COMMUNICATIONS
Letter from the Vice Chairman:
Dear OWASP Community,
Since last month the foundation has been busy working towards enabling our project leaders and community members to utilize funds to work on nurturing and developing projects. So far there has been huge uptake on this initiative. It’s great to see so many people passionate about collaborating at project summits.
Our Global AppSec Tel-Aviv is nearly upon us, for members, there is an extra incentive for attending this conference, in the form of a significant discount. This and the sandy beaches and beautiful scenery, not to mention the great speakers and trainers we have lined up, is a great reason to attend. If you have not done so we would encourage you to attend this great conference - https://telaviv.appsecglobal.org.
One of the key things I’ve noticed in my Board of Director tenure is the passion our community emits, sometimes this passion aids in growing the foundation, but sometimes it also forces us to take a step back and look at how we do things within the foundation. With Mike, our ED and staff we have seen a lot of good change from an operations perspective, with more in the pipeline. Mike’s appointment has allowed the Board of Directors to take a step back from operations and enable us to work on more strategic goals. To this end at a recent Board meeting we discussed each Board member taking up one of the following strategic goals, as set out at the start of the year:
1.Marketing the OWASP brand
2.Membership benefits
3.Developer outreach
- Improve benefits
- Decrease the possibility of OWASP losing relevance
- Reaching out to management and Risk levels
- Increase involvement in new tech/ ways of doing things – dev ops
4.Project focus
- Get Universities involved
- Practicum sponsored ideas
- Internships
5.Improve finances
6.Improve OWAP/ Board of Directors Perception
7.Process improvement
8. Get consistent ED
9.Community empowerment
I would encourage the community to come forward if you have any ideas on the above and are happy to work with one of the 7 Board of Directors and community members on one of these initiatives.
Thanks and best wishes,
Owen Pendlebury
Vice Chair
|
|
OWASP FOUNDATION UPDATE FROM INTERIM EXECUTIVE DIRECTOR:
OWASP Foundation welcomes aboard Emily Berman as Events Director. Emily was most recently with the Scrum Alliance where she planned high-profile functions for upwards of 2,000 guests. Emily brings a fresh approach to events planning and her 12 years of experience planning and organizing large-scale events worldwide well in advance will greatly benefit our Global AppSecs.
|
|
|
You may also be interested in one of our other affiliated events:
REGIONAL AND LOCAL EVENTS
| Event |
Date |
Location |
| Latam Tour 2019 |
Starting April 4, 2019 |
Latin America |
| OWASP Portland Training Day |
September 25, 2019 |
Portland, OR |
| OWASP Italy Day Udine 2019 |
September 27,2019 |
Udine, Italy |
| OWASP Portland Day |
October 16,2019 |
Wroclaw, Poland |
| LASCON X |
October 24-25,2019 |
Austin, TX |
| OWASP AppSec Day 2019 |
Oct 30 - Nov 1, 2019 |
Melbourne, Australia |
PARTNER AND PROMOTIONAL EVENTS
| Event |
Date |
Location |
| Open Security Summit
| June 3-7,2019 |
Woburn Forest Center Parcs, Bedfordshire |
| Hack in Paris 2019 |
June 16-20, 2019 |
Paris |
| Cyber Security and Cloud Expo Europe |
June 19-20, 2019 |
Amsterdam |
| IoT Tech Expo Europe |
June 19-20, 2019 |
Amsterdam |
| BlackHat USA 2019
| August 3-8,2019 |
Las Vegas, Nevada |
| DefCon 27
| August 8-11,2019 |
Las Vegas, Nevada |
| it-sa-IT Security Expo and Congress |
October 8-10, 2019 |
Germany |
|
PROJECTS
We have had the following projects added to the OWASP inventory. Please congratulate these leaders and check out the work they have done:
| Project |
Type |
Leader(s) |
| Risk Assessment Framework |
Documentation |
Ade Yoseman Putra, Rejah Rehim |
| QRLJacker |
Tool |
Mohammed Baset |
| Container Security Verification Standard |
Documentation |
Sven Vetsch |
| Find Security Bugs |
Code |
Philippe Arteau |
| Vulnerable Web Application |
Code |
Fatih Çelik |
| D4N155 |
Tool |
Julio Pedro de Lira Neto |
| Jupiter |
Tool |
Matt Stanchek |
| Top 10 Card Game |
Documentation |
Dennis Johnson |
| Samurai WTF |
Code |
Kevin Johnson |
| DevSecOps Maturity Model |
Documentation |
Timo Pagel |
Also, we will have the following projects presenting at the Project Showcase Global AppSec Tel Aviv:
| Final Schedule |
| Wednesday, May 29th |
Thursday, May 30th |
| Time |
Project |
Presenter(s) |
Confirmed |
Time |
Project |
Presenter(s) |
Confirmed |
| 10:45 a.m. |
Glue Tool |
Omer Levi Hevroni |
Yes |
10:30 a.m. |
API Security |
Erez Yalon, Inon Shkedy |
Yes |
| |
7 |
|
|
| |
|
|
|
|
|
|
|
| 11:55 a.m. |
IoT & Embedded AppSec |
Aaron Guzman |
Yes |
11:50 a.m. |
Mod Security Core Rule Set |
Tin Zaw |
Yes |
| |
|
|
|
12:25 p.m. |
Automated Threats |
Tin Zaw |
Yes |
| 12:30 p.m. Lunch Break |
|
12:55 p.m. Lunch Break |
|
| 2:35 p.m. |
SAMM |
John DiLeo |
Yes |
|
|
|
|
| 3:10 p.m. |
Application Security Curriculum |
John DiLeo |
Yes |
3:10 p.m. |
Damned Vulnerable Serveless Application |
Tal Melamed |
Yes |
Finally, if you are able to help participate in the Project Reviews at the Conference, please send me an email at harold.blankenship@owasp.com. We have a large line-up of projects to review this time around:
| Project |
To Level |
Leader(s) |
| Snakes and Ladders |
Flagship |
Katy Anton, Colin Watson |
| Cheat Sheet Series |
Flagship |
Dominique Righetto, Jim Manico |
| Mobile Security Testing Guide |
Flagship |
Jeroen Willemsen, Sven Schleier |
| Amass |
Lab |
Jeff Foley |
| Attack Surface Detector |
Lab |
Ken Prole |
| SecureTea |
Lab |
Ade Yoseman Putra, Bambang Rahmadi K.P, Rejah Rehim.A.A |
| Serverless Goat |
Lab |
Ory Segal |
|
|
Google Summer of Code Update:
We were allocated 13 students this year! The current timeline is as follows:
|
|
Google Season of Docs:
We were accepted into the Google Season of Docs. There will be a single technical writer resource. The current timeline is as follows:
|
|
|
COMMUNITY
New OWASP Chapters
Riyadh, Saudi Arabia
Guayaquil, Equador
Lome, Togo
Natal, Brazil
Nashua, New Hampshire
Gwalior, India
Louisville, Kentucky
Nainital, India
Liverpool, United Kingdom
Syracuse, New York
|
|
MEMBERSHIP
We would like to welcome the following Premier and Contributor Corporate Members.
|
|
Premier Corporate Members
|
|
|
Contributor Corporate Members
|
|
|
|
