Welcome to the Atlanta chapter homepage. Chapter Lead is Tony UV.
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
2009 was a great year aimed at re-generating some interest for the OWASP movement. We hope to build on this in 2010 and need some help in doing so. If you have some extra cycles and would like to submit a proposal for speaking or hosting a workshop, please don't hesitate to contact us (see Chapter Leads tab below). This year, we hope to see some new faces and would like to get the year started by talking about the new OWASP Top Ten and how to apply them within your application development, testing, or assessment efforts.
On behalf of the chapter, I would like to solicit your financial support of chapter via a tax deductible membership for a great non-profit organization which aims to elevate web application security. Please note that other chapters have the luxury to charge their members for attending some of their meetings. We hope that you find historical and future meetings to be of value and show support via a member based contribution. To contribute to OWASP-Atlanta, go here: <paypal>Atlanta Georgia</paypal>
Our next meeting is on Monday, May 24th. Location is still in the works. Presentation will cover the impact of botnets to web application security and beyond. Please check the Chapter Meetings tab for more information.
Staying in Touch
New OWASP Atlanta Linkedin Group. For those addicted to LinkedIn, we have a group you can further feed your addiction. The OWASP Atlanta Chapter. http://www.linkedin.com/groups?home=&gid=1811960&trk=anet_ug_hm
Register for the OWASP Atlanta Mailing List by signing up here: http://lists.owasp.org/mailman/listinfo/owasp-atlanta
OWASP Atlanta Supporters
Thanks to the following list of official sponsors and supportive organizations for their financial contributions and resource support.
2009 OWASP Atlanta Member Survey
The Atlanta OWASP Member Survey has come and gone. Thanks to all those that responded. A subset of the results is shown below in the form of top ranking security topics that members wish to see in 2009. More detailed results will be provided and discussed briefly during our first meeting, April 2nd, 2009.
May 2010 Meeting
WHAT:: Clubbing WebApps with a Botnet
WHEN:: Monday, May 24th, 2010 7-9pm
WHERE:: Room 1116-W , Klaus Advanced Computing Building, Georgia Tech (Directions & Parking)
WHO:: Gunter Ollman, VP of Research, Damballa. Gunter Ollmann has over 20 years of experience within the information technology industry and is a known veteran in the security space. Prior to joining Damballa, Gunter held several strategic positions at IBM Internet Security Systems (IBM ISS) with the most recent being the Chief Security Strategist. In this role he was responsible for predicting the evolution of future threats and helping guide IBM's overall security research and protection strategy, as well as being the key IBM spokesperson on evolving threats and mitigation techniques. He also held the role of Director of X-Force as well as the former head of X-Force security assessment services for EMEA while at ISS (which was acquired by IBM in 2006). Prior to joining ISS, Gunter was the professional services director of Next Generation Security Software (NGS), a vulnerability research and attack-based consulting firm. Gunter has been a contributor to multiple leading international IT and security focused magazines and journals, and has authored, developed and delivered a number of highly technical courses on Web application security. He is a well-known industry speaker worldwide and is often invited to present at various international security conferences. Gunter is also highly regarded in the press as an expert source on security threats and is a frequently quoted by the international media.
ABSTRACT:: The lonely hacker taking pot-shots at a Web application – seeking out an exploitable flaw - is quickly going the way of the dinosaur. Why try to hack an application from a solitary host using a single suite of tools when you can distribute and load-balance the attack amongst a global collection of anonymous bots and even ramp up the pace of attack by several orders of magnitude? If you’re going to _really_ hack a Web application for commercial gain, the every-day botnet is now core equipment in an attacker’s arsenal. Sure, DDoS and other saturation attacks are possible – but the real benefits of employing botnets to hack Web applications come from their sophisticated scripting engines and command & control which allow even onerous blind-SQL-injection attacks to be conducted in minutes rather than days. If someone’s clubbing your Web application with a botnet, where are your weaknesses and how much time have you really got?
COST: No costs, but all donations will be accepted as it helps pay for meeting related materials and provisions. Best way to support the chapter is to become a member.
Atlanta Georgia OWASP Chapter Leaders
- Tony UcedaVelez - Chapter Lead
- Charles Burke - Meeting Chairperson
- Shauvik Roy Choudhary - Marketing Chairperson