The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Thursday, March 7, 2013
OWASP Connector March 6, 2013
OWASP Connector March 6, 2013
NEW OWASP PROJECTS
OWASP Scada Security Project - The primary aim of OWASP SCADA Security project is to gather information about different ICS/SCADA security threats related to WEB-applications and their environments, starting from econnaissance ("footprinting") stage to vulnerabilities exploitation.
OWASP Periodic Table of Vulnerabilities Project: Working Group Forming A working group is now forming under the leadership of James Landis to produce the 1.0 draft of the OWASP Periodic Table of Vulnerabilities. The goal of this project is to identify the ideal solution target for known web application vulnerability classes as a first step toward eliminating many classes of vulnerabilities altogether. If you would like to have a hand in shaping the future of web application technologies toward solving vulnerabilities like cross-site scripting and SQL injection forever, your contributions would be greatly appreciated! Click here to sign up for this task force.
OWASP iGoat Project V.w.0 Released! The OWASP iGoat tool is a stand-alone iOS app (distributed solely in source code) designed to introduce iOS developers to many of the security pitfalls that plague poorly-written apps. Like it's namesake, OWASP's WebGoat tool, iGoat is intended to teach software developers about these issues by stepping them through a series of exercises, each of which focuses on a single aspect of iOS security OWASP iGoat is an ideal tool to use in a classroom setting to teach iOS developers (and technically minded IT Security staff with at least some exposure to object oriented programming). We invite the OWASP community to download and try iGoat, and we welcome your suggestions for improvements. We're always looking for willing participants to contribute to the project as well! DOWNLOAD OWASP iGOAT 2.0
CISO SURVEY LAUNCHED
Are you a CISO or an Information Security Manager? If YES, then we need your participation in this indursty survey that will report current trends in Application and Information Security, provide new insights across industries, and help OWASP align our projects for maximum impact for the end user and developer community. Pass the invitation on to your contacts:
The Colorado OWASP chapters are proud to present the 5th annual SnowFroc. Join 300 other developers, business owners, and security professionals for a day-and-a-half of presentations, training and Birds-of-a-Feather (BoaF) sessions.
The conference will begin on Thursday, March 28th and will feature four primary tracks:
Additional activities include a CTF competition, a moderated panel discussion featuring top industry leaders, and a FREE (yes, FREE) secure coding course
Just a reminder to mark you calendar for the 2013 North American AppSec Conference in New York City November 18th-21st at the Marriott Marquis in the heart of Times Square. We have a fantastic event shaping up and sponsorships are selling fast. If you are interested in sponsoring, please complete this request for information
MARCH GLOBAL WEBINARS SCHEDULED Topic: OWASP Marketing Initiative Sisterworks Publishing will be presenting their phase one research on OWASP background material to be used in marketing and brand strategy for the organization MARCH 14, 2013 at 9am EST Please Note the 9am time change for this call (GMT -5) MARCH 14, 2013 at 9pm EST (GMT -5)
Links to the recordings of previous meetings can be found on the Initiatives Page
The Number of Individual, Unique Volunteers who have signed up for a posted Initiative is now over 250!