Revision as of 17:58, 22 January 2010 by Andy Stovall (talk | contribs)

Jump to: navigation, search

OWASP San Diego

Welcome to the San Diego chapter homepage. The chapter leader is Jeromie Jackson <paypal>SanDiego</paypal>
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG 

Local News

Sushi & Sake- OWASP San Diego to Host Free Web Hacker Dojo

The Open Web Application Security Project (OWASP) Chapter in San Diego will be holding a FREE meeting to discuss the latest developments in the OWASP organization, and leading-edge web assessment technologies. Demonstrations will be provided on various web attack techniques and the best practices for defending against them, including web application firewalls. Bring your laptop to participate in the Web Hacker Dojo where everyone will have the opportunity to launch attacks against live lab web servers to see how they compare against today’s countermeasures. Sushi and Sake refreshments will be provided as you network with some of the best security auditors, researchers, and developers in the San Diego area. We look forward to seeing you there!

Date:     January 27th, 2010
Time:     6:00pm - 7:30pm
Location: Websense Corporate Office
          10240 Sorrento Valley Rd       
          San Diego, California  92121

Meeting Notes From October 22, 2009
-There are big python and ruby user groups in SD (Gabriel Lawrence is a good conduit)
-Many other user groups use to publish meetings
-Create multisession curriculum (review tools and deep dive on different subject)
-Loosely couple presentations so new attendees can easily join in
-Discussed idea of charging small fee to attend meetings (decided not to entertain this until meeting matures)
-Possibly segregate training sessions from regular sessions and provide a some theme to the training sessions
-Vendors to possibly bring in (Rapid7 HDMoore, Breach, Modsecurity, McAfee, DBNetworks)
-Possibly provide CPE credits for attending OWASP events

Future Meeting Topics
-Remediation vs. Mitigation
-Mitigation techniques when the code can’t be fixed
-Demo ESAPI in PHP and/or
-How to run security testing when evaluating a new software product
-CFO level meeting regarding cost justification for security tools and risk assessment
-Web enumeration and data mining
-Vulnerability classification and remedation techniques

OWASP San Diego Board Formation

Jeromie Jackson - President
Jeff Sutton - Vice President
Matt Harrigan - Director of Research
Steve Groom - Director of Marketing
Andy Stovall - Technical Director
Tom Spencer - Program Director