Wednesday, November 25, 2015

OWASP Connector Newsletter - November 25, 2015


OWASP in the News

OWASP Podcasts


ToolsWatch Survey

Status of Reviews

Latest Releases


Global AppSec Events

Local and Regional Events

Partner and Promotional Events


New OWASP Chapters

Chapter Restarts

Chapter Transitions

New Academic Supporters

Chapter Activities


Contributing Corporate Members

Social Media

OWASP Foundation Social Media


OWASP in the NEWS!

Toolswatch '2015 Best Security Tool' survey: Please vote for your favorite OWASP security tools!

AppSec California Application and Web Security Training Sessions Announced,

Test-Aankoop: helft webwinkels niet goed beveiligd (Half of ecommerce websites tested not properly secured), Het Niewsblad (Belgium).

OWASP Podcasts

OWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes.

Mark Miller interviews Board members Tom Brennan and Josh Sokol about an upcoming event in NYC: OWASP Shark Tank - Could You Convince Someone to Invest in Your Project?

Mark Miller - OWASP 24/7 Podcast Series



Simon Bennetts asks you to please vote for you favorite OWASP security tools in the Toolswatch '2015 Best Security Tool' survey:

In 2014 OWASP tools came in at number:

2. ZAP
5. Xenotix

and in 2013:

1. ZAP
5. Xenotix
10. O-SAFT

Project Reviewers Needed

Thank you for volunteering!

Timo Pagel, Munir Njiru, Ricardo Campo and Jorge Stephan and Nikola Milosevic

The Volunteer Board has a number of openings:

OWASP Security Shepherd - Project Reviews will be available on the Leader List the week of 12/7 OWASP Security Logging Project - One Volunteer still needed
OWASP Security Knowledge Framework - One Volunteer still needed
OWASP SeraphimDroid Project - Needs Two Volunteers
OWASP Java Encoder Project - Needs Two Volunteers
OWASP Jave HTML Sanitizer Projects - Needs Two Volunteers
OWASP API Security Project - New Incubator needs Two Volunteers

Thank you in advance for your efforts and time.

Project Task Force

Initiative Leader:
Claudia Aviles-Casanovas
Project Coordinator

OWASP PodCasts created by Mark Miller offer a great forum for getting an update on projects. Listen to interviews with project leaders at

Latest Releases

OWASP Mth3l3m3nt Framework User Guide
Project Leader: Munir Njiru
Project Page:
OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots, say no to runaway web shells and yes to centrally managed herds in large penetration testing engagements.


Global AppSec Events

AppSecEU 2016, 27 June to 1 July 2016, Rome, Italy

AppSec EU 2016 is coming to Rome, Italy on 27 June to 1 July 2016!

The Call for Trainings is Now Available! Deadline for proposals: 31 December, 2015.

The Call For Papers is open until 15 January 2016. Submit yours soon.

We are now accepting sponsorships for AppSec EU 2016. For information visit the AppSec EU Sponsor Information Page and Download the Flyer.

Other Global AppSec Events

We are still accepting sponsorships for AppSec Cali 2016 to be held in Santa Monica, California on January 25-27, 2016. Visit the website for details.

We are pleased to announce that AppSecUSA 2016 will be held on 11-14 October 2016 in Washington DC. Mark your calendars!

Regional and Local Events

AppSec Rio de la Plata 2015, December 1, 2015 - December 3, 2015, Montevideo, Uruguay

German OWASP Day, December 1, 2015 - December 3, 2015

OWASP Gothenburg Day, December 8, 2015, Gothenburg, Sweden

AppSec Cali 2016, Jan. 25, 2016 - Jan. 27, 2016, Santa Monica, CA

New Zealand Day 2016, February 3, 2016 - February 4, 2016, Auckland, New Zealand

CyberSecurity 2016, May 16, 2016 - May 20, 2016, New York, NY, USA

The first Conference Videos Videos from LASCON, (Lonestar Application Security Conference) in Austin, TX, USA, are now available on Vimeo.

Partner and Promotional Events

CyberSecure December 15 - 16, 2015 The Sheraton Times Square New York, NY, USA

CodeMash January 5 - 8, 2016 Sandusky, Ohio, USA

BSides Lagos January 22, 2016 Nigeria

SC Congress London, February 10, 2016 ILEC Conference Centre London, UK

Blackhat Asia 2016, March 31 - April 1, 2016 Marina Bay Sands, Singapore. OWASP members receive a $200/USD discount on Briefings with discount code: OWBR0316

SC Congress Toronto, June 1, 2016 - June 2, 2016 Metro Convention Center Toronto, CN

Ads are not endorsements and reflect the messages of the advertiser only. They represent co-marketing arrangements
with other organizations in support of the OWASP Community. CLICK HERE for more information on advertising.

Black Hat Asia 2015, Singapore, March 29- April 1, 2016, USD$200 Discount: OWBR0316Black Hat Asia 2015, Singapore, March 29- April 1, 2016, USD$200 Discount: OWBR0316


New Chapters

Chapters Restarts


New Academic Supporters

Learn more about our Academic Supporter program

Notable Chapter Activity

Ashwini Paranjpe of the OWASP Pune chapter reported they completed their second chapter discussion at PTC. She would like to thank Manish and Sumita for a wonderful presentation on OWASP top 5 issues. And thanks to Sajith and PTC folks for arranging venue and tea/coffee for our chapter discussion. Note that presentation slide deck is uploaded at

The next Pune chapter meeting is scheduled for 17th December and will cover remaining 5 OWASP vulnerability issued, followed by a technical presentation on any security topic. Visit the Pune chapter wiki page for details or to volunteer.

The NYC/NJ Chapters are trying something new at the December 7th meeting: two projects will make pitches to a crowd of 300, with two angel investors in attendance. They address questions such as "What does it take to get a project funded with limited resources?" How to fund of projects and how to allocate your personal time. Mark Miller interviewed Tom Brennan, OWASP Board member and event organizer, and OWASP Board member Josh Sokol as well as two people who will be pitching their projects. Listen in to see if this is something you might want to do for your chapter or project.

We at the OWASP Global Foundation are looking forward to hearing about more such events in future.

Share your chapter's successes! Submit your stories here


Contributing Corporate Members

  • Optiv
  • Ernst & Young
  • Fortinet

Social Media

OWASP Social Media Site

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home