OWASP Washington VA
Welcome to the Washington VA chapter homepage. The chapter leader is Stan Wisseman
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
In May, Fortify Software provided a private viewing of the film “The New Face of CyberCrime,” by Academy Award-nominated Filmmaker Fredric Golding. This was a good film that generated some discussion afterward. A teaser for the video is avaialble at: http://www.fortify.com/security-resources/ If interested in arranging a full viewing, contact Brian Fox ([email protected])
Fortify's Rob Rachwald then gave a presentation entitled “Integrating Security Into the QA Group”.
Our next meeting will be on 8 May from 6-9pm at the Booz Allen Herndon facility.
- Attend a private viewing of the film, “The New Face of CyberCrime,” by Academy Award-nominated Filmmaker Fredric Golding. This revealing documentary features candid interviews with criminal hackers and those industry executives taking steps against their persistent attacks. The film is 20 minutes in length and we will follow up with discussion.
- “Integrating Security Into the QA Group”, Robert Rachwald, Director of Product Management, Fortify Software.
Abstract: Until recently, Web Application Testing was left to security teams and ethical hackers who used advanced tools, such as Web application scanners, to analyze running Web applications. However, security groups are becoming overburdened by product releases, and many organizations are attempting to move security testing earlier in the development cycle. The QA group is a natural candidate, since it generally has the infrastructure in place to test applications for quality issues. However, for many organizations, integrating security into the QA group has been incredibly difficult. The process of running a security test is a learned skill, and not something one can teach a QA tester in a matter of days. On top of that, most security testing tools were designed for penetration testers (since they require an in-depth knowledge of application security theory) and are not generally usable by QA professionals. As a result, very few QA groups have successfully adopted security testing.
Rob is a 10-year veteran of the high tech industry. Rob started his tech career at Intel, where he worked on automating their complex supply chain. Rob managed U.S. product marketing for Commerce One and managed their marketing efforts in Asia Pacific. Rob, then, managed marketing for Coverity and joined Fortify as the Director of Product Marketing focusing on security and financial services.
Pizza is being provided by Fortify this month. If you need/want to provide a contribution, you can. If you plan on attending, RSVP so I can get you badge processing started.
To Booz Allen's One Dulles facility:
13200 Woodland Park Road Herndon, VA 20171
From Tyson's Corner:
1. Take LEESBURG PIKE / VA-7 WEST 2. Merge onto VA-267 WEST / DULLES TOLL ROAD (Portions Toll) 3. Take the VA-657 Exit (Exit Number 10 towards Herndon / Chantilly) 4. Take the ramp toward CHANTILLY 5. Turn Left onto CENTERVILLE ROAD (at end of ramp) 6. Turn Left onto WOODLAND PARK ROAD (less than 1⁄2 mile) 7. End at 13200 WOODLAND PARK ROAD