OWASP Connector July 4, 2013
OWASP Connector July 4, 2013
| ||
FEATURED OWASP PROJECT OWASP DEVELOPMENT GUIDE The OWASP Development guide 2013 is a dramatic re-write of one of OWASP's first and most downloaded projects. The focus moves from countermeasures and weaknesses to secure software engineering. In this edition, architects, project leads, and developers can reference a massive text book covering all aspects of modern application security architecture, secure design, and detailed design patterns. This edition aligns with the syllabus outcomes of the Undergraduate Software Assurance degree and Masters of Software Assurance. NEW OWASP PROJECTS OWASP Skanda - SSRF Exploitation Framework The Skanda is a SSRF Vulnerability Exploitation Framework. The current version performs Cross Site Port Attack on vulnerable application, and discovers open ports. Future versions will perform advanced attacks like network host discovery, service discovery, and service level vulnerability detection and exploitation through SSRF. For more information, please contact the project leader, Jayesh Singh Chauhan OWASP RBAC Project The RBAC project aims to port and promote standard NIST Level 2 RBAC implementations, currently the PHP version is available as a separate project. For more information, please contact the project leader, Abbas Naderi. OWASP PHP Security Project The OWASP PHP Security project plans to gather around secure PHP libraries, and provide a full featured framework of libraries for secure web applications in PHP, both as separate de-coupled libraries and as a whole secure web application framework. many aspects of this project are already handled, and are being added to OWASP. For more information, please contact the project leader, Abbas Naderi. PROJECT ANNOUNCEMENTS OWASP Top Ten Project We are pleased to announce that the 2013 version of the OWASP Top Ten is now available for download and for purchase. Please visit the OWASP Top Ten Project wiki page for more information. Download the 2013 OWASP Top Ten Purchase the 2013 OWASP Top Ten The Top Ten has already been translated into French, German, Indonesian, Italian, Japanese, Korean, Spanish, Chinese, and Vietnamese. Current translations in process are: Portuguese, Greek, Turkish, Malay, Czech, and Dutch. Thank you to all the contributors to the translation effort. GOT OWASP? THE OWASP FOUNDATION IS MAKING ROOM FOR SOME NEW AND EXCITING SCHWAG. THIS MEANS WE'RE HAVING A FIRE SALE! CHAPTER LEADERS: STOCK UP ON APPAREL ITEMS, MERCHANDISE, ELECTRONIC EQUIPMENT, AND MEETING SUPPLIES FOR YOUR CHAPTER MORE INFORMATION COMING SOON! PURCHASING LINKS WILL BE DISTRIBUTED VIA THE CHAPTER LEADER MAILING LIST, THE CHAPTERS PAGE, AND THROUGH SOCIAL MEDIA CHANNELS | GLOBAL AppSec CONFERENCE ANNOUNCEMENTS OWASP AppSec EU 2013 20 Speakers and Talks have been announced! Click Here for a catalogue of the amazing speakers and dynamic presentations on the docket for this years' OWASP Research Event. Please plan on arriving to beautiful Hamburg, Germany prior to the event to take advantage of the world class training being offered. Click Here for the list of the catalogue of training classes. OWASP AppSec LATAM 2013 Call for Training and Call for Papers are now open (Deadline is August 2, 2013) - Click Here to submit your training or your talk OWASP AppSec USA 2013 Click Here for the full schedule of Talks and Training Classes Contact Us to secure your sponsorship opportunity for the exhibit hall or for the career fair Click Here to find out about all the awesome activities planned for the conference (Lockpick Village, Career Fair, OWASP Project Summit, Project and Chapter Workshops, 3K for Charity, and more ...) Looking Ahead to 2014 AppSec APAC 2014 - March 17-20 Tokyo, Japan AppSec Research 2014 - June 2014 Cambridge UK AppSec USA 2014 September 2014 Denver, CO LOCAL AND REGIONAL EVENTS OWASP China 2013 Forum - July 12-22; Bejing, Shanghai, and Guangzhou - OWASP India Conference 2013 - Aug 30-31; New Delhi, India Ghana Cyber Security - September 5-6; This event is looking for speakers to help grow the OWASP presence in Africa! Contact Theodore Sagoe for details OWASP New Zealand Day 2013 - Sept 11-12; Auckland, New Zealand - Call for Presentations, Training, and Sponsorship is OPEN! LASCON 2013 - Oct 24-25, Austin, TX Call for proposals is open until July 31 - Submit your proposal! PARTNER AND PROMOTIONAL EVENTS OWASP has partnered with these great events in the latter half of 2013 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to participate, please CONTACT US
| CORPORATE MEMBERSHIPS Thank you to: Axran, Cloud Passage, and Netsparker for joining as corporate members Thank you to: RedSpin and Security Innovation for their annual renewal 2013 OFFICIAL BOARD ELECTION UPDATES The deadline to submit your candidacy is August 16, 2013. We would like the community to submit interview questions. These questions will be posed to the candidates during the pre election interviews. SUBMIT YOUR QUESTIONS Voting is limited to paid/honorary members who are in good standing as of September 30, 2013. Be sure to join or renew your membership 2013 WASPY AWARDS The WASPY (Web Application Security Person of the Year) Awards were started in 2012 with the assistance and sponsorship of Qualys and Trustwave. This year, the awards will recognize 5 different individuals in 5 different categories. Take advantage of this opportunity to help OWASP globally recognize members of our community for their efforts to drive awareness of software security through leadership, outreach, and innovation. SUBMIT YOUR NOMINEE SPONSOR THE AWARDS GET YOUR CREDITS! Register to participate in the OWASP Webinar Series. This provides an opportunity to review some of the top security talks AND earn CPE credits! the Next Webinar is scheduled for Wednesday July 10, 2013. The talk title is: "AppSec Training, Securing the SDLC, WebGoat.NET, and the meaning of life" by Jerry Hoff. This is a showing of Jerry's AppSec USA 2012 presentation. at 10am EDT and at 9pm EDT Wednesday July 24 Four Axes of Evil: HD Moore at 10am EDT and at 9pm EDT If you are interested in giving a live presentation during the webinar series, please contact us. FEATURED PARTNER EVENTS The information security issues that matter, the expertise to help. Enjoy 60 track sessions plus debates and keynotes. Build your knowledge and further your career at RSA Conference Europe Join us for the Third Annual (ISC)2 Security Congress! Co-located with ASIS 2013 59th Annual Seminar and Exhibits. September 24-27, 2013; McCormick Place, Chicago, IL; OWASP Members Save 20% off conference registration with the discount code: OWASP The (ISC)2 Security Congress event offers invaluable education to all levels of information security professionals. The impressive lineup includes speakers from the Department of Homeland Security, Prudential, Humana, TSA, University of Maryland, DAS Global, Excelon and more with 9 different tracks and over 80 sessions. tracks include: Application Security, Cloud Security, Government Security, GRC, Malware, Mobile Security/Social Networking, Software Assurance, Swiss Army Knife, and Threats. Register Now! |
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home