Revision as of 16:52, 21 October 2008 by Mpetteys (talk | contribs) (Future Meetings)

Jump to: navigation, search

OWASP Sacramento

Welcome to the Sacramento chapter homepage. The chapter leader is Matt Petteys <paypal>Sacramento</paypal>
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


The Sacramento OWASP Chapter promotes the principles of OWASP in our local community with an emphasis on education, local networking opportunities, and fun.

Next Meeting - OCT 30th

The next OWASP Sacramento meeting will be on Thursday October 30th at 6pm. This meeting will be hosted at EDS Medi-Cal in Rancho Cordova, CA. Food, beverage, and the presentation will be provided by Fortify.

Please use the online RSVP form below or contact Mpetteys at by 10/29/08 if you plan to attend.


Elections are the core of the democratic process. In order for an election to remain truly democratic, it must uphold four critical properties: privacy, incoercibility, accuracy and verifiability. This presentation will discuss threats against these properties, summarize the strengths and weaknesses of current voting techniques, and compare security in voting systems and business systems. It will conclude with a look to the future of voting systems in America and recommendations for how the federal government and state governments can work with voting machine vendors to adopt business software assurance techniques into the systems they create.


Joy Forsythe is a member of the Security Research Group at Fortify Software, where she is responsible for developing security content for the Fortify suite of products. Prior to joining Fortify, Ms. Forsythe worked for Oracle, where she designed and implemented the encryption and storage optimization features for SecureFiles. At MIT she was a Research Assistant in the Computer Science and Artificial Intelligence Laboratory, where she worked under Professor Ron Rivest on electronic voting and cryptography. She holds a M.E. and a B.S. in Computer Science and Engineering from MIT.

  • LOCATION INFORMATION: Upon arriving at the main entrance, please ask for Robert Grill, office: 916-636-4392, cell: 916-997-9892. Any problems, please contact Matt Petteys, 916-873-4716
    EDS Medi-Cal (map)
    3215 Prospect Park Drive
    Rancho Cordova , CA

Future Meetings

November 2008: A hands-on training with WebGoat is planned. Bring your laptop with a CD-ROM drive so you can boot the OWASP Live CD.

Past Meetings

2008-07-31: Roman Hustad presented "How to Test the Security of Web Applications".

2008-06-26: Shan Zhou from Imperva presented "Database Security."

2008-04-03: Ryan C. Barnett from Breach Security presented "Passive Web Application Defect Identification."

2007-11-29: Roman Hustad from Foundstone presented "Web Application Hacking" to over 40 attendees.

2007-08-30: Barmak Meftah from Fortify Software presented "Hack proof your Service-Oriented Architecture" to 15 attendees.

Local News

2007-08-02: OWASP Sacramento is requesting votes for the preferred March topic using the following URL. OWASP Sacramento March Topic Survey. This meeting will be sponsored by Breach Security.

2007-10-01: We have rescheduled the next meeting for November 29th 2007. Please contact Matt Petteys with questions or suggestions.

2007-07-15: We have rescheduled the next meeting for August 30th 2007. Please contact Matt Petteys with questions or suggestions.

2007-07-01: OWASP Sacramento is requesting comments on future topics using the following URL. OWASP Sacramento Topic Survey

2006-06-27: OWASP Sacramento is planning a public presentation in late August 2007. Contact the chapter leader with questions or suggestions.

2006-05-18: OWASP Moves to MediaWiki Portal - 16:09, 18 May 2006 (EDT)