Monday, September 29, 2014

Honorary Membership Deadline is Tomorrow!

Tomorrow Tuesday, September 30, 2014 is the DEADLINE to submit your Honorary Membership Form.

Not sure if you qualify?  Visit our Election page to learn more.

Friday, September 26, 2014

Honorary Membership Deadline Sept 30!

The deadline to submit your Honorary Membership form is September 30.  To find out if you qualify please visit our Election page and submit your request here.

Thursday, September 4, 2014

OWASP Global Connector

OWASP Global Connector
September 4, 2014 | | | Contact Us | Brought to you by the OWASP Foundation
owasp projects

Featured OWASP Project

OWASP Click Me Project
The OWASP Click Me Project aimed at having a simple GUI which helps to create a test page for Clickjacking attacks.This is an attack which targets the clickable content on a website. OWASP Click Me tool will help you to test whether your site is vulnerable to this attack by creating a html page that will try to load your web site from a frame.
For more information, please contact the Project Leader, Arun Kumar.

New OWASP Projects

OWASP JSEC CVE Details Project
OWASP JSEC CVE Details is is an opensource application developed in Java that uses the api provided by to receive latest CVE updates. The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. For more information, please contact the Project Leader, Dibyendu Sikdar.
OWASP Persian Translation Project
The OWASP Persian Translation Project is a documentation project with the goal of translating fundamental OWASP projects, such as the Top 10 and Testing Guide. Several translations are already available on the project page. For more information, please contact the Project Leader, TamadonEH.

Project Announcements

Project Summit USA 2014
AppSec USA is coming up this month. If you are a project leader and plan to attend, there is still opening available for participation in the Project Summit. The Project Summit is a chance for leaders to showcase the progress of their projects and to sit down with community members to brainstorm the future of individual projects.
If you are interested in signing your project up for the Project Summit, you can do so HERE.
If you have any questions about the project summit, please contact Jonathan Marcil
Social Media

OWASP Foundation Social Media

OWASP YouTube Channel
Google +

CLICK HERE for information on advertising in the next connector

Thank you to our new Corporate Member:

  • Fortinet
Honorary Membership applications now being accepted.
CLICK HERE to find out if you qualify for Honorary Membership Deadline to submit your application is September 30, 2014.

Global AppSec Events in 2014

AppSec USA 2014 (September 16 - 19, Denver, CO)

AppSec EU/Research 2015 (May 18 - 21, 2015, Amsterdam, NL)
CALL FOR TRAINING IS NOW OPEN - Submission Deadline is November 30, 2014

Upcoming Regional Events

Boston Application Security Conference (BASC) (October 18, 2014, Cambridge, MA)

LASCON 2014 (October 21 - 24, Austin, TX)

Partner and Promotional Events

OWASP has partnered with these great events in beginning of 2014 to grow our community and build awareness around software security. If you want to learn more about OWASP's involvement or will be attending and want to help out contact us
Fraud Summit Toronto, (Sept 8, 2014) Toronto, Canada.
SECUREFRIBOURG 2014, (Sept 11), Fribourg, Switzerland, OWASP Members save 50% off of the non-(ISC)2 Member Full Conference Pass with the code: ISCFRIOWASP
SECUREIBERIA 2014, (Sept 16), Madrid, Spain, OWASP Members save 50% off of the non-(ISC)2 Member Full Conference Pass with the code: ISCIBOWASP
(ISC)2 Security Congress, (Sept 22 - Oct 2), OWASP Members save $355 off of the non-(ISC)2 Member Full Conference Pass. Attendees can expect over 80 educational sessions designed to strengthen cybersecurity defenders, focus on current and emerging issues, best practices, and challenges facing cybersecurity leaders.
EC-Council Hacker Halted(October 12-17, 2014) Atlanta, GA
ISSA International Conference (October 22-23), 2014, Orlando, FL
SECUREAMSTERDAM 2014, (Nov 6), Amsterdam, NE
SECUREDUBAI 2014, (Nov 6), Amsterdam, NE
Suits & Spooks, (December 14), Singapore.

2014 Global Board of Directors Election

Below is a list of the 2014 candidates

  • Abbas Naderi Afooshteh
  • Israel Bryski
  • Bil Corry
  • Rowland Johnson
  • Tahir Khan
  • Timur Khrotko
  • Matthew Konda
  • Jim Manico
  • Mateo Martinez
  • Nigel Phair
  • Andrew van der Stock
CLICK HERE to view the candidates bio and "why me?" information in a Google Document
The next step is, the candidates will conduct individual interviews answering questions from the community. Anyone can submit a question(s). If you have a question you would like to submit, please do so here.

2014 Web Application Security People of the Year (WASPY) Awards

Join us in congratulating this year's Winners:

  • Best Chapter Leader - Japan Chapter leaders
  • Best Project Leader - Simon Bennetts
  • Best Mission Outreach - AppSec USA 2013 Team
  • Best New Community Supporter - AppSec APAC 2014 Team
  • Best Platform Supporter - Johanna Curiel
The winners will be recognized during a ceremony on Wednesday September 17th in Denver
Thank you to Qualys, our Platinum Award Sponsor!


  • Ames, Iowa - North America
  • Cork, Ireland - Europe
  • Dominican Republic - Latin America
  • Madrid, Spain - Europe
  • Manizales, Columbia - Latin America
  • Sohag, Egypt - Middle East


  • Fortaleza, Brasil - Latin America
  • Honduras - Latin America
  • Kenya - Africa
  • Kerala, India - Middle East
  • Mexico City, Mexico - Latin America
  • Mobile, Alabama - North America
  • Newcastle, UK - Europe
  • Taiwan - Asia

Just for Fun

Congratulations to Ann Alfano who was the ONLY person to solve last week's challenge: Answer: 30 arrangements
The last puzzle was quite the stumper! Thank you everyone who submitted responses.
Click here to view last issue's puzzle
The puzzle is on Holiday this week! Get back to work!

Tuesday, September 2, 2014

5 Reasons to Attend AppSec USA 2014

You heard about the massive cyber attacks on JPMorgan and Dairy Queen that happened recently. Financial giant JPMorgan is now working with the Federal Bureau of Investigation to mitigate the hacking of their data, and ice cream maven Dairy Queen is under investigation for suspicious credit card activities. These attacks demonstrate the glaring truth that even the most secure organizations are at risk of experiencing undiscriminating data breaches. Hackers are taking advantage of any flaw in an organizations security and compromising the integrity of businessesinternal systems. If you think your organization is completely protected from cyber security threats, think again.

Its imperative that your organization understands how to protect critical infrastructure and best guard against security breaches. Colorado Representative Jared Polis states that attending AppSec USA, a world-class software security conference for developers, auditors, risk managers, technologists and entrepreneurs, will allow you to take away new tools to enhance software security, which will improve operations of businesses and organizations nationwide. Below are 5 more reasons why should you attend:

1.     As an AppSec USA attendee, youll learn more about software security in sessions led by top industry leaders, including Bruce Schneier of Co3 Systems, Inc. and Gary McGraw of Cigital. AppSecs speakers are international visionaries who will be at the conference to offer their expertise on security topics you need to know.  
2.     Along with attending keynote sessions, you can participate in fun interactive events, like AppSecs extensive Capture the Flag coding and security competition.
3.     Youll get to engage in an all-new, workshop-style Skills Lab track providing instruction and hands-on experience with essential security tools and skills.
4.     OWASP hosts a career fair and sponsor expo at AppSec featuring top companies in the industry. Youll have unique opportunities to network and get hired by the best of the best. 
5.     Youll get to experience Code Brew,a home-brewing contest judged by brewers from some of Colorados top craft breweries. Does any other software security conference offer that? Didnt think so.

Colorado Governor John Hickenlooper states that Colorado is growing in technology leadership and therefor makes for a great place to hold this years AppSec USA conference [John Hickenlooper letter]. Make sure you do not miss out on this informative and influential event.