Open Web Application Security Project: April 2019 Connector

*|MC:SUBJECT|*

OWASP
Connector

April 2019

Communications | Projects | Events | Community | Membership

COMMUNICATIONS

Letter from the Vice Chairman:

Dear OWASP Community,

Over the past number of months the Board of Directors has been working on the feedback received from the community. This feedback aligned with our key strategic goals for the year. One of our key goals was to further strengthen the “P” in OWASP. To this end we have been working with the Open Security Summit to put more of a focus on improving project development and growth and hope to enable projects through events such as this.

Another goal is to strengthen our student outreach. One idea I had was to work with colleges all over the world to support our projects development as part of their internships. I wonder if there would be anyone in the community to assist in this effort by creating a Committee under the revised Committee 2.0 model - https://www.owasp.org/index.php/Governance/OWASP_Committees. To simplify things I have added a quick start guide at the beginning of the document.

Diversity is something that we hold dear to our hearts. There are a number of people in our community that have driven this initiative to enable OWASP to be a more diverse community, without naming any names, we would like to thank them and encourage more of those in and outside of the OWASP community to get involved and help OWASP grow.

Last but not least, planning for our global conferences is well under way with OWASP Global AppSec Tel Aviv coming up at the end of May – one small ask is that everyone share information on this conference in your communities,https://telaviv.appsecglobal.org.

Thanks for all your hard work.

Owen Pendlebury
OWASP Vice Chairman

OWASP FOUNDATION UPDATE FROM INTERIM EXECUTIVE DIRECTOR:

For these first few months I have been focused on business operations retooling. As you know, Mailman was recently retired. There is now an online static archive of historical messages. Our goal before Q3 is to have most of our tools on managed, trusted hosted services.

We have increased our use of JIRA to manage inbound requests and last month the team closed 98.6% of service tickets within their prescribed SLA. In January it was 20.4%. This is a very big accomplishment and demonstrates our progress on this work effort. There have also been a number of back office changes that most members won’t notice, but we’re focused on stronger business continuity for the long term.

In addition to all our upcoming events, the staff along with some members of the community are actively prototyping how we will completely update the website this summer. This effort will not be simply cosmetic, it will be a foundational change in how we manage and publish content that we believe will better connect with our community - and more importantly help us grow. Expect more updates on this in the coming months.

Be safe out there,

Mike McCamon
OWASP, Interim Executive Director

Have you Registered yet?

Sponsorship for Global AppSec Tel Aviv is still available.

Global AppSec DC September 9-13, 2019
submit to the Call for Papers and Call for Training

Save the Date for: Global AppSec Amsterdam Sept 23-27, 2019

EVENTS

You may also be interested in one of our other affiliated events:

REGIONAL AND LOCAL EVENTS

Event	Date	Location
Latam Tour 2019	Starting April 4, 2019	Latin America
OWASP Portland Training Day	September 25, 2019	Portland, OR
LASCON X	October 24-25,2019	Austin, TX
OWASP AppSec Day 2019	Oct 30 - Nov 1, 2019	Melbourne, Australia

PARTNER AND PROMOTIONAL EVENTS

Event	Date	Location
Cyber Security and Cloud Expo Global	April 25-26, 2019	London
IoT Tech Expo Global	April 25-26, 2019	London
Internet of Things World	May 13-16, 2019	Santa Clara Conventional Center, CA
Hack in Paris 2019	June 16-20, 2019	Paris
Cyber Security and Cloud Expo Europe	June 19-20, 2019	Amsterdam
IoT Tech Expo Europe	June 19-20, 2019	Amsterdam
it-sa-IT Security Expo and Congress	October 8-10, 2019	Germany

PROJECTS

The Project Showcase at Global AppSec Tel Aviv has received a great deal of interest. Anyone attending will be in for a steady stream of information on OWASP Projects. The following projects are proposed for the showcase (the actual schedule has not been developed so the order is not indicative of time slots):

Project	Presenter(s)
Glue Tool	Omer Levi Hevroni
Internet of Things	Aaron Guzman
Embedded AppSec	Aaron Guzman
Software Assurance Maturity Model (SAMM)	John DiLeo
API Security	Erez Yalon, Inon Shkedy
Mod Security Core Rule Set	Christian Folini, Tin Zaw
Automated Threats	Tin Zaw
Application Security Curriculum Project	John DiLeo
Defect Dojo	Aaron Weaver
Web Honeypot Project	Adrian Winckles
Damned Vulnerable Serverless Application	Tal Melamed

The scheduled for project reviews at Global AppSec Tel Aviv are the following:

Project	Review Level	Leaders
Snakes and Ladders	Lab	Colin Watson, Katy Anton
Amass	Lab	Jeff Foley
Attack Surface Detector	Lab	Ken Prole
SecureTea Tool	Lab	Ade Yoseman Putra, Bambang Rahmadi KP, Rejah Rehim.AA
Serverless-Goat	Lab	Ory Segal
Cheat Sheet Series	Flagship	Dominique Righetto, Jim Manico
Mobile Security Testing Guide	Flagship	Sven Schleier, Jeroen Willemsen

If you are attending Global AppSec Tel Aviv 2019 and can participate in the project reviews (to be held on Monday and Tuesday prior to the conference, schedule pending), then please send an email to project-reviews@owasp.org

COMMUNITY

New OWASP Chapters
Amaravathi, India
Belo Horizonte, Brazil
Bhopal, India
Cusco, Peru
Dindigul, India
Kharkiv, Ukraine
Meerut, India
Rio de Janeiro, Brazil
San Jacinto College, Texas
San Pedro Sula, Honduras
Seoul, Korea
West Delhi, Delhi