Wednesday, May 19, 2010

OWASP May Newsletter

I am pleased to present to you the May 2010 OWASP Newsletter. The English version has been translated into Spanish, Greek, Hungarian, and Chinese. As always, many thanks to Lorna Alamri and her team of translators.

Be sure to check out the list of upcoming OWASP Conferences! Now is a great time to plan your summer travels! The first week of June features the 3rd annual Froc event in Denver, CO USA as well as the only Application Security event to be held in Mexico!

Kate Hartmann
OWASP Operations Director
9175 Guilford Road
Suite 300
Columbia, MD 21046

Skype: kate.hartmann1

Friday, May 14, 2010

OWASP AppSec Research 2010

Dear OWASP leaders,

It's time to create a digital storm and invite the world to OWASP AppSec Research 2010 this summer. We have a fabulous program and will celebrate with a gala dinner at Stockholm City Hall ( Please consider tweeting and blogging about this Sunday/Monday. Together we'll be louder.



I've attached an image you can use on your blogs. It features Mario's winning non-alphanumeric JavaScript producing an alert("owasp"). Quite a challenge for filters or code auditors ;). If you want to include the script in text form, here it is:

Let's get the word out – thanks!

Regards, John

Wednesday, May 12, 2010



On behalf of the OWASP Foundation I'm pleased to announce that the lineup for FROC2010 is now live at

Registration is now open at and due to the generosity of our sponsors and the dedication of our volunteers, FROC will again be a free event. We are accepting donations this year, as our expenses presently exceed our sponsorships.

Full information is available at


I look forward to seeing you at FROC2010 on the 2nd of June in Denver, CO.

David Campbell

Commercial Services Registry -- Live!

The OWASP home page has been updated with links to the new OWASP commercial services registry! The “navigation” panel on the left-hand side of the home page has been updated with a “Commercial Services” link. And, the icon column in the center of the home page has been updated with a “Commercial Services” link and an associated text box.

What is the OWASP commercial services registry?
OWASP's mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks, and as a value-add towards this end we have attempted to centralize OWASP project deliverable-based services in a single OWASP Commercial Services Registry. OWASP is not affiliated with any technology company, and OWASP does not endorse commercial products or services, although we support the informed use of commercial security technology, and that is the ultimate goal of this registry.

Next steps:
To get your company listed, follow the “Get Listed” instructions on the “Home” tab of the commercial services registry page. There is currently a sample listing entry for each of the tabs.