 9.1 November 2011 Meeting
- 9.2 December 2011 Meeting
10 "Past Meetings"
- 10.1 Atlanta Georgia OWASP Chapter Leaders

OWASP Atlanta

Welcome to the Atlanta chapter homepage. The chapter leader is Tony UcedaVelez

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

Latest News

So we have hit a bit of a lull over the past two months as you can probably tell. August meeting was really low attendance and September was a non-event since I largely have been out of town and so have a lot of the other co-leads. Nonetheless, get ready to resume meetings. Next one is Oct 27th at the Tilted Kilt @ Cumberland. Make a note and check out details in the Chapter Meetings page above.

FYI - We are trying to reach out to more developers, quality assurance engineers, and software architects so if you have colleagues in those areas, please invite them to come. For next meeting information, please visit the Chapter Meetings tab and RSVP in the link provided.

Staying in Touch

There is an OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm

The Atlanta mailing list provides a low volume update to monthly events and also allows for members to post questions related to challenges in using and adopting OWASP related material/ tools. To join the Atlanta Mailing List, please sign up here: http://lists.owasp.org/mailman/listinfo/owasp-Atlanta

Becoming a Member or Sponsor

On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

Thank You to Our Supporters

Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2011.

2011 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011.

Chapter Meetings

Future Meetings

November 2011 Meeting

WHAT:: November Chapter Meeting - 'HowTo Talk on Assessing Mobile Apps'

WHEN:: 17th of November 2011. 6-8pm

WHERE:: Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

WHO:: Jeremy Allen is the Chief Technology Officer with the Intrepidus Group. Jeremy is a regular speaker at popular security conferences such as BlackHat, SOURCE and OWASP AppSec. He is currently the lead on the development of the SANS “Secure Mobile Application Development: iOS App Security” course. He has conducted numerous application assessments against iOS applications.

ABSTRACT:: This talk will focus on mobile application assessment techniques. The assessment techniques will focus on how to test applications for the OWASP Mobile Top 10 issues. Mitigation techniques for both Android and iOS will be discussed. Mallory, Intrepidus Group’s Man in The Middle tool designed to test mobile devices and applications, will be demonstrated throughout the presentation. Additionally, usage of other open source tools will be demonstrated. Both iOS and Android will be discussed.

COST: Free to all. Bring a Friend.

December 2011 Meeting

WHAT:: December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'

WHEN:: 15th of December 2011. 6-8pm

WHERE:: Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

WHO:: Anirudh Ramachandran is a networks and systems security researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a nascent data security startup. He has 6 years of experience developing solutions in areas such as data breach prevention, high speed traffic monitoring, network-level spam filtering, and botnet identification. He graduated with a PhD in Computer Science from Georgia Tech in 2011. http://www.cc.gatech.edu/~avr

ABSTRACT:: Data breaches through Web application vulnerabilities have become particularly rampant. Point solutions -- for example, a Web Application Firewall that scans requests destined to the Web app -- can only stop a limited number of attack patterns, and do not provide any protection from a breach once a vulnerability is eventually exploited. We have developed a complementary approach to prevent breaches based on the idea that, if sensitive data is tracked closely enough, a breach can be prevented without worrying about the Web application vulnerability that led to the breach.

In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database records and files, and uses an OS-level module to track the flow of tagged data through the various components of a Web application) and describe how we integrated SilverLine with a popular open source e-Commerce Web application, OSCommerce.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.