Monday, January 25, 2010

OWASP Numbering Scheme

An exciting development!

A new numbering scheme that will be common across OWASP Guides and References has been developed. The numbering is based on the OWASP ASVS section and detailed requirement numbering. The effort to develop the numbering was a team effort, led by Mike Boberski (ASVS project lead and co-author).

OWASP Top Ten, Guide, and Reference project leads and contributors as well as the OWASP leadership worked together to develop numbering that would allow for easy mapping between OWASP Guides and References, and that would allow for a period of transition as Guides and References are updated to reflect the new numbering.

For more information about the new numbering, please see http://www.owasp.org/index.php?title=Common_OWASP_Numbering A new OWASP project is in the process of being created to manage the new numbering scheme, for example as numbers are retired. The new project will be led by Brad Causey.

Saturday, January 23, 2010

OWASP Q1 2010 Newsletter



The newsletter translated into Chinese, Hungarian, Greek, and French will be posted here:
http://www.owasp.org/index.php/Category:OWASP_Newsletter when they become available. If you are able to translate into a language not listed, please contact Lorna.alamri@owasp.org

Many thanks to Lorna and “her staff” of translators for putting this together.

Kate Hartmann

OWASP Operations Director
9175 Guilford Road
Suite 300
Columbia, MD 21046

301-275-9403
Skype: kate.hartmann1

Thursday, January 21, 2010

OWASP AppSec Research Challenge #8

The OWASP AppSec Research 2010 Challenge is ON!

Your mission: construct a gif/JavaScript polyglot and win a free conference ticket to OWASP AppSec Research 2010 in Stockholm, Sweden!!


Good luck, and may the best polyglot win!

Tuesday, January 19, 2010

OWASP for Charities: Haiti relief effort

OWASP Members and Supporters,

OWASP was founded, and is supported as a non-profit organization, by a group of dedicated volunteers who believe that all applications should be secure and trusted. As our organization matures we have taken those beliefs broader, and have started setting up ways for our members to donate to the global community. Among these initiatives are:

  • OWASP has an active Kiva lending team who have donated $9,125.00 to date. http://www.kiva.org/community/viewTeam?team_id=522
  • OWASP in response to the need in Haiti has set up a secure and trusted way for those within the OWASP community to donate funds to help the people of Haiti. This allows our OWASP community to help another with a single global voice. 100% of the collected donations will be transferred directly to victims for disaster relief such as food and medical requirements. Please visit www.owasp.org and click the link for G33k-4-HAITI. In a time of crisis, OWASP can help those who are in great need. The OWASP community can help organize, support , and promote efforts outside of application security.

OWASP is well aware there is a movement for phishers to utilize this tragedy to get unsuspecting people to donate to a “cause” without having a legitimate business back end and ultimately funneling all the money directly into their own pockets. The OWASP community is uniquely qualified to help protect from this type of attack and educate about attacks as well.

As the world becomes more dependent on technology and particularly web applications, there are many who need protection who simply have no options to protect themselves. These include small companies, individuals, charities, and others. The OWASP community can help by connecting qualified, trusted resources willing to volunteer their time to those organizations which qualify. OWASP is setting up an outreach program, which will be under the name project name of OWASP for Charities.

We hope you will support OWASPs efforts to make a difference in any of the above ways. We are also open to suggestions in regards to where you feel the OWASP Community can be of service.

Regards,

Your OWASP Board

Kate Hartmann

OWASP Operations Director
9175 Guilford Road
Suite 300
Columbia, MD 21046
301-275-9403
kate.hartmann@owasp.org
Skype: kate.hartmann1

Monday, January 11, 2010

1st OWASP NY/NJ Chapter Meeting for 2010

* ALERT *

The first meeting for 2010 for OWASP NY/NJ Chapter will be at KPMG.

http://www.owasp.org/index.php/NYNJMetro

Check it out, RSVP invite a friend!!

Tom Brennan
http://www.linkedin.com/in/tombrennan
(973) 506-9303