Tuesday, December 30, 2014

OWASP Connector


OWASP Global Connector
December 29, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
Communications

"The Only Constant is Change" - Editorial by Paul Ritchie, OWASP Executive Director

membership

Corporate Members

Individual Members

Conference

Global AppSec Events in 2014

Upcoming Regional Events

Partner and Promotional Events

2016 Call for Proposals

chapters

New OWASP Chapters

Chapter Activities

education

Upcoming Training Opportunities

Social Media

OWASP Foundation Social Media



Communications
OWASP Communications

"The Only Constant is Change" - Editorial by Paul Ritchie, OWASP Executive Director

This quote, commonly attributed to Heraclitus, a Greek Philosopher, sums up my first 5 months experience with OWASP. Our goal on the Operations Team is to support the OWASP community regardless of the hurdles and challenges along the way. 'Did you know' we accomplished the following in support of the OWASP mission.
  • Added Noreen Whysel as Community Manager
  • Hired Event managers for our AppSec & LATAM events
  • Completed a much needed Audit of our Finance & Operating procedures
  • Engaged a new accounting firm, KPMG
  • Engaged an Association Management company, Virtual Management
  • Performed our annual Board of Director Elections
  • Approved the new Committee 2.0 Program for community engagement
  • Updated the Wiki infrastructure
Sure, these all sound like Operations activities, but that's just one of our goals, to ensure the trains run smoothly so YOU, the OWASP Community can carry the message and activities of OWASP forward.
On behalf of the entire Operations team, we look forward to making 2015 an exciting and productive year for OWASP.
Paul Ritchie, OWASP Executive Director
Return To Top

Membership
OWASP Membership

New Corporate Members

Renewed Corporate Members

1933 Individual Members

  • 1231 Individual One Year Members
  • 306 Individual Two Year Members
  • 270 Regional One Year Members
  • 66 Honorary Members
  • 60 Lifetime Members
Return To Top

Conference
OWASP Conferences

Global AppSec Events

LATAM

LATAM Tour 2015

    Agenda
  • Santiago, Chile: April 8-9, 2015
  • Patagonia, Argentina: April 10, 2015
  • Bucaramanga, Colombia: April 14, 2015
  • Montevideo, Uruguay: April 15-16, 2015
  • Lima, Peru: April 17-18, 2015
  • San Jose, Costa Rica: April 21, 2015
  • Guatemala, Guatemala: April 21-22, 2015
  • Buenos Aires, Argentina: April 23-24, 2015
  • Caracas, Venezuela: April 23-24, 2015
    Additional Information
  • Call for Papers AND Training are now open. Submission deadline February 15, 2015
  • Sponsorship Opportunities are Available
EU

AppSec EU/Research 2015 (May 18 - 21, 2015, Amsterdam, NL)

Do you have an important advancement or opinion on application security?
Looking for your 45 minutes of fame?
Then you should definitely submit a proposal for papers or research!
Call for papers. Submission deadline is January 15, 2015
Call For research. Submission deadline is January 20, 2015
Please check the respective calls for prerequisites and submission instructions.
USA 2015 AppSec USA 2015 (September 22 - 25, 2015, San Francisco, CA)

Upcoming Local and Regional Events

AppSec California 2015 (January 26-29, 2015, Santa Monica, CA)
OWASP London Cyber Security Week (January 26-30, 2015, London, UK)
OWASP New Zeland Day (February 26-27, 2015, New Zeland)
NYC OWASP HACKNYC 2015 (March 18 - 19, 2015, NYC, NY)
LASCON 2015 (October 19 - 22, 2015, Austin, TX)
AppSec Rio de la Plata 2015 (November 17-20, 2015, Montevideo, Uruguay)

Partner and Promotional Events

ICCS (January 5 - 8, 2015) New York, NY
CodeMash Conference (January 6 - 9, 2015) Sandusky, OH
SecAppDev 2015 (February 23-27, 2015) Lueven, Belgium
SC Congress London (March 3, 2015) London, UK
Financial Services Cyber Security Summit Middle East & North Africa (March 9-10, 2015) Mena, Dubai
BlackHat Asia 2015 (March 24027, 2015) Singapore
Cyber Security Summit Europe - Financial Sector (April 14-15, 2015) Prague, Czech Republic
Cloud Security World 2015 (May 19-21, 2015) New Orleans, LA
SC Congress Toronto (June 10 - 12, 2015) Toronto, Canada

2016 Call for Proposals

OWASP encourages any community member interested in hosting an OWASP Global Conference to submit a proposal.
Hosting a conference requires both a commitment and a great deal of responsibility. A lot of time, energy and effort are needed during the proposing, planning and implementing phases of hosting a conference. For more information see the How to Host a Conference page.
The dates of each OWASP Global AppSec conference (or Tour) vary somewhat each year but ideally, the conference is held:
  • Latin America (this may be a LATAM Tour instead - Q1)
  • Europe - Q2
  • North America - Q3
  • Asia Pacific (this may be an APAC Tour instead)
To bid for a 2016 OWASP Global AppSec, please complete the OCMS form with the following information before February 27th, 2015.
  1. The proposed city and host chapter.
  2. The name of the intended local organizer and his/her team committed to the task for 2016 along with a brief explanation on why the conference committee wants to organize an OWASP Global AppSec.
  3. Previous conferences or local/regional events experience of the conference committee.
  4. The intended dates for the conference. (Typically includes 2 days of pre-conference training, followed by 2 days of conference talks).
  5. Venue recommendations. If possible, assurance that the following will be available:
    • Green room, storage room, breakout room, capture the flag area, etc.
    • A large auditorium. Other lecture rooms near the main auditorium.
    • Projection facilities in all rooms up to modern standards.
    • A suitable mixing space near the rooms for registration, breaks and other activities.
    • A hall near the rooms for sponsor exhibitions.
    • If possible, attach a tentative floor plan design.
  6. Budget. Please use the form on google docs HERE. (Since many of the categories of expenses are optional, consider this a check list. You can add as many items as you want and you do not need to fill in every box if you do not want it to be included in your event.)
  7. Possible "big name" speakers in AppSec who might be plenary speakers with low travel costs.
  8. Description of the nearby restaurants and accommodation facilities easily accessible from the conference site and reasonably priced.
  9. Anticipated help from volunteers before and at the conference.
  10. Realistic prospects for obtaining sponsorship from outside bodies, e.g., companies, universities, scientific institutes, media, government, etc.
  11. Accessible transport links to the venue.
  12. Local tourist attractions, e.g., historic sites, museums, buildings, galleries, parks, etc.
  13. Any other relevant information.
By submitting an application, you are already demonstrating your commitment to OWASP. We really appreciate every proposal we receive, however not every proposal will be approved. The selection process that will be made by the OWASP operations team with input from previous AppSec organizing teams. Please note that proposal completeness and accuracy are essential, moreover:
  • Preference will be given to the community that demonstrates more engagement.
  • Preference will be given to the team that has successful experience organizing local/regional events.
  • Preference will be given to a location that has not recently hosted a Global AppSec conference.
  • Geographic coverage will be considered when selecting conference sites.
Application submission begins January 1st. The deadline for applications is February 27th. Applicants will be notifiec by March 13th. Selected sites will have until March 20th to confirm that they will host the 2016 conference.
Should you have any questions concerning the proposal process or need assistance with you application, please do not hesitate to contact us.
Return To Top
bh europe
CLICK HERE for information on advertising in the next connector
Return To Top

chapters
OWASP Chapters

New Chapters

OWASP Madrid - created by several members of the OWASP Spain Chapter. Chapter Leader - Daniel Garcia
OWASP Myanmar - inaugural meeting was held November 30, 2014. Chapter Leader - Ye Thura Thet

Chapter Activity

OWASP Manila - hosts an event in Bulacan State Univerity to promote Cyber Security Awareness and the OWASP Top 10 Chapter Leader - John Patrick Lita Find Manila on Twitter @owaspManila
manila students
OWASP New Jersey sponsored New Jersey Institute of Technology's Capstone Showcase. During the event, chapter members mentored a student team in developing a software security project, and then participated on a judging panel to evaluate projects and give awards. New Jersey Chapter Leader - Tom Brennan.
Share your chapter's successes! Submit your stories here
Return To Top

education
OWASP Education and Training

Upcoming Training Opportunities

Return To Top

Social Media
OWASP Foundation Social Media
Return To Top


Friday, December 26, 2014

OWASP Latam Tour 2015


Schedule
  • Santiago, Chile: April, 8th-9th 2015
  • Patagonia, Argentina: April, 10th-11th 2015
  • Bucaramanga, Colombia: April, 14th 2015
  • Montevideo, Uruguay: April, 15th-16th 2015
  • Lima, Peru: April, 17th-18th 2015
  • San Jose, Costa Rica: April, 21st 2015
  • Guatemala, Guatemala: April, 21st-22nd 2015
  • Buenos Aires, Argentina: April, 23rd-24th 2015
  • Caracas, Venezuela: April, 23rd-24th 2015

If you want to give a talk or a training session in the Latam Tour 2015, please send your proposals to the corresponding chapter leader before February 1st 2015.


OWASP Global Conferences 2016

OWASP encourages any community member interested in hosting an OWASP Global Conference to submit a propsal.

Hosting a conference requires both a commitment and a great deal of responsibility. A lot of time, energy and effort are needed during the proposing, planning and implementing phases of hosting a conference. For more information see the How to Host a Conference page

The dates of each OWASP Global AppSec conference(or Tour) vary somewhat each year but ideally the conference is held:

  • Latin America (this may be a Latam Tour instead) - Q1​
  • Europe ​- Q2​
  • North America​ - Q3​
  • Asia Pa​cific (this may be an ​Asia Tour instead) ​- Q4​


To bid foa a 2016 OWASP Global AppSec please complete the OCMS form with the following information before February 27th 2015.


1. The proposed city and host chapter.

2. The name of the intended local organizer and his/her team commited to the task for 2016 along with a brief explanation on why the conference committee wants to organize an OWASP Global AppSec.

3. Previous conferences or local/regional events experience of the conference committee.

4. The intended dates for the conference. (Typically includes 2 days of pre-conference training, followed by 2 days of conference talks).

5. Venue recommendations. If possible, assurance that the following will be available:

- Green room, storage room, breakout room, capture the flag area, etc.
- A large auditorium. Other lecture rooms near the main auditorium.
- Projection facilities in all rooms up to modern standards.
- A suitable mixing space near the rooms for registration, breaks and other activities.
- A hall near the rooms for sponsor exhibitions.
- If possible, attach a tentative floor plan design.


6. Budget. Please use the form on google docs https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhOGWXgQrDnddE9nZnh1UEZzUHJ2cl85R2hVd2IxRGc&usp=drive_web#gid=0 (Since many of the categories of expenses are optional, consider this a check list. You can add as many items as you want and you do not need to fill in every box if you do not want it to be included in your event.)


7. Possible "big name" speakers in AppSec who might be plenary speakers with low travel costs.


8. Description of the nearby restaurants and accommodation facilities easily accessible from the conference site and reasonably priced.


9. Anticipated help from volunteers before and at the conference.


10. Realistic prospects for obtaining sponsorship from outside bodies, e.g., companies, universities, scientific institutes, media, government, etc.


11. Accessible transport links to the venue.


12. Local tourist attractions, e.g., historic sites, museums, buildings, galleries, parks, etc.


13. Any other relevant information.


By submitting an application, you are already demonstrating your commitment to OWASP. We really appreciate every proposal we receive, however not every proposal will be approved. The selection process that will be made by the OWASP operations team with input from previous AppSec organizing teams. Please note that proposal completeness and accuracy are essential, moreover:
· Preference will be given to the community that demonstrates more engagement.
· Preference will be given to the team that has successful experience organizing local/regional events.
· Preference will be given to a location that has not recently hosted a Global AppSec conference.
· Geographic coverage will be considered when selecting conference sites.


Application submission begins January 1st, deadline for applications is February 27th. Applicants will be notified by March 13th. Selected sites will have until March 20th to confirm that they will host the 2016 conference.

Should you have any questions concerning the proposal process or need assistance with you application, please do not hesitate to contact me.

We are looking forward to your proposals.


Laura Grau
Global Conference Manager
OWASP Foundation
laura.grau@owasp.org

Monday, December 15, 2014

AppSec EU 2015 - Call for Papers and Call for Research


Call For Papers is now open


Do you want to give a presentation in Amsterdam? 
Visit the Call For Papers page and send your proposal on time.
  • Submission of proposals byDecember 31st, 2014 
  • Notification of acceptance: January 26th, 2015
  • Publication of program: February 11th, 2015
  • Conference Date: May 21st-22nd, 2015

Call For Research is now open

Do you want to present a paper in Amsterdam? 
Visit the Call For Research page and send your proposal on time.
  • Submission deadline: January 20th, 2015
  • Notification of acceptance: February 20th, 2015
  • Final version due: April 1st, 2015 (tbc)
  • Conference date: May 21st-22nd, 2015

Monday, November 24, 2014

OWASP Connector November 24


OWASP Global Connector
November 24, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
Communications

OWASP Community Manager

Noreen Whysel
Please help us in welcoming the new OWASP Community Manager
Noreen
Noreen started earlier this month and will be focusing on Community engagement with projects, chapter initiatives and volunteer recruitment.
You can review Noreen's wiki bio HERE

OWASP Bug Week

OWASP Bug Week is coming soon! This week long online competition will kick off December 8th 00:00:01 PST. Find vulnerabilities in the web applications of well known companies through the bug bounty programs hosted on Bugcrowd and win cash bounties! Best bug wins a trip to AppSecUSA or AppSecEU. www.bugcrowd.com/bugbash

membership

Thank you to our New Corporate Members:

  • eLearn Security
  • Trend Micro
initiatives

Are you Game?

During the 2014 Waspy Award election, the leaders began a discussion focusing on awarding merits and recognizing participation that can be used to award our active leaders for their contributions.
We will be introducing gamification in the new OWASP Portal.
The updated portal will allow peer recognition for industry accomplishments as well as badge recognition for participation in various initiatives, projects, or chapters.
Stay Tuned - More Information on this will be distributed soon!
chapter

NEW OWASP CHAPTERS


  • Kanpur - India
  • Patagonia, Argentina - LATAM
  • Northeastern University Student Chapter - North America
BHAsia
CLICK HERE for information on advertising in the next connector
conferences

Global AppSec Events in 2014

LATAM Tour 2015
ATTN LATAM Chapter Leaders - The deadline to ensure your as a stop on the tour is November 30, 2014! Please submit your venue confirmation to Laura Grau
EU 2015 thumbnail
AppSec EU/Research 2015 (May 18 - 21, 2015, Amsterdam, NL)

AppSec USA 2015 (September 22 - 25, 2015, San Francisco, CA)

Upcoming Regional Events

OWASP Asia Tour 2014(October 22 - December 19, 2014) 8 stops across Asia
German OWASP Day (December 9, Hamburg, Germany)
OWASP - ISACA Conference (December 11-12, 2014) Rome, Italy
AppSec California (January 26-29, 2015, Santa Monica, CA)
OWASP London Cyber Security Week (January 26-30) London, UK
OWASP New Zeland Day (February 26 - 27) New Zeland
NYC OWASP HACKNYC 2015 (March 18 - 19, 2015, NYC, NY)
LASCON 2015 (October 19 - 22, 2015, Austin, TX)
AppSec Rio de la Plata 2015 November 17-20, 2015) Montevideo, Uruguay

Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us
International Conference on Corporate Espionage & Industrial Security (December 1 - 2, 2014) Ottawa, Canada
Suits and Spooks (December 14, 2014) Singapore
ICCS (January 5 - 8, 2015) New York, NY
CodeMash Conference (January 6 - 9, 2015) Sandusky, OH
SC Congress London (March 3, 2015) London, UK
Financial Services Cyber Security Summit, MENA (March 9-10, 2015) Mena, Dubai
Blackhat Asia (March 24-27, 2015) Singapore
Cyber Security Summit Europe (April 14-15, 2015) Prague, Czech Republic
Cloud Security World 2015 (May 19-21, 2015) New Orleans, LA
SC Congress Toronto (June 10 - 12, 2015) Toronto, Canada
Projects

OWASP Dependency Check Project Release

OWASP Dependency Check Project

The Dependency Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently Java and .NET dependencies are supported; however, support for Node.JS, client side JavaScript libraries, etc. is planned. This tool can be part of a solution to the OWASP Top 10 2013 A9 - Using Components with Known Vulnerabilities.
The project team is pleased to announce the release of 1.2.6
Here is a summary of the updates:

  1. Fixed Reported false positives.
  2. The Maven plugin now uses the dependencies GAV as declared in the project/POM being scanned (thanks Erik!).
  3. Resolved issue #156 to ensure consistent results rather then cycling removed and added issues in Jenkins.
  4. The CLI now accepts Ant style paths for the '--scan' argument.
  5. The CLI now accepts an '--exclude' argument that accepts Ant style exclusions.
  6. When using the CLI you can now specify a file name for the output file (as long as the --format is not set to ALL). The file extension must be xml when --format is set to xml or '.htm' or '.html' for either of the HTML formated reports.
  7. The Nexus Analyzer has been disabled and replaced with the Central Analyzer.
  8. Updated the URLs to download the NVD CVE data to use the gzip version. The current URLs can be obtained from the dependencycheck.properties file

OWASP Snakes and Ladders

Having a training session, party or celebration with software developers, or with those learning to code at college, at school or at home? Print out a copy and play the new OWASP board game where application security controls are the virtuous behaviours (ladders), and vulnerabilities are the vices (snakes). Available for web applications in Chinese, Dutch, English, French, German and Spanish. The similar board game for mobile apps is just available in English currently.
To find out more or to download a copy, visit Snakes & Ladders.
You may also contact the project Colin Watson directly.


Social Media

OWASP Foundation Social Media

OWASP YouTube Channel
LinkedIn
Twitter
Google +
Facebook
Ning
StackOverflow


Monday, November 17, 2014

Chapters, Projects, Taxes and 378,223.12


This week the OWASP Foundation had to file the United States business taxes -- for the last (10) years it has been insightful watching OWASP grow for me

##For your bookmark the transparent details of these legal filings will be posted here shortly:

As a leader however I did however want to draw your attention to  $378,223.12.  Yes, OWASP Chapters around the world have funds of $378,223.12 US ear-marked at HQ OWASP. 

As a chapter leader you can redeem that money anytime with a receipt that follows the OWASP Chapter Handbook

As a global and legal charity I wanted to draw your attention to this. It is very important that chapters (and OWASP Foundation) USE their funds to further the actual mission of OWASP.  As each chapter conducts it's end of year wrap up meetings and 2015 planning, consider your chapters plan to invest in social events/outreach, work with Academia to build the next generation and/or retrain existing workforce, incentive using scholarships on projects, build support invest in maker-spaces, host mini-summits, project code-camps, research, <insert your great idea> its ok to experiment that is how OWASP was built.

https://docs.google.com/a/proactiverisk.com/spreadsheet/pub?hl=en_US&hl=en_US&key=0Atu4kyR3ljftdEdQWTczbUxoMUFnWmlTODZ2ZFZvaXc&output=html


=====

Need a FUN idea and current topic for your next chapter meeting?  How about Internet of Things (IoT)

Ask this question: 
 "Since homeowners aren’t experts in technology and security is NOT a Top 10 list, what are the attack surfaces did you think about while watching this video

>> PLAY THIS VIDEO <<


http://www.youtube.com/watch?v=2T934EyrTJI

Then after you have a interactive dialog and captured useful data "edit" the wiki" and help out on this NEW project and important project.  Think of other consumer and medical devices that are being connected to the internet

https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project

*Bonus points for this "hack" http://www.cnbc.com/id/101343245# sellers made $


## WANT TO INCLUDE A CARD GAME TOO THAT YOU CAN DO WITH GOOD SCOTCH?

OWASP brings you Cornucopia. <insert owasp band music>   OWASP Cornucopia is NOW AVAILABLE in 100% OWASP Branded Decks: (give them to your chapter members, give them to your co-workers, play cards in the park)

https://www.owasp.org/index.php/OWASP_Cornucopia

As a chapter leader you can also spend some of that $378,223.12 and buy some decks (pack of 10)  to hand out at your meetings and regional events.  To get them it is EASY, they can now be requested and charged back to your local chapter.
https://www.owasp.org/index.php/OWASP_Merchandise   then consider what other projects can benefit from the local chapter energy. 

In closing, over the last 10 years it has been great to see OWASP grow grow and grow like bamboo, the future is BRIGHT at OWASP locally and globally welcome to the new board members 

Semper Fi,

Tom Brennan
OWASP Foundation | Global Vice Chairman

Wednesday, November 5, 2014

Tuesday, November 4, 2014

OWASP Connector - November 4


OWASP Global Connector
November 4, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
Communications

2014 Global Board of Directors Election

The 2014 OWASP Global Board of Directors election has completed.
Please help us in welcoming the newly appointed board members. Their term will take affect January 1, 2015.


  • Jim Manico
  • Andrew van der Stock
  • Matthew Konda
  • We would like to thank all of the candidates for their time and energy they invested into this campaign.
  • Jim Manico - 382 votes
  • Andrew van der Stock - 302 votes
  • Matthew Konda - 204 votes
  • Bil Corry - 165 votes
  • Mateo Martinez - 143 votes
  • Israel Bryski - 131 votes
  • Tahir Khan - 92 votes
  • Nigel Phair - 72 votes
  • Timur Khrotko - 69 votes
  • Abbas Naderi Afooshte - 57 votes
  • Voter Summary
    • Total - 738
    • Abstain - 73
    • 738 of 1991 electors voted in this ballot
    • New Jersey Institute of Technology College of Computing Sciences
      Tom Brennan, outgoing board member has been appointed to The Alumni and Industry Advisory Board CCS Capstone Program at New Jersey Institute of Technology. NJIT provides a unique environment of real-world leaning to university, high school, and middle school students. This environment does not only integrate real world practices and resources into academic curricula but also integrates academic education into real world to add substantial value to existing real world projects.

      membership

      Thank you to our renewed Corporate Member:

      • Gotham Digital Science
      industry

      2014 CISO Survey

      TAKE THE SURVEY HERE
      OWASP is preparing the Global CISO report for 2014.

      We are conducting a survey among CISOs and senior information security managers with the aim of providing new insights about the state of application security across various industry sectors.
      This will help us align our efforts to better help solving the problems of that you face.
      Deadline for submission of the completed survey is November 10th 2014.
      TAKE THE SURVEY HERE
      conferences

      Global AppSec Events in 2014

      LATAM Tour 2015
      AppSec EU/Research 2015 (May 18 - 21, 2015, Amsterdam, NL)
      Call For Papers, Trainings, and Research are all now open - CLICK HERE FOR DEADLINES AND LINKS
      AppSec USA 2015 (September 22 - 25, 2015, San Francisco, CA)

      Upcoming Regional Events

      OWASP Asia Tour 2014
      German OWASP Day (December 9, Hamburg, Germany)
      AppSec California (January 26-29, 2015, Santa Monica, CA)
      NYC OWASP HACKNYC 2015 (March 18 - 19, 2015, NYC, NY)
      LASCON 2015 (October 19 - 22, 2015, Austin, TX)

      Partner and Promotional Events

      OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us
      Infor Risk 360 (November 4 - 7, 2014) Kuala Lumpur
      Application Security Forum Western Switzerland (November 4 - 6, 2014) Geneva, Switzerland
      3rd Annual CISO Asia Summit & Roundtable (November 5 - 7, 2014) Singapore
      SECUREAMSTERDAM 2014 (Nov 6) Amsterdam, NE
      Fraud Summit - Orlando (November 6) Orlando, FL
      Hackfest The Return 2014 (November 7 - 8, 2014) Quebec, Canada
      Secure Dubai (November 17, 2014) Dubai, UAE
      Fraud Summit - Dallas (November 18) Dallas, TX
      CS Congress Chicago (November 18) Chicago, IL.
      National Cyber Security Career Fair (November 20 - 21, 2014)
      International Conference on Corporate Espionage & Industrial Security (December 1 - 2, 2015) Ottawa, Canada
      ICCS (January 5 - 8, 2015) New York, NY
      CodeMash Conference (January 6 - 9, 2015) Sandusky, OH
      SC Congress London (March 3, 2015) London, UK
      SC Congress Toronto (June 10 - 12, 2015) Toronto, Canada
      Projects

      New OWASP Projects

      OWASP KALP Project

      OWASP KALP Mobile Project is for the users around the world who want to access the Top Ten vulnerabilities on the go (on their mobile), download the Top Ten and Email it. This is light weight information of OWASP Top Ten. Any new additions to cheat sheets and prevention cheat sheets will automatically accessible on the mobile app.

      OWASP ASVS Assessment Tool

      OWASP ASVS Assessment Tool (OWAAT) is a tool, used to verify Web applications security conformance to the OWASP Application Security Verification Standard (ASVS). OWAAT is a Web-based tool and provides team work capabilities. It allows to create multiple assessment projects and assign assessment tasks to different users.

      OWASP Visual Crime Scene and Security Incident Education Project

      OWASP ASVS Assessment Tool (OWAAT) is a tool, used to verify Web applications security conformance to the OWASP Application Security Verification Standard (ASVS). OWAAT is a Web-based tool and provides team work capabilities. It allows to create multiple assessment projects and assign assessment tasks to different users.


      chapter

      NEW OWASP CHAPTERS


      • Lithuania - Europe
      • Estonia - Europe
      • Georgetown University Student Chapter - North America

      REACTIVATED CHAPTERS


      • Russia - Europe
      • Seattle - India
      Social Media

      OWASP Foundation Social Media

      OWASP YouTube Channel
      LinkedIn
      Twitter
      Google +
      Facebook
      Ning
      StackOverflow
      CLICK HERE for information on advertising in the next connector