Atlanta Georgia

Join OWASP ATL via our Meetup Group
From Jan 2012, we have moved to a Meetup group. MeetUp.com will replace the traditional subscriber email list eventually (referenced above in the top of this page). It allows us to better communicate with members, RSVP for events, and announce meetings - all in one place. Click on the following link to visit our meetup page and signup.

http://img.meetup.com/img/logo_82.png

Atlanta Georgia OWASP Chapter Leaders
 Tony UcedaVelez - Chapter Leader  Steven Schwartz - Chapter Lead Shauvik Choudhary - Chapter Lead Jon Bango - Chapter Lead Russell Eubanks - Chapter Lead 

Becoming a Member or Sponsor
On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

Thank You to Our 2012 Supporters
We're looking for sponsors in 2012. Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2012.  

2011 OWASP Atlanta Member Survey
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011.

March 2012 Meeting
WHAT:: 'Trustwave 2012 Global Security Report'

WHEN:: March 22, 2012. 6-8pm

WHERE:: 3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro)

WHO:: Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave

Charles Henderson began his career in computer security in 1993, specializing in penetration testing as well as security and vulnerability research. As Director of Application Security Services at SpiderLabs, he leads the team responsible for Application Penetration Testing, Code Review, Secure Development Training, and other elite application security consulting services. Prior to joining SpiderLabs, Henderson ran his own boutique application security testing firm. Henderson's firm provided offensive security services to a wide variety of clients in the United States and Europe. Henderson speaks frequently at major industry events and conferences, including BlackHat, DEF CON, AppSec US, AppSec EU, SOURCE, and the International Association of Financial Crime Investigators convention.

ABSTRACT:: In today’s cyber world, it’s no longer a matter of “if” a data breach will occur, but “when.” Organizations around the world, from the local corner store to the global enterprise, all need to understand current data security risks in order to mitigate them.

The Trustwave 2012 Global Security Report identifies the top threats encountered by businesses over the past year. Based on an analysis of Trustwave data sources, including more than 300 incident investigations, 2,000 penetration tests conducted by Trustwave SpiderLabs, and 2 million network and application vulnerability scans, the report provides a roadmap for any organization that needs to improve and update their information security strategy.

The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on future targets based on analysis and perceived trends. By learning from others’ data vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce data threats and loss.

'''RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.'''

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

April 2012 Meeting
WHAT:: Practical Android Security

WHEN:: April 20, 2012. 6-8pm

WHERE:: TBD

WHO:: Jack Mannino, nVisium Security

ABSTRACT::

Building secure Android applications can be achieved with a mix of common sense, leveraging platform security features, and following secure development best practices. This presentation will focus on security "quick wins" during development and will cover techniques that can reduce the overall attack surface within Android applications.

The OWASP GoatDroid and OWASP MobiSec tools will be used throughout the presentation to demonstrate issues encountered in the real world. We will cover the attack surface for Android and highlight the most prevalent security flaws found within production applications.

BIO::

Jack Mannino is the CEO of nVisium Security, an application security firm located within the Washington DC area. At nVisium, he helps to ensure that large corporations, government agencies, and software startups have the tools they need to build and maintain successful application security initiatives. He is an active Android security researcher, and has a keen interest in identifying security issues and trends on a large scale. Jack is the co-leader and founder of the OWASP Mobile Security Project. He also serves as a board member on the OWASP Northern Virginia chapter. Jack is also the lead developer for the OWASP GoatDroid Project, which is a collection of vulnerable Android applications used for training and education.

'''RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.'''

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

= Meeting Archive =

February 2012 - Scanning Web2.0 – web applications aren’t web sites anymore (Kiril Mendelev, HP)

January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)

Old meeting pages (before 2012)
December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc)

November 2011 - HowTo Talk on Assessing Mobile Apps

October 2011 - Fuzzin' w/ JBroFuzz (Tony UV)

August 2011 - Mobile Security for the Enterprise (Billy Graham)

May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize)

Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting)

Mar 2011 - Online Privacy (Samy Kamkar)

Feb 2011 - Separated by a Common Language (Business-Geek Communication)

Jan 2011 - OWASP Tool Medley (Tony UV

Dec 2010 - December Social Event

Oct 2010 - Rapid Development of Web Security Tools using SpiderSense

Sep 2010 - Search Engine Hacking

Aug 2010 - OWASP Guided Tour & Using the O2 Platform

Jun 2010 - Security Six Flags Outing

May 2010 - Clubbing WebApps with Botnets

Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps

Feb 2010 - Embedded Malicious JavaScript

Feb 2010 - DNS Security

Jan 2010 - Owasp Top 10 (Tony UV)

Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)

Sept 2009 - Securing WebServices (Tony UV)

Aug 2009 - ISSA Event

June 2009 - OWASP LIVE CD Workshop

Apr 2009 - Filter Evasion Techniques (Workshop)

Apr 2009 - Chapter Rebirth meeting

Atlanta ISACA OWASP Meeting 03.27.09

Atlanta Leadership Meeting 03.05.09

Atlanta Leadership Meeting 02.26.09

Atlanta OWASP May 2007 Meeting

Atlanta OWASP December 06 Social

Atlanta OWASP April Meeting

Chapter Meeting March 29th 2006

October 26th Meeting

April 27th, Chapter meeting a SUCCESS!

March 30th, 2005

February Meeting

June 2005