Tuesday, January 28, 2014

OWASP Global Connector


OWASP Global Connector
January 28, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
owasp projects

Featured OWASP Project


OWASP O - Saft Project

O - Saft is an easy to use tool that shows information about SSL connections and the provided SSL Certificates. It's designed to be used by penetration testers, security auditors, or server administrators. The idea is to show the important information, or the special checks, with a simple call of the tool. However, it provides a wide range of options so that it can be used for comprehensive and special checks by experienced people.
For more information, please contact the Project Leader, Achim.


New OWASP Project


OWASP Internet of Things Top 10 Project

The OWASP Internet of Things (IoT) Top 10 is a project designed to help vendors who are interested in making common appliances and gadgets network/Internet accessible. The project walks through the top ten security problems that are seen with IoT devices, and how to prevent them.
For more information, please contact the Project Leader, Daniel Miessler.


Project Announcements


Project Review Assistance Required!
The OWASP Technical Advisors and the OWASP PM are in the process of reviewing our projects, and we would like to ask for your assistance with this assessment. We would like to ask that you take a bit of time to fill in a short survey that we will use to assess the Usability and Value of each project to its users and the community.

You can find the assessment survey here: Project Usability and Value Assessment For more detailed instructions on how to submit your comments, please contact Samantha Groves.

New Project Adoptions

This past week, several of our OWASP Projects were adopted by a handful of Leaders. The projects were in the process of being labeled inactive if they did not get adopted by mid-February. Thankfully, our Leaders have agreed to move the projects forward. Below, you will find a list of the adopted projects, and the Leaders that have decided to manage each project.

OWASP Academy Portal Project
OWASP Education Project
OWASP Hacking Lab Project
OWASP Student Chapter Project
OWASP Speakers Project
OWASP University Challenge Project
communication

OWASP Global Board Releases Statement on the Security of the Internet


Read the entire statement and post here


Are You Ready?


The OWASP Global platform is being reinforced with steel! The Operations team is working upgrading and consolidating the systems that support YOUR work. More information will be provided in upcoming issues.


Just for Fun


In case you need another excuse to take a break from the keyboard, try to figure out this riddle. Send your answers to our comment desk for a chance to win a really cheezy prize. Winners will be announced in the next connector.
Alice and Bob ran a race of 100 yards and Alice won by 5 yards. "It doesn't seem fair," said Bob. "What if I gave you a head start next time?" suggested Alice. Alice started the next race five yards behind the starting line. Both Alice and Bob ran the second race at exactly the same speed as before. What was the result? - Brought to you by Lewis Carroll (Adapted Puzzle)
membership

Thank you to our newest Corporate Member: Monitorapp

conferences

Global AppSec Events in 2014


AppSec APAC 2014 (March 17 - 20, Tokyo Japan)

English Website

Japanese Website

  • Training March 17-18, Conference March 19-20
  • Conference Training and Talks have been posted
  • Early Registration deadline is February 1
AppSec LATAM 2014 - LATAM Tour (April 21 - May 12)

In 2014, instead of holding an AppSec LATAM Conference, we are working on organizing a LATAM Tour. Building on the success of 2012 and 2013, the tour will empower the entire LATAM region to collaborate and to raise software security awareness in their region. This year's tour will be held between April 21st and May 9th.
Please find additional information regarding the tour and on the scheduled stops by visiting the Tour Wiki Page.

AppSec EU 2014 (June 23 - 26, Cambridge, UK)

  • Training - June 23-24, Conference - June , 25-26
  • Sponsorship details are now available
  • Call for papers - Coming Soon
AppSec USA 2014 (September 16 - 19, Denver, CO)

  • Save the date for Training - September 16-17, Conference - September 18-19
  • More information on the call for papers and training - Coming Soon

Upcoming Regional Events


Primeiro Encontro do Capitulo OWASP RJ (January 30, 2014, Rio de Janeiro, Brazil)

LASCON 2014 (October 21 - 24, Austin, TX)

Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us

Nullcon (February 12 - 15, Goa, India)OWASP Members receive a 20% discount off of the general event registration fee by using

Security, Management, Audit Forum 2014 (February 19 - 20, Poland)
InfoSec World Conference & Expo 2014, April 7-9, 2014. OWASP Members receive a 10% discount off the standard conference registration fee by using discount code: OS14/OWASP

Cyber Security Summit, April 9-10, 2014. Prague, Czech Republic. OWASP Members receive a 20% discount off of the general event registration fee by using THIS LINK
education
The OWASP Hacking-Lab project has made the "OWASP WebGoat challenges" available on the OWASP Hacking-Lab wiki

This is the third free OWASP Challenge made available by Hacking-Lab
initiatives

OWASP Global Initiatives


Global List of Opportunities

Team OWASP

OWASP is looking to create a learning environment where security meets developer. Leveraging the functionality of "The Hive" the goal is to establish a global arena to not only perform secure testing of code, but development and testing of solutions.
education
webinar globe

OWASP Global Webinar

Wednesday, February 5th
Jonathan Marcil, project leader and chapter leader will demonstrate the functionality of the OWASP Media platform.. Jonathan will show how to use existing tools and connect them to the existing framework to support the OWASP mission.
Register for the 10 am EST Presentation

Register for the 9 pm EST Presentation
Membership

OWASP Member Spotlight

As an organization driven by it's membership community, it's high time we dedicate some space to recognizing YOU!


Jason Johnson decided to "get involved" in January 2013 by taking leadership of the Oklahoma City chapter. Jason also started "The HIVE" project and is leading the adaptation of this platform to support the new "Team OWASP" initiative.

Jason's "elevator pitch:" I work as an Application Performance professional for the government. (no I did not test healthcare.gov) This line of work fuels my love for OWASP because application security is one of the most overlooked key elements in developers code. I am currently in school for computer forensics. I started the OKC Chapter here in Oklahoma and its slowly getting off the ground. The HIVE project started as a secure-ISH solution for projects of all kinds. I really want to push this into education; if students can learn to store things in a crazy secure way even learn to test code or even build up a Pen Testing\Code endorsing secure heap of goodness with the hive I think it will show them the endless possibilities in secure code and spark new ideas. provides.
Social Media

OWASP Foundation Social Media


LinkedIn

Twitter

Google +

Facebook

Ning

StackOverflow


No comments: