Tuesday, April 8, 2014

April 8 Connector


OWASP Global Connector
April 7, 2014 | | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
owasp projects

Featured OWASP Project

OWASP Reverse Engineering and Code Modification Project
This project educates security professionals about the risks of reverse engineering and how to ensure that code cannot be reverse engineered or modified. If you are placing sensitive code in an environment in which an attacker can get physical access to that environment (read: mobile, desktops, cloud, particular geographies), you should be concerned with the risks of reverse engineering or unauthorized code modification. This umbrella project will help you understand the risks and how to mitigate them.
For more information, please contact the Project Leader, Jonathan Carter

New OWASP Projects

OWASP Pyttacker Project
The OWASP Pyttacker Project is a portable Web Server that includes the features needed for every Pentester when creating reports, helping to create PoCs that show a more descriptive way to create awareness to the businesses by demonstrating realistic but in-offensive "attacks" included as part of the tool.
For more information, please contact the Project Leader, Mario Robles.
OWASP XSecurity Project
The OWASP XSecurity Project aims to provide the best free security tool integrated with the IDE to assist iOS developers to develop secure iOS apps. We now provide a security plugin for Xcode plus clang static analyzer checkers for iOS application development. This plugin aims to reduce the vulnerability made during development by detecting the vulnerability as it is being created.
For more information, please contact the Project Leaders, Tokuji Akamine. and Ramund Pedraita
OWASP Incident Response Project
The OWASP Incident Response Project will provide users with a current set of tools and best practices for dealing with a hacked web application.
For more information, please contact the Project Leader, Tom Brennan.

Project Announcements

OWASP 24/7 Podcasts
The OWASP Cornucopia Project with Colin Watson
The OWASP Top Ten Proactive Controls Project with Jim Bird
The OWASP Hacky Easter Challenge with Ivan Butler
2014 AppSec APAC: Post Mortem (English)
owasp communication

Phase I of the OWASP Portal is live

Logging into the portal will allow you to renew your membership and register for upcoming events; taking advantage of any individual or corporate membership benefits available to you.
The membership sign up process has been simplified. New member signups will provide some basic demographic information, select their membership type, and complete the process. When you're logged into the portal, you can renew your membership in just a few clicks!
Once you have logged into the portal, you can register for upcoming events quickly and easily.
By clicking on the "My Account" tab, you can generate invoices, receipts, and view any new payment and registration history
A community feature is included in the portal.
Joining the community is not necessary to take advantage of the membership and event features. In the community, you can post new ideas, vote and comment on ideas, organize discussion groups, and connect with other OWASPers.

Additional Features like community resources, OWASP FAQ, awards and recognition, and a much improved donation process, are just some of the enhancements that will be released during 2014.
Current OWASP members should check their inbox for their login instructions. Unique login ID information has been sent to you.
Membership is NOT required to access the portal. If you do not have a current membership, and would like to access the portal, please CLICK HERE
To sign up for a new membership, please CLICK HERE
As always, if you have any problems or comments, please contact us at support@owasp.org
conferences

Global AppSec Events in 2014

AppSec LATAM 2014 - LATAM Tour (April 22 - May 9)
Registration is now open! Please refer to the tour pages for the location you want to register for.
In 2014, instead of holding an AppSec LATAM Conference, we organizing a LATAM Tour which we hope will bering together LATAM community members together to spread the OWASP mission. Here are the sheduled stops for the tour:

  • April 22-23, Santiago, Chile
  • April 23-24 Quito, Ecuador
  • April 25 Guayaquil, Ecuador
  • April 25-26 Lima, Peru
  • April 28-29 Guatemala, Guatemala
  • April 29-30 Montevideo, Uruguay
  • May 6-7 Bogota, Colombia
  • May 8-9 Buenos Aires, Argentina
Sponsorship Opportunities are available as well. Please find further information on the Tour Wiki Page.
AppSec EU 2014 (June 23 - 26, Cambridge, UK)
Registration is now OPEN

AppSec USA 2014 (September 16 - 19, Denver, CO)

Upcoming Regional Events

LASCON 2014 (October 21 - 24, Austin, TX)

Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us
NCCDC - Please visit http://www.nationalccdc.org/, for a complete list of upcoming competitions including the National Championship!
THOTCON - Chicago's Hacking Conference, April 25, 2014, Chicago IL. Tickets
Information Security Media Group, Inc. Discount code for OWASP Members: OWASPFraud2014
Suits & Spooks, April 17-18, Monterey, CA
The IT Summit - April 22, Seattle, WA
The IT Summit - May 14, Houston, TX
ISSA - LA Information Security Summit - May 16, Universal City, CA - OWASP members receive a 25% discount by using the discount code: Ow@splssaLA25
Chapters

New OWASP Chapters - Q1


social media

OWASP Foundation Social Media

LinkedIn
Twitter
Google +
Facebook
Ning
StackOverflow
membership

Thank you to our renewed Corporate Members:


  • Qualys - Premier Corporate Member
  • Booz Allen Hamilton - Contributor Corporate Member
  • Cigital - Contributor Corporate Member
  • Veracode - Contributor Corporate Member

OWASP Member Spotlight - APAC 2014 Planning Team - Japan

As an organization driven by it's membership community, it's high time we dedicate some space to recognizing YOU!

We would like to take this opportunity to congratulate and to sincerely thank the Japan team. This year's AppSec conference in Tokyo, Japan was immensely successful in promoting the OWASP mission in the Japan region.
The turnout this year was our largest to date, and we have received great feedback from attendees about speakers, session content and networking events.
The Organizing Committee is extremely proud to have been able to bring together more than 400 people from all over the world. Indeed this is a great milestone in the history of our Global AppSec Conferences in the Asia Pacific region and having your support and participation was priceless. THANK YOU!
communication

OWASP Wins SC Magazine 2014 Editor's Choice Award

On Tuesday, February 25th OWASP was awarded the 2014 SC Magazine Editor's Choice award.
As a volunteer driven, non-profit organization our contributors donate their time and expertise for the betterment of all.
It is exciting and rewarding for the entire community to be recognized for our continued efforts to increase application security!
To read the complete announcement, please visit The OWASP blog post

Just for Fun

We would like to congratulate Roma Jain for submitting the first correct response to last issue's puzzle. Thank you to everyone who submitted your response. If you missed the question, you can find it on the OWASP Blog
1) 2,1 cross bridge together, 1 come back leaving 2 on other side , min = 2+1 2) 5,10 cross bridge together, both stay there, 2 come back, min 10 +2 3) 1,2 go together, min = 2 Total min = 17
This issue's challenge
Midas has boxes in three sizes: large, medium, and small. He puts 11 large boxes on a table. He leaves some of these boxes empty, and in all the other boxes he puts 8 medium boxes. He leaves some of these medium boxes empty, and in all the other medium boxes he puts 8 (empty) small boxes. Now, 102 of all the boxes on the table are empty. How many boxes has Midas used in total?
Please submit your answers HERE
Education

New OWASP Books

If you would like to purchase copies of OWASP titles, you can do so by accessing all available titles HERE
Some of the most recent books available are:

New Titles will be coming soon!



No comments: