This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 13:50, 23 October 2009 by Aaron.weaver2 (talk | contribs) (Next Meeting: October 27th, 2009 6:00pm - 9:00pm)

Jump to: navigation, search

OWASP Philadelphia

Welcome to the Philadelphia chapter homepage. The chapter leaders are Aaron Weaver and Darian Patrick <paypal>Philadelphia</paypal>


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Next Meeting: October 27th, 2009 6:00pm - 9:00pm

OWASP Philly Meeting - Comcast - Philadelphia

Come join us on Tuesday as we discuss web application security. Food will be provided by Comcast.

Sponsor: Comcastlogo.gif

When: October 27th, 2009 6:00pm - 9:00pm Where: Floor (TBD), Comcast, 1701 John F Kennedy Blvd Philadelphia, PA 08054

1.) OWASP Meeting Opening Remarks: Bruce A. Kaalund Director, Product Security
2.) Development Issues Within AJAX Applications: How to Divert Threats: Tom Tucker, Cenzic
3.) Agile Software Development Principles and Practices : Ravindar Gujral, Agile Philadelphia
4.) Testing Adobe Flex/SWF's, focusing on flash remoting (AMF): Aaron Weaver, Pearson eCollege

Please RSVP by Thursday, Oct 22nd Rsvphere.jpg
All attendees must RSVP prior to the event. Comcast Security will not allow anyone access to the facility if they are not on the attendee list.

Directions to Comcast

Questions should be directed to Brian Peister

Development Issues Within AJAX Applications: How to Divert Threats

Speaker: Tom Tucker

Bio: Tom Tucker has over 25 years of experience within the enterprise hardware, software, network, and security market. As a Senior Systems Engineer at Cenzic, Tom works directly with customers to protect their Web applications from hacker attacks. Previously Tom's worked with Tier 1 and Tier 2 Network Service Providers such as BBN, GTE, AT&T, iPass, New Edge Networks and MegaPath Networks, designing firewall, VPN, WAN, LAN and Hosting solutions. Tom was also the Director of Intranet Engineering for Associates Information Services (now a part of Citigroup) implementing secure Internet technology solutions for both internal and external application delivery.

Previous Meeting: Wednesday June 24th 2009, 6:30 PM - 8:00 PM

OWASP Philly Meeting - AccessIT Group - King of Prussia

Come join us on Wednesday as we discuss web application security. Pizza will be provided by AccessIT Group.

Sponsors: Logo accessitgroup.gifSanslogo vertical.jpg

1.) OWASP Introduction
2.) How to Analyze Malicious Flash Programs - Lenny Zeltser
3.) OWASP .NET, OWASP Report Generator,OWASP Cryttr/Encrypted Syndication - Mark Roxberry

Please RSVP Rsvphere.jpg


2000 Valley Forge Circle
Suite 106
King of Prussia, PA 19406

AccessIT Group is located in the 2000 Building (middle building) of the Valley Forge Towers. The offices are located on the bottom floor of the building. Parking is available in the front or rear of the building.

How to Analyze Malicious Flash Programs

by Lenny Zeltser (

About the talk: Attackers increasingly use malicious Flash programs, often in the form of banner ads, as initial infection vectors. Obfuscation techniques and multiple Flash virtual machines complicate this task of analyzing such threats. Come to learn insights, tools and techniques for reverse-engineering this category of browser malware.

Bio: Lenny Zeltser leads the security consulting practice at Savvis. He is also a board of directors member at SANS Technology Institute, a SANS faculty member, and an incident handler at the Internet Storm Center. Lenny frequently speaks on information security and related business topics at conferences and private events, writes articles, and has co-authored several books. Lenny is one of the few individuals in the world who've earned the highly-regarded GIAC Security Expert (GSE) designation. He also holds the CISSP certification. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania. You can stay in touch with him via

OWASP .NET, OWASP Report Generator, OWASP Cryttr / Encrypted Syndication

by Mark Roxberry

About the talk: Mark is looking to generate some interest in participating in OWASP projects. He will be speaking about projects that he is involved in and hoping to recruit folks who have time, energy and motivation to help out.

Bio: Mark Roxberry is a frequent contributor of research and code to OWASP. His credits include OWASP Testing Guide contributor and reviewer, the OWASP .NET Project Lead, the OWASP Report Generator Lead and just recently the OWASP Encrypted Syndication Lead. He is a Senior Consultant at Database Solutions in King of Prussia. Mark has a B.S. in Russian Technical Translation from the Pennsylvania State University and has the CEH and CISSP certificates hanging in his bunker where he tries to figure out how to hack into Skynet when it comes online.

Previous Meetings

Next Meeting:
October 28th 2008, 6:30 PM - 8:00 PM
OWASP Philly Meeting - Protiviti - Two Libery Place Philadelphia

Come join us in Philadelphia as we discuss web application security.

1.) Web Application Security and PCI requirements (V 1.1 and 1.2)
2.) Clickjacking: What is it and should we be concerned about it?
3.) Summary of OWASP conference in New York.

Please RSVP to [email protected]

[Google Directions][1]

Two Libery Place 50 South 16th St
Suite 2900
Philadelphia, PA 19102 USA