Atlanta Georgia

Latest News
--VerSprite 22:13, 19 June 2009 (UTC)Thanks to all those who attended our June 3rd meeting. From the various feedback received, it was truly a workshop that everyone can apply and use in their own educational and professional circles. I am busy lining up our next series of events which will most likely take place towards the end of July. I had a chance to speak to the COO of Secure64 at a conference in Denver and am luring him to speak on DNSSEC. He has worked closely with Dan Kaminsky in 2008 on a multitude of DNS flaws and most notably the serious DNS vulnerability revealed in summer of '08. Until our next meeting, spread the word on OWASP and get involved. Get online on our own IRC channel (#owasp-atlanta on EfNet) and stay in touch with leaders and other members for a free for all discussion on mostly security related topics, but OT topics have been known to be introduced. Last, if you have a job and your employer is looking to be a financial contributor to an organization that can benefit the greater Atlanta security community as well as their own security efforts, please let us know.

Put your money where your time is. Support your local chapter with a formal membership to a great non-profit organization aimed to elevate web application security. To contribute to OWASP-Atlanta, go here: Atlanta Georgia

Call for Case Studies
As many of you know, we are steering OWASP-Atlanta to crank out some meaningful case studies with metrics. As part of the planning that goes into this, we have spoken to a few organizations that have expressed interest in gaining our expertise on an array of security topics that revolve around web application security. On our part, we need to formalize our A-Team in order to see who would be available for which types of case-study genres. If you are interested in partaking on this team, please let me know. You can reach me at tonyuv [at] versprite [dot] com. --VerSprite 19:24, 6 April 2009 (UTC)

Staying in Touch
New IRC channel on EFnet called #owasp-atlanta Join us, everyday, all-day in our IRC channel for questions, answers, and discussions.

New OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm

Register for the OWASP Atlanta Mailing List by signing up here: http://lists.owasp.org/mailman/listinfo/owasp-atlanta

OWASP Atlanta Supporters
Thanks to the following list of official sponsors and supportive organizations for their financial contributions and resource support.   Georgia Tech Information Security Center:  Fortify: 

2009 OWASP Atlanta Member Survey
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2009. More detailed results will be provided and discussed briefly during our first meeting, April 2nd, 2009.

Future Meetings
OWASP LIVE CD Workshop

WHEN: Wednesday - June 3rd 2009, 6:30pm - 8:30pm

WHERE: SecureWorks, Einstein; Aristotle Conference Rooms, One Concourse Parkway, 5th Floor Atlanta, GA 30328

WHO: ALL are welcomed;

FORMAT: Workshop presented by Dean Saxe

WHAT: Hands on workshop on how to best leverage the OWASP Live CD. Key areas to be covered includes the WebGoat, WebScarab, and CAL9000. '''Please download and burn a copy of the OWASP LiveCD ISO from http://mtesauro.com/livecd/index.php?title=Main_Page#Downloads prior to the meeting if you intend to run this directly on your hardware. Alternatively, you may download VMWare Player (or any other version of VMWare) and run the ISO within VMWare under Windows, MacOS, etc. In this case please have VMWare installed and the ISO on your hard disk prior to the presentation.'''

COST: No costs, but all donations will be accepted as it helps pay for meeting related materials and provisions. In this workshop, we ask that you go to the OWASP Projects page and download the OWASP Live CD as a virtual machine or as an ISO to burn as a CD.

ABSTRACT: In this presentation, Dean will introduce the OWASP LiveCD and many of the OWASP supported tools on the CD, including WebScarab, WebGoat and CAL9000. Using a combination of lecture, live demos and hands-on labs, we'll examine the WebGoat application by exploiting flaws in authorization, data validation, AJAX and session handling. The demos and labs will utilize a combination of OWASP provided tools in addition to community provided tools available on the LiveCD. Attendees will learn how to mitigate some vulnerabilities through live coding demonstrations using the WebGoat development platform followed by a discussion of alterative code-based solutions using OWASP provided libraries such as ESAPI. Finally, the presentation will end with an open-ended discussion of OWASP, web application security and other topics as requested by the audience.

Past Meetings
Atlanta_Member_Meeting_06.03.09

Atlanta_Member_Meeting_04.25.09

Atlanta_Member_Meeting_04.02.09

Atlanta_ISACA_OWASP_Meeting_03.27.09

Atlanta_Leadership_Meeting_03.05.09

Atlanta Leadership Meeting 02.26.09

Atlanta OWASP May 2007 Meeting

Atlanta OWASP December 06 Social

Atlanta OWASP April Meeting

Chapter Meeting March 29th 2006

October 26th Meeting

April 27th, Chapter meeting a SUCCESS!

March 30th, 2005

February Meeting

June 2005

Atlanta Georgia OWASP Chapter Leaders
 Tony UcedaVelez - Chapter Lead Charles Burke - Chapter Lead Dean Saxe - Chapter Lead Matt McKeen - Chapter Lead