Difference between revisions of "Atlanta Georgia"

From OWASP
Jump to: navigation, search
Line 83: Line 83:
 
'''WHEN::''' March 22, 2012. 6-8pm
 
'''WHEN::''' March 22, 2012. 6-8pm
  
'''WHERE::'''  TBD
+
'''WHERE::'''  3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro)
 
+
<!-- 3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro) -->
+
  
 
'''WHO::''' Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave
 
'''WHO::''' Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave
Line 107: Line 105:
  
 
===April 2012 Meeting===
 
===April 2012 Meeting===
'''WHAT::''' Mobile Security Talk
+
'''WHAT::''' Practical Android Security
  
 
'''WHEN::''' April 20, 2012. 6-8pm
 
'''WHEN::''' April 20, 2012. 6-8pm
Line 115: Line 113:
 
'''WHO::''' Jack Mannino, nVisium Security  
 
'''WHO::''' Jack Mannino, nVisium Security  
  
'''ABSTRACT::''' TBD
+
'''ABSTRACT::'''  
 +
 
 +
Building secure Android applications can be achieved with a mix of common sense, leveraging platform security features, and following secure development best practices. This presentation will focus on security "quick wins" during development and will cover techniques that can reduce the overall attack surface within Android applications.
 +
 
 +
The OWASP GoatDroid and OWASP MobiSec tools will be used throughout the presentation to demonstrate issues encountered in the real world. We will cover the attack surface for Android and highlight the most prevalent security flaws found within production applications.
 +
 
 +
 
 +
'''BIO::'''
 +
 
 +
Jack Mannino is the CEO of nVisium Security, an application security firm located within the Washington DC area. At nVisium, he helps to ensure that large corporations, government agencies, and software startups have the tools they need to build and maintain successful application security initiatives. He is an active Android security researcher, and has a keen interest in identifying security issues and trends on a large scale. Jack is the co-leader and founder of the OWASP Mobile Security Project. He also serves as a board member on the OWASP Northern Virginia chapter. Jack is also the lead developer for the OWASP GoatDroid Project, which is a collection of vulnerable Android applications used for training and education.
 +
 
  
 
'''RSVP:  All RSVP is done now via our meetup.com site.  Visit and register at www.meetup.com/owasp-atlanta.'''
 
'''RSVP:  All RSVP is done now via our meetup.com site.  Visit and register at www.meetup.com/owasp-atlanta.'''

Revision as of 16:59, 12 March 2012

OwaspAtl.png


Contents

OWASP Atlanta

Welcome to the Atlanta chapter homepage. The chapter leader is Tony UcedaVelez
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Join OWASP ATL via our Meetup Group

From Jan 2012, we have moved to a Meetup group. MeetUp.com will replace the traditional subscriber email list eventually (referenced above in the top of this page). It allows us to better communicate with members, RSVP for events, and announce meetings - all in one place. Click on the following link to visit our meetup page and signup.

logo_82.png

Atlanta Georgia OWASP Chapter Leaders


Becoming a Member or Sponsor

On behalf of the entire organization, I would like to solicit your financial support of our chapter via a tax deductible membership for OWASP as a great non-profit organization which aims to elevate web application security. We hope that you find historical and future meetings to be of value and show support via a member based contribution.

To contribute to OWASP-Atlanta, sign up as an individual member, or support us as a corporate sponsor, please visit: http://www.owasp.org/index.php/Membership. If you are already a member, please don't forget to renew your membership!! The same link will serve both purposes.



Thank You to Our 2012 Supporters

We're looking for sponsors in 2012. Thanks to the following list of chapter level supporters for their financial contributions and/ or hosting our chapter meetings in 2012.

    Whitehat.jpg Dellswrx.jpg Versprite.jpg Wipro.jpg Trustwave.jpg



2011 OWASP Atlanta Member Survey

The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2011. Owasp surv2011.jpg



Chapter Meetings

Future Meetings

March 2012 Meeting

WHAT:: 'Trustwave 2012 Global Security Report'

WHEN:: March 22, 2012. 6-8pm

WHERE:: 3535 Piedmont Rd NE #1400, Atlanta, GA 30305 (Wipro)

WHO:: Charles Henderson, Director of Application Security Services of SpiderLabs at Trustwave

Charles Henderson began his career in computer security in 1993, specializing in penetration testing as well as security and vulnerability research. As Director of Application Security Services at SpiderLabs, he leads the team responsible for Application Penetration Testing, Code Review, Secure Development Training, and other elite application security consulting services. Prior to joining SpiderLabs, Henderson ran his own boutique application security testing firm. Henderson's firm provided offensive security services to a wide variety of clients in the United States and Europe. Henderson speaks frequently at major industry events and conferences, including BlackHat, DEF CON, AppSec US, AppSec EU, SOURCE, and the International Association of Financial Crime Investigators convention.


ABSTRACT:: In today’s cyber world, it’s no longer a matter of “if” a data breach will occur, but “when.” Organizations around the world, from the local corner store to the global enterprise, all need to understand current data security risks in order to mitigate them.

The Trustwave 2012 Global Security Report identifies the top threats encountered by businesses over the past year. Based on an analysis of Trustwave data sources, including more than 300 incident investigations, 2,000 penetration tests conducted by Trustwave SpiderLabs, and 2 million network and application vulnerability scans, the report provides a roadmap for any organization that needs to improve and update their information security strategy.

The Trustwave 2012 Global Security Report highlights top data security risk areas, offering predictions on future targets based on analysis and perceived trends. By learning from others’ data vulnerabilities, and applying tactical and strategic change outlined in this report, any organization will be better able to reduce data threats and loss.


RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.


April 2012 Meeting

WHAT:: Practical Android Security

WHEN:: April 20, 2012. 6-8pm

WHERE:: TBD

WHO:: Jack Mannino, nVisium Security

ABSTRACT::

Building secure Android applications can be achieved with a mix of common sense, leveraging platform security features, and following secure development best practices. This presentation will focus on security "quick wins" during development and will cover techniques that can reduce the overall attack surface within Android applications.

The OWASP GoatDroid and OWASP MobiSec tools will be used throughout the presentation to demonstrate issues encountered in the real world. We will cover the attack surface for Android and highlight the most prevalent security flaws found within production applications.


BIO::

Jack Mannino is the CEO of nVisium Security, an application security firm located within the Washington DC area. At nVisium, he helps to ensure that large corporations, government agencies, and software startups have the tools they need to build and maintain successful application security initiatives. He is an active Android security researcher, and has a keen interest in identifying security issues and trends on a large scale. Jack is the co-leader and founder of the OWASP Mobile Security Project. He also serves as a board member on the OWASP Northern Virginia chapter. Jack is also the lead developer for the OWASP GoatDroid Project, which is a collection of vulnerable Android applications used for training and education.


RSVP: All RSVP is done now via our meetup.com site. Visit and register at www.meetup.com/owasp-atlanta.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.





Meeting Archive

February 2012 - Scanning Web2.0 – web applications aren’t web sites anymore (Kiril Mendelev, HP)

January 2012 - Ninja Assessments: Stealth Security Testing for Organizations (Kevin Johnson, SamuraiWTF)

Old meeting pages (before 2012)

December 2011 - Preventing Data Breaches using Provenance-aware Firewalls (Anirudh Ramachandran, Nouvou Inc)

November 2011 - HowTo Talk on Assessing Mobile Apps

October 2011 - Fuzzin' w/ JBroFuzz (Tony UV)

August 2011 - Mobile Security for the Enterprise (Billy Graham)

May 2011 - Don't Teach Your Developers Security (Caleb Sima, Armorize)

Apr 2011 - Demystifying WAFs (members from Imperva, Accuvant, WhiteHat Security Presenting)

Mar 2011 - Online Privacy (Samy Kamkar)

Feb 2011 - Separated by a Common Language (Business-Geek Communication)

Jan 2011 - OWASP Tool Medley (Tony UV

Dec 2010 - December Social Event

Oct 2010 - Rapid Development of Web Security Tools using SpiderSense

Sep 2010 - Search Engine Hacking

Aug 2010 - OWASP Guided Tour & Using the O2 Platform

Jun 2010 - Security Six Flags Outing

May 2010 - Clubbing WebApps with Botnets

Mar 2010 - Panel on Static & Dynamic Analysis for Web Apps

Feb 2010 - Embedded Malicious JavaScript

Feb 2010 - DNS Security

Jan 2010 - Owasp Top 10 (Tony UV)

Oct 2009 - Security Religions & Risk Windows (Jeremiah Grossman)

Sept 2009 - Securing WebServices (Tony UV)

Aug 2009 - ISSA Event

June 2009 - OWASP LIVE CD Workshop

Apr 2009 - Filter Evasion Techniques (Workshop)

Apr 2009 - Chapter Rebirth meeting

Atlanta ISACA OWASP Meeting 03.27.09

Atlanta Leadership Meeting 03.05.09

Atlanta Leadership Meeting 02.26.09

Atlanta OWASP May 2007 Meeting

Atlanta OWASP December 06 Social

Atlanta OWASP April Meeting

Chapter Meeting March 29th 2006

October 26th Meeting

April 27th, Chapter meeting a SUCCESS!

March 30th, 2005

February Meeting

June 2005