OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
We invite you to join us. While all of our materials are free and offered under an open source license, you do not have to become a paid member to use them or participate in our projects, mailing lists, conferences, or other activities. However, please consider becoming a member and enabling OWASP to continue to provide unbiased tools, documentation, conferences, mailing lists, etc., think of it like public television or public radio. Individual memberships are only $50 annually.
TBD: Anybody who is interested in leading or facilitating our next meeting, please contact Dirk Maxwell, OWASP Nashville Chapter Lead, for details. We're open to suggestions regarding topic and timing.
DATE: September 30, 2009
TOPIC: Application Threat Modeling
PRESENTER: Dirk Maxwell, OWASP Nashville Chapter Lead
EVENT RECAP: Dirk Maxwell provided a formal presentation and led discussion in real-world benefits and challenges of implementing threat modeling processes within the system development lifecycle. The meeting was characterized by excellent participation and discussion by those in attendance. Again, thanks to all those who participated.
DATE: July 9, 2009
TOPIC: Secure Development Practices
PRESENTER: Facilitated discussion led by Dirk Maxwell
EVENT RECAP: A freewheeling facilitated discussion centered around secure application development practices including threat modeling, code review, static source code analysis, security testing processes, tools, etc. This was a great discussion involving some of Nashville's application security thought leaders. Thanks for all those who participated!
DATE: April 30, 2009
TOPIC: OWASP LiveCD
PRESENTER: Dean H. Saxe, Foundstone
PRESENTATION: OWASP Live CD Slide Deck
EVENT RECAP: With approximately 45 people in attendance, guest Speaker Dean H. Saxe from Foundstone introduced the OWASP LiveCD and many of the OWASP supported tools on the CD, including WebScarab and WebGoat. Using a combination of lecture, live demos and hands-on labs, we examined the WebGoat application by exploiting flaws in authorization, data validation and session handling. The event was a tremendous success!! Thanks to all who were able to participate. OWASP Nashville also extends a special thanks to: Jeff Cobb, Bart Hubbs and Mark Brown with the Middle Tennessee chapter of the ISSA; Dean Saxe from Foundstone for making the event such a success; and to HCA for hosting the event.