OWASP Connector Newsletter - October 28, 2015
October 28, 2015 || www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
|
|||||||||||||||||||||||||||||||||||||||||||
2015 Global Board Election Results
|
|||||||||||||||||||||||||||||||||||||||||||
OWASP in the NEWS!OWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes. Simon Bennetts - OWASP ZAP Q&A session ZAP, Xenotix XSS Exploit Framework, O-Saft and OWTF - 2015 BOSSIE Awards OWASP Top 10 - "Don't Let Your SMB Get Caught With Its Pants Down," Huffington Post Mark Miller - OWASP 24/7 Podcast Series |
|||||||||||||||||||||||||||||||||||||||||||
WASPY Award WinnersThe results of the OWASP WASPY Awards have been announced and posted to our website. Thanks to all who made a nomination and congratulations to the winners. |
|||||||||||||||||||||||||||||||||||||||||||
OWASP Translations: ASVSOWASP ASVS — Translation Project has been added to Crowdin. Crowd In is a community translation platform. If you speak another language other than English, we would really appreciate it if you could join Crowd In, and become a member of the ASVS project page and commit some time to developing a translation into your local language.Help us translate OWASP ASVS and bring it to the world! https://crowdin.com/project/owasp-asvs. |
|||||||||||||||||||||||||||||||||||||||||||
Women in AppSec: Diversity Leads to SuccessStudy after study has shown that diverse teams are more successful. Forbes reports that diversity is key driver of internal innovation and business growth. McKinsey & Company study showed that diverse organizations are more likely to have financial returns above their respective national industry medians. The OWASP Women in AppSec (WIA) diversity initiative aims to increase the participation and visibility of women in the applications security field. WIA is seeking volunteers to help with projects in 2016 now! Fill out the WIA planning survey at https://www.surveymonkey.com/r/SRNLD7H and get involved today. Increasing diversity is an effort that relies on all of us to be successful, so all genders are welcome and encouraged to participate. |
|||||||||||||||||||||||||||||||||||||||||||
NEW Tool: TrelloTrello is a collaboration tool that organizes your projects into boards. In one glance, Trello tells you what's being worked on, who's working on what, and where something is in a process. The OWASP Foundation has obtained a free premium Trello account for our community. If you are interested in having your own board for your project or chapter, please ping Fabio Cerullo at fcerullo@owasp.org. Some of the projects and chapters using the Trello board are Campinas/Sao Paulo, Delhi, CSRFGuard, ZAP as well as the global Board and the AppSecUSA Chapter Leader Workshop. Visit these boards for ideas on how to use them for collaboration in your group: |
|
|
Project Summit at AppSecUSASeveral OWASP Projects participated in the AppSecUSA Project Summit. A lot of good feedback, Github updates and new documentation served to level up all participating projects. Visit the project pages for updates or contact the leaders to find out how you can get involved:
Gary Robinson, Larry Coklin
Jim Manico & Andrew Van Der Stock
Enrico Branca
Glenn Tate Cate
Tony Turner, Rafael Chiles
Michael Hidalgo
OWASP PodCasts created by Mark Miller offer a great forum for getting an update on projects. Listen to interviews with project leaders at https://soundcloud.com/owasp-podcast. Latest ReleasesOWASP Security Shepherd Project OWASP Application Security Verification Standard OWASP Mobile Security Project OWASP Seraphimdroid v.2
Nikola Milosevec ZAP Scripting Competition ResultsZAP Scripting Competition results are now available at https://www.owasp.org/index.php/2015-08-ZAP-ScriptingCompetition. For more information about OWASP Projects, please visit the Project Wiki Page OWASP Code Review Guide SurveyThe OWASP Code Review Guide team surveyed attendees at AppSec USA to find out how attendees rated the effectiveness of various security tools/reviews at finding issues, such as business logic problems, or each of the OWASP Top 10. Our intention was to evaluate if Secure Code Review (the topic of our guide) is seen as an effective security process in an organizations SDLC. The Survey results will be included in the next version of the guide. New Initiative: OWASP ResearchOWASP Research is an initiative to start developing OWASP projects in the field of innovative research,specifically new ways to protect web applications by applying out of the box concepts and technological developments. Contact Johanna Curiel for details or visit http://www.owasp.org/index.php/Global Initiatives#Research. |
|
||
Global AppSec Events |
||
Mark your Calendar! AppSECEU 2016 is coming to Rome, Italy on 27 June to 1 July 2016! The Call for Trainings is Now Available! Deadline for proposals: 31 December, 2015. |
||
Regional and Local EventsAppSec Rio de la Plata 2015, December 1, 2015 - December 3, 2015, Montevideo, Uruguay Conference Videos AppSecUSA Videos from 21 of our sessions and keynotes are now available on YouTube. Look for more uploads to come featuring keynotes, special panels and talks. Videos from our OWASP Eastern European Conference are also available on YouTube. Stay tuned for videos from last week's LASCON (Lonestar Application Security Conference) event in Austin, TX, USA. Partner and Promotional EventsOSCON Amsterdam, October 26 - October 28, 2015 Amsterdam, The Netherlands SANS CyberTalent Fair, November 19, 2015, Virtual On-line CyberSecure December 15 - 16, 2015 The Sheraton Times Square New York, NY, USA CodeMash January 5 - 8, 2016 Sandusky, Ohio, USA BSides Lagos January 22, 2016 Nigeria |
Ads are not endorsements and reflect the messages of the advertiser only.They represent co-marketing arrangements |
|
|
We had a lot of activity in our chapters since our April 21 Connector: 18 New Chapters (red), 13 Leadership Transitions (pink), two New Student Chapters (blue) and six new Academic Supporters (light blue). Click on the map to see our newest chapters. New ChaptersAtlantic Canada: Leader, Scott Deveaux, scott.deveaux@owasp.org Bhopal, India: Leader, Akshay Sharma, akshay.sharma@owasp.org Bulawayo, Zimbabwe: Trevor Sibanda leader, trevor.sibanda@owasp.org Cagayan Valley, Philippines: Leader, Charmagne Cumigad,charmagne.cumigad@owasp.org Cape Town, South Africa: Leader, Timo Goosen, timo.goosen@owasp.org Colorado Springs: Leader, Mike Forgione, mike.forgione@owasp.org Cotonou, Benin: Leader, Apollin Moyo, apollin.moyo@owasp.org Columbia, SC, USA: Leader, Frank Catucci, frank.catucci@owasp.org El Salvador: Leader, Nelson Chacon, nelson.chacon@owasp.org Gwalior, India: Sumit Ojha leader,sumit.ojha@owasp.org Kern County, CA, USA: John Stampfli leader, john.stampfli@owasp.org Madurai, India: Leader, M.S. Siva Kumar Odessa, Ukraine: Leader, Vladimir Garbuz, vladimir.garbuz@owasp.org Panay, Philippines: Francis AI Victoriano leader,francis.victoriano@owasp.org Southern New Hampshire, USA: Leaders, James Burroughs, Edmond Holohan and Garrett Klok Spotsylvania, VA, USA: Leader Arnold Webster arnold.webster@owasp.org Stamford, CT, USA: Maria Sette leader,maria.sette@owasp.org Taguig, Philippines: Gil Tario II leader, gil.tario@owasp.org Trinidad and Tobago: Laura Bigram leader, laura.bigram@owasp.org Chapter TransitionsBhopal, India: New Leader added Nandan Yadav, Nandan.Yadav@owasp.org Bristol, UK: Katy Anton and Sash Rigby, katy.anton@owasp.org,sash.rigby@owasp.org Brooklyn, NY, USA: Added leaders Emily Wicki and Nicole Becher,emily.wicki@owasp.org,nicole.becher@owasp.org; Loren Davie is stepping down. Charlotte, NC, USA: New leader Rob Taylor rob.taylor@owasp.org Cyprus: New leaders, Christos Papadopoulos,christos.papadopoulos@owasp.org and Yiannis Ioannides,yiannis.ioannides@owasp.org Iceland: New Leaders, Þröstur Spörri Jónasson, Sigmundur Jónsson, Thorlaug Agustsdóttir, Sverrir Davíðsson, Theodor Gíslason,throstur.sporri.jonasson@owasp.org,sigmundur.jonsson@owasp.org,thorlaug.agustsdottir@owasp.org, ,sverrir.davidsson@owasp.org,theodor.gislason@owasp.org Khartoum, Sudan: New leaders added, Ahmed Abbas ahmed.abbas@owasp.org, Asim Jaweesh asim.jaweesh@owasp.org, and Obay Albadri obay.albadri@owasp.org Kenya/Nairobi: The inactive Nairobi chapter will merge with Kenya. Kenya team is incorporating historical info on past Nairobi meetings on their page. Nairobi leaders have been invited to join Kenya leadership team. Kolkata, India: Added leader Dibyendu Sikdar, dibyendu.sikdar@owasp.org Manila, Philippines: Jan Jancosin (jan.jancosin@owasp.org) added to leadership team Orange County, CA, USA: New leader, Haral Tsitsivas, haral.tsitsivas@owasp.org Pune, India: New leader, Ashwini Paranjpe, ashwini.paranjpe@owasp.org New Zealand: New leader added in Wellington, Kirk Jacksonkirk.jackson@owasp.org New Student ChaptersIIT Kanpur Student Chapter, Kanpur, India University Lucian Blaga of Sitiu, Romania New Academic SupportersAnglia Ruskin University, Cambridge, UK De La Salle University, Philippines Masinde Muliro University of Science and Technology, Kenya Philippine Institute of Cyber Security Professionals, Manila, Philippines Rotterdam University of Applied Sciences, Rottterdam, Netherlands Universiti Tecknologi Malaysia, Kuala Lumpur, Malaysia Chapter ActivitiesOn October 12 2015, OWASP Panay chapter leader Francis Victoriano presented OWASP Top 10 at Aklan State University and at Filamer Christian University, a future academic supporter, on October 21. Almost 300 students attended the latter event, and they are planning to invite OWASP Panay next year. On October 7, OWASP Kerala hosted sessions at PRS College with an amazing turn out of more than 150 students from various semesters of Computer Science and Electronics Department - organized in multiple sessions throughout the day with back to back non stop sessions. It was a great event and was so exciting to interact with the students. The engineering schools in Kerala, India under the Kerala State University system have signed on as OWASP Academic Supporters.
We at the OWASP Global Foundation are looking forward to hearing about more such events in future. Share your chapter's successes! Submit your stories here |
|
|
OWASP Social Media Site |
Labels: AppSec USA, AppSecEU, ASVS, cheatsheets, code review, Connector, mobile security, News, O2 Platform, proactive controls, python, research, security knowledge framework, security shepherd, seraphimdroid, testing guide, WAFEC, WIA, ZAP
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home