This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Atlanta Georgia

From OWASP

Revision as of 18:19, 22 March 2010 by Shauvik (talk | contribs) (→‎March 2010 Meeting)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

OWASP Atlanta

Welcome to the Atlanta chapter homepage. Get to know your chapter leaders in the tab below.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

2009 was a great year aimed at re-generating some interest for the OWASP movement. We hope to build on this in 2010 and need some help in doing so. If you have some extra cycles and would like to submit a proposal for speaking or hosting a workshop, please don't hesitate to contact us (see Chapter Leads tab below). This year, we hope to see some new faces and would like to get the year started by talking about the new OWASP Top Ten and how to apply them within your application development, testing, or assessment efforts.

On behalf of the chapter, I would like to solicit your financial support of chapter via a tax deductible membership for a great non-profit organization which aims to elevate web application security. Please note that other chapters have the luxury to charge their members for attending some of their meetings. We hope that you find historical and future meetings to be of value and show support via a member based contribution. To contribute to OWASP-Atlanta, go here: <paypal>Atlanta Georgia</paypal>

Latest News

Our next meeting is on March 24th, 2010 which will be a panel on Static & Dynamic Analysis for Web Applications. Panel members include Cris Eng (Veracode), Jeremiah Grossman (WhiteHat Security), Greg Wolford (Fortify) and Matt Wood (HP Web Security). Please check the Chapter Meetings tab for more information.

Staying in Touch

New OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm

OWASP Atlanta Supporters

Thanks to the following list of official sponsors and supportive organizations for their financial contributions and resource support.

Georgia Tech Information Security Center:
Fortify:

2009 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2009. More detailed results will be provided and discussed briefly during our first meeting, April 2nd, 2009.

Chapter Meetings

Future Meetings

March 2010 Meeting

WHAT:: Static & Dynamic Analysis for Web Applications (Panel Discussion)

WHEN:: March 24, 2010 6-8pm

WHERE:: Room 1116-E , Klaus Advanced Computing Building, Georgia Tech :: Web :: Google Maps ::

Parking spots: Parking Map - Physics building (Area 4)
Campus Bus: Tech trolley runs between Midtown Marta and the venue

WHO:: Moderator: Tony UV (Chapter Lead). Panel members include Cris Eng (Veracode), Jeremiah Grossman (WhiteHat Security), Russell Spitler (Fortify), Greg Wolford (Fortify) and Matt Wood (HP Web Security)

ABSTRACT:: This meeting format will be in the form of a panel discussion that we hope all of you can not only attend but participate as well. Our chapter lead Tony UV be moderating the event and in preparation for doing so, we would like to get some good group think going around the topics to be discussed. Specifically, the focus of the topic is a comprehensive look at both static and dynamic analysis of web applications, which will encompass current trends, lessons learned from the trenches, myths and misconceptions, success stories, and more from our panel of experts.

In preparation for this meeting we ask that ALL members supply any questions that you would like the panel of experts to answer. We’ll provide responses of this Q&A online after the event.

BIOs::

Chris Eng, Senior Director of Research at Veracode, is responsible for integrating security expertise into Veracode’s technology and helping to define and prioritize the security feature set of Veracode’s service offerings. His professional experience includes stints at Symantec, @stake, and the US Department of Defense, where he specialized in security assessments and offensive research. Chris has presented at security conferences such as the Black Hat Briefings and OWASP AppSec and has been quoted as a subject matter expert in various industry publications. Chris, along with experts from more than 30 US and international cyber security organizations, helped develop the CWE/SANS Top 25 Most Dangerous Programming Errors.

Jeremiah Grossman founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the BlackHat Briefings, ISACA's Networks Security Conference, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Mr. Grossman is also a featured expert and frequent contributor on TechTarget's SearchAppSecurity.com. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!

Russell Spitler started his career in software security at Colby College. For his honors thesis he developed a static analysis engine embedded in the eclipse IDE. Shortly after his graduation he started at Fortify Software. At Fortify he initially continued his work with Integrated Development Environments, developing security specific plug-ins for Eclipse and Visual Studio. In addition, he developed an IDE specifically crafted for the security professional: Fortify's Audit Workbench. Russell then acted as lead designer and architect of Fortify's central software security management platform: 360 Server. His experience developing security solutions for all aspects of security programs uniquely positioned him to design and implement the SSA Governance module, an element critical to the successful large scale management of Secure Development programs. Recently Russell has been acting as the Product Manager of the Fortify 360 Suite. During his tenure he has acted as advisor to more than 500 successful deployments of the software and is often a key reference in the design of software security initiatives. In his free time he enjoys skiing, riding motorcycles and drinking whiskey.

Greg Wolford is a seasoned expert in Agile methodologies, .NET, Java, EAI, SOA, and other SDLC methodologies and is currently a Software Security Consultant at Fortify software.

Matt Wood is the lead security researcher in HP’s Web Security Research Group. Matt has led the development of both HP Scrawlr and HP SWFScan, which are free security tools designed to help organizations find SQL injection and Adobe Flash security vulnerabilities, respectively. Beyond making sweet free tools, he has also given numerous presentations at major security conferences including BlackHat and RSA. Matt currently is focusing his research on client-side static analysis and using AI to help security practitioners audit complex Ajax/RIA applications.

RSVP:: http://tr.im/owasp_meeting

COST: No costs, but all donations will be accepted as it helps pay for meeting related materials and provisions. Best way to support the chapter is to become a member.