Difference between revisions of "Atlanta Member Meeting 12.15.11"

From OWASP
Jump to: navigation, search
(Created page with " ===December 2011 Meeting=== '''WHAT::''' December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls' '''WHEN::''' 15th of December 2011. 6-8pm ''...")
 
 
Line 32: Line 32:
  
 
'''''COST''''': Free to all.  Bring a Friend. However, please look to join our chapter.  Only $50.  No pressure, but greatly appreciate. Non-profit and good cause.
 
'''''COST''''': Free to all.  Bring a Friend. However, please look to join our chapter.  Only $50.  No pressure, but greatly appreciate. Non-profit and good cause.
 +
 +
'''''PRESO'''': TBD

Latest revision as of 12:07, 28 December 2011

December 2011 Meeting

WHAT:: December Chapter Meeting - 'Preventing Data Breaches using Provenance-aware Firewalls'

WHEN:: 15th of December 2011. 6-8pm

WHERE:: Cumberland Pkwy Tilted Kilt http://atlanta-cumberland.tiltedkilt.com/

WHO:: Anirudh Ramachandran is a networks and systems security researcher at Georgia Tech and the founder and CTO of Nouvou Inc., a nascent data security startup. He has 6 years of experience developing solutions in areas such as data breach prevention, high speed traffic monitoring, network-level spam filtering, and botnet identification. He graduated with a PhD in Computer Science from Georgia Tech in 2011. http://www.cc.gatech.edu/~avr

ABSTRACT:: Data breaches through Web application vulnerabilities have become particularly rampant. Point solutions -- for example, a Web Application Firewall that scans requests destined to the Web app -- can only stop a limited number of attack patterns, and do not provide any protection from a breach once a vulnerability is eventually exploited. We have developed a complementary approach to prevent breaches based on the idea that, if sensitive data is tracked closely enough, a breach can be prevented without worrying about the Web application vulnerability that led to the breach.

In this talk, I will present the architecture of SilverLine (associates tamper-proof tags with database records and files, and uses an OS-level module to track the flow of tagged data through the various components of a Web application) and describe how we integrated SilverLine with a popular open source e-Commerce Web application, OSCommerce.

COST: Free to all. Bring a Friend. However, please look to join our chapter. Only $50. No pressure, but greatly appreciate. Non-profit and good cause.

PRESO': TBD