MAY FEATURED OWASP PROJECT
OWASP Mobile Security Project
The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications. The primary goal of this project is to classify mobile security risks, and provide developmental controls to reduce their impact our likelihood of exploitation.
The primary focus is at the application layer. While consideration is taken into the underlying mobile platform and carrier inherent risks when threat modeling and building controls, we are targeting the areas where the average developer can make a difference. Additionally, focus is placed not only on the mobile applications deployed to end user devices, but also on the broader server-side infrastructure which the mobile apps communicate with. Focus is heavily aimed towards the integration between the mobile application, remote authentication services, and cloud platform-specific features.
NEW OWASP PROJECTS
OWASP Good Component Practices Project
Project Leader: Mark Miller
Good Component Practice is one of the most overlooked silver bullets in the Open Source arsenal. Due to business pressure, we have found that companies are willing to risk using unverified open source components, trading off security for enhanced speed in development.
This project will use community input to document an industry acceptable process for the creation, maintenance, and use of open source components.
OWASP Bywaf Project
Project Leader: Rafael Gil Larios
The aim of this project is to develop an application that makes the work of an auditor much easier when conducting a Pen Test. The application's principal functions are to detect, evade, and give a vulnerability result utilizing known SQL injection, and other methods developed by professionals within the industry.
PROJECT ANNOUNCEMENTS
2013 Mobile Top 10 Call For Data
We are pleased to announce the 2013 call for data to help refresh the Mobile Top 10 Risks for 2013 and publish a more formal document. We are encouraging everyone to get involved. Right now we are looking for data that represents the current state of mobile application security. We are soliciting not just vulnerability data, but also incident and attack data that reflects the real-world prevalence and significance of these issues. The goal in requiring both is to rank risks accordingly based on data as opposed to making assumptions. We will use this data to flesh out and re-evaluate the currently incomplete Mobile Top Ten Project.
If you would like to et involved, please visit the OWASP Mobile Security Project wiki page. Please direct any questions or concerns to the Top 10 Refresh leaders, Jason Haddix, Jack Mannino, and Mike Zusman.
|
Thank you to MStar Semiconductor, Inc, our newest Corporate Member
Thank you to AsTech Consulting for their Corporate Membership Renewal
GET READY FOR THE 2013 SUMMER
Cool Prizes
New Membership Levels
Become a LIFETIME Member
Click the icon for all the details
Apply for an Honorary Membership
Get the Details and the Link to the form
AppSec Research 2013
4th COUNTDOWN CHALLENGE RELEASED
There will be a challenge posted on the conference wiki page every month up until the event in August. The winner of each challenge will get FREE entrance to the conference (a €420 value). Be sure to sign up for the conference mailing list to get a monthly reminder.
CLICK HERE to access this challenge
Complete instructions on this challenge
OWASP is pleased to announce our upcoming Partner Events:
ICCS 2013 James R. Clapper, the Director of National Intelligence, will be the opening keynote speaker for the conference.
Blackhat 2013 (15% discount promo code for OWASP members is: KobrLQ44 - case sensitive)
EC Council - Use discount code TDCSTLOWASP for $99 conference passes
OWASP Blog
Do you have some news? Submit your item to appear in the next connector HERE
|
|
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home