This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Atlanta Georgia"

Jump to: navigation, search
Line 58: Line 58:
== '''Future Meetings'''  ==
== '''Future Meetings'''  ==
===December 2011 Meeting===
'''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'
'''WHEN::''' 15th of December 2011. 6-8pm
'''WHERE::'''  Cumberland Pkwy Tilted Kilt
'''WHO::''' Anirudh Ramachandran is a networks and systems security
researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a
nascent data security startup. He has 6 years of experience developing
solutions in areas such as data breach prevention, high speed traffic
monitoring, network-level spam filtering, and botnet identification.
He graduated with a PhD in Computer Science from Georgia Tech in 2011.
'''ABSTRACT::''' Data breaches through Web application vulnerabilities have become
particularly rampant. Point solutions -- for example, a Web
Application Firewall that scans requests destined to the Web app --
can only stop a limited number of attack patterns, and do not provide
any protection from a breach once a vulnerability is eventually
exploited. We have developed a complementary approach to prevent
breaches based on the idea that, if sensitive data is tracked closely
enough, a breach can be prevented without worrying about the Web
application vulnerability that led to the breach.
In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database
records and files, and uses an OS-level module to track the flow of
tagged data through the various components of a Web application) and
describe how we integrated SilverLine with a popular open source
e-Commerce Web application, OSCommerce.
'''''COST''''': Free to all.  Bring a Friend. However, please look to join our chapter.  Only $50.  No pressure, but greatly appreciate. Non-profit and good cause.
===January 2012 Meeting===
===January 2012 Meeting===
Line 138: Line 105:
== Past Meetings  ==
== Past Meetings  ==
[[Atlanta Member Meeting 12.15.11 | December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc) ]]
[[Atlanta Member Meeting 11.17.11 | November 2011 - HowTo Talk on Assessing Mobile Apps ]]
[[Atlanta Member Meeting 11.17.11 | November 2011 - HowTo Talk on Assessing Mobile Apps ]]

Revision as of 11:26, 28 December 2011


OWASP Atlanta

Welcome to the Atlanta chapter homepage. The chapter leader is Tony UcedaVelez


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

Latest News

So we have hit a bit of a lull over the past two months as you can probably tell. August meeting was really low attendance and September was a non-event since I largely have been out of town and so have a lot of the other co-leads. Nonetheless, get ready to resume meetings. Next one is Dec 15th at the Tilted Kilt @ Cumberland. Make a note and check out details in the Chapter Meetings page above.

FYI - We are trying to reach out to more developers, quality assurance engineers, and software architects so if you have colleagues in those areas, please invite them to come. For next meeting information, please visit the Chapter Meetings tab and RSVP in the link provided.

Staying in Touch

There is an OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter.

The Atlanta mailing list provides a low volume update to monthly events and also allows for members to post questions related to challenges in using and adopting OWASP related material/ tools. To join the Atlanta Mailing List, please sign up here:

Becoming a Member or Sponsor

On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.

Thank You to Our 2011 Supporters

Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2011.

    GTISC logo2.jpg Versprite.jpg Stachliu.jpg Whitehat.jpg
    Imperva.jpg Adp.jpg Iptrust.jpg Dellswrx.jpg Accuvant.jpg

2011 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. Owasp surv2011.jpg

Chapter Meetings

Future Meetings

January 2012 Meeting

WHAT:: 'Ninja Assessments: Stealth Security Testing for Organizations'

WHEN:: January 19, 2012. 6-8pm

WHERE:: Cumberland Pkwy Tilted Kilt

WHO:: Kevin Johnson is a security consultant with Secure Ideas. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time he contributes to a large number of open source security projects. Kevin's involvement in open-source projects is spread across a number of projects and efforts. He is the founder of many different projects and has worked on others. He founded BASE, which is a Web front-end for Snort analysis. He also founded and continues to lead the SamuraiWTF live DVD. This is a live environment focused on Web penetration testing. He also founded Yokoso and Laudanum, which are focused on exploit delivery. Kevin is a senior instructor for SANS and the author of Security 542: Web Application Penetration Testing and Ethical Hacking. He also presents at industry events, including DEFCON and ShmooCon, and for various organizations, like Infragard, ISACA, ISSA, and the University of Florida.

ABSTRACT:: Organizations today need to be able to easily integrate security testing within their existing processes. In this talk, Kevin Johnson of Secure Ideas will explore various techniques and tools to help organizations assess the security of the web applications. These techniques are designed to be implemented easily and with little impact on the work load of the staff.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

Google Calendar


Past Meetings

December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc)

November 2011 - HowTo Talk on Assessing Mobile Apps

October 2011 - Fuzzin' w/ JBroFuzz

August 2011 - Mobile Security for the Enterprise (Billy Graham)

May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize)

Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting)

Mar 2011 - Online Privacy (Samy Kamkar)

Feb 2011 - Separated by a Common Language (Business-Geek Communication)

Jan 2011 - OWASP Tool Medley

Dec 2010 - December Social Event

Oct 2010 - Rapid Development of Web Security Tools using SpiderSense

Sep 2010 - Search Engine Hacking

Aug 2010 - OWASP Guided Tour & Using the O2 Platform

Jun 2010 - Security Six Flags Outing

May 2010 - Clubbing WebApps with Botnets

Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps

Feb 2010 - Embedded Malicious JavaScript

Feb 2010 - DNS Security

Jan 2010 - Owasp Top 10

Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)

Sept 2009 - Securing WebServices

Aug 2009 - ISSA Event

June 2009 - OWASP LIVE CD Workshop

Apr 2009 - Filter Evasion Techniques (Workshop)

Apr 2009 - Chapter Rebirth meeting

Atlanta ISACA OWASP Meeting 03.27.09

Atlanta Leadership Meeting 03.05.09

Atlanta Leadership Meeting 02.26.09

Atlanta OWASP May 2007 Meeting

Atlanta OWASP December 06 Social

Atlanta OWASP April Meeting

Chapter Meeting March 29th 2006

October 26th Meeting

April 27th, Chapter meeting a SUCCESS!

March 30th, 2005

February Meeting

June 2005

Atlanta Georgia OWASP Chapter Leaders