The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Tuesday, February 5, 2013
OWASP Connector February 5, 2013
OWASP Connector February 5, 2013
NEW OWASP PROJECTS:
OWASP Embedded Application Security Project - There are many challenges in the embedded field including limited memory, a small stack and the challenge of pushing firmware updates. The goal of this project is to identify the risks in embedded hardware applications, create a list of best practices and draw on the resources OWASP already has and bring that to the embedded world. Please contact Aaron Weaver if you wish to contribute to the project.
OWASP OpenStack Security Project - The OWASP OpenStack Security Project is an effort to provide security testing techniques and tools to assess the security of the OpenStack code base. Generally speaking, the OpenStack community is primarily developers of OpenStack and companies which are implementing all or parts of OpenStack. This project provides a bridge between the OpenStack community and the OWASP community of security professionals. The project leader is also a member of OpenStack and is a member of the OpenStack Security Group. OpenStack has the desire to be the Linux of Cloud infrastructure, and OWASP can be the community that ensures the security of that Cloud. Please contact Matt Tesauro if you wish to contribute to the project
Simon Bennetts, OWASP Zap's Project Leader, is planning to host a Google hangout demonstrating many of these features at 17:00 UTC on Friday 8th Feb. Details to be announced via twitter https://twitter.com/zaproxy
AntiSamy V1.5 promises to be significantly faster than previous releases; your mileage will vary anything from just some percent to a full 5 times faster, depending on use cases. A lot of attention has been put to typical "server" validation cases in this release. This version requires java 1.5.
OWASP & Black Hat EU - OWASP is proud to once again partner with Black Hat Europe in 2013. Join us in Amsterdam, March 12-15, 2013 for the premiere conference on information security. Take advantage of an exclusive 15% discount off Black Hat Europe Briefings. OWASP members may simply enter the following code: 15OwaSpBHeu13 when completing the registration process. Click Here to Register
OWASP & RSA Conference 2013 - New for this year, OWASP has partnered with the RSA conference taking place February 25-March 1, 2013. Register today to access the industry's most in-depth intelligence over five information packed days in San Francisco. Use the following code to receive an additional $100 off the current registration price: 1213OWASPDL100. While attending the conference, come check out our talk on Friday, March 1 in the Association Track "Security: Looking Forward - Protecting critical applications with OWASP" presented by Michael Coates, Chairman of the OWASP Global Board of Directors
Call for 2014 Global AppSec Conference Proposals
We are currently solicitating proposals for our four OWASP Global AppSec conferences in 2014. Conferences will be selected to facilitate on Global AppSec conference in each quarter of the year. Conferences will be held in North America, South America, Europe, and the Asia Pacific regions. New for 2014, we will be moving the North American event to Q2!
Global AppSec Asia Pacific - Q1 (Applications due by March 1, 2013)
Global AppSec North America - Q2 (Applications due by April 1, 2013)
Global AppSec Europe - Q3 (Applications due by July 1, 2013)
Global AppSec Latin America - Q4 (Applications due by September 1, 2013)
Those interested in submitting a proposal, should learn more about the recommended planning steps here and submit your application to the OWASP Event Management System
Links to the recordings of January's meetings can be found on the Initiatives Page
The 2013 OWASP LATAM Tour is being scheduled for March/April 2013. Each location will host a day of training and a day of talks. If you are interested in submitting a training proposal, or are interested in sponsoring this event, please visit the LATAM 2013 web page.