OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

18
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License. The OWASP Foundation OWASP http://www.owasp.org OWASP (Membership) and new OWASP Projects Sebastien Deleersnyder CISSP Feb, 2006 [email protected]

Transcript of OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

Page 1: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

Copyright © 2004 - The OWASP Foundation

Permission is granted to copy, distribute and/or modify this document

under the terms of the GNU Free Documentation License.

The OWASP Foundation

OWASP

http://www.owasp.org

OWASP (Membership) and new

OWASP Projects

Sebastien Deleersnyder

CISSP

Feb, 2006

[email protected]

Page 2: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 2

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

Page 3: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 3

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

Page 4: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 4

Introduction

<Sponsors this evening:4K.U.Leuven sponsors venue4BeeWare sponsors Pizza & Drinks

<Call for additional sponsors4Chapter meeting places & catering4Support for local projects

<OWASP cannot recommend the use of products, services, or recommend specific companies

Page 5: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 5

Introduction

Program for this evening:<18h20 - 18h40:

Sebastien DeleersnyderOWASP (Membership) & new OWASP Projects

<18h40 - 19h30: Philippe BogaertsWebScarab demonstration

<19h30 - 20h45: Web Application Firewalls: Panel Discussion

Page 6: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 6

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

Page 7: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 7

OWASP

<Open Web Application Security Project

<OWASP is dedicated to finding and fighting the causes of insecure software

<Non-profit, volunteer driven organization4All members are volunteers4All work is donated by sponsors

Page 8: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 8

OWASP?

<Provide free resources to the community4Publications, Articles, Standards, e.g.

§ OWASP Top 10§ OWASP Guide§ Testing Guide

4Testing and Training Software, e.g.§ WebGoat§ WebScarab§ .NET Projects

4Local Chapters, Mailing Lists & Conferences<Dual license model:

4Open Source Licenses4Commercial License for Members

Page 9: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 9

OWASP Membership

<Using OWASP material?<Join us and become member!<Enable OWASP to continue to provide unbiased:

4Tools4Documentation4Conferences4Mailing Lists4…

www.owasp.org/about/membership.html

Page 10: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 10

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

Page 11: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 11

Belgium Chapter - What do we have to offer?

<Quarterly Meetings<Mailing List<Presentations & Groups<Open forum for discussion<Meet fellow InfoSec professionals<Create (Web)AppSec awareness in Belgium<Local projects?

Page 12: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 12

Belgium Chapter – House Rules

<Free & open to everyone<Language

4English preferred4Native language: no problem!

<No vendor pitches or $ales presentations<Respect for different opinions<No flaming (including M$ bashing)

<1 CISSP CPE for each hour of OWASP chapter meeting<Sign Sheet & I’ll e-mail scan: you claim CPE credits

Page 13: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 13

OWASP Local Chapter Meetings 2006

<Next Meetings:4Monday May 8th 2006 - Brussels4Thursday Sep 14th 2006 - Antwerp4Tuesday Nov 21 2006 - Brussels

<Program:4Short OWASP intro4Presentation on introduction topic4Panel, workshop, round-table, … on more advanced topic

<Topics: 4Call for input!

Page 14: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 14

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

Page 15: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 15

New OWASP Projects

<OWASP Site Generator4http://owasp.net/forums/428/ShowPost.aspx4http://owasp.net/blogs/dinis_cruz/archive/2006/01/25/431.aspx

<WASS, or Web Application Security Standards project4http://www.owasp.org/standards/wass.html

<SEASA, Scoping and Evaluating Application Security Assessments 4See Metrics Mailing List:

http://lists.sourceforge.net/lists/listinfo/owasp-metrics4Terminology input needed

<Metrics Project Reactivation?<Top10 2006?<Testing Project?

Page 16: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 16

OWASP Conference

<Europe OWASP conference in Belgium!4KUL4May 29: training course Web Application Security /

Web Services Security 4May 30-31: Conference – 2 tracks4Speaker, paper & sponsoring input appreciated!

Page 17: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 17

That’s it…

<Any Questions?

http://www.owasp.org/local/belgium.html

[email protected]

Thank you!

Page 18: OWASP (Membership) and new OWASP Projects · OWASP 7 OWASP

OWASP 18

Subscribe to BE Chapter mailing list

<Keep up to date!<Post your (Web)AppSec questions<Contribute to discussions!