OWASP Atlanta is a local meetup that uses the framework from the Open Web Application Security Project, a well-known tool of security practitioners. The group has presentations about web and mobile development security.

Upcoming OWASP Atlanta Meetings

Events - OWASP Atlanta

Events - OWASP Atlanta
  • OWASP Atlanta

    In this talk, Jim McKenney will discuss how to gain support for cyber security testing, how to apply common frameworks to rail environment and discuss methodologies that could be used to asses cyber risk to operational environments such as rail. Learning Objectives:
    1. Discuss how to gain support for cyber security testing
    2. Discuss how to apply common frameworks such as NIST’s Cyber Security Framework to field technologies
    3. Discuss different methodologies that could be used to assess cyber risk to rail
    4. Understand how to build, gain support for similar cyber risk programs BIO:

    Jim McKenney is a Technical Director at NCC Group leading research into the Rail and Logistics industries. Prior to joining NCC Group McKenney led operation technology cyber security at CSX, carrying out cyber impact assessments and red team programs on field technologies such as locomotives, rail cars, signals & communications and Positive Train Control (PTC). An advocate of Lean Six Sigma, Jim firmly believes that the best way to deliver greater results is to get into the field; working with and listening to the teams that operate the environment. This results in better defining value, aligning to a common purpose and respecting and developing employees and supplier relationships – all of which help speed the effectiveness of aligning cyber security to the core values of the rail road - safety, reliability, and efficiency.

    Alpharetta 30009 - USA

    Thursday, November 16 at 6:30 PM



  • OWASP Atlanta

    ABSTRACT: Five years ago Neil Bergman disclosed the ability to execute arbitrary code in Android WebViews through Javascript Interfaces. Since then this vulnerability has been patched and minimal research has surfaced about additional problems with Javascript Interfaces.

    This talk is to serve as a (re)introduction into Javascript Interfaces and the Android Browsers that use them. We will discuss how they are implemented, their per-browser functionality, and the security problems that comes with them.

    We will also dive into a generic methodology for developing your own toolset and processes for analyzing Javascript Interfaces in Android Browsers, along with some details around vulnerability research and exploit development.

    SPEAKER: Benjamin Watson is Director of Security Research at VerSprite. VerSprite is a global security consulting firm focused tailored security service. Ben leads the firm's technical security group to research custom exploits in mobile, web, and embedded applications.

    Alpharetta 30009 - USA

    Thursday, December 7 at 6:30 PM