The OWASP Foundation OWASP Global Update Seba Deleersnyder OWASP Foundation Board Member.
OWASP Nederland
description
Transcript of OWASP Nederland
![Page 1: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/1.jpg)
Copyright © The OWASP FoundationPermission is granted to copy, distribute and/or modify this document under the terms of the OWASP License.
The OWASP Foundation
OWASP
http://www.owasp.org
OWASP Nederland
Implementation of Security by DesignMartin KnoblochSogeti Nederland [email protected]+31-(0)6 52 32 76 79
2007-01-11
![Page 2: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/2.jpg)
2OWASP
Presentation Objectives
What is…? Awareness! Task Force! Join Forces! Education! Get known! Finish line?
![Page 3: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/3.jpg)
3OWASP
What is…?
What is…?Security By Design A Secure Application
Awareness! Task Force! Join Forces! Education! Get known! Finish line?
![Page 4: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/4.jpg)
4OWASP
What is…
Security by DesignSecure Software
Development Initiative Applications designed to be
secure Design how to develop
secure applicationsEverything about
designing, developing, testing and implementing secure applications!
![Page 5: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/5.jpg)
5OWASP
What is…
A Secure Application?How to design, develop a secure
application?How secure has an application to
be?How to prove the application meets
the customer expectations and needs of security?
50 current OWAP Projects 6 Release Quality Projects 15 Beta Status Projects 15 Alpha Status Projects
![Page 6: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/6.jpg)
6OWASP
What is…?
Secure Development Life Cycle
![Page 7: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/7.jpg)
7OWASP
What is…
A Secure Application..An application is secure if
the applications behaves as expected at all times!
![Page 8: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/8.jpg)
8OWASP
Awareness!
What is… ? Awareness!
Who?Why?How?
Task Force! Join Forces! Education! Get known! Finish line?
![Page 9: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/9.jpg)
9OWASP
Awareness!
Who?Colleagues
Development Staff– Architects / Designers– Developers– Tester
Sales / Business Management
Customer Architects Administrators Users
…each and everyone!
![Page 10: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/10.jpg)
10OWASP
Awareness!
Why?Colleagues
Development Staff Sales / Business Management
Customer Architects Administrators Users
![Page 11: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/11.jpg)
11OWASP
Awareness!
How?By recognition of their
interests, understanding and knowledge of security! Communicate on the level of their
knowledge Communicate in the scope of their
understanding Communicate in the context of
their interests
![Page 12: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/12.jpg)
12OWASP
Awareness!
![Page 13: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/13.jpg)
13OWASP
Task Force!
What is…? Awareness! Task Force!
It’s not a one-man-show
Join Forces! Education! Get known! Finish line?
![Page 14: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/14.jpg)
14OWASP
Task Force!
It’s not a one-man-show JavaMicrosoftOracleSAPCMSC++UnifacePHP…Software Control
![Page 15: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/15.jpg)
15OWASP
Task Force!
Proactive Security Strategy (PaSS)
![Page 16: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/16.jpg)
16OWASP
Join Forces!
What is…? Awareness! Task Force! Join Forces!
Who else is busy with security?
Education! Get known! Finish line?
![Page 17: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/17.jpg)
17OWASP
Join Forces!
Business Process
Networking
System Administration
Application Administration
![Page 18: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/18.jpg)
18OWASP
Join Forces!
Company wide security initiatives
![Page 19: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/19.jpg)
19OWASP
Educate!
What is…? Awareness! Task Force! Join Forces! Educate!
EducationCertification
Get known! Finish line?
![Page 20: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/20.jpg)
20OWASP
Educate!
Presentations, Courses, Technical meetingsTo create awareness!
About Security Threats About Security Standards About Best Practices About Standards About …
![Page 21: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/21.jpg)
21OWASP
Educate!
CertificationsGet certified
CISSP Symantec – SCSP MSCE Cisco ISS RSA
»OWASP Top Ten certification?!
![Page 22: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/22.jpg)
22OWASP
Get known!
What is…? Awareness! Task Force! Join Forces! Education! Get known!
Make yourself heard!
Finish line?
![Page 23: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/23.jpg)
23OWASP
Get known!
Write! Papers Newsletters Blogs
Talk! Presentations Meetings Lunch
Bother! Whenever there is a change!
![Page 24: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/24.jpg)
24OWASP
Get known!
Make yourself notorious!
![Page 25: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/25.jpg)
25OWASP
Finish line?
What is…? Awareness! Task Force! Join Forces! Get known! Education! Finish line?
When is the job done?
![Page 26: OWASP Nederland](https://reader035.fdocuments.net/reader035/viewer/2022081516/5681472c550346895db4668a/html5/thumbnails/26.jpg)
26OWASP
Finish line?
When is the job done?
…NEVER!