Difference between revisions of "Atlanta Georgia"

From OWASP
Jump to: navigation, search
Line 78: Line 78:
 
== '''Future Meetings'''  ==
 
== '''Future Meetings'''  ==
  
===February 2012 Meeting===
+
===March 2012 Meeting===
'''WHAT::''' 'Scanning Web2.0 – web applications aren’t web sites anymore'
+
'''WHAT::''' 'Trustwave 2012 Global Security Report'
  
'''WHEN::''' February 16, 2012. 6-8pm
+
'''WHEN::''' March 22, 2012. 6-8pm
  
'''WHERE::'''  3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro)
+
'''WHERE::'''  TBD
 +
 
 +
<!-- 3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro) -->
 +
 
 +
'''WHO::''' Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave
 +
 
 +
Charles Henderson began his career in computer security in 1993, specializing in penetration testing as well as security and vulnerability research. As Director of Application Security Services at SpiderLabs, he leads the team responsible for Application Penetration Testing, Code Review, Secure Development Training, and other elite application security consulting services. Prior to joining SpiderLabs, Henderson ran his own boutique application security testing firm. Henderson's firm provided offensive security services to a wide variety of clients in the United States and Europe. Henderson speaks frequently at major industry events and conferences, including BlackHat, DEF CON, AppSec US, AppSec EU, SOURCE, and the International Association of Financial Crime Investigators convention.
 +
 
 +
 
 +
'''ABSTRACT::'''
 +
In today’s cyber world, it’s no longer a matter of “if” a data breach will occur, but “when.” Organizations around the world, from the local corner store to the global enterprise, all need to understand current data security risks in order to mitigate them.
 +
 
 +
The Trustwave 2012 Global Security Report identifies the top threats encountered by businesses over the past year. Based on an analysis of Trustwave data sources, including more than 300 incident investigations, 2,000 penetration tests conducted by Trustwave SpiderLabs, and 2 million network and application vulnerability scans, the report provides a roadmap for any organization that needs to improve and update their information security strategy.
  
'''WHO::''' Kirill Mendelev is a researcher and an architect at HP Enterprise Security Products (specifically ex-SPI Dynamics part of it). He has been with HP for 7 years now, focusing on Web technologies for load-testing (LoadRunner) and security testing (WebInspect) purposes. I’ve lead research projects aiming to remedy threat of evolving Web technologies to both products.
+
The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on future targets based on analysis and perceived trends. By learning from others’ data vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce data threats and loss.
  
'''ABSTRACT::''' Kirill is going to speak about problems we encountered while scanning modern web applications, and how we’re planning to solve them.
 
  
 
'''RSVP:  All RSVP is done now via our meetup.com site.  Visit and register at www.meetup.com/owasp-atlanta.'''
 
'''RSVP:  All RSVP is done now via our meetup.com site.  Visit and register at www.meetup.com/owasp-atlanta.'''
  
 
'''''COST''''': Free to all.  Bring a Friend. However, please look to join our chapter.  Only $50.  No pressure, but greatly appreciate. Non-profit and good cause.
 
'''''COST''''': Free to all.  Bring a Friend. However, please look to join our chapter.  Only $50.  No pressure, but greatly appreciate. Non-profit and good cause.
 +
  
  
Line 117: Line 129:
  
 
= Meeting Archive =
 
= Meeting Archive =
 +
 +
[http://www.meetup.com/OWASP-Atlanta/events/45830712/ February 2012 - Scanning Web2.0 – web applications aren’t web sites anymore (Kiril Mendelev, HP)]
  
 
[http://www.meetup.com/OWASP-Atlanta/events/45830712/ January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)]
 
[http://www.meetup.com/OWASP-Atlanta/events/45830712/ January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)]

Revision as of 18:22, 27 February 2012

OwaspAtl.png


Contents

OWASP Atlanta

Welcome to the Atlanta chapter homepage. The chapter leader is Tony UcedaVelez
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Join OWASP ATL via our Meetup Group

From Jan 2012, we have moved to a Meetup group. MeetUp.com will replace the traditional subscriber email list eventually (referenced above in the top of this page). It allows us to better communicate with members, RSVP for events, and announce meetings - all in one place. Click on the following link to visit our meetup page and signup.

logo_82.png

Atlanta Georgia OWASP Chapter Leaders


Becoming a Member or Sponsor

On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.



Thank You to Our 2012 Supporters

We're looking for sponsors in 2012. Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2012.

    Whitehat.jpg Dellswrx.jpg Versprite.jpg Wipro.jpg Trustwave.jpg



2011 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. Owasp surv2011.jpg



Chapter Meetings

Future Meetings

March 2012 Meeting

WHAT:: 'Trustwave 2012 Global Security Report'

WHEN:: March 22, 2012. 6-8pm

WHERE:: TBD


WHO:: Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave

Charles Henderson began his career in computer security in 1993, specializing in penetration testing as well as security and vulnerability research. As Director of Application Security Services at SpiderLabs, he leads the team responsible for Application Penetration Testing, Code Review, Secure Development Training, and other elite application security consulting services. Prior to joining SpiderLabs, Henderson ran his own boutique application security testing firm. Henderson's firm provided offensive security services to a wide variety of clients in the United States and Europe. Henderson speaks frequently at major industry events and conferences, including BlackHat, DEF CON, AppSec US, AppSec EU, SOURCE, and the International Association of Financial Crime Investigators convention.


ABSTRACT:: In today’s cyber world, it’s no longer a matter of “if” a data breach will occur, but “when.” Organizations around the world, from the local corner store to the global enterprise, all need to understand current data security risks in order to mitigate them.

The Trustwave 2012 Global Security Report identifies the top threats encountered by businesses over the past year. Based on an analysis of Trustwave data sources, including more than 300 incident investigations, 2,000 penetration tests conducted by Trustwave SpiderLabs, and 2 million network and application vulnerability scans, the report provides a roadmap for any organization that needs to improve and update their information security strategy.

The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on future targets based on analysis and perceived trends. By learning from others’ data vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce data threats and loss.


RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.


April 2012 Meeting

WHAT:: Mobile Security Talk

WHEN:: April 20, 2012. 6-8pm

WHERE:: TBD

WHO:: Jack Mannino, nVisium Security

ABSTRACT:: TBD

RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.





Meeting Archive

February 2012 - Scanning Web2.0 – web applications aren’t web sites anymore (Kiril Mendelev, HP)

January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)

Old meeting pages (before 2012)

December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc)

November 2011 - HowTo Talk on Assessing Mobile Apps

October 2011 - Fuzzin' w/ JBroFuzz (Tony UV)

August 2011 - Mobile Security for the Enterprise (Billy Graham)

May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize)

Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting)

Mar 2011 - Online Privacy (Samy Kamkar)

Feb 2011 - Separated by a Common Language (Business-Geek Communication)

Jan 2011 - OWASP Tool Medley (Tony UV

Dec 2010 - December Social Event

Oct 2010 - Rapid Development of Web Security Tools using SpiderSense

Sep 2010 - Search Engine Hacking

Aug 2010 - OWASP Guided Tour & Using the O2 Platform

Jun 2010 - Security Six Flags Outing

May 2010 - Clubbing WebApps with Botnets

Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps

Feb 2010 - Embedded Malicious JavaScript

Feb 2010 - DNS Security

Jan 2010 - Owasp Top 10 (Tony UV)

Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)

Sept 2009 - Securing WebServices (Tony UV)

Aug 2009 - ISSA Event

June 2009 - OWASP LIVE CD Workshop

Apr 2009 - Filter Evasion Techniques (Workshop)

Apr 2009 - Chapter Rebirth meeting

Atlanta ISACA OWASP Meeting 03.27.09

Atlanta Leadership Meeting 03.05.09

Atlanta Leadership Meeting 02.26.09

Atlanta OWASP May 2007 Meeting

Atlanta OWASP December 06 Social

Atlanta OWASP April Meeting

Chapter Meeting March 29th 2006

October 26th Meeting

April 27th, Chapter meeting a SUCCESS!

March 30th, 2005

February Meeting

June 2005