This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Atlanta Georgia

From OWASP

Revision as of 22:27, 18 November 2009 by Versprite (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

OWASP Atlanta

Welcome to the Atlanta chapter homepage. The chapter leaders are: Tony UcedaVelez and Charles Burke,

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?

Local News

2009 is coming to a close and we're looking to regroup after taking November off due to the Washington DC OWASP AppSec event.

Stay tuned for meeting announcements for December as we plan to end with a workshop event to get our hands dirty.

I also wanted to invite anyone who wants to partake in the Atlanta Chapter officially, to please contact me (tonyuv [at] owasp.org) in order that we can get your time and efforts for 2010. This year has had some good revival signs, but we have a long way to go and need some key members who are committed to making the most of their city chapter. More info on this during our next meeting.

Last, put your money where your time is. Support your local chapter with a formal membership to a great non-profit organization aimed to elevate web application security. Please note that other chapters have the luxury to charge their members for attending some of their meetings. We hope that you find historical and future meetings to be of value and show support via a member based contribution. To contribute to OWASP-Atlanta, go here: <paypal>Atlanta Georgia</paypal>

Latest News

--VerSprite 18:42, 20 August 2009 (UTC) Thanks to all those who attended our last meeting at GA Tech on October 13th, 2009 with Jeremiah Grossman. If you missed it, check out the Past Meetings section in order to get a copy of the slides from the presentation.

More info on our December meeting to follow...

Staying in Touch

New IRC channel on EFnet called #owasp-atlanta Join us, everyday, all-day in our IRC channel for questions, answers, and discussions.

New OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm

OWASP Atlanta Supporters

Thanks to the following list of official sponsors and supportive organizations for their financial contributions and resource support.

Georgia Tech Information Security Center:
Fortify:

2009 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2009. More detailed results will be provided and discussed briefly during our first meeting, April 2nd, 2009.

Chapter Meetings

Future Meetings

WHAT:: Security Religions & Risk Windows

WHERE:: TSRB auditorium : Web : Directions : Google-Maps

WHEN:: October 13, 2009 6-8pm

WHO:: Jeremiah Grossman, CTO WhiteHat Security

ABSTRACT:: Information security threats are way up, fraud losses continue to rise, regulatory fines are increasingly common, and budget dollars to solve these myriad problems are in short supply. Hampered by a sluggish economy, organizations simply cannot afford to hire all the talent they need, implement every best-practice, or buy every blinking-light widget on the market. Sacrifices are unavoidable, and still risk must be managed. Each organization must decide for itself the level of risk it is willing to accept.

There is a difference between what is possible and what is probable, something we often lose sight of in the world of information security. For example, a vulnerability represents a possible way for an attacker to exploit an asset, but remember not all vulnerabilities are created equal. Obviously, we must also keep in mind that a vulnerability's mere existence does not necessarily mean it will be exploited, or indicate by whom or to what extent. Some vulnerabilities are more difficult to exploit than others and therefore attract different attackers. Autonomous worms & viruses may attack one type of issue, while a sentient targeted attacker may prefer another path. Better understanding of these factors enables us to make informed business decisions about website risk management and what is probable.

In this presentation, Jeremiah Grossman will discuss the two prevailing but opposing security religions - Depth Religion and Breadth Religion. Jeremiah will then review the common misconceptions associated with each religion as it pertains to website security.

RSVP:: http://tr.im/owasp_meeting

COST: No costs, but all donations will be accepted as it helps pay for meeting related materials and provisions. Best way to support the chapter is to become a member.