https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=Dawnaitken
OWASP - User contributions [en]
2026-04-28T01:18:32Z
User contributions
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Albany&diff=256615
Albany
2020-01-10T18:33:57Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Albany|extra=The chapter leader is [mailto:jon.briccetti@owasp.org Jon Briccetti]<br />
|meetupurl=https://www.meetup.com/OWASP-Albany-Meetup/|region=United States}}<br />
<br />
== Local News ==<br />
<br />
'''OWASP Albany Chapter Meeting'''<br />
<br />
'''Date:''' Thursday, September 20th, 2018<br />
<br />
'''Time:''' 11:00am - 2:00pm EST<br />
<br />
'''Location:''' University at Albany, Campus Center Room 375, 1400 Washington Avenue, Albany, NY 12222<br />
<br />
'''Registration:''' https://www.eventbrite.com/e/open-web-application-security-project-tickets-49140621923<br />
<br />
'''Theme:''' ''Confessions of a Recovering Software Developer: Analytical Engines, Parking Tickets, and Cybersecurity''<br />
<br />
Welcome to Open Web Application Security Project (OWASP) Albany Chapter's first meeting! OWASP is a worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.<br />
<br />
'''Keynote:''' Code. Software. Source. Migraine-producing hallucinogen. It goes by many names, but all lead to one undeniable truth - the simple concept of automating calculations with a machine has changed society, our world, and humanity itself. From automating simple tasks to saving lives, software has improved every part of life, but at what cost? Our cars, toasters, and iPhones work tirelessly on our behalf, but these advances have also introduced new risks. Today's "operating system" is a complex - and vulnerable - ecosystem of iPhones, Twitter accounts and, missile defense systems. The question now is, what do we do about it?<br />
<br />
Join GreyCastle Security CEO Reg Harnish in a frank conversation about the evolution of computer software, the risks that have been introduced by computers and the solutions that will keep us safer into the future.<br />
<br />
''Lunch will be provided!''<br />
<br />
'''Sponsors:''' Troy Web Consulting https://www.troyweb.com/ | UAlbany CEHC https://www.albany.edu/cehc/<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Saudi_Arabia&diff=256601
Saudi Arabia
2020-01-09T20:02:54Z
<p>Dawnaitken: </p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader position is '''OPEN.'''|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}} <br />
<br />
== '''Upcoming Meetings''' ==<br />
===== '''OWASP upcoming 11: 14 Nov 2019 '''=====<br />
OWASP Jeddah 🇸🇦<br />
* Into to Cyber Security<br />
* Install Kali<br />
* Secure your network<br />
''By Mohammed, Abdullah, Malaz, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://twitter.com/OWASPKSA Location: Follwo -> https://twitter.com/OWASPKSA]<br />
<br />
<br />
== '''OWASP Saudi Arabia Social Media''' ==<br />
'''https://twitter.com/OWASPKSA'''<br />
<br />
== '''Previous Meetings''' ==<br />
'''OWASP upcoming 10: 16 July 2018'''<br />
* IoT Security<br />
* The History and Future of Web PenTest<br />
* Linux for Cyber Security<br />
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus]<br />
<br />
'''OWASP 09: 1 April 2018 '''<br />
* Introduction to footprinting and reconnaissance<br />
* Personal Data security <br />
* How to Footprinting <br />
* Footprinting types ( Whois, Social media, Source codes, ….) <br />
* Top 5 Tools of Footprinting<br />
* Using email for footprinting<br />
* Pen testing for footprinting<br />
* Using Ping, Tracert, nslookup, and dig<br />
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus ]<br />
<br />
'''OWASP 08: 18 March 2018 '''<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://www.hailedu.gov.sa/ Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/]<br />
===== '''OWASP 01: 23 - March 2017 '''=====<br />
* What is OWASP KSA? <br />
* Top 10 Standard <br />
* OWASP 2018 Activities and initiatives<br />
* Networking<br />
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 02: 29 - May 2017 '''=====<br />
* Introduction to Operating system<br />
* Linux OS<br />
* Kernel Security<br />
* Networking Security <br />
* OWASP Top 10 ( 2017 ) Part2 <br />
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 03: 27 - June 2017 '''=====<br />
* Introduction to Database Management <br />
* SQL Injection <br />
* Cyber Attack Analysis <br />
* Security Misconfiguration <br />
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 04: 25 August 2017 '''=====<br />
* Introduction to Social Engineering <br />
* Types of Social Engineering <br />
* Top 10 ways of social Engineering <br />
* Blackmailing <br />
* SMS and Email Phishing Attack <br />
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 05: Girls 22 OCT 2017'''=====<br />
* Introduction to Ethical Hacking <br />
* Type of hackers <br />
* Top Hacking stories of 2017 <br />
* Kali Linux and How to install it<br />
* Kali linux list of main functions<br />
* Kali Linux tools NMAP<br />
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 06: 24 DEC 2017 '''=====<br />
* Introduction to Networking Security <br />
* Scanning and Sniffing <br />
* NMAP and Wireshark<br />
* Wireshark Analysis<br />
* VPN & DNS <br />
* The Dark Web<br />
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 07: 22 FEB 2018 '''=====<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
''<br />
<br />
[[Category:OWASP_Chapter]]''</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Saudi_Arabia&diff=256600
Saudi Arabia
2020-01-09T20:01:53Z
<p>Dawnaitken: </p>
<hr />
<div>'''INACTIVE'''<br />
{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader position is '''OPEN.'''|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}} <br />
<br />
== '''Upcoming Meetings''' ==<br />
===== '''OWASP upcoming 11: 14 Nov 2019 '''=====<br />
OWASP Jeddah 🇸🇦<br />
* Into to Cyber Security<br />
* Install Kali<br />
* Secure your network<br />
''By Mohammed, Abdullah, Malaz, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://twitter.com/OWASPKSA Location: Follwo -> https://twitter.com/OWASPKSA]<br />
<br />
<br />
== '''OWASP Saudi Arabia Social Media''' ==<br />
'''https://twitter.com/OWASPKSA'''<br />
<br />
== '''Previous Meetings''' ==<br />
'''OWASP upcoming 10: 16 July 2018'''<br />
* IoT Security<br />
* The History and Future of Web PenTest<br />
* Linux for Cyber Security<br />
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus]<br />
<br />
'''OWASP 09: 1 April 2018 '''<br />
* Introduction to footprinting and reconnaissance<br />
* Personal Data security <br />
* How to Footprinting <br />
* Footprinting types ( Whois, Social media, Source codes, ….) <br />
* Top 5 Tools of Footprinting<br />
* Using email for footprinting<br />
* Pen testing for footprinting<br />
* Using Ping, Tracert, nslookup, and dig<br />
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus ]<br />
<br />
'''OWASP 08: 18 March 2018 '''<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://www.hailedu.gov.sa/ Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/]<br />
===== '''OWASP 01: 23 - March 2017 '''=====<br />
* What is OWASP KSA? <br />
* Top 10 Standard <br />
* OWASP 2018 Activities and initiatives<br />
* Networking<br />
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 02: 29 - May 2017 '''=====<br />
* Introduction to Operating system<br />
* Linux OS<br />
* Kernel Security<br />
* Networking Security <br />
* OWASP Top 10 ( 2017 ) Part2 <br />
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 03: 27 - June 2017 '''=====<br />
* Introduction to Database Management <br />
* SQL Injection <br />
* Cyber Attack Analysis <br />
* Security Misconfiguration <br />
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 04: 25 August 2017 '''=====<br />
* Introduction to Social Engineering <br />
* Types of Social Engineering <br />
* Top 10 ways of social Engineering <br />
* Blackmailing <br />
* SMS and Email Phishing Attack <br />
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 05: Girls 22 OCT 2017'''=====<br />
* Introduction to Ethical Hacking <br />
* Type of hackers <br />
* Top Hacking stories of 2017 <br />
* Kali Linux and How to install it<br />
* Kali linux list of main functions<br />
* Kali Linux tools NMAP<br />
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 06: 24 DEC 2017 '''=====<br />
* Introduction to Networking Security <br />
* Scanning and Sniffing <br />
* NMAP and Wireshark<br />
* Wireshark Analysis<br />
* VPN & DNS <br />
* The Dark Web<br />
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 07: 22 FEB 2018 '''=====<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
''<br />
<br />
[[Category:OWASP_Chapter]]''</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Saudi_Arabia&diff=256599
Saudi Arabia
2020-01-09T20:00:28Z
<p>Dawnaitken: Protected "Saudi Arabia" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))</p>
<hr />
<div><br />
{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}} <br />
<br />
== '''Upcoming Meetings''' ==<br />
===== '''OWASP upcoming 11: 14 Nov 2019 '''=====<br />
OWASP Jeddah 🇸🇦<br />
* Into to Cyber Security<br />
* Install Kali<br />
* Secure your network<br />
''By Mohammed, Abdullah, Malaz, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://twitter.com/OWASPKSA Location: Follwo -> https://twitter.com/OWASPKSA]<br />
<br />
<br />
== '''OWASP Saudi Arabia Social Media''' ==<br />
'''https://twitter.com/OWASPKSA'''<br />
<br />
== '''Previous Meetings''' ==<br />
'''OWASP upcoming 10: 16 July 2018'''<br />
* IoT Security<br />
* The History and Future of Web PenTest<br />
* Linux for Cyber Security<br />
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus]<br />
<br />
'''OWASP 09: 1 April 2018 '''<br />
* Introduction to footprinting and reconnaissance<br />
* Personal Data security <br />
* How to Footprinting <br />
* Footprinting types ( Whois, Social media, Source codes, ….) <br />
* Top 5 Tools of Footprinting<br />
* Using email for footprinting<br />
* Pen testing for footprinting<br />
* Using Ping, Tracert, nslookup, and dig<br />
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus ]<br />
<br />
'''OWASP 08: 18 March 2018 '''<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
<br />
[https://www.hailedu.gov.sa/ Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/]<br />
===== '''OWASP 01: 23 - March 2017 '''=====<br />
* What is OWASP KSA? <br />
* Top 10 Standard <br />
* OWASP 2018 Activities and initiatives<br />
* Networking<br />
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 02: 29 - May 2017 '''=====<br />
* Introduction to Operating system<br />
* Linux OS<br />
* Kernel Security<br />
* Networking Security <br />
* OWASP Top 10 ( 2017 ) Part2 <br />
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''<br />
<br />
===== '''OWASP 03: 27 - June 2017 '''=====<br />
* Introduction to Database Management <br />
* SQL Injection <br />
* Cyber Attack Analysis <br />
* Security Misconfiguration <br />
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 04: 25 August 2017 '''=====<br />
* Introduction to Social Engineering <br />
* Types of Social Engineering <br />
* Top 10 ways of social Engineering <br />
* Blackmailing <br />
* SMS and Email Phishing Attack <br />
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''<br />
<br />
===== '''OWASP 05: Girls 22 OCT 2017'''=====<br />
* Introduction to Ethical Hacking <br />
* Type of hackers <br />
* Top Hacking stories of 2017 <br />
* Kali Linux and How to install it<br />
* Kali linux list of main functions<br />
* Kali Linux tools NMAP<br />
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 06: 24 DEC 2017 '''=====<br />
* Introduction to Networking Security <br />
* Scanning and Sniffing <br />
* NMAP and Wireshark<br />
* Wireshark Analysis<br />
* VPN & DNS <br />
* The Dark Web<br />
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''<br />
<br />
===== '''OWASP 07: 22 FEB 2018 '''=====<br />
* Introduction to Cloud Technology <br />
* Type of Cloud <br />
* Cloud Security <br />
* Data Security in the Cloud<br />
* Risk, Audit, and Assessment for the Cloud<br />
* Infrastructure Security in the Cloud<br />
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''<br />
''<br />
<br />
[[Category:OWASP_Chapter]]''</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Jacqueline.king&diff=256457
User:Jacqueline.king
2019-12-19T18:48:05Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>Currently with Idera Inc. DevOps Tools including Kiuwan, Ranorex, TestRail, Assembla, MyGit and Travis CI. Create original content for company website and promotional materials, including written text and screencasts. Edit instructional materials and third-party content for language and style. Collaborate with creative team to develop layouts and graphics and set up content in WordPress. Create social media posts and reply to comments. Manage company profile on third-party sites. Facilitate live sales webinars and presentations. Work with director of marketing to develop and execute long-range content plans.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Jacqueline.king&diff=256458
User talk:Jacqueline.king
2019-12-19T18:48:05Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 12:48, 19 December 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Jan_J&diff=256455
User:Jan J
2019-12-19T18:43:03Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>Mijn naam is Jan Jongsma. Ik heb de volgende opleidingen gedaan: <br />
- HAVO,<br />
- Kort HBO Bedrijfskundige Informatica, <br />
- HBO Informatica, <br />
- diverse onderdelen van de Open Universiteit bachelor Informatica,<br />
- diverse onderdelen van de Open Universiteit premaster Software Engineering.<br />
Verder heb ik de onder andere de volgende certificeringen en cursussen gedaan:<br />
- Certified Scrum Master,<br />
- Prince 2 Foundation,<br />
- Microsoft Team Foundation Server administration,<br />
- Microsoft SQL Server administration,<br />
- C# / .Net development,<br />
- Delphi development,<br />
- …</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Jan_J&diff=256456
User talk:Jan J
2019-12-19T18:43:03Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 12:43, 19 December 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Porto&diff=256446
Porto
2019-12-18T20:19:02Z
<p>Dawnaitken: </p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Porto|extra=The chapter leader position is '''OPEN'''.<br />
<br />
|meetupurl=https://www.meetup.com/OWASP-Porto-Chapter/|region=Europe}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=December_2019&diff=256412
December 2019
2019-12-17T01:59:39Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Dec 17<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=12&day=17&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
[[International Toll Free Calling Information]]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1AvkiEsaMAIzKzCOfAP5MQR_osIIK1qX5jDA9XPrWtTA/edit?usp=sharing November 2019 Minutes]<br />
<br />
REPORTS<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
<br />
1. Resolved that One-Year Individual Membership regional pricing will be $20 per year for residents of bottom 50% of Adjusted net national income per capita (current US$) countries. https://data.worldbank.org/indicator/NY.ADJ.NNTY.PC.CD<br />
<br />
2. Set time for January Board Member Onboarding video call (4hrs) to discuss Strategy and assign Board Member roles.<br />
3. Discussion and approval of the 2020 Operating Plan (https://www2.owasp.org/www-staff/operating-plan/2020) - The Board agreed in August to let successful chapters continue to manage their budgets and reasonable expenses, This needs to be reflected in the Chapter Operations sections of the Operating Plan.<br />
<br />
4. Approval of the OWASP 2020 Budget (https://www2.owasp.org/www-staff/budget/2020)<br />
<br />
5. Voting History - Mike's Response to have the Voting History corrected:<br />
<br />
Regarding the discussion we had at this past week's Board meeting and Global Event splits. I went back and listened to the recording of the meeting (https://drive.google.com/a/owasp.org/file/d/1Dqg4Hxs_NCQEtCAZXKdVu-DfITUQ9Gvp/view?usp=sharing). At the 26:43 mark Ofer makes his motion for a 90/10 split which was seconded by Richard. After a bit of conversation at 29:46 I suggest Ofer amend his resolution to "up to 10%" and "no less than 90%" which Richard again seconded. This was the resolution that was approved by the Board. It was approved.<br />
<br />
6. Update the Mission Statement:<br />
<br />
- From: The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.<br />
<br />
- To: The Open Web Application Security Project (OWASP) is a nonprofit foundation improving the security of software. Through community-led open source software projects, over 260 local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web. Richard's comment: replace "web" with "all software".<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
ADJOURNMENT<br />
<br />
<br />
<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=December_2019&diff=256411
December 2019
2019-12-17T00:38:05Z
<p>Dawnaitken: /* = */</p>
<hr />
<div><br />
Meeting Date:<br />
Dec 17<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=12&day=17&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
[[International Toll Free Calling Information]]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
<br />
REPORTS<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
<br />
1. Resolved that One-Year Individual Membership regional pricing will be $20 per year for residents of bottom 50% of Adjusted net national income per capita (current US$) countries. https://data.worldbank.org/indicator/NY.ADJ.NNTY.PC.CD<br />
<br />
2. Set time for January Board Member Onboarding video call (4hrs) to discuss Strategy and assign Board Member roles.<br />
3. Discussion and approval of the 2020 Operating Plan (https://www2.owasp.org/www-staff/operating-plan/2020) - The Board agreed in August to let successful chapters continue to manage their budgets and reasonable expenses, This needs to be reflected in the Chapter Operations sections of the Operating Plan.<br />
<br />
4. Approval of the OWASP 2020 Budget (https://www2.owasp.org/www-staff/budget/2020)<br />
<br />
5. Voting History - Mike's Response to have the Voting History corrected:<br />
<br />
Regarding the discussion we had at this past week's Board meeting and Global Event splits. I went back and listened to the recording of the meeting (https://drive.google.com/a/owasp.org/file/d/1Dqg4Hxs_NCQEtCAZXKdVu-DfITUQ9Gvp/view?usp=sharing). At the 26:43 mark Ofer makes his motion for a 90/10 split which was seconded by Richard. After a bit of conversation at 29:46 I suggest Ofer amend his resolution to "up to 10%" and "no less than 90%" which Richard again seconded. This was the resolution that was approved by the Board. It was approved.<br />
<br />
6. Update the Mission Statement:<br />
<br />
- From: The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.<br />
<br />
- To: The Open Web Application Security Project (OWASP) is a nonprofit foundation improving the security of software. Through community-led open source software projects, over 260 local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web. Richard's comment: replace "web" with "all software".<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
ADJOURNMENT<br />
<br />
<br />
<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=November_2019&diff=256410
November 2019
2019-12-17T00:36:43Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Nov 19<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
[https://www2.owasp.org/www-board/recordings/GMT20191119-190812_OWASP-Mont.m4a Link to Meeting Recording]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1Cw_My8iBG8tfq6mN4Xnc5K5BGk6WBPwxSMXwMpx8qrw/edit?usp=sharing October 2019 Board Minutes]<br />
<br />
REPORTS<br />
*[https://drive.google.com/a/owasp.org/file/d/1WC3r2zdKgihQ3eWdqcsN_WR3oj_lBef7/view?usp=sharing October 2019 Balance Sheet Summary]<br />
*[https://drive.google.com/a/owasp.org/file/d/1De5UlEz_CjAj0Tg6hjHCeVxkzYdDXr9H/view?usp=sharing October2019 OWASP Combined P&L]<br />
*[https://drive.google.com/a/owasp.org/file/d/1pF7EMmBrScrznIgAlLGKnyiVo-W6dDfc/view?usp=sharing OWASP 2019 Combined Fin pkg]<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
- Vote on Board Member Eligibility Proposal from August F2F<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
Please review the motion that was voted on September 25, 2019. It appears that the motion should of stated "up to 10%", please confirm the correct motion. Dawn Aitken<br />
<br />
Motion: beginning January 1, 2020 the Foundation has decided to change the profit splits of the Global AppSec events. The split will be 90% to the Foundation and 10% to the Chapters. The Chapter will have the option to give the funds back to the Foundation or the Community Fund. If there is no current active Chapter in the area the full 100% will be given to the Foundation. Ofer Maor motions, Richard Greenberg seconds<br />
<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* An updated on the foundation's move to Expensify<br />
* A proposed approach from finance on how OWASP can receive restricted gifts efficiently.<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* [Sherif] - Setting up a transparent discussion with the community on 1) Fair & reasonable expenses, 2) Chapter tiers - how to we provide autonimy and services to various chapter levels. I would like a round table on what they red flags are from each board members & upcoming board members) in order to incorporate into a document and discussions open to the community.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Events/upcoming_events&diff=256398
OWASP Events/upcoming events
2019-12-16T20:24:54Z
<p>Dawnaitken: /* Regional Events */</p>
<hr />
<div>== Global AppSec Events ==<br />
{| class="wikitable"<br />
|-<br />
! Global AppSec Events<br />
! Date<br />
! Location<br />
! Call for Papers<br />
! Call for Training<br />
! Registration<br />
! Sponsorships<br />
|-<br />
|[https://dublin.globalappsec.org Global AppSec Dublin]<br />
|June 15-19, 2020<br />
|Dublin, Ireland<br />
|January 2020<br />
|January 2020<br />
|Coming Soon<br />
|Coming Soon<br />
|-<br />
|[https://sf.globalappsec.org Global AppSec San Francisco]<br />
|October 19-23, 2020<br />
|San Francisco, CA<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|}<br />
<br />
== Regional Events ==<br />
<br />
<br />
Regional OWASP events should be entered with all information requested on the [https://ocms.owasp.org JIRA Service Desk Request Form.] Please, provide a reasonable timeframe to allow for approval and an additional request for help. (If there is incomplete information it will delay the process.) <br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date <br />
! Location<br />
|-<br />
| [https://2020.appseccalifornia.org/ AppSec California 2020]<br />
| January 21-24, 2020<br />
| Santa Monica, CA<br />
|-<br />
| [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020]<br />
| February 19-21, 2020<br />
| Auckland, New Zealand<br />
|-<br />
| [https://www.owaspseasides.com/ OWASP Seasides]<br />
| March 3-5, 2020<br />
| Panjim Goa, India<br />
|-<br />
| [https://www.snowfroc.com/ SnowFROC 2020]<br />
| March 5, 2020<br />
| Denver, CO<br />
|-<br />
| [https://2020.appsecmorocco.org/ AppSec Morocco & Africa 2020]<br />
| June 4-5, 2020<br />
| Rabat, Morocco<br />
|-<br />
|}<br />
<br />
== Global Partnership Events ==<br />
<br />
The OWASP Foundation global partnership agreements are available for national and international events. This agreement is a strategic yearly agreement with the Foundation and should not be confused with annual regional events that are supported by local chapters. Please submit your request for consideration well in advance for consideration, questions, and approval. [https://ocms.owasp.org JIRA Service Desk Request Form] and choose "Co-marketing" and fill out all required fields and attach the proposed agreement. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date<br />
! Location<br />
! Paid Members email marketing@owasp.org <br />
<br />
|-<br />
|[https://www.blackhat.com/eu-19/?_mc=sem_x_bheur_le_tsnr_bheu_x_goog_x-BHEU2019Beu&ppc=y&kw=x&gclid=EAIaIQobChMI7M7t_9im5QIVAj0MCh1kDAAlEAAYASAAEgK18vD_BwE BlackHat Europe 2019]<br />
|December 2-5, 2019<br />
|London<br />
|€ 200.00 discount code available<br />
|-<br />
|}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=November_2019&diff=256395
November 2019
2019-12-16T19:51:37Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Nov 19<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?<br />
year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Link to Meeting Recording: <br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1Cw_My8iBG8tfq6mN4Xnc5K5BGk6WBPwxSMXwMpx8qrw/edit?usp=sharing October 2019 Board Minutes]<br />
<br />
REPORTS<br />
*[https://drive.google.com/a/owasp.org/file/d/1WC3r2zdKgihQ3eWdqcsN_WR3oj_lBef7/view?usp=sharing October 2019 Balance Sheet Summary]<br />
*[https://drive.google.com/a/owasp.org/file/d/1De5UlEz_CjAj0Tg6hjHCeVxkzYdDXr9H/view?usp=sharing October2019 OWASP Combined P&L]<br />
*[https://drive.google.com/a/owasp.org/file/d/1pF7EMmBrScrznIgAlLGKnyiVo-W6dDfc/view?usp=sharing OWASP 2019 Combined Fin pkg]<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
- Vote on Board Member Eligibility Proposal from August F2F<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
Please review the motion that was voted on September 25, 2019. It appears that the motion should of stated "up to 10%", please confirm the correct motion. Dawn Aitken<br />
<br />
Motion: beginning January 1, 2020 the Foundation has decided to change the profit splits of the Global AppSec events. The split will be 90% to the Foundation and 10% to the Chapters. The Chapter will have the option to give the funds back to the Foundation or the Community Fund. If there is no current active Chapter in the area the full 100% will be given to the Foundation. Ofer Maor motions, Richard Greenberg seconds<br />
<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* An updated on the foundation's move to Expensify<br />
* A proposed approach from finance on how OWASP can receive restricted gifts efficiently.<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* [Sherif] - Setting up a transparent discussion with the community on 1) Fair & reasonable expenses, 2) Chapter tiers - how to we provide autonimy and services to various chapter levels. I would like a round table on what they red flags are from each board members & upcoming board members) in order to incorporate into a document and discussions open to the community.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Board&diff=256394
Board
2019-12-16T15:57:58Z
<p>Dawnaitken: /* 2018 Elected by Membership, Global Board Members */</p>
<hr />
<div>__NOTOC__<br />
<br />
= Board Meetings =<br />
[https://www.owasp.org/index.php/About_OWASP#OWASP_Foundation_Bylaws Bylaws] are the most important legal document of any organization. Bylaws outline in writing the day-to-day rules for your organization and provide comprehensive guidelines to keep things running smoothly. If you want to understand the business of OWASP Foundation the best way to do that would be to examine the bylaws the the [https://www.owasp.org/index.php/About_OWASP#Form_990_Documents 990 forms filed with the United States Government as a non-profit annually.]<br />
<br />
[https://www.owasp.org/index.php/About_OWASP#OWASP_Foundation_Bylaws Global Bylaws]<br />
<br />
== Upcoming 2019 Meetings ==<br />
* [[November 2019 |November 19, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
* [[December 2019 |December 17, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=12&day17&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
All board meeting notes that include actions as a result will be tracked in a single document for all meetings [https://docs.google.com/a/owasp.org/document/d/1aPmftVZH3-G96J6-wrpynwwZhBHtREe5a7g8owVYUag/edit?usp=sharing click here]<br />
<br />
== 2019 Elected by Membership, Global Board Members == <br />
[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0ApZ9zE0hx0LNdG5uRzNYZE8ycDFabnBWNkU4SFpwREE Board Member, Meeting Attendance Tracking]<br />
<br />
[https://www.owasp.org/index.php/OWASP_Board_History Historical Board Members by Year]<br />
<br><br />
<br><br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
==== [[User:Knoblochmartin | Martin Knobloch]]: Chair ====<br />
<br />
The Chairman of the Board shall serve as the principal executive officer of the Foundation.<br />
<br />
Fiduciary responsibilities: He/She shall, in general, supervise and control all of the business and affairs of the Foundation. He/She will monitor financial planning and financial reports He/She or he may sign, with the Secretary or any other proper officer of the Foundation thereunto authorized by the Board of Directors, any deeds, mortgages, bonds, contracts, or other instruments which the Board of Directors has authorized to be executed, except in cases where the signing and execution thereof shall be expressly delegated by the Board of Directors or by these Bylaws to some other officer or agent of the Foundation, or shall be required by law to be otherwise signed or executed;<br />
<br />
Leadership and Direction: provides leadership to the Board of Directors with regards to policy setting and strategic planning. He/She helps guide and mediate board actions with respect to organizational priorities and governance concerns, and in general shall perform all duties incident to the office of Chairman of the Board subject to the control of the Board of Directors.<br />
<br />
Organizational Responsibilities: He/She plays a leading role in fundraising activities, formally evaluate the performance of the Foundation Director and informally evaluate the effectiveness of the board members. An annual, overall evaluation of the performance of the organization in achieving its mission will be accomplished. He or she shall, when present, preside at all meetings of the Board of Directors, unless otherwise delegated, and such other duties as may be prescribed by the Board of Directors from time to time. <br />
<br><br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
<br />
==== [[Owen_Pendlebury_2017_Bio_%26_Why_Me%3F | Owen Pendlebury]]: Vice Chair ====<br />
<br />
Performs Chair responsibilities when the Chair cannot be available, works closely with Chair and other Board Members, participates closely with Chair to develop and implement officer transition plans, performs other responsibilities as assigned by the Board.<br />
<br><br />
<br><br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
==== [[Sherif_Mansour_2017_Bio_%26_Why_Me%3F | Sherif Mansour]]: Treasurer==== <br />
<br />
Treasurer manages finances of the organization, administers fiscal matters of the organization, provides annual budget to the board for member’s approval, ensures development and board review of financial policies and procedures. [[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
<br><br />
==== [[User:Ofer_Maor | Ofer Maor]]: Secretary ====<br />
<br />
Maintains records of the board and ensures effective management of organization’s records, manages minutes of board meetings, ensures minutes are distributed shortly after each meeting, is sufficiently familiar with legal documents (articles, bylaws, IRS letters, etc.) to note applicability during meetings; is the custodian of the corporate records and of the seal of the Foundation and see that the seal of the Foundation is affixed to all documents, the execution of which on behalf of the Foundation under its seal is duly authorized; keeps a register of the post office address of each Director which shall be furnished to the Secretary by such Director; and, in general perform all duties incident to the office of the Secretary and such other duties as from time to time may be assigned to him by the Chairman of the Board or by the Board. <br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
==== [[Chenxi_Wang,_Ph.D._(Forrester_Research) | Chenxi Wang, Ph.D.]]: Member at Large====<br />
<br><br />
Regularly attends board meetings and important related meetings, volunteers for and willingly accepts assignments and completes them thoroughly and on time, stays informed about committee matters, prepares themselves well for meetings, and reviews and comments on minutes and reports, gets to know other committee members and builds a collegial working relationship that contributes to consensus, is an active participant in the committee’s annual evaluating and planning efforts, participates in fundraising for the organization.<br><br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br />
==== [[User:Richard_greenberg | Richard Greenberg]]: Member at Large ====<br />
<br>Regularly attends board meetings and important related meetings, volunteers for and willingly accepts assignments and completes them thoroughly and on time, stays informed about committee matters, prepares themselves well for meetings, and reviews and comments on minutes and reports, gets to know other committee members and builds a collegial working relationship that contributes to consensus, is an active participant in the committee’s annual evaluating and planning efforts, participates in fundraising for the organization.<br />
<br />
<br><br />
[[Image:Owasp_logo_icon.jpg|120 px|left]]<br />
<br><br />
====[[Gary_Robinson_2018_Bio_and_Why_me | Gary Robinson]]: Member at Large ====<br />
<br />
<br><br />
Regularly attends board meetings and important related meetings, volunteers for and willingly accepts assignments and completes them thoroughly and on time, stays informed about committee matters, prepares themselves well for meetings, and reviews and comments on minutes and reports, gets to know other committee members and builds a collegial working relationship that contributes to consensus, is an active participant in the committee’s annual evaluating and planning efforts, participates in fundraising for the organization.<br><br />
<br />
= How Meetings Operate =<br />
'''CALL TO ORDER'''<br />
<br />
The first order of business is for the chair to announce the call to order, along with the time. The secretary enters the time of the call to order in the minutes. After the meeting is called to order, the board chair may make welcoming remarks, ask for introductions, or read the organization’s mission and vision statements.<br />
<br />
'''CHANGES TO THE AGENDA'''<br />
<br />
The second order of business is for the chair to ask for changes to the agenda. Additions and deletions to the agenda will be made at this time. Having no changes, the agenda moves to approving the prior meeting’s minutes.<br />
<br />
<br />
'''APPROVAL OF MINUTES'''<br />
<br />
The third item on the agenda should list “Approval of Minutes” along with the date of the most recent meeting. In most cases, board members should have received a copy of the minutes prior to the meeting. If they have not contacted the secretary prior to the meeting with corrections or changes to the minutes, they have to opportunity to make them during this item on the agenda.<br />
<br />
Board members have an ethical and legal responsibility to make sure that the recording of the minutes accurately reflect the board’s business.<br />
<br />
'''REPORTS'''<br />
<br />
The fourth item on the agenda is the reports. This first report should be a report from the Executive Director. This report should include a review of operations and projects. The Executive Director should give board members on overview of the business outlook including positive and negative trends, major initiatives, business updates, and other aspects of the business.<br />
<br />
Following the Executive Director report, the Finance Director gives a report. Board members should make an effort to understand the financial reports so that they can identify potential financial threats. Understanding financial reports may also generate discussion about potential opportunities.<br />
<br />
Subsequent reports may be given by committee chairs.<br />
<br />
'''OLD BUSINESS'''<br />
<br />
Items should include past business items that are unresolved, need further discussion, or require a board vote. Items may be tabled or referred to committee for further exploration.<br />
<br />
'''NEW BUSINESS'''<br />
<br />
Board members should have a discussion about new business items and identify a plan to take action. This may include tabling them, delaying action to a future date, or referring them to a committee.<br />
<br />
'''COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS'''<br />
<br />
At this point in the agenda, members may make announcements, such as offering congratulations or condolences, or make other special announcements. Any other business may be brought up at this time, for example, items that may need to be added to the next meeting’s agenda.<br />
<br />
'''ADJOURNMENT'''<br />
<br />
This is a formal closing of the meeting by the board chair. He should state the time that the meeting closed, so that the secretary may including it in the board minutes. The date of the next meeting should follow the adjournment item, so that board members will be reminded to put it on their calendars.<br />
<br />
For more information about the Roberts Rules of Order see this [http://www.umecra.com/BylawsAndRules/Roberts%20Rules%20Handout.pdf CHEAT SHEET]<br />
<br />
= Voting History =<br />
<br />
=== Historical Votes on Motions ===<br />
The purpose of this is to track the position on each motion as presented and how the elected official voted on the motion. This is useful for the membership to review how elected officials voted on items that effect the organization and its [https://www.owasp.org/index.php/OWASP_Foundation_ByLaws bylaws]. A motion is a request for action (budget requests, policy changes, new partnerships etc.) they can be presented by ANYONE to the board such as a member of the public, a member of the OWASP Foundation but does require a sponsor on the Board. That sponsor will present the motion to the board at least (10) working days in advance so it can be read in advance of the meeting. If appropriate a motion can be presented based to take action on the motion as written. For a vote to be called and action to be taken a second board member is required to carry the business to vote. On completion of the discussion the chairman will call for a vote to the motion YES, NO, ABSTAIN. For more details on this process try this [http://www.umecra.com/BylawsAndRules/Roberts%20Rules%20Handout.pdf CHEAT SHEET]<br />
<br />
[https://www.owasp.org/index.php/OWASP_Board_Votes Historical Board Votes]<br />
<br />
Note that if a motion is presented and is voted on and it is approved action will be taken to implement the motion. If the motion fails it can be resubmitted and the process starts again as if it is a new motion.<br />
<br />
=== Attendance Tracker===<br />
This is used to keep track that Board Members meet 75% attendance requirements as noted in section 3.03 of the organization bylaws. A meeting is logged as attended if the board member attends the entire meeting as scheduled from the call to order until it is adjourned, this includes executive session if applicable that is closed to the membership and general public for reasons related to human resources and legal issues that require it by law or for the good of the OWASP Foundation Inc. - <br />
[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0ApZ9zE0hx0LNdG5uRzNYZE8ycDFabnBWNkU4SFpwREE Board Meeting Attendance Tracker]<br />
<br />
= Historical Meeting Archive =<br />
== Archive 2019 ==<br />
* [[October 2019|October 15, 2019]]11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=10&day=21&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[September 2019 |September 25, 2019]] 7 PM The Netherlands CET - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=9&day=25&hour=17&min=0&sec=0&p1=16&p2=179&p3=137 other time zones]<br />
* <s>[[August 2019 |August 20, 2019]] 11 AM US Pacific</s> - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=8&day=19&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones] '''CANCELLED'''* [[July 2019 |July 16, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=7&day=15&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[June 2019 |June 18, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=6&day=17&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[May 2019 |May 21, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=5&day=20&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[April 2019 |April 29, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=4&day=15&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[March 2019 |March 18, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=3&day=18&hour=18&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
* [[February 2019 |February 18, 2019]] 11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=2&day=18&hour=19&min=0&sec=0&p1=16&p2=919& other time zones]<br />
* [[January 2019 |January 23rd, 2019]] - 3:00 PM to 4:00 PM PST([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=1&day=23&hour=23&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones])<br />
<br />
== Archive 2018 ==<br />
* [[December 2018 |December 19th, 2018]] - 1:00 PM to 2:30 PM EST ([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=12&day=19&hour=19&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones])<br />
* [[November 2018 |November 21, 2018]] - 12:00 PM to 1:30 PM EST ([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=11&day=21&hour=17&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones])<br />
* [[October 2018 |October 10, 2018]] - 3:00 to 4:30 PM EDT ([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=10&day=10&hour=19&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones]) at AppSec USA 2018 Conference<br />
* [[September 2018 |September 27, 2018]] - 2:00 PM to 3:30 PM EDT ([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=9&day=19&hour=18&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones]) <br />
* [[August 2018 |August 15, 2018]] - 1:00 PM to 2:30 PM EDT ([https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=8&day=15&hour=17&min=0&sec=0&p1=179&p2=24&p3=16&p4=136&p5=224 time zones]) <br />
* [[July 4th, 2018|July 4th, 2018]] - during AppSec EU 2018<br />
* [[June_19,_2018]] - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=6&day=19&hour=18&min=0&sec=0&p1=16&p2=78&p3=136&p4=179&p5=224&p6=102&p7=236&p8=152 Click Here for Meeting Time in Your Timezone]<br />
* [[May 15, 2018]] - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=5&day=15&hour=19&min=0&sec=0&p1=16&p2=78&p3=136&p4=179&p5=224&p6=102&p7=236&p8=152 Click Here for Meeting Time in Your Timezone]<br />
* [[April 4, 2018]] - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=4&day=4&hour=14&min=0&sec=0&p1=16&p2=78&p3=136&p4=179&p5=224&p6=102&p7=236&p8=152 TimeZone Converter]<br />
* [[March 7, 2018]] - 3:00pm - 4:00pm EST - [https://www.timeanddate.com/worldclock/converted.html?iso=20180307T21&p1=16&p2=16&p3=676&p4=136&p5=78&p6=179&p7=224&p8=240&p9=102 Time Converter]<br />
* [[February 7, 2018]] - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2018&month=2&day=7&hour=20&min=0&sec=0&p1=16&p2=179&p3=78&p4=102&p5=224&p6=136&p7=152&p8=676 TimeZone Converter]<br />
* [[January 24, 2018]], [https://www.timeanddate.com/worldclock/fixedtime.html?msg=OWASP+Board+Meeting%2C+January+24+2018&iso=20180124T19&p1=16&ah=1&am=30 TimeZone Converter]<br />
<br />
== Archive 2017 ==<br />
* [[December 6, 2017]], 15:00-16:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=12&day=06&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[November 8, 2017]], 07:00-08:30 PST - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=11&day=8&hour=15&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[October 11, 2017]], 15:00 - 17:30 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=10&day=11&hour=22&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[September 19, 2017]] 15:00-17:30 PDT, in Orlando at AppSecUSA - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=9&day=19&hour=22&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[September 6, 2017]] 07:00-08:30 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=09&day=06&hour=14&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter] (Cancelled for interviews)<br />
*[[August 9, 2017]], 16:00-17:30 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=08&day=09&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[July 5, 2017]], 07:00-08:00 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=07&day=05&hour=14&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[June 7, 2017]], 18:00-21:00 CEST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=06&day=07&hour=16&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[May 9, 2017]], 18:00-19:30 IST, in Belfast at AppSecEU - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=5&day=9&hour=17&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
*[[April 12, 2017]], 16:00-17:00 PDT - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=04&day=12&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter] ('''Cancelled''' [http://lists.owasp.org/pipermail/owasp-board/2017-April/017969.html Notice by Matt Konda])<br />
*[[March 22, 2017]] 06:00-07:30 PST - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=3&day=22&hour=13&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter] - *Special Meeting to approve the 2017 Budget*<br />
* [[March 8, 2017]], 06:00-07:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=03&day=08&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[February 8, 2017]], 15:00-16:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=02&day=08&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[January 11, 2017]], 14:00-15:30 PST - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2017&month=1&day=10&hour=22&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
<br />
== Archive for 2016 Meetings ==<br />
* [[December 14, 2016]], 15:00-16:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=12&day=14&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[November 8, 2016]], 15:00-16:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=11&day=09&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* CANCELLED - [[November 30, 2016]], 15:00-16:30 PST - placeholder only optional if needed - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=11&day=30&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[October 11, 2016]], at AppSecUSA 18:00 - 21:00 EDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=10&day=11&hour=22&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[September 21, 2016]] 07:00-08:30 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=09&day=21&hour=14&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[August 23, 2016]], 16:00-17:00 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=08&day=23&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[July 1, 2016]], 18:00-21:00 CEST, in Rome at AppSecEU - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=07&day=01&hour=16&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[July 27, 2016]], 07:00-08:00 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=07&day=27&hour=14&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[May 18, 2016]], 07:00-08:30 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=05&day=18&hour=14&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[April 20, 2016]], 16:00-17:00 PDT - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=04&day=20&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[March 16, 2016]], 16:00-17:00 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=03&day=16&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[February 17, 2016]], 15:00-16:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=02&day=17&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
* [[January 13, 2016]], 16:00-17:30 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=01&day=14&hour=00&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter]<br />
<br />
== Archive for 2015 Meetings ==<br />
* [[December 9, 2015]], 15:00-17:00 PST <br />
* [[November 18, 2015]], 14:00-15:30 PST<br />
* [[November 4, 2015]], 12:00-13:30 PST<br />
* [[October 14, 2015]], 14:00-15:00 PDT<br />
* [[September 25, 2015]] at AppSecUSA 18:00 - 20:00 PST<br />
* [[August 12, 2015]], 16:00-17:00 PST<br />
* [[July 22, 2015]], 14:00-15:00 PDT<br />
* [[June 24, 2015]], 14:00-15:00 PDT<br />
* [[May 22, 2015]], 18:00-20:00 CEST in Amsterdam @ AppSec-EU , 9:00am-11:00am PST;<br />
* [[April 29, 2015]], 12:00-13:00 PST<br />
* [[March 25, 2015]], 12:00-13:00 PST <br />
* [[February 11, 2015]], 16:00-17:00 PST<br />
* [[January 14, 2015]], 9am-10am PST<br />
<br />
<br />
== Archive for 2014 Meetings ==<br />
* [[December 10, 2014]], 9am-10am PST<br />
* [[November 12, 2014]], 9am - 10am PST<br />
* [[October 8, 2014]], 9am-10am PST<br />
* [[September 16, 2014]], 6pm - 9pm MST, In person at Appsec USA <br />
* [[August 13, 2014]], 9am-10am PST<br />
* [[July 9, 2014]], 9am-10am PST<br />
* [[June 27, 2014]], 8am - 4 pm BST, In person at AppSec Europe<br />
* [[April 30, 2014]],9am - 12pm PST<br />
* [[March 3, 2014]], 7am - 10am PST<br />
* [[February 24, 2014]], 8am - 10am PST<br />
<br />
== Archive for 2013 Meetings ==<br />
<br />
*[[December 9, 2013]]<br />
<br />
* December 2, 2013 - Special Board Meeting - [https://docs.google.com/spreadsheet/ccc?key=0ApZ9zE0hx0LNdGdJZ1BIaEZkc2V1QV81NmJ4dnI0R1E&usp=sharing 2014 Budget] walk through, Q & A (no meeting notes)<br />
<br />
*[[November 22, 2013]] - In person meeting at AppSec USA - New York, NY<br />
<br />
* November 11, 2013 - cancelled due to in person meeting on Nov. 22<br />
<br />
*[[October 14, 2013]]<br />
<br />
*[[September 9, 2013]]<br />
<br />
*[[In person meeting at AppSec EU - Hamburg, Germany; August 19-24]]<br />
<br />
* August 12, 2013 - canceled due to in person meeting on Aug 19<br />
<br />
*[[July 8, 2013]]<br />
<br />
*[[June 10, 2013]]<br />
<br />
*[[May 31, 2013]]<br />
<br />
*[[May 13, 2013]]<br />
<br />
*[[April 8, 2013]]<br />
<br />
*[[March 11, 2013]]<br />
<br />
*[[February 11, 2013]]<br />
<br />
*[[January 14, 2013]]<br />
<br />
== Archive for 2012 Meetings ==<br />
<br />
[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0ApZ9zE0hx0LNdG5uRzNYZE8ycDFabnBWNkU4SFpwREE Board Meeting Attendance Tracking]<br />
<br />
OWASP Foundation [https://www.owasp.org/images/a/ae/2012ByLawsFINAL.pdf ByLaws]<br />
<br />
[https://www.owasp.org/index.php/Global_Committee_Pages Global Committees] <br />
<br />
*[[January 9, 2012]]<br />
<br />
*[[February 6, 2012]]<br />
<br />
*[[February 15, 2012]] <br />
<br />
*[[March 12, 2012]]<br />
<br />
*[[April 5, 2012]]<br />
<br />
*[[May 14,2012]]<br />
<br />
*[[June 11, 2012]]<br />
<br />
*[[July 11, 2012]]<br />
<br />
*[[Aug 13, 2012]]<br />
<br />
*[[Sept 10, 2012]]<br />
<br />
*[[Oct 8, 2012]]<br />
<br />
*[[Oct 24, 2012]]<br />
<br />
*[[Nov 12, 2012]]<br />
<br />
*[[Nov 26, 2012]] - 2013 Budget Focused<br />
<br />
*[[Dec 10, 2012]]<br />
<br />
*[[Dec 27, 2012]] - 2013 Budget Focused<br />
<br />
== Archive for 2011 Meetings ==<br />
<br />
*[[January 3, 2011]]<br />
<br />
*[[March 7, 2011]]<br />
<br />
*[[April_4_2011]]<br />
<br />
*[[May_2_2011]]<br />
<br />
*[[June 6, 2011]]<br />
<br />
*[[July 11, 2011]]<br />
<br />
*[[August 8, 2011]] <br />
<br />
*[[September 6, 2011]]<br />
<br />
*[[September 20, 2011]]<br />
<br />
*[[September 22, 2011]]<br />
<br />
*[[October 10, 2011]]<br />
<br />
*[[November 14, 2011]]<br />
<br />
*[[December 5, 2011]]<br />
<br />
== Minutes for 2011 Meetings == <br />
<br />
<hr /><br />
<br />
* [https://www.owasp.org/index.php/OWASP_Board_Votes Board Votes Historical]<br />
<br />
<hr /><br />
<br />
*[[Minutes January 3, 2011]]<br />
<br />
*[[Minutes March 8, 2011]]<br />
<br />
*[[Minutes April 4, 2011]]<br />
<br />
*[[Minutes May 2, 2011]]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/1VD9ZHEwht9tmM8FKEQ6DBrtmL_gTAhSSnQhiFXYkJ7I/edit?hl=en_US&authkey=CIavkP4B June 6 2011]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/1VMwYrP6owtZ-SchBxUcWTIF-ITvzUX8PjUkLPwr2ipg/edit?hl=en_US&authkey=CIGTx5sD July 11 2011]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/1CLu9aQpS7LdeX87rJ5N9cuJ-RGGVzDWf34l6gdMml7M/edit?hl=en_US&authkey=CI-U5qEP August 8, 2011]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/1HM32VcvWb0hizD5_mhWMULLaouzuRgA3ZYjODRZwyAs/edit?hl=en_US September 6, 2011]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/1Y-8tZisUZM5ZKP8AxJqvkiNtFanVFM0m--bMG2PZ3ww/edit October 10, 2011]<br />
<br />
*[https://docs.google.com/a/owasp.org/document/d/13-aHX2pSUXjCP8ivsbls6u1VX1BVSYewyMUH8LI7zpQ/edit November 14, 2011]<br />
<br />
== Archive for 2010 Meetings ==<br />
*[[January 5, 2010]]<br />
<br />
*[[February 2, 2010]]<br />
<br />
*[[March 2, 2010]] <span style="color:blue">Postponed until March 9, 2010</span> <br />
<br />
*[[April 6, 2010]]<br />
<br />
*[[May 4, 2010]]<br />
<br />
*[[June 7, 2010]]<br />
<br />
*[[July 12, 2010]]<br />
<br />
*[[August 2, 2010]]<br />
<br />
*[[September 8, 2010]]<br />
<br />
*[[October 11, 2010]]<br />
<br />
*[[November 9, 2010]]<br />
<br />
*[[December_6_2010]]<br />
<br />
== Archive of 2010 Meetings ==<br />
<br />
*[[Jan 5, 2010]]<br />
<br />
*[[Feb 2, 2010]]<br />
<br />
*[[March 2, 2010]]<br />
<br />
*[[Minutes April 6, 2010]]<br />
<br />
*[[Minutes May 11, 2010]]<br />
<br />
*[[Minutes June 7, 2010]]<br />
<br />
*[[Minutes July 12, 2010]]<br />
<br />
*[[Minutes October 11, 2010]]<br />
<br />
*[[Minutes November 9, 2010]]<br />
<br />
*[[Minutes_December_6,_2010]]<br />
<br />
*[[OWASP Board Meetings January Agenda]]<br />
*[[OWASP Board Meetings February Agenda]]<br />
*[[OWASP Board Meetings March Agenda]]<br />
*[[OWASP Board Meetings April09 Agenda]]<br />
*[[OWASP Board Meetings May09 Agenda]]<br />
*[[OWASP Board Meetings June 09 Agenda]]<br />
*[[OWASP Board Meeting July 7, 2009 Agenda]]<br />
*[[OWASP Board Meeting August 4, 2009 Agenda]]<br />
*[[OWASP Board Meeting September 1, 2009 Agenda]] <br />
*[[OWASP Board Meeting October 6, 2009 Agenda]]<br />
*[[OWASP Board Meeting November 10, 2009 Agenda]]<br />
*[[OWASP Board Meeting December 1, 2009 Agenda]]<br />
<br />
== Archive of 2009 Meetings ==<br />
* [[OWASP Board Meetings 01-06-09]]<br />
* [[OWASP Board Meetings 02-03-09]]<br />
* [[OWASP Board Meetings 03-10-09]]<br />
* [[OWASP Board Meetings April 09]]<br />
* [[OWASP Board Meetings May 09]]<br />
* [[OWASP Board Meetings June 09]]<br />
* [[OWASP Board Meeting July 09]]<br />
* [[OWASP Board Meeting August 09]]<br />
* [[OWASP Board Meeting September 09]]<br />
* [[OWASP Board Meeting October 09]]<br />
* [[OWASP Board Meeting December 09]]<br />
<br />
== Archive for 2008 Meetings ==<br />
*[[OWASP Board Meetings March Agenda]]<br />
*[[OWASP Board Meetings April Agenda]]<br />
*[[OWASP Board Meetings May Agenda]]<br />
*[[OWASP Board Meetings June Agenda]]<br />
*[[OWASP Board Meetings July Agenda]]<br />
*[[OWASP Board Meetings August Agenda]]<br />
*[[OWASP Board Meetings September Agenda]]<br />
*[[OWASP Board Meetings October Agenda]]<br />
*[[OWASP Board Meetings December Agenda]]<br />
<br />
== Archive of 2008 Meetings ==<br />
* [[OWASP Board Meetings 2-7-08]]<br />
* [[OWASP Board Meetings 3-6-08]]<br />
* [[OWASP Board Meetings 5-6-08]]<br />
* [[OWASP Board Meetings 6-3-08]]<br />
* [[OWASP Board Meetings 8-14-08]]<br />
* [[OWASP Board Meetings 9-2-08]] <br />
* [[Owasp Board Meetings 10-07-08]]<br />
* [[Owasp Board Meetings 11-07-08]]<br />
* [[Owasp Board Meetings 12-02-08]]<br />
<br />
= Board Election Archive =<br />
<br />
All elected officers are required to [https://docs.google.com/document/d/10zBT6oY2Q3B6kr6r7DGl3Cc0f5rGmQ0Slc6RYvbxmus/edit review sign and return] the following document before starting their term in office to the then current board Secretary <br />
<br />
[https://www.owasp.org/index.php/OWASP_Board_History OWASP Board History]<br />
<br />
===2017 Election===<br />
[https://www.owasp.org/index.php/2017_Global_Board_of_Directors_Election 2017 Board Election]<br />
=== 2016 Election ===<br />
[https://www.owasp.org/index.php/2016_Global_Board_of_Directors_Election 2016 Board Election]<br />
=== 2015 Election ===<br />
[https://www.owasp.org/index.php/2015_Global_Board_of_Directors_Election 2015 Board Election]<br />
=== 2014 Election ===<br />
[https://www.owasp.org/index.php/2014_Board_Elections 2014 Board Election]<br />
=== 2013 Election ===<br />
[https://www.owasp.org/index.php/2013_Board_Elections 2013 Board Election]<br />
=== 2012 Election ===<br />
[https://www.owasp.org/index.php/Membership/2012_Election 2012 Board Election]<br />
=== 2011 Election ===<br />
[https://www.owasp.org/index.php/Membership/2011Election 2011 Board Election]<br />
=== 2009 Election ===<br />
[https://www.owasp.org/index.php/Board_Election_2009 2009 Board Election]<br />
<br />
=== Past OWASP Boards ===<br />
<br />
[[Board-2018]]<br />
<br />
[[Board-2017]]<br />
<br />
[[Board-2016]]<br />
<br />
[[Board-2015]]<br />
<br />
[[Board-2014]]<br />
<br />
[[Board-2013]]<br />
<br />
[[Board-2012]]<br />
<br />
[[Board-2011]]<br />
<br />
= Misc. =<br />
<br />
* Teleconference Information: **CHECK MEETING INFORMATION**<br />
<br />
* [https://www.owasp.org/index.php/International_Toll_Free_Calling_Information International Toll Free Calling Info]<br />
<br />
* Meeting Template found [https://www.owasp.org/index.php/Board-Meeting-template here]<br />
<br />
<headertabs> </headertabs></div>
Dawnaitken
https://wiki.owasp.org/index.php?title=December_2019&diff=256316
December 2019
2019-12-12T20:29:25Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Dec 17<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=12&day=17&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
[[International Toll Free Calling Information]]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
<br />
REPORTS<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
<br />
1. Resolved that One-Year Individual Membership regional pricing will be $20 per year for residents of bottom 50% of Adjusted net national income per capita (current US$) countries. https://data.worldbank.org/indicator/NY.ADJ.NNTY.PC.CD<br />
<br />
2. Set time for January Board Member Onboarding video call (4hrs). Discuss Strategy and assign Board Member roles.<br />
<br />
3. Approval the OWASP 2020 Budget<br />
<br />
4. Approval of the 2020 Operating Plan (https://www2.owasp.org/www-staff/operating-plan/2020)<br />
<br />
5. Voting History - Mike's Response to have the Voting History corrected:<br />
<br />
Regarding the discussion we had at this past week's Board meeting and Global Event splits. I went back and listened to the recording of the meeting (https://drive.google.com/a/owasp.org/file/d/1Dqg4Hxs_NCQEtCAZXKdVu-DfITUQ9Gvp/view?usp=sharing)<br />
<br />
At the 26:43 mark Ofer makes his motion for a 90/10 split which was seconded by Richard.<br />
<br />
After a bit of conversation at 29:46 I suggest Ofer amend his resolution to "up to 10%" and "no less than 90%" which Richard again seconded. This was the resolution that was approved by the Board. It was approved.<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=December_2019&diff=256315
December 2019
2019-12-12T20:28:24Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Dec 17<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=12&day=17&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
[[International Toll Free Calling Information]]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
<br />
REPORTS<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
<br />
1. Resolved that One-Year Individual Membership regional pricing will be $20 per year for residents of bottom 50% of Adjusted net national income per capita (current US$) countries. https://data.worldbank.org/indicator/NY.ADJ.NNTY.PC.CD<br />
<br />
2. Set time for January Board Member Onboarding video call (4hrs). Discuss Strategy and assign Board Member roles.<br />
<br />
3. Approval the OWASP 2020 Budget<br />
<br />
4. Approval of the 2020 Operating Plan (https://www2.owasp.org/www-staff/operating-plan/2020)<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
5. Voting History - Mike's Response to have the Voting History corrected:<br />
<br />
Regarding the discussion we had at this past week's Board meeting and Global Event splits. I went back and listened to the recording of the meeting (https://drive.google.com/a/owasp.org/file/d/1Dqg4Hxs_NCQEtCAZXKdVu-DfITUQ9Gvp/view?usp=sharing)<br />
<br />
At the 26:43 mark Ofer makes his motion for a 90/10 split which was seconded by Richard.<br />
<br />
After a bit of conversation at 29:46 I suggest Ofer amend his resolution to "up to 10%" and "no less than 90%" which Richard again seconded. This was the resolution that was approved by the Board. It was approved.<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Events/upcoming_events&diff=256301
OWASP Events/upcoming events
2019-12-11T17:17:50Z
<p>Dawnaitken: /* Global AppSec Events */</p>
<hr />
<div>== Global AppSec Events ==<br />
{| class="wikitable"<br />
|-<br />
! Global AppSec Events<br />
! Date<br />
! Location<br />
! Call for Papers<br />
! Call for Training<br />
! Registration<br />
! Sponsorships<br />
|-<br />
|[https://dublin.globalappsec.org Global AppSec Dublin]<br />
|June 15-19, 2020<br />
|Dublin, Ireland<br />
|January 2020<br />
|January 2020<br />
|Coming Soon<br />
|Coming Soon<br />
|-<br />
|[https://sf.globalappsec.org Global AppSec San Francisco]<br />
|October 19-23, 2020<br />
|San Francisco, CA<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|}<br />
<br />
== Regional Events ==<br />
<br />
<br />
Regional OWASP events should be entered with all information requested on the [https://ocms.owasp.org JIRA Service Desk Request Form.] Please, provide a reasonable timeframe to allow for approval and an additional request for help. (If there is incomplete information it will delay the process.) <br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date <br />
! Location<br />
|-<br />
| [https://god.owasp.de/ German OWASP Day 2019]<br />
| December 9-10, 2019<br />
| Karlsruhe, German<br />
|-<br />
| [https://www.owasp.org/index.php/Italy_OWASP_Day_Udine_2019 OWASP Italy Day Udine 2019]<br />
| December 14, 2019<br />
| Udine, Italy<br />
|-<br />
| [https://2020.appseccalifornia.org/ AppSec California 2020]<br />
| January 21-24, 2020<br />
| Santa Monica, CA<br />
|-<br />
| [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020]<br />
| February 19-21, 2020<br />
| Auckland, New Zealand<br />
|-<br />
| [https://www.owaspseasides.com/ OWASP Seasides]<br />
| March 3-5, 2020<br />
| Panjim Goa, India<br />
|-<br />
| [https://www.snowfroc.com/ SnowFROC 2020]<br />
| March 5, 2020<br />
| Denver, CO<br />
|-<br />
| [https://2020.appsecmorocco.org/ AppSec Morocco & Africa 2020]<br />
| June 4-5, 2020<br />
| Rabat, Morocco<br />
|-<br />
|}<br />
<br />
== Global Partnership Events ==<br />
<br />
The OWASP Foundation global partnership agreements are available for national and international events. This agreement is a strategic yearly agreement with the Foundation and should not be confused with annual regional events that are supported by local chapters. Please submit your request for consideration well in advance for consideration, questions, and approval. [https://ocms.owasp.org JIRA Service Desk Request Form] and choose "Co-marketing" and fill out all required fields and attach the proposed agreement. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date<br />
! Location<br />
! Paid Members email marketing@owasp.org <br />
<br />
|-<br />
|[https://www.blackhat.com/eu-19/?_mc=sem_x_bheur_le_tsnr_bheu_x_goog_x-BHEU2019Beu&ppc=y&kw=x&gclid=EAIaIQobChMI7M7t_9im5QIVAj0MCh1kDAAlEAAYASAAEgK18vD_BwE BlackHat Europe 2019]<br />
|December 2-5, 2019<br />
|London<br />
|€ 200.00 discount code available<br />
|-<br />
|}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Leeds_UK&diff=256222
Leeds UK
2019-12-02T17:33:53Z
<p>Dawnaitken: Protected "Leeds UK" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))</p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
{{Chapter Template|chaptername=Leeds UK|extra=The chapter leader position is '''OPEN'''.<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Leeds_UK|emailarchives=http://lists.owasp.org/pipermail/owasp-Leeds_UK}}<br />
<br />
<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Cornucopia&diff=256219
OWASP Cornucopia
2019-12-01T23:54:57Z
<p>Dawnaitken: </p>
<hr />
<div>=Main=<br />
<br />
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:Cornucopia-header.jpg|link=]]</div><br />
<div style="width:100%;height:90px;border:0,margin:0;overflow: hidden;">[[File: lab_big.jpg|link=OWASP_Project_Stages#Lab_Projects]]</div><br />
<br />
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-<br />
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
==OWASP Cornucopia==<br />
OWASP Cornucopia is a mechanism in the form of a card game to assist software development teams identify security requirements in Agile, conventional and formal development processes. It is language, platform and technology agnostic.<br />
<br />
<br />
==Introduction==<br />
The idea behind Cornucopia is to help development teams, especially those using Agile methodologies, to identify application security requirements and develop security-based user stories. Although the idea had been waiting for enough time to progress it, the final motivation came when [http://www.safecode.org/ SAFECode] published its [http://www.safecode.org/publications/SAFECode_Agile_Dev_Security0712.pdf Practical Security Stories and Security Tasks for Agile Development Environments] in July 2012.<br />
<br />
The Microsoft SDL team had already published its super [http://www.microsoft.com/security/sdl/adopt/eop.aspx Elevation of Privilege: The Threat Modeling Game] (EoP) but that did not seem to address the most appropriate kind of issues that web application development teams mostly have to address. EoP is a great concept and game strategy, and was [http://blogs.msdn.com/b/sdl/archive/2010/03/02/announcing-elevation-of-privilege-the-threat-modeling-game.aspx published under] a [http://creativecommons.org/licenses/by/3.0/ Creative Commons Attribution License].<br />
Cornucopia {{#switchtablink:Ecommerce Website Edition|Ecommerce Website Edition}} is based the concepts and game ideas in EoP, but those have been modified to be more relevant to the types of issues ecommerce website developers encounter. It attempts to introduce threat-modelling ideas into development teams that use Agile methodologies, or are more focused on web application weaknesses than other types of software vulnerabilities or are not familiar with STRIDE and DREAD.<br />
<br />
<br />
==The Card Decks==<br />
<br />
''Ecommerce Website Edition''<br />
<br />
Instead of EoP’s STRIDE suits, Cornucopia suits were selected based on the structure of the [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide] (SCP), but with additional consideration of sections in the [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard], the [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide] and David Rook’s [http://www.securityninja.co.uk/secure-development/the-principles-place/ Principles of Secure Development]. These provided five suits, and a sixth called “Cornucopia” was created for everything else: <br />
<br />
* Data validation and encoding<br />
* Authentication<br />
* Session management<br />
* Authorization<br />
* Cryptography<br />
* Cornucopia<br />
<br />
Each suit contains 13 cards (Ace, 2-10, Jack, Queen and King) but, unlike EoP, there are also two Joker cards. The content was mainly drawn from the SCP. Full [[Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck|Wiki Deck]].<br />
<br />
''Other Decks''<br />
<br />
Future editions such as for mobile app development will use different sources of information and suits.<br />
<br />
==Mappings==<br />
The other driver for Cornucopia is to link the attacks with requirements and verification techniques. An initial aim had been to reference [http://cwe.mitre.org/ CWE] weakness IDs, but these proved too numerous, and instead it was decided to map each card to [http://capec.mitre.org/ CAPEC] software attack pattern IDs which themselves are mapped to CWEs, so the desired result is achieved.<br />
<br />
Each card is also mapped to the 36 primary security stories in the [http://www.safecode.org/publications/SAFECode_Agile_Dev_Security0712.pdf SAFECode document], as well as to the OWASP [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide SCP v2], [https://www.owasp.org/images/3/33/OWASP_Application_Security_Verification_Standard_3.0.1.pdf ASVS v3.0.1] and [https://www.owasp.org/index.php/OWASP_AppSensor_Project AppSensor] (application attack detection and response) to help teams create their own security-related stories for use in Agile processes.<br />
<br />
<br />
==Licensing==<br />
OWASP Cornucopia is free to use. It is licensed under the [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.<br />
<br />
&copy; OWASP Foundation<br />
<br />
<br />
==Other Security Gamification==<br />
If you are interested in using gaming for security, also see [http://www.microsoft.com/security/sdl/adopt/eop.aspx Elevation of Privilege: The Threat Modeling Game] mentioned above, [http://securitycards.cs.washington.edu/ Security Cards] from the University of Washington, the commercial card game [http://www.controlalthack.com/ Control-Alt-Hack] ([http://media.blackhat.com/bh-us-12/Briefings/Kohno/BH_US_12_Kohno_Control_Alt_Hack_Slides.pdf presentation] for latter), [https://www.owasp.org/index.php/OWASP_Snakes_and_Ladders OWASP Snakes and Ladders], and web application security training tools incorporating gamification such as [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project], [https://www.owasp.org/index.php/OWASP_Security_Shepherd OWASP Security Shepherd] and [http://itsecgames.blogspot.co.uk/ ITSEC Games].<br />
<br />
Additionally, Adam Shostack maintains a list of tabletop security games and related resources at [http://adam.shostack.org/games.html security games]. <br />
<br />
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |<br />
<br />
== What is Cornucopia? ==<br />
<br />
OWASP Cornucopia is a card game used to help derive application security requirements during the software development life cycle. To start using Cornucopia:<br />
<br />
* Download the document<br />
* Print the cards onto plain paper or pre-scored card<br />
* Cut/separate the individual cards<br />
* Identify an application, module or component to assess<br />
* Invite business owners, architects, developers, testers along for a card game<br />
* Get those infosec folk to provide chocolate, pizza, beer, flowers or all four as prizes<br />
* Select a portion of the deck to start with<br />
* {{#switchtablink:How to Play|Play the game}} to discuss &amp; document security requirements (and to win rounds)<br />
* Remember, points make prizes!<br />
<br />
Listen to the [http://trustedsoftwarealliance.com/2014/03/21/the-owasp-cornucopia-project-with-colin-watson/ OWASP 24/7 Podcast] about Cornucopia.<br />
<br />
<br />
== Presentation ==<br />
<br />
[[File:Cornucopia-presentation-small.jpg|link=media:Owaspnl-colinwatson-cornucopia.odp]]<br />
<br />
The game rules are in the document download. But the OpenOffice [[media:Owasplondon-colinwatson-cornucopia.odp|project presentation]] includes an animated version of four demonstration rounds. The presentation is recorded [http://youtu.be/Q_LE-8xNXVk on video].<br />
<br />
<br />
== Project Leaders ==<br />
<br />
* [https://www.owasp.org/index.php/User:Clerkendweller Colin Watson] [mailto:colin.watson@owasp.org @]<br />
* [https://www.owasp.org/index.php/User:Dariodf Darío De Filippis] [mailto:dariodefilippis@gmail.com @]<br />
<br />
== Related Projects ==<br />
<br />
* [[OWASP Secure Coding Practices - Quick Reference Guide]]<br />
* [[:Category:OWASP Application Security Verification Standard Project|OWASP Application Security Verification Standard]]<br />
<br />
| valign="top" style="padding-left:25px;width:200px;" | <br />
<br />
== Quick Links ==<br />
<br />
* [https://youtu.be/i5Y0akWj31k How to Play] video<br />
* [https://www.owasp.org/index.php/File:Cornucopia-scoresheet.pdf Scoresheet]<br />
* {{#switchtablink:Get the Cards|All sources and downloads...}}<br />
<br />
== Reference Files ==<br />
<br />
* [https://www.owasp.org/index.php/File:OWASP_SCP_Quick_Reference_Guide_v2.pdf OWASP SCP requirements]<br />
* [https://www.owasp.org/images/5/58/OWASP_ASVS_Version_2.pdf OWASP ASVS verification IDs]<br />
* [https://www.owasp.org/index.php/AppSensor_DetectionPoints OWASP AppSensor attack detection point IDs] <br />
* [http://capec.mitre.org/data/archive/capec_v1.7.1.zip CAPEC IDs]<br />
* [http://www.safecode.org/publications/SAFECode_Agile_Dev_Security0712.pdf SAFECode security-focused story IDs]<br />
<br />
The OWASP SCP does not include identity values for the requirements, so please use [https://www.owasp.org/index.php/File:Owasp-requirements-numbering.zip this list].<br />
<br />
<br />
== News and Events ==<br />
* [26 Jun 2018] v1.20 FR released<br />
* [14 May 2018] Printed deck purchase details updated<br />
* [13 Jan 2018 v1.20 PT-BR released<br />
* [23 Aug 2016] Presentation at [https://www.owasp.org/index.php/Newcastle OWASP Newcastle]<br />
* [29 Jun 2016] v1.20 released<br />
* [21 Jan 2016] [[Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck|Wiki Deck]] published<br />
* [30 Dec 2015] Darío De Filippis becomes project co-leader<br />
* [24 Sep 2015] [http://appsecusa2015.sched.org/event/7f3dba889c0ec9e37900e289c9660503#.VZ6aoXhflNY Lightning training] at AppSec USA 2015<br />
* [01 Jun 2015] [https://youtu.be/i5Y0akWj31k How to Play video] published<br />
* [20 May 2015] Working session at [http://2015.appsec.eu/project-summit/ OWASP Project Summit] - How to play video<br />
* [31 Mar 2015] v1.10 released<br />
* [02 Mar 2015] Decks available from [https://www.owasp.org/index.php/OWASP_Merchandise#Cornucopia_Cards OWASP merchandise store]<br />
* [18 Feb 2015] Project awarded Labs status<br />
<br />
==PCIDSS==<br />
[[File:Cornucopia-pcidss-ecommerce-guidelines-small.jpg|link=https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_eCommerce_Guidelines.pdf]]<br />
<br />
OWASP Cornucopia Ecommerce Website Edition is referenced in the current [https://www.pcisecuritystandards.org Payment Card Industry Security Standards Council] information supplement [https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_eCommerce_Guidelines.pdf PCI DSS E-commerce Guidelines] v2, January 2013<br />
<br />
<br />
==Classifications==<br />
<br />
{| width="200" cellpadding="2"<br />
|-<br />
| rowspan="2" align="center" valign="top" width="50%" | [[Image:Owasp-labs-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Lab_Projects]]<br />
| align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=Builders]] <br />
|-<br />
| align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=Defenders]]<br />
|-<br />
| colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]<br />
|-<br />
| colspan="2" align="center" | [[File:Project_Type_Files_DOC.jpg|link=]] <br />
|}<br />
<br />
|}<br />
<br />
= Get the Cards =<br />
<br />
==Printed==<br />
<br />
[[File:Cornucopia-square-logo-350.jpg|right|link=]]<br />
<br />
Professionally printed decks are available by two methods:<br />
* Single decks or in bulk from OWASP (v1.20)<br />
** As promotion items '''by OWASP Leaders''' from their own chapter budgets [https://docs.google.com/a/owasp.org/forms/d/e/1FAIpQLSez9mV97HuqvYhCldE2hYhX3UjQM1oO5bLy44HkOZSpni0OzQ/viewform?formkey=dF85bGtvdWdrd2JjYldNZ1gxSkJxaEE6MQ Chapter and Project Merchandise Request form]<br />
** For other individuals, organisations and companies, please email [mailto:lisa.jones@owasp.com lisa.jones@owasp.com] with purchase inquiries.<br />
* Request a free deck of cards gifted by [http://blackfootuk.com/ Blackfoot UK Limited] or download their donated print-ready artwork:<br />
** Request a free [http://blackfootuk.com/cornucopia/receive-a-set-of-cards/ pack of cards (v1.10)] (gifted by Blackfoot UK)<br />
<br />
==Source files==<br />
<br />
Cornucopia - Ecommerce Website Edition:<br />
* v1.2 (current version)<br />
** [https://www.owasp.org/index.php/File:OWASP-Cornucopia-Ecommerce_Website.docx EN DOC] | [https://github.com/grandtom/OWASP-Cornucopia-Translate-Cards---FR FR DOC] | [https://github.com/wagnerfusca/OWASP-Cornucopia-Translate-Cards---PT PT-BR DOC]<br />
** [https://www.owasp.org/index.php/File:Owasp-cornucopia-ecommerce_website.pdf EN PDF]<br />
** [https://drive.google.com/open?id=0ByNJ8mfWALwjNXpQMUNBYnJsT2QyQ0lkb3VNX1BCM3JLNlBZ Print-Ready design files] 24Mb zip<br />
* v1.1 EN<br />
** DOC - see current version link above for previous versions of DOC including with track changes<br />
** PDF - see current version link above for previous versions of PDF<br />
** [[Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck|Wiki]]<br />
** [https://drive.google.com/open?id=0ByNJ8mfWALwjb283ZE5GNmFMM2FGWGl2WC14aDJDQ0ZsNk00 Print-Ready design files] 24Mb zip<br />
* v1.04 EN<br />
** DOC - see current version link above for previous versions of DOC including with track changes<br />
** PDF - see current version link above for previous versions of PDF<br />
** [https://4ed64fe7f7e3f627b8d0-bc104063a9fe564c2d8a75b1e218477a.ssl.cf2.rackcdn.com/cornucopia-ecom-1v04-blackfoot.zip Print-Ready design files] (gifted by Blackfoot UK) 47Mb Zip<br />
<br />
The current version of Cornucopia Ecommerce Website Edition cards (v1.20 with updated mapping to ASVS v3.0.1 and CAPEC v2.8, and has some minor text changes on the cards) can be printed using the following methods:<br />
# Download the free Adobe Illustrator files ([https://drive.google.com/open?id=0ByNJ8mfWALwjNXpQMUNBYnJsT2QyQ0lkb3VNX1BCM3JLNlBZ EN]) and get them professionally printed<br />
# Download and self-print the free document word-processing ([https://www.owasp.org/index.php/File:OWASP-Cornucopia-Ecommerce_Website.docx EN], [https://github.com/grandtom/OWASP-Cornucopia-Translate-Cards---FR FR]) or PDF ([https://www.owasp.org/index.php/File:Owasp-cornucopia-ecommerce_website.pdf EN])<br />
## Print the document onto business card blank cards; or<br />
## Print the document onto normal card and cut the cards out individually using the guide; or<br />
# Generate your own cards from the free [https://www.owasp.org/index.php/File:Cornucopia-deck-ecommercewebsite-XML.zip source XML data file]<br />
<br />
There are also other ways to obtain particular versions:<br />
* Download the free [https://www.owasp.org/index.php/File:Owasp_cornucopia_printreadyimages.zip PDF (v1.03)] (gifted by Travelex) <br />
** Have the cards commercially printed; or<br />
** Import into your own files (such as [http://lists.owasp.org/pipermail/owasp_cornucopia/2014-January/000018.html this way] suggested by Cam Morris via the mailing list)<br />
<br />
OWASP does not endorse or recommend commercial products or services.<br />
<br />
==Twitter==<br />
<br />
Collect/share/use the pseudo-random cards tweeted twice daily [https://twitter.com/OWASPCornucopia @OWASPCornucopia]<br />
<br />
<br />
<br />
= How to Play =<br />
<br />
[[File:Cornucopia-card-cornucopia-K.png|right|link=]]<br />
[[File:Cornucopia-card-session-9.png|right|link=]]<br />
<br />
It is possible to play Cornucopia in many different ways. Here is one way, and explained in a [https://youtu.be/i5Y0akWj31k YouTube video].<br />
<br />
== Primary method ==<br />
<br />
;A - Preparations<br />
:A1. Obtain a deck, or print your own Cornucopia deck and separate/cut out the cards<br />
:A2. Identify an application or application process to review; this might be a concept, design or an actual implementation<br />
:A3. Create a data flow diagram<br />
:A4. Identify and invite a group of 3-6 architects, developers, testers and other business stakeholders together and sit around a table (try to include someone fairly familiar with application security)<br />
:A5. Have some prizes to hand (gold stars, chocolate, pizza, beer or flowers depending upon your office culture)<br />
;B - Play<br />
:One suit - Cornucopia - acts as trumps. Aces are high (i.e. they beat Kings). It helps if there is someone dedicated to documenting the results who is not playing.<br />
:B1. Remove the Jokers and a few low-score (2, 3, 4) cards from Cornucopia suit to ensure each player will have the same number of cards<br />
:B2. Shuffle the pack and deal all the cards<br />
:B3. To begin, choose a player randomly who will play the first card - they can play any card from their hand except from the trump suit - Cornucopia<br />
:B4. To play a card, each player must read it out aloud, and explain how (or not) the threat could apply (the player gets a point for attacks that work, and the group thinks it is an actionable bug) - don’t try to think of mitigations at this stage, and don’t exclude a threat just because it is believed it is already mitigated - someone record the card on the score sheet<br />
:B5. Play clockwise, each person must play a card in the same way; if you have any card of the matching lead suit you must play one of those, otherwise they can play a card from any other suit. Only a higher card of the same suit, or the highest card in the trump suit Cornucopia, wins the hand.<br />
:B6. The person who wins the round, leads the next round (i.e. they play first), and thus defines the next lead suit<br />
:B7. Repeat until all the cards are played<br />
;C - Scoring<br />
:The objective is to identify applicable threats, and win hands (rounds):<br />
:C1. Score +1 for each card you can identify as a valid threat to the application under consideration<br />
:C2. Score +1 if you win a round<br />
:C3. Once all cards have been played, whoever has the most points wins<br />
;D - Closure<br />
:D1. Review all the applicable threats and the matching security requirements<br />
:D2. Create user stories, specifications and test cases as required for your development methodology<br />
<br />
See Márk Vinkovits leading a threat modelling [https://www.youtube.com/watch?v=9dVDqeO6y3A talk and group session] playing Cornucopia in the OWASP track @hacktivityconf 1510.<br />
<br />
==Alternative game rules==<br />
<br />
* If you are new to the game, remove the two Joker cards to begin with. Add the Joker cards back in once people become more familiar with the process. Apart from the “trumps card game” rules described above which are very similar to the EoP, the deck can also be played as the “twenty-one card game” (also known as “pontoon” or “blackjack”) which normally reduces the number of cards played in each round.<br />
* Practice on an imaginary application, or even a future planned application, rather than trying to find fault with existing applications until the participants are happy with the usefulness of the game.<br />
* Consider just playing with one suit to make a shorter session – but try to cover all the suits for every project. Or even better just play one hand with some pre-selected cards, and score only on the ability to identify security requirements. Perhaps have one game of each suit each day for a week or so, if the participants cannot spare long enough for a full deck.<br />
* Some teams have preferred to play a full hand of cards, and then discuss what is on the cards after each round (instead of after each person plays a card).<br />
* Another suggestion is that if a player fails to identify the card is relevant, allow other players to suggest ideas, and potentially let them gain the point for the card. Consider allowing extra points for especially good contributions.<br />
* You can even play by yourself. Just use the cards to act as thought-provokers. Involving more people will be beneficial though.<br />
* In Microsoft's EoP guidance, they recommend cheating as a good game strategy<br />
<br />
=FAQs=<br />
<br />
[[File:Cornucopia-card-authorization-8.png|right|link=]]<br />
[[File:Cornucopia-card-cryptography-j.png|right|link=]]<br />
<br />
; Can I copy or edit the game?<br />
:Yes of course. All OWASP materials are free to do with as you like provided you comply with the Creative Commons Attribution-ShareAlike 3.0 license. Perhaps if you create a new version, you might donate it to the OWASP Cornucopia Project?<br />
<br />
; How can I get involved?<br />
: Please send ideas or offers of help to the project’s mailing list.<br />
<br />
; How were the attackers’ names chosen?<br />
: EoP begins every description with words like "An attacker can...". These have to be phrased as an attack but I was not keen on the anonymous terminology, wanting something more engaging, and therefore used personal names. These can be thought of as external or internal people or aliases for computer systems. But instead of just random names, I thought how they might reflect the OWASP community aspect. Therefore, apart from "Alice and Bob", I use the given (first) names of current and recent OWASP employees and Board members (assigned in no order), and then randomly selected the remaining 50 or so names from the current list of paying individual OWASP members. No name was used more than once, and where people had provided two personal names, I dropped one part to try to ensure no-one can be easily identified. Names were not deliberately allocated to any particular attack, defence or requirement. The cultural and gender mix simply reflects theses sources of names, and is not meant to be world-representative.<br />
<br />
; Why aren’t there any images on the card faces?<br />
: There is quite a lot of text on the cards, and the cross-referencing takes up space too. But it would be great to have additional design elements included. Any volunteers?<br />
<br />
; Are the attacks ranked by the number on the card?<br />
: Only approximately. The risk will be application and organisation dependent, due to varying security and compliance requirements, so your own severity rating may place the cards in some other order than the numbers on the cards.<br />
<br />
; How long does it take to play a round of cards using the full deck?<br />
: This depends upon the amount of discussion and how familiar the players are with application security concepts. But perhaps allow 1.5 to 2.0 hours for 4-6 people.<br />
<br />
; What sort of people should play the game?<br />
:Always try to have a mix of roles who can contribute alternative perspectives. But include someone who has a reasonable knowledge of application vulnerability terminology. Otherwise try to include a mix of architects, developers, testers and a relevant project manager or business owner.<br />
<br />
; Who should take notes and record scores?<br />
: It is better if that someone else, not playing the game, takes notes about the requirements identified and issues discussed. This could be used as training for a more junior developer, or performed by the project manager. Some organisations have made a recording to review afterwards when the requirements are written up more formally.<br />
<br />
; Should we always use the full deck of cards?<br />
: No. A smaller deck is quicker to play. Start your first game with only enough cards for two or three rounds. Always consider removing cards that are not appropriate at all of the target application or function being reviewed. For the first few times people play the game it is also usually better to remove the Aces and the two Jokers. It is also usual to play the game without any trumps suit until people are more familiar with the idea.<br />
<br />
; What should players do when they have an Ace card that says “invented a new X attack”?<br />
: The player can make up any attack they think is valid, but must match the suit of the card e.g. data validation and encoding). With players new to the game, it can be better to remove these to begin with.<br />
<br />
; I don’t understand what the attack means on each card - is there more detailed information?<br />
: Yes, the Wiki Deck at was created to help players understand the attacks. See [https://www.owasp.org/index.php/Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck Wiki Deck].<br />
<br />
; My company wants to print its own version of OWASP Cornucopia - what license do we need to refer to?<br />
: What is required/reasonable might depend upon how you propose to use the source Cornucopia material. See fuller answer immediately below.<br />
<br />
Some examples of re-using or reproducing Cornucopia are:<br />
<br />
# Print some decks and give them away to customers<br />
# Reproduce the game exactly but with a corporate-branded package<br />
# Use the idea and/or source files to produce a similar game but with different attacks/mappings<br />
# Distribute modified design files<br />
<br />
If option 1 above, you can order these in bulk from OWASP and attach your own details below the "compliments of" section on the boxes. There are three aspects to consider for options 2, 3 or 4, or combinations of those - see below. The existing printed decks (and their boxes and leaflets include such text).<br />
<br />
''A - Cornucopia License''<br />
<br />
The precise wording will depend how the material is being used or reproduced. Under Creative Commons Attribution-ShareAlike 3.0 license it is necessary to attribute all previous contributions (in this case, Microsoft, Boeing, Mitre, etc). The easiest place to put the wording is on the leaflet (folded inside, or separate booklet). The current required long-form wording is:<br />
<br />
OWASP Cornucopia is licensed under the Creative Commons Attribution-ShareAlike 3.0 license http://creativecommons.org/licenses/by-sa/3.0/<br />
<br />
The files used to create these materials were created from the OWASP project and are also open source, and are licensed under the same conditions. <br />
<br />
OWASP Cornucopia can be downloaded for free from the OWASP website and printed yourself. The OWASP Cornucopia project source in vendor neutral and unbranded.<br />
<br />
OWASP does not endorse or recommend commercial products or services.<br />
<br />
© 2012-2018 OWASP Foundation<br />
<br />
This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license.<br />
<br />
Acknowledgments:<br />
<br />
Microsoft SDL Team for the Elevation of Privilege Threat Modelling Game, published under a Creative Commons Attribution license, as the inspiration for Cornucopia and from which many ideas, especially the game theory, were copied.<br />
<br />
Keith Turpin and contributors to the “OWASP Secure Coding Practices - Quick Reference Guide”, originally donated to OWASP by Boeing, which is used as the primary source of security requirements information to formulate the content of the cards.<br />
<br />
Contributors, supporters, sponsors and volunteers to the OWASP ASVS, AppSensor and Web Framework Security Matrix projects, Mitre’s Common Attack Pattern Enumeration and Classification (CAPEC), and SAFECode’s “Practical Security Stories and Security Tasks for Agile Development Environments” which are all used in the cross-references provided.<br />
<br />
Playgen for providing an illuminating afternoon seminar on task gamification, and tartanmaker.com for the online tool to help create the card back pattern.<br />
<br />
Blackfoot UK Limited for creating and donating print-ready design files, Tom Brennan and the OWASP Foundation for instigating the creation of an OWASP-branded box and leaflet, and OWASP employees, especially Kate Hartmann, for managing the ordering, stocking and despatch of printed card decks.<br />
<br />
Oana Cornea and other participants at the AppSec EU 2015 project summit for their help in creating the demonstration video.<br />
<br />
Colin Watson as author and co-project leader with Darío De Filippis, along with other OWASP volunteers who have helped in many ways.<br />
<br />
The box/container for the cards must have the wording:<br />
<br />
Created by Colin Watson.<br />
<br />
Contains: One pack of Cornucopia Ecommerce Website playing cards. OWASP Cornucopia is open source and can be downloaded free of charge from the OWASP website.<br />
<br />
OWASP Cornucopia is free to use. It is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.<br />
<br />
The following short-form wording must also appear on any materials referencing the outputs (e.g. press releases, leaflets, reports, blog posts):<br />
<br />
OWASP does not endorse or recommend commercial products or services.<br />
<br />
OWASP Cornucopia is licensed under the Creative Commons Attribution-ShareAlike 3.0 license and is © 2012-2016 OWASP Foundation.<br />
<br />
If any files are distributed electronically, the long-form wording should also be aded in a license.txt file within the distribution.<br />
<br />
If the intention is to use the idea only (option 3 above), the long-form, box and short-form wording might be different, and probably simpler. And it might make more sense to start with the Microsoft-provided Elevation of Privilege files (and open source license).<br />
<br />
''B - Upcoming update to Cornucopia''<br />
<br />
Note that the current print design files are v1.04, and the current Word document is v1.10, but we are in the process of updating all of these to v1.20.<br />
<br />
Whatever is used as a starting point, please state the source version, for example: <br />
<br />
Based on OWASP Cornucopia Ecommerce Website Edition v1.04<br />
<br />
''C - OWASP brand usage''<br />
<br />
Additionally individuals, companies and other organisations must not breach OWASP's brand usage guidelines. <br />
<br />
https://www.owasp.org/index.php/Marketing/Resources#tab=BRAND_GUIDELINES<br />
<br />
In the case of Cornucopia, in 2014 Blackfoot Limited produced some printed decks of cards. Blackfoot's name and logo did not appear anywhere on the OWASP-branded cards, and the OWASP logo did not appear on the Blackfoot-branded box and leaflet. In fact there is no OWASP logo on any part of the Blackfoot branded decks.<br />
<br />
<br />
= Acknowledgements =<br />
<br />
[[File:Cornucopia-card-data-A.png|right|link=]]<br />
<br />
==Volunteers==<br />
Cornucopia is developed, maintained, updated and promoted by a worldwide team of volunteers. The contributors to date have been:<br />
<br />
* Simon Bennetts<br />
* Thomas Berson<br />
* Tom Brennan<br />
* Fabio Cerullo<br />
* Oana Cornea<br />
* Johanna Curiel<br />
* Todd Dahl<br />
* Luis Enriquez<br />
* Ken Ferris<br />
* Darío De Filippis<br />
* Sebastien Gioria<br />
* Tobias Gondrom<br />
* Timo Goosen<br />
* Anthony Harrison<br />
* Martin Haslinger <br />
* John Herrlin<br />
* Jerry Hoff<br />
* Marios Kourtesis<br />
* Franck Lacosta<br />
* Mathias Lemaire<br />
* Antonis Manaras<br />
* Jim Manico<br />
* Mark Miller<br />
* Cam Morris<br />
* Susana Romaniz<br />
* Ravishankar Sahadevan<br />
* Tao Sauvage<br />
* Wagner Voltz<br />
* Stephen de Vries<br />
* Colin Watson<br />
<br />
Also:<br />
<br />
* Attendees at OWASP London, OWASP Manchester and OWASP Netherlands chapter meetings, the London Gamification meetup, and the training at AppSec USA 2015 in san Francisco who made helpful suggestions and asked challenging questions<br />
<br />
==Others==<br />
* Microsoft SDL Team for the Elevation of Privilege Threat Modelling Game, published under a Creative Commons Attribution license, as the inspiration for Cornucopia and from which many ideas, especially the game theory, were copied.<br />
* Keith Turpin and contributors to the “OWASP Secure Coding Practices - Quick Reference Guide”, originally donated to OWASP by Boeing, which is used as the primary source of security requirements information to formulate the content of the cards.<br />
* Contributors, supporters, sponsors and volunteers to the OWASP ASVS, AppSensor and Web Framework Security Matrix projects, Mitre’s Common Attack Pattern Enumeration and Classification (CAPEC), and SAFECode’s “Practical Security Stories and Security Tasks for Agile Development Environments” which are all used in the cross-references provided.<br />
* Playgen for providing an illuminating afternoon seminar on task gamification, and tartanmaker.com for the online tool to help create the card back pattern.<br />
* Blackfoot UK Limited for creating and donating print-ready design files, Tom Brennan and the OWASP Foundation for instigating the creation of an OWASP-branded box and leaflet, and OWASP employees, especially Kate Hartmann, for managing the ordering, stocking and despatch of printed card decks.<br />
* Oana Cornea and other participants at the AppSec EU 2015 project summit for their help in creating the demonstration video.<br />
* Colin Watson as author and co-project leader with Darío De Filippis, along with other OWASP volunteers who have helped in many ways.<br />
<br />
= Road Map and Getting Involved =<br />
<br />
[[File:Cornucopia-card-authentication-7.png|right|link=]]<br />
[[File:Cornucopia-card-joker-a.png|right|link=]]<br />
<br />
Version history (see [https://www.owasp.org/index.php/File:OWASP-Cornucopia-Ecommerce_Website.docx uploads]):<br />
* Alpha version (0.40) was issued in August 2012<br />
* Beta version (1.00) was released in February 2013<br />
* Stable release (1.02) was released in August 2013, following feedback from mailing list and use with groups of developers<br />
* Release v1.03 included minor changes<br />
* Release v1.04 included a text correction on one card<br />
* Release v1.05 included additional narrative and FAQs<br />
* Current release v1.10 included cross-references updated for 2014 version of ASVS, contributors updated and minor text changes to cards to improve readability<br />
* Current release v1.20 included cross-references updated for version 3.0.1 of ASVS and CAPEC v2.8, and many minor text changes including further contributors.<br />
<br />
As of July 2018, the priorities are:<br />
* <strike>Develop Cornucopia Wiki Deck</strike> done<br />
* <strike>Update the document/deck to shorten some card text [completed ready for v1.10]</strike> done<br />
* <strike>Map to ASVS 2014</strike> done<br />
* <strike>Map to ASVSv3 2016</strike> done<br />
* <strike>Check/update CAPEC mappings</strike> done<br />
* <strike>Translate into French</strike> done<br />
* Translate into French (completed), German (in progress), Japanese, Portuguese (in progress), Spanish (in progress) and other languages (help needed please)<br />
* <strike>Make card decks available via OWASP Merchandise Store</strike> done<br />
* <strike>Create a video "how to play"</strike> done<br />
* Update printed decks in non-EN languages<br />
<br />
Involvement in the development and promotion of Cornucopia is actively encouraged!<br />
You do not have to be a security expert in order to contribute.<br />
Some of the ways you can help:<br />
==Localization==<br />
Are you fluent in another language? Can you help translate Cornucopia into that language?<br />
==Use and Promote the Cornucopia Card Decks==<br />
Please help raise awareness of Cornucopia by printing cards:<br />
* Use Cornucopia with specifiers, architects, designers, developers, testers and others, in part to train them, but also to solicit feedback on their usability, practicality and appropriateness for their work<br />
* Create video about how to play the game<br />
* Develop a mobile app to play the game<br />
==Feedback==<br />
Please use the [https://groups.google.com/a/owasp.org/forum/#!forum/cornucopia-project friendly project mailing list] for feedback:<br />
* What do like?<br />
* What don't you like?<br />
* What cards don't make sense?<br />
* How could the guidance be improved? <br />
* What other decks would you like to see?<br />
<br />
==Keep the Cards Updated==<br />
As the source referenced documents change, we have to update the decks. You may also find errors and omissions. In the first instance, please send a message to the [https://lists.owasp.org/mailman/listinfo/owasp_cornucopia friendly project mailing list] if you have identified errors &amp; omissions, have some time to maintain the source documents, or can help in other ways.<br />
==Create a New Deck==<br />
The only version currently available is the Cornucopia Ecommerce Website Edition in English. We would like to create a new mobile app specific deck, probably using the wonderful [https://www.owasp.org/index.php/OWASP_Mobile_Security_Project OWASP Mobile Security Project] as inspiration for the card source materials. Do you have an idea for your own application security requirements card deck? Perhaps for {{#switchtablink:Mobile App Edition|mobile apps}} or something else?<br />
<br />
= About Ecommerce Website Edition =<br />
{{:Projects/OWASP Cornucopia Ecommerce Website Edition | Project About}}<br />
<br />
__NOTOC__ <headertabs></headertabs> <br />
<br />
[[Category: Attack]] <br />
[[Category: Threat_Modeling]] <br />
[[Category:OWASP Project]] <br />
[[Category:OWASP_Builders]] <br />
[[Category:OWASP_Defenders]] <br />
[[Category:OWASP_Document]] <br />
[[Category:OWASP_Download]] <br />
[[Category:SAMM-SR-1]] <br />
[[Category:SAMM-SR-2]] <br />
[[Category:SAMM-TA-1]] <br />
[[Category:SAMM-EG-2]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Des_Moines&diff=256148
Des Moines
2019-11-22T15:37:03Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Des Moines|extra=The chapter leaders are [mailto:morgan.mccarley@owasp.org Morgan McCarley] and [mailto:nichole.dugan@owasp.org Nichole Dugan]<br />
|meetupurl=https://www.meetup.com/OWASP-Des-Moines-Chapter/|region=United States}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Events/upcoming_events&diff=256144
OWASP Events/upcoming events
2019-11-21T23:56:05Z
<p>Dawnaitken: /* Regional Events */</p>
<hr />
<div>== Global AppSec Events ==<br />
{| class="wikitable"<br />
|-<br />
! Global AppSec Events<br />
! Date<br />
! Location<br />
! Call for Papers<br />
! Call for Training<br />
! Registration<br />
! Sponsorships<br />
|-<br />
|[https://dublin.globalappsec.org Global AppSec Dublin]<br />
|June 15-19, 2020<br />
|Dublin, Ireland<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|-<br />
|[https://sf.globalappsec.org Global AppSec San Francisco]<br />
|October 19-23, 2020<br />
|San Francisco, CA<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|}<br />
<br />
== Regional Events ==<br />
<br />
<br />
Regional OWASP events should be entered with all information requested on the [https://ocms.owasp.org JIRA Service Desk Request Form.] Please, provide a reasonable timeframe to allow for approval and an additional request for help. (If there is incomplete information it will delay the process.) <br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date <br />
! Location<br />
|-<br />
| [https://god.owasp.de/ German OWASP Day 2019]<br />
| December 9-10, 2019<br />
| Karlsruhe, German<br />
|-<br />
| [https://www.owasp.org/index.php/Italy_OWASP_Day_Udine_2019 OWASP Italy Day Udine 2019]<br />
| December 14, 2019<br />
| Udine, Italy<br />
|-<br />
| [https://2020.appseccalifornia.org/ AppSec California 2020]<br />
| January 21-24, 2020<br />
| Santa Monica, CA<br />
|-<br />
| [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020]<br />
| February 19-21, 2020<br />
| Auckland, New Zealand<br />
|-<br />
| [https://www.owaspseasides.com/ OWASP Seasides]<br />
| March 3-5, 2020<br />
| Panjim Goa, India<br />
|-<br />
| [https://www.snowfroc.com/ SnowFROC 2020]<br />
| March 5, 2020<br />
| Denver, CO<br />
|-<br />
| [https://2020.appsecmorocco.org/ AppSec Morocco & Africa 2020]<br />
| June 4-5, 2020<br />
| Rabat, Morocco<br />
|-<br />
|}<br />
<br />
== Global Partnership Events ==<br />
<br />
The OWASP Foundation global partnership agreements are available for national and international events. This agreement is a strategic yearly agreement with the Foundation and should not be confused with annual regional events that are supported by local chapters. Please submit your request for consideration well in advance for consideration, questions, and approval. [https://ocms.owasp.org JIRA Service Desk Request Form] and choose "Co-marketing" and fill out all required fields and attach the proposed agreement. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date<br />
! Location<br />
! Paid Members email marketing@owasp.org <br />
<br />
|-<br />
|[https://www.blackhat.com/eu-19/?_mc=sem_x_bheur_le_tsnr_bheu_x_goog_x-BHEU2019Beu&ppc=y&kw=x&gclid=EAIaIQobChMI7M7t_9im5QIVAj0MCh1kDAAlEAAYASAAEgK18vD_BwE BlackHat Europe 2019]<br />
|December 2-5, 2019<br />
|London<br />
|€ 200.00 discount code available<br />
|-<br />
|}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Johnellingsworth&diff=256134
User:Johnellingsworth
2019-11-20T12:37:49Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>I'm interested in empowering people and leading digital teams to do the things they do best; in following emerging trends in technology to deliver secure, simple and elegant solutions to large, complex problems; and getting things done.<br />
<br />
Goals: Strengthening business with secure enterprise digital solutions, developing outstanding people and teams, and delivering top results.<br />
<br />
Specialties: Information Security and Assurance, Software Development, Operations Management, Process Improvement, Solutions Architecture, Identity Management, Web Technology</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Johnellingsworth&diff=256135
User talk:Johnellingsworth
2019-11-20T12:37:49Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 06:37, 20 November 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=November_2019&diff=256124
November 2019
2019-11-19T16:39:59Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Nov 19<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1Cw_My8iBG8tfq6mN4Xnc5K5BGk6WBPwxSMXwMpx8qrw/edit?usp=sharing October 2019 Board Minutes]<br />
<br />
REPORTS<br />
*[https://drive.google.com/a/owasp.org/file/d/1WC3r2zdKgihQ3eWdqcsN_WR3oj_lBef7/view?usp=sharing October 2019 Balance Sheet Summary]<br />
*[https://drive.google.com/a/owasp.org/file/d/1De5UlEz_CjAj0Tg6hjHCeVxkzYdDXr9H/view?usp=sharing October2019 OWASP Combined P&L]<br />
*[https://drive.google.com/a/owasp.org/file/d/1pF7EMmBrScrznIgAlLGKnyiVo-W6dDfc/view?usp=sharing OWASP 2019 Combined Fin pkg]<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
- Vote on Board Member Eligibility Proposal from August F2F<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
Please review the motion that was voted on September 25, 2019. It appears that the motion should of stated "up to 10%", please confirm the correct motion. Dawn Aitken<br />
<br />
Motion: beginning January 1, 2020 the Foundation has decided to change the profit splits of the Global AppSec events. The split will be 90% to the Foundation and 10% to the Chapters. The Chapter will have the option to give the funds back to the Foundation or the Community Fund. If there is no current active Chapter in the area the full 100% will be given to the Foundation. Ofer Maor motions, Richard Greenberg seconds<br />
<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* An updated on the foundation's move to Expensify<br />
* A proposed approach from finance on how OWASP can receive restricted gifts efficiently.<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* [Sherif] - Setting up a transparent discussion with the community on 1) Fair & reasonable expenses, 2) Chapter tiers - how to we provide autonimy and services to various chapter levels. I would like a round table on what they red flags are from each board members & upcoming board members) in order to incorporate into a document and discussions open to the community.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=November_2019&diff=256123
November 2019
2019-11-19T16:38:17Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Nov 19<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: [https://zoom.us/j/337156503 Zoom Meeting Link] Meeting ID: 337156503 - [https://zoom.us/j/337156503 local dial in numbers]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1Cw_My8iBG8tfq6mN4Xnc5K5BGk6WBPwxSMXwMpx8qrw/edit?usp=sharing October 2019 Board Minutes]<br />
<br />
REPORTS<br />
*[https://drive.google.com/a/owasp.org/file/d/1WC3r2zdKgihQ3eWdqcsN_WR3oj_lBef7/view?usp=sharing October 2019 Balance Sheet Summary]<br />
*[https://drive.google.com/a/owasp.org/file/d/1De5UlEz_CjAj0Tg6hjHCeVxkzYdDXr9H/view?usp=sharing October2019 OWASP Combined P&L]<br />
*[https://drive.google.com/a/owasp.org/file/d/1pF7EMmBrScrznIgAlLGKnyiVo-W6dDfc/view?usp=sharing OWASP 2019 Combined Fin pkg]<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
- Vote on Board Member Eligibility Proposal from August F2F<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
Please review the motion that was voted on September 25, 2019. It appears that the motion should of stated "up to 10", please confirm the correct motion. Dawn Aitken<br />
<br />
Motion: beginning January 1, 2020 the Foundation has decided to change the profit splits of the Global AppSec events. The split will be 90% to the Foundation and 10% to the Chapters. The Chapter will have the option to give the funds back to the Foundation or the Community Fund. If there is no current active Chapter in the area the full 100% will be given to the Foundation. Ofer Maor motions, Richard Greenberg seconds<br />
<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* An updated on the foundation's move to Expensify<br />
* A proposed approach from finance on how OWASP can receive restricted gifts efficiently.<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
* [Sherif] - Setting up a transparent discussion with the community on 1) Fair & reasonable expenses, 2) Chapter tiers - how to we provide autonimy and services to various chapter levels. I would like a round table on what they red flags are from each board members & upcoming board members) in order to incorporate into a document and discussions open to the community.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Governance&diff=256105
Governance
2019-11-18T15:53:03Z
<p>Dawnaitken: </p>
<hr />
<div>= Purpose =<br />
Describe high level governance and process at OWASP<br />
<br />
__TOC__<br />
<br />
= OWASP Foundation=<br />
* [[OWASP Strategic Goals]]<br />
== OWASP Global Board==<br />
* [https://www.owasp.org/index.php/About_OWASP#2016_Global_Board_Members Current OWASP Board]<br />
* OWASP Elections<br />
**[[2018 Global Board of Directors Election|2018 Election]]<br />
**[[2017 Global Board of Directors Election|2017 Election]]<br />
** [[2016 Global Board of Directors Election|2016 Election Results]]<br />
** [[2015 Board Elections|2015 Election Results]]<br />
** [[2014 Board Elections|2014]]<br />
** [[2013 Board Elections|2013]]<br />
** [[Membership/2012 Election|2012]]<br />
** [[Membership/2011Election|2011]]<br />
* [[Governance/Board Orientation|Global Board Orientation and On-boarding Process]]<br />
* [[Governance/Board Commitment Agreement|Board Orientation Agreement]] and [[Governance/Board Code of Conduct|Board Code of Conduct]] <br />
* [[OWASP Board Meetings|Global Board Meetings]]<br />
* [[OWASP Board Votes|Board Voting Record]]<br />
<br />
== OWASP Operations Team==<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Employees_and_Contractors_of_the_OWASP_Foundation Current Operations Staff]<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Budgets Foundation Budget]<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Tax_Filings OWASP Tax Filings]<br />
<br />
== Policies ==<br />
* [https://www.owasp.org/index.php/OWASP_Foundation_ByLaws OWASP Foundation By-laws]<br />
* [https://www.owasp.org/index.php/Governance/Conflict_of_Interest_Policy Conflict of Interest Policy and Annual Conflict Questionnaire]<br />
* [https://www.owasp.org/index.php/Governance/Whistleblower_Policy Whistleblower and Anti-Retaliation Policy]<br />
* [https://www.owasp.org/index.php/Governance/Conference_Policies Conference Policies: Anti-Harrassment, Privacy Policy, OWASP Code of Ethics]<br />
* [https://www.owasp.org/index.php/Governance/ConflictHandling Handling a Conflict]<br />
* [https://www.owasp.org/index.php/OWASP_brand_usage_rules Brand Usage Rules]<br />
*[https://www.owasp.org/index.php/Governance/Social_Media_Policy Social Media Policy]<br />
* [https://www.owasp.org/index.php/Governance/Signatory_Policy Foundation Signatory Policy]<br />
* [https://owasp.org/index.php/Governance/CorporateSponsorship Corporate Membership Model]<br />
* [https://docs.google.com/document/d/1ADEy8NhgIqi5vyV0JSvOfeIqfIRQSzlOCLCmhEuPAWA/edit?usp=sharing Project Sponsorship Operational Guidelines]<br />
* [https://www.owasp.org/index.php/Transparency_Policy Transparency Policy: "O" is for Open]<br />
<br />
* Funding and Spending Guidelines:<br />
** [https://docs.google.com/a/owasp.org/document/d/1yX68nS20qj7QNTcDkKCD3hSfFEbJaBKjoWjc2wF_aLA/edit OWASP Grant Funding and Spending Policy]<br />
** [https://www.owasp.org/index.php/Funding - Community, Initiative, and Outreach Funding (replaces and expands OWASP on the Move)]<br />
** [https://docs.google.com/document/d/15XuKIezpBpNH4BQYwSJ8i9125ga8IBE0IpvkO14RukI/edit?usp=sharing Project Spending Guidelines]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Governance&diff=256104
Governance
2019-11-18T15:52:35Z
<p>Dawnaitken: </p>
<hr />
<div>= Purpose =<br />
Describe high level governance and process at OWASP<br />
<br />
__TOC__<br />
<br />
= OWASP Foundation=<br />
* [[OWASP Strategic Goals]]<br />
== OWASP Global Board==<br />
* [https://www.owasp.org/index.php/About_OWASP#2016_Global_Board_Members Current OWASP Board]<br />
* OWASP Elections<br />
**[[2018 Global Board of Directors Election|2018 Election]]<br />
**[[2017 Global Board of Directors Election|2017 Election]]<br />
** [[2016 Global Board of Directors Election|2016 Election Results]]<br />
** [[2015 Board Elections|2015 Election Results]]<br />
** [[2014 Board Elections|2014]]<br />
** [[2013 Board Elections|2013]]<br />
** [[Membership/2012 Election|2012]]<br />
** [[Membership/2011Election|2011]]<br />
* [[Governance/Board Orientation|Global Board Orientation and On-boarding Process]]<br />
* [[Governance/Board Commitment Agreement|Board Orientation Agreement]] and [[Governance/Board Code of Conduct|Board Code of Conduct]] <br />
* [[OWASP Board Meetings|Global Board Meetings]]<br />
* [[OWASP Board Votes|Board Voting Record]]<br />
<br />
== OWASP Operations Team==<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Employees_and_Contractors_of_the_OWASP_Foundation Current Operations Staff]<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Budgets Foundation Budget]<br />
* [https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Tax_Filings OWASP Tax Filings]<br />
<br />
== Policies ==<br />
* [https://www.owasp.org/index.php/OWASP_Foundation_ByLaws OWASP Foundation By-laws]<br />
* [https://www.owasp.org/index.php/Governance/Conflict_of_Interest_Policy Conflict of Interest Policy and Annual Conflict Questionnaire]<br />
* [https://www.owasp.org/index.php/Governance/Whistleblower_Policy Whistleblower and Anti-Retaliation Policy]<br />
* [https://www.owasp.org/index.php/Governance/Conference_Policies Conference Policies: Anti-Harrassment, Privacy Policy, OWASP Code of Ethics]<br />
* [https://www.owasp.org/index.php/Governance/ConflictHandling Handling a Conflict]<br />
* [https://www.owasp.org/index.php/OWASP_brand_usage_rules Brand Usage Rules]<br />
*[https://www.owasp.org/index.php/Governance/Social_Media_Policy Social Media Policy]<br />
* [https://www.owasp.org/index.php/Governance/Signatory_Policy Foundation Signatory Policy]<br />
* [https://owasp.org/index.php/Governance/CorporateSponsorship Corporate Membership Model]<br />
* [https://docs.google.com/document/d/1ADEy8NhgIqi5vyV0JSvOfeIqfIRQSzlOCLCmhEuPAWA/edit?usp=sharing Project Sponsorship Operational Guidelines]<br />
* [https://www.owasp.org/index.php/Transparency_Policy Transparency Policy: "O" is for Open]<br />
<br />
* Funding and Spending Guidelines:<br />
** [https://docs.google.com/a/owasp.org/document/d/1yX68nS20qj7QNTcDkKCD3hSfFEbJaBKjoWjc2wF_aLA/edit OWASP Grant Funding and Spending Policy]<br />
** [https://www.owasp.org/index.php/Funding - Community, Initiative, and Outreach Funding (replaces and expands OWASP on the Move)]<br />
** [https://docs.google.com/document/d/15XuKIezpBpNH4BQYwSJ8i9125ga8IBE0IpvkO14RukI/edit?usp=sharing Project Spending Guidelines]<br />
<br />
<br />
==Request for Comments & Policies under Review==</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=November_2019&diff=256069
November 2019
2019-11-15T17:43:04Z
<p>Dawnaitken: </p>
<hr />
<div><br />
Meeting Date:<br />
Nov 19<br />
<br />
Meeting Time:<br />
11 AM US Pacific - [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=11&day=18&hour=19&min=0&sec=0&p1=16&p2=919&p3=78&p4=136&p5=137&p6=676 other time zones]<br />
<br />
Meeting Location:<br />
Remote<br />
<br />
Virtual: <br />
https://zoom.us/j/194110926 Zoom Meeting Link] Meeting ID: 194-110-926 - [https://zoom.us/j/194110926 local dial in numbers]<br />
<br />
AGENDA<br />
<br />
CALL TO ORDER<br />
<br />
CHANGES TO THE AGENDA<br />
<br />
APPROVAL OF MINUTES<br />
[https://docs.google.com/document/d/1Cw_My8iBG8tfq6mN4Xnc5K5BGk6WBPwxSMXwMpx8qrw/edit?usp=sharing October 2019 Board Minutes]<br />
<br />
REPORTS<br />
<br />
OLD BUSINESS<br />
<br />
NEW BUSINESS<br />
- Vote on Board Member Eligibility Proposal from August F2F<br />
<br />
COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS<br />
<br />
ADJOURNMENT<br />
<br />
<br />
===<br />
<br />
==Old Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]<br />
<br />
==New Business==<br />
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Czech_Republic&diff=256037
Czech Republic
2019-11-12T21:51:53Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Czech Republic|extra=The chapter leader is [mailto:jan.kopecky@owasp.org Jan Kopecky], [mailto:filip.sebesta@owasp.org Filip Sebesta], [mailto:daniel.macs@owasp.org Daniel Macs] and [mailto:jan.masarik@owasp.org Jan Masarik].<br />
|mailinglistsite=https://lists.owasp.org/mailman/listinfo/owasp-czech-republic|emailarchives=http://lists.owasp.org/pipermail/owasp-czech-republic<br />
}}<br />
<br />
'''We are still looking for volunteers.'''<br />
'''If you have organization or technical skills and you want to support OWASP Local Chapter in Czech Republic, do not hesitate to contact us!'''<br />
<br />
== News from OWASP Czech ==<br />
<br />
If you want to stay in touch with us and get latest information, please subscribe to our [https://lists.owasp.org/mailman/listinfo/owasp-czech-republic mailing list] and follow our [https://twitter.com/owasp_czech twitter]. Also check out this web page from time to time!<br />
<br />
== Events ==<br />
'''Upcoming events:'''<br />
It is official, next chapter meeting is happening on 31st of October. We bring you full day of workshops, talks and CTF. Please grab your tickets here: https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-74841933237. The agenda for whole day looks like following:<br />
<br />
=== Morning workshops (registration required) ===<br />
8:00 - 12:00 Nicolas Grégoire: Practicing Burp Suite v2’s new features<br />
<br />
9:00 - 12:00 Kamil Vavra & Martin Bajanik: OWASP Top 10 workshop<br />
<br />
9:00 - 12:00 Petr Kolář & Michal Čábela: Cyber Arena<br />
<br />
=== Afternoon workshops (no registration) ===<br />
13:00 - 17:00 Tuna CTF team: Security & Lockpicking CTF<br />
<br />
13:00 - 18:00 Petr Kolář & Michal Čábela: Cyber Arena Simplified (on demand)<br />
<br />
=== Talks ===<br />
12:00 - 12:15 Opening ceremony with OWASP chapter leaders<br />
<br />
12:15 - 13:00 PIZZA TIME!<br />
<br />
13:00 - 14:15 Mario Heiderich: An Infosec Timeline - Noteworthy Events from 1970 to 2050<br />
<br />
14:15 - 14:30 break<br />
<br />
14:30 - 14:50 Kamila Babayeva & Sebastian Garcia: Fantastic Attacks and How Kalipso can find them<br />
<br />
14:50 - 15:15 Sebastian Garcia & Ondřej Lukáš & Kalin Ivanov: Ludus project - Make honeypots great again!<br />
<br />
15:15 - 15:45 break<br />
<br />
15:45 - 16:30 Michele Orrù: Puppeteer for Evil Minds<br />
<br />
16:30 - 16:45 break<br />
<br />
16:45 - 17:25 Simona Musilova: When A Password Is Not Enough - Developing A New Way Of Protecting Smart Homes<br />
<br />
17:25 - 17:45 break<br />
<br />
17:45 - 18:30 Martin Klubal: ATM Hacking Bluntly<br />
<br />
'''Past events:'''<br />
<br />
'''May 21 2019''' See the schedule [https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-61600211892 Official schedule].<br />
<br />
Slides:<br />
[[File:Does Your IoT Expose You.pdf|thumb|Does Your IoT Expose You]], <br />
[https://exploited.cz/reporting/ What if I told you browsers can tell servers they don't like the response - website],<br />
We Know Where You Are - TBA,<br />
[[File:The Messaging Menagerie.pdf|thumb|The messaging menagerie]] or [https://bit.ly/30vR2ip animated version],<br />
[[File:Cybercriminal Activities Managing a New Android Botnet.pdf|thumb|Cybercriminal Activities Managing a New Android Botnet]], <br />
[https://zembered.com/owasp-talk-why-pentests-suck-and-red-teaming/ Why usual pentests suck?]<br />
<br />
Videos: [https://vimeo.com/album/6106513 Vimeo album]<br />
<br />
'''Feb 12 2019''' See the schedule [https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-55759551319 Official schedule].<br />
<br />
Slides:<br />
[[File:Hacking 101 - OWASP.pdf|thumb|Hacking 101]],<br />
[[File:Black Market of Code signings certs.pdf|thumb|Black Market of Code signings certs]],<br />
[[File:Getting Started with Bug Bounty..pdf|thumb|Getting Started with Bug Bounty]]<br />
<br />
Videos: [https://vimeo.com/album/5778636 Vimeo album]<br />
<br />
'''Nov 14 2018''' See the schedule [https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-51529309552# Official schedule].<br />
<br />
Slides:<br />
[[File:Petr_Stuchlik_The_webhosting_has_no_rights!.pdf|thumb|The webhosting has no rights!]],<br />
[[File:Adela_Hanikova_All_roads_lead_to_domain_admin.pdf|thumb|All roads lead to domain admin]],<br />
[[File:Frantisek_Strasak_Detecting_malware_even_when_it_is_encrypted.pdf|thumb|Detecting malware even when it is encrypted]],<br />
[[File:The_Zeitgeist_of_Darknet.pdf|thumb|The Zeitgeist of Darknet]]<br />
<br />
Videos: [https://vimeo.com/album/5772305 Vimeo album]<br />
<br />
'''May 30 2017''' See the schedule [https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-33997427220# Official schedule].<br />
<br />
'''Dec 7 2015''' See the schedule [https://www.eventbrite.com/e/owasp-czech-chapter-meeting-tickets-19677355500 Official schedule].<br />
<br />
[[Category:OWASP Chapter]]<br />
<br />
== About OWASP ==<br />
* [[How OWASP Works]] for more information about projects and governance<br />
<br />
==OWASP News==<br />
* [http://www.owasp.org/index.php/OWASP_News OWASP Application Security News]<br />
[[Category:Europe]]<br />
<br />
== Sponsors ==<br />
Without our sponsors Local Chapter meeting would not be possible. This way we would like to say "Thank you" to following companies for supporting us:<br />
'''[https://www.eset.com/cz/ ESET]'''<br />
'''[https://www.qualys.com/ Qualys]'''<br />
'''[https://www.excello.cz/ Excello]'''<br />
'''[https://twitter.com/codekiwicom code.kiwi.com]'''</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Pablo.garbossa&diff=256027
User:Pablo.garbossa
2019-11-11T17:12:02Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>Information Security Professional with extensive experience in technical and managerial aspects of Cybersecurity.<br />
<br />
I'm currently working as an Information Security Manager at MercadoLibre.com (NASDAQ: MELI). My main challenges are related to guaranteeing security in the life cycle of software development, management bug bounties initiatives, security in our cloud infrastructure, monitoring of security events and incident response.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Pablo.garbossa&diff=256028
User talk:Pablo.garbossa
2019-11-11T17:12:02Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 11:12, 11 November 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Noobie-boy&diff=256025
User:Noobie-boy
2019-11-11T17:10:36Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>I am a cyber security enthusiast with CEH, having remarkable years experience BugBoutny with<br />
manual penetration, Web Application|Network security testing, Secure Code Review.<br />
<br />
Performing web application penetration testing (WAPT) - Black box|Grey box|White Box<br />
using industry standard frameworks such as OWASP TOP 10, SANS-25, along with<br />
Secure SDLC standards.<br />
Secure Code Reviews as per OWASP guidelines.<br />
Performing vulnerability assessment of various web services (RESTful API).<br />
Identifying security vulnerabilities within the applications which are exposed to the<br />
internet and reporting it to the respective clients along with proper mitigation techniques.<br />
Ensuring quality of the deliverables in line with industry standards and best practice.<br />
Cyber security enthusiast Experience<br />
<br />
Hakersday Jharkhand, Chapter lead<br />
Hakersday Rajasthan, CTM<br />
<br />
Invited as a Speaker in Mahidol University Thailand th 9 Jan 2019<br />
Work Experience<br />
Currently WAPT Security trainer at CTG Security Solutions<br />
VATP<br />
Freelance Pentest Project<br />
Professional Certification and Training<br />
Certified Ethical Hacker (CEH) - CTG Security Solution<br />
WAPT - CTG Security SolutionResponsible Disclosures<br />
<br />
Got bounty and appreciation for reporting a vulnerability in various application such as<br />
Microsoft, AT&T (Under Top 10), ESET, PayTM, Inflectra, Hostinger, Dutch<br />
Government, +50 in Big giant companies.<br />
Active Member in BugCrowd, HackerOne Under 300 rank Hunder in Bugcrowd<br />
Detectify member/researcher ( I already found some Zero Day )</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Noobie-boy&diff=256026
User talk:Noobie-boy
2019-11-11T17:10:36Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 11:10, 11 November 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Events/upcoming_events&diff=256003
OWASP Events/upcoming events
2019-11-08T16:30:53Z
<p>Dawnaitken: /* Regional Events */</p>
<hr />
<div>== Global AppSec Events ==<br />
{| class="wikitable"<br />
|-<br />
! Global AppSec Events<br />
! Date<br />
! Location<br />
! Call for Papers<br />
! Call for Training<br />
! Registration<br />
! Sponsorships<br />
|-<br />
|Global AppSec Dublin<br />
|June 15-19, 2020<br />
|Dublin, Ireland<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|-<br />
|Global AppSec San Francisco<br />
|October 19-23, 2020<br />
|San Francisco, CA<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|}<br />
<br />
== Regional Events ==<br />
<br />
<br />
Regional OWASP events should be entered with all information requested on the [https://ocms.owasp.org JIRA Service Desk Request Form.] Please, provide a reasonable timeframe to allow for approval and an additional request for help. (If there is incomplete information it will delay the process.) <br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date <br />
! Location<br />
|-<br />
| [https://god.owasp.de/ German OWASP Day 2019]<br />
| December 9-10, 2019<br />
| Karlsruhe, German<br />
|-<br />
| [https://2020.appseccalifornia.org/ AppSec California 2020]<br />
| January 21-24, 2020<br />
| Santa Monica, CA<br />
|-<br />
| [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020]<br />
| February 19-21, 2020<br />
| Auckland, New Zealand<br />
|-<br />
| [https://www.owaspseasides.com/ OWASP Seasides]<br />
| March 3-5, 2020<br />
| Panjim Goa, India<br />
|-<br />
| [https://www.snowfroc.com/ SnowFROC 2020]<br />
| March 5, 2020<br />
| Denver, CO<br />
|-<br />
| [https://2020.appsecmorocco.org/ AppSec Morocco & Africa 2020]<br />
| June 4-5, 2020<br />
| Rabat, Morocco<br />
|-<br />
|}<br />
<br />
== Global Partnership Events ==<br />
<br />
The OWASP Foundation global partnership agreements are available for national and international events. This agreement is a strategic yearly agreement with the Foundation and should not be confused with annual regional events that are supported by local chapters. Please submit your request for consideration well in advance for consideration, questions, and approval. [https://ocms.owasp.org JIRA Service Desk Request Form] and choose "Co-marketing" and fill out all required fields and attach the proposed agreement. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date<br />
! Location<br />
! Paid Members email marketing@owasp.org <br />
<br />
|-<br />
|[https://www.blackhat.com/eu-19/?_mc=sem_x_bheur_le_tsnr_bheu_x_goog_x-BHEU2019Beu&ppc=y&kw=x&gclid=EAIaIQobChMI7M7t_9im5QIVAj0MCh1kDAAlEAAYASAAEgK18vD_BwE BlackHat Europe 2019]<br />
|December 2-5, 2019<br />
|London<br />
|€ 200.00 discount code available<br />
|-<br />
*'''Call for LOCAL active OWASP (paid) members that would like to [https://owasp.wufoo.com/forms/blackhat-london-volunteers volunteer] for the OWASP booth at BlackHat London 2019 December 4 & 5'''<br />
<br />
|}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Argentina&diff=255998
Argentina
2019-11-08T15:30:20Z
<p>Dawnaitken: </p>
<hr />
<div>__NOTOC__ <br />
{{Chapter Template|chaptername=Argentina|extra=The chapter leaders are [mailto:martin.tartarelli@owasp.org Martin Tartarelli], [mailto:pablo.garbossa@owasp.org Pablo Garbossa] and [mailto:alejandro.iacobelli@owasp.org Alejandro Federico Iacobelli]<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-argentina|emailarchives=http://lists.owasp.org/pipermail/owasp-argentina}}<br />
<br />
= Bienvenidos =<br />
{| style="width: 100%;"<br />
|-<br />
| style="width: 100%; color: rgb(0, 0, 0);" | <br />
{| style="border: 0px solid ; background: transparent none repeat scroll 0% 0%; width: 100%; -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;"<br />
|-<br />
| style="width: 95%; color: rgb(0, 0, 0);" | <br />
<font size="2pt"><br />
Bienvenido al capitulo local de OWASP Argentina<br />
[https://twitter.com/owasp_arg Seguinos en Twitter!]<br />
</font><br />
<br />
== Actividades Locales ==<br />
<br />
Hay muchas formas de colaborar y contribuir con el capitulo OWASP Argentina.<br><br />
<ul><br />
<li>Participando en cualquiera de los [http://www.owasp.org/index.php/Category:OWASP_Project proyectos] actualmente activos (documentación y herramientas)</li><br />
<li>Proponiendo nuevos proyectos</li><br />
<li>Participando y aportando ideas en nuestra [http://lists.owasp.org/mailman/listinfo/owasp-argentina lista] de correo</li><br />
<li>Asistiendo a las conferencias y reuniones</li><br />
<li>Promoviendo y dando soporte al proyecto OWASP en general</li><br />
</ul><br> <br />
<br />
|}<br />
<br />
<!-- Twitter Box --> <br />
| style="border: 0px solid rgb(204, 204, 204); width: 100%; font-size: 95%; color: rgb(0, 0, 0);" | [[Image:Owasp_Latam_Tour_2019_v1_Logo.jpg|300x300px]]<br />
{|<br />
|-<br />
| style="border: 1px solid rgb(204, 204, 204); width: 100%; font-size: 95%; color: rgb(0, 0, 0); background-color: rgb(236, 236, 236);" | <br />
Use the '''[http://search.twitter.com/search?q=%23LATAMTOUR2019 #Latamtour]''' hashtag for your tweets for Latam Tour (What are [http://hashtags.org/ hashtags]?) <br />
<br />
'''@AppSecLatam Twitter Feed ([http://twitter.com/AppSecLatam follow us on Twitter!])''' <br />
<br />
| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | <br />
|}<br />
<br />
| style="width: 110px; font-size: 95%; color: rgb(0, 0, 0);" | <br />
|}<br />
== Novedades ==<br />
<br><br />
* ''' Apr 2019 - Registracion Abierta! al OWASP Latam Tour 2019 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2019 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones.<br />
</ul><br />
<br />
* ''' Sep 2018 - OWASP UTN - Clase sobre Seguridad en Aplicaciones '''<br />
<ul><br />
“En el mes de Agosto participamos de una clase en la UTN donde presentamos los aspectos de seguridad en aplicaciones web. Brindando un espacio de debate sobre como desarrollar software seguro y como podemos trabajar para implementar estos cambios.<br />
</ul><br />
<br />
* ''' Ago 2018 - OWASP & Hackers BA Special Edition: Web '''<br />
<ul><br />
“Andres Riancho (miembro del capitulo local, brindo en una actividad conjunta en la "[https://www.meetup.com/es/HackersBA/events/zzkrcqyxlbwb/ Meetup HackerBA]" sobre seguridad web dicto "Injecting into URLs / Breaking URL-Encoding". La charla es una revisión de dos vulnerabilidades reales detectadas por Andrés durante análisis de seguridad de aplicaciones. La primera llevó a reportar una vulnerabilidad de bypass de ReCAPTCHA a Google, mientras que la segunda permitió evadir la autenticación de una API.<br />
</ul><br />
<br />
* ''' Apr 2018 - OWASP Cordoba '''<br />
<ul><br />
“El Departmento de Computation e Informática de la Facultad de Ingeniería del Centro Regional Universitario Cordoba IUA, tiene el agrado de invitarlos a la JORNADA OWASP, que se realizara el día 26 de abril de 9 a 18hs, en nuestra universidad.<br />
Mas informacion:http://www.institucional.frc.utn.edu.ar/sistemas/Areas/noticias/Detalle.asp?1996<br />
</ul><br />
<br />
<br><br />
[[Image:owasparglogo2.jpg]]<br />
<br><br />
<br />
= Actividades =<br />
<br />
== Actividades del Capitulo Local ==<br />
<br><br />
* ''' Mar 2018 - Registracion Abierta! al OWASP Latam Tour 2018 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2018 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones.<br />
</ul><br><br />
<br />
* ''' Mar 2017 - Registracion Abierta! al OWASP Latam Tour 2017 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2017 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones.<br><br />
</ul><br><br />
<br />
* ''' Oct 2016 - Participa por una entrada a la Ekoparty Security Conference - Buenos Aires!!!'''<br />
<ul><br />
Seguinos en nuestra cuenta de Twitter, hace RT y participa por una entrada a la "[www.ekoparty.org Ekoparty Security Conference]." <br><br />
</ul><br><br />
<br />
*''' 1-2 Diciembre 2016 - OWASP APPSEC RIO DE LA PLATA 2016'''<br />
<ul><br />
Se realizará el [http://AppSecRiodelaPlata.org OWASP APPSEC RIO DE LA PLATA 2016] en Uruguay del 1 al 2 de diciembre de 2016 en el Auditorio de ANTEL.<br><br />
</ul><br><br />
<br />
* ''' Mar 2016 - Registracion Abierta! al OWASP Latam Tour 2016 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2016 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones<br><br />
</ul><br><br />
<br />
* ''' Apr 2013 - Registracion Abierta! al OWASP Latam Tour 2013 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2013 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones<br><br />
</ul><br><br />
<br />
* ''' Ago 2012 - CFP y CFT abierto para el OWASP AppSec Latam 2012 - Montevideo!'''<br />
<ul><br />
Tenemos el placer de anunciar que el capítulo de [https://www.owasp.org/index.php?title=Uruguay OWASP Uruguay] con la colaboracion del capitulo Argentino será sede de la conferencia [https://www.owasp.org/index.php?title=AppSecLatam2012 '''OWASP AppSec Latam 2012'''] en Montevideo, Uruguay en ANTEL (Empresa Nacional de Telco). El evento se compone de 2 días de entrenamiento (noviembre 18-19), seguido de 2 días de conferencia (noviembre 20-21). [https://www.owasp.org/index.php?title=AppSecLatam2012 Se pueden enviar propuestas completando el formulario correspondientes]. El '''CFP cierra el 31 de Agosto'''.<br><br />
</ul><br><br />
<br />
* ''' May 2012 - Registracion Abierta! al OWASP Latin America Tour 2011 - Buenos Aires!!!'''<br />
<ul><br />
“OWASP Latam Tour Buenos Aires” es parte del programa “[https://www.owasp.org/index.php/LatamTour2012 OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones<br><br />
</ul><br><br />
<br />
* ''' Ago 2011 - Descuento para miembros - Ekoparty Security Conference'''<br />
<ul><br />
Los miembros de OWASP poseen un 15% de descuento para<br />
la registracion a la Conferencia de Seguridad [http://ekoparty.com.ar Ekoparty]. El descuento aplica para la entrada a la conferencia, como también para los<br />
trainings.<br><br />
</ul><br><br />
<br />
* ''' Mar 2011 - Registracion Abierta! al OWASP Argentina Awareness Day como parte del OWASP Latin America Tour 2011 !!!'''<br />
<ul><br />
“OWASP Awareness Day” es parte del programa “[https://www.owasp.org/index.php/LatamTour2011#tab=Buenos_Aires.2C_Argentina OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones<br><br />
</ul><br><br />
<br />
* ''' Jul 2011 - Registracion Abierta! al OWASP Argentina Awareness Day como parte del OWASP Latin America Tour 2011 !!!'''<br />
<ul><br />
“OWASP Awareness Day” es parte del programa “[https://www.owasp.org/index.php/LatamTour2011#tab=Buenos_Aires.2C_Argentina OWASP Latam Tour]” que tiene el objetivo turístico de crear conciencia acerca de los problemas de seguridad de aplicaciones en la región de América Latina. Los contenidos están centrados en proyectos de OWASP bajo el dictado de reconocidos profesionales en seguridad de aplicaciones<br><br />
</ul><br><br />
<br />
* ''' Dic 2010 - OWASP Argentina Chapter Meeting - Presentaciones del Evento !!!'''<br />
<ul><br />
Ya se encuentran publicadas las [http://www.owasp.org/index.php/OWASP_Argentina_Chapter_Meeting#Imagenes_del_Evento presentaciones] del evento realizado el 14 de Oct en la UdeMM.<br><br />
</ul><br><br />
<br />
* ''' Ago 2010 - Nota de OWASP en la revista UdeMM - Nuevo Miembro '''<br />
<ul><br />
Desde el mes de Mayo la Universidad de la Marina Mercante (UdeMM) se incorporo como miembro de OWASP para ayudar a fomentar las metodologias, herramientas y proyectos informaticos que OWASP desarrolla y mantiene con gran esfuerzo. [http://www.udemm.edu.ar/novedades/Novedades%2050.pdf En la nota realizada a Pablo Romanos] (a cargo del proyecto) encontraremos como fue presentado OWASP en la Universidad..<br><br />
[http://www.udemm.edu.ar/novedades/Novedades%2050.pdf Nota de la Revista]<br />
</ul><br><br />
<br />
* ''' Jul 2010 - OWASP Argentina Day - Presentaciones del Evento !!!'''<br />
<ul><br />
Ya se encuentran publicadas las [http://www.owasp.org/index.php/OWASP_Day_Argentina_2010 presentaciones]del evento realizado el 30 de Jun en la Facultad de Ingeniería de la UBA.<br><br />
</ul><br><br />
<br />
* ''' Jun 2010 - Web Application Security Training - Descuentos miembros OWASP '''<br />
<ul><br />
[http://www.bonsai-sec.com Bonsai Information Security] los invita al Curso de Seguridad en Aplicaciones Web que se estará presentando los dias 14 y 15 de Julio en la ciudad de Buenos Aires.<br><br />
Interesados, visitar el siguiente [http://www.bonsai-sec.com/es/education/web-security-buenos-aires.php enlace].<br> <br />
Cabe destacar que los '''miembros de OWASP (registrados antes del 1 de Junio) obtienen un descuento especial del 20%'''.<br />
</ul><br><br />
<br />
* ''' Jun 2010 - OWASP Argentina Day - Registracion Abierta !!!'''<br />
<ul><br />
OWASP Argentina, en conjunto con la Facultad de Ingeniería de la UBA abre la registracion a las primeras Jornadas de seguridad Web - OWASP Day a realizarse el día 30 de Junio en Buenos Aires, Argentina. <br><br />
Mas Informacion y como registrarse: [http://www.owasp.org/index.php/OWASP_Day_Argentina_2010 aqui]<br><br />
</ul><br><br />
<br />
* ''' May 2010 - OWASP Argentina Day - CFP is Open !!! (Llamada a oradores) '''<br />
<ul><br />
OWASP Argentina, en conjunto con la Facultad de Ingeniería de la UBA abre la llamada a oradores para la Jornada de seguridad Web - OWASP Day a realizarse el día 30 de Junio en Buenos Aires, Argentina. <br><br />
Mas info: [http://www.owasp.org/index.php/OWASP_Day_Argentina_2010 aqui]<br><br />
</ul><br><br />
<br />
* ''' Nov 2009 - Proxima Reunion de OWASP Argentina!!! '''<br />
<ul><br />
Nos juntamos el '''Jueves 3 de Diciembre''' 19:30 hs para divertirse, tomar algo, despedir el año y plantear ideas para el proximo. <br><br />
Donde? '''Buller Pub Downtown''': Paraguay 428. Capital Federal <br><br />
Como llegar? http://www.bullerpub.com/comollegar.htm <br><br />
Como anotarse? Enviando un mail a la [http://lists.owasp.org/mailman/listinfo/owasp-argentina lista].<br />
</ul><br><br />
<br />
* ''' Jun 2009 - Enigform en Trophees du Libre 2009 '''<br />
<ul><br />
[http://blogs.buanzo.com.ar/ Arturo 'Buanzo' Busleiman] fue seleccionado como uno de los tres finalistas en la categoria Seguridad de los [http://www.trophees-du-libre.org/content/blogcategory/16/51/ Trophees du Libre 2009] en el que obtuvo el segundo lugar con el proyecto [http://www.owasp.org/index.php/Category:OWASP_OpenPGP_Extensions_for_HTTP_-_Enigform_and_mod_openpgp Enigform y mod_openpgp]. Dicha herramienta permite la utilizacion de OpenPGP para construir un sistema de inicio y administración de sesiones web, así como verificacion de integridad de solicitudes y respuestas HTTP.<br />
</ul><br><br />
<br />
* ''' Jun 2009 - Curso de Seguridad en Aplicaciones Web '''<br />
<ul><br />
Andrés Riancho de [http://www.bonsai-sec.com/ Bonsai Information Security], estará brindando un [http://www.bonsai-sec.com/es/education/web-security-buenos-aires.php curso de seguridad en aplicaciones Web] en el mes de Julio, en el cual los '''miembros de OWASP tienen un 20% de descuento'''. Para más información sobre el curso haga click [http://www.bonsai-sec.com/es/education/web-security-buenos-aires.php aquí].<br />
</ul><br><br />
<br />
* ''' Nov 2008 - Primer Reunion de OWASP Argentina!!! '''<br />
<ul><br />
Cuando? El '''Jueves 27 de noviembre''' a partir de las 19hs.<br><br />
Donde? '''1745 Pub, Bartolome Mitre 1745. Capital Federal.'''<br><br />
Para? Divertirse, tomar algo y charlar.<br><br />
Como anotarse? Enviando un mail a la [http://lists.owasp.org/mailman/listinfo/owasp-argentina lista].<br />
</ul><br><br />
<br />
* ''' Oct 2008 - OWASP NYC 2008 Videos Disponibles '''<br />
<ul><br />
Se encuentran disponibles los [https://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference videos] de la conferencia OWASP NYC 2008. Son aproximadamente 56 videos (unas 40 horas) LIBRES!<br />
</ul><br><br />
<br />
* ''' Oct 2008 - OWASP_EU_Summit 2008 en Español '''<br />
<ul><br />
[http://www.google.com/search?hl=en&q=buanzo&btnG=Google+Search Arturo 'Buanzo' Busleiman] Realizo la traducción al español del [https://www.owasp.org/index.php/OWASP_EU_Summit_2008_ES_Spanish OWASP EU Summit 2008] que se realizara en Portugal y Algarve del 4 al 7 de Noviembre.<br />
</ul><br><br />
<br />
* ''' Oct 2008 - Nuevo líder de capitulo Argentina '''<br />
<ul><br />
El capitulo local Argentino ha sido renovado con la intención de crear una comunidad activa en el estudio y la investigación de la seguridad en aplicaciones, aportando ideas, conocimientos y experiencias. Están todos invitados a contribuir !!!<br />
</ul><br><br />
<br />
* ''' Sep 2008 - OWASP NYC AppSec 2008 Conference'''<br />
<ul><br />
[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference-SPEAKER-Andres_Riancho Andres Riancho] fue invitado al evento OWASP NYC AppSec para presentar su proyecto [http://w3af.sf.net/ w3af].<br />
</ul><br><br />
<br />
* ''' Jul 2008 - OWASP Project '''<br />
<ul><br />
[https://www.owasp.org/index.php/Project_Information:template_Enigform_and_mod_OpenPGP Template Enigform and mod OpenPGP] sponsoreado por [http://www.owasp.org/index.php/OWASP_Summer_of_Code_2008 OWASP Summer of Code 2008]<br />
</ul><br><br />
<br />
* ''' Jul 2008 - OWASP Project '''<br />
<ul><br />
[http://www.owasp.org/index.php/Category:GTK_plus_GUI_for_w3af_Project GTK + GUI for w3af Project] sponsoreado por [http://www.owasp.org/index.php/OWASP_Summer_of_Code_2008 OWASP Summer of Code 2008]<br />
</ul><br />
<br><br />
<br />
== Herramientas e Investigación ==<br />
<br />
* ''' w3af - Web Application Attack and Audit Framework '''<br />
<ul><br />
Andres Riancho publico el nuevo release de [http://w3af.sourceforge.net/ w3af]. [http://w3af.sourceforge.net/ w3af] es un proyecto Open Source que automatiza las técnicas de auditoria y explotacion de vulnerabilidades web. [http://w3af.sourceforge.net/ w3af] esta escrito en [http://es.wikipedia.org/wiki/Python Python] y se divide en 3 fases principales mediante el uso de plugins: '''Discovery''', '''Audit''' and '''Attack'''. Las fases se unen entre sí para detectar y explotar la mayor cantidad de vulnerabilidades posibles.<br><br />
</ul><br />
* ''' Enigform '''<br />
<ul><br />
[http://enigform.mozdev.org/ Enigform] es una extension firefox que extiende HTTP agregando capacidades de firma digital para solicitudes GET, POST y AJAX, brindando proteccion contra distintos tipos ataques. [http://enigform.mozdev.org/ Enigform] fue desarrollado por [http://www.buanzo.com.ar/ Arturo Busleiman] (alias Buanzo) y logro el patrocinio por [http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Applications#Buanzo_-_Enigform:_Firefox_Addon_for_OpenPGP_signing_of_HTTP_requests OWASP Spring Of Code 2007]<br />
</ul><br />
<br><br />
<br />
= Sponsors =<br />
<br />
Para información sobre el patrocinio de nuestros eventos y del capitulo Argentino por favor [mailto:martin.tartarelli@owasp.org contactese] con nosotros.<br />
<br /><br /><br />
<br />
== Educational Supporters ==<br />
[[Image:udemm.png|link=http://www.udemm.edu.ar]]<br><br />
<br />
== Chapter Supporters ==<br />
<br><br />
[[Image:Infobyte-logo.png|link=http://infobytesec.com|100x100px]]<br />
[[Image:Ariancho.jpg|link=https://andresriancho.com|50x50px]]<br />
<br><br />
<br />
= Reuniones =<br />
<br />
== Te Esperamos ==<br />
<br><br />
Se proponen reuniones trimestrales y grupos de estudio a formarse relacionados en temas de Seguridad Informatica. Se nombran alguno de ellos:<br />
<ul><br />
<li> Análisis de las nuevas tecnologías de la información y las comunicaciones.</li><br />
<li>Análisis de productos (Software & Appliances).</li><br />
<li>Investigación de fallas y vulnerabilidades.</li><br />
<li>Desarrollo de programas y técnicas de exploit relacionadas.</li><br />
<li>Documentación de soluciones de seguridad.</li><br />
<li>Desarrollo de herramientas de seguridad.</li><br />
<li>Demostraciones. Debates y desarrollo investigativo.<br></li><br />
</ul><br />
= Beneficios Para Miembros =<br />
<br />
== Beneficios Para Miembros Activos ==<br />
<br />
=== Eventos Abiertos ===<br />
<br />
* Descuentos para la Conferencia de Seguridad Informatica [http://ekoparty.org Ekoparty]<br />
<br />
=== Capacitaciones ===<br />
<br />
* 15% de descuento en cursos de [http://www.root-secure.com Root-Secure]<br />
* 15% de descuento en cursos de [http://www.segu-info.com.ar Segu-Info]<br />
* 15% de descuento en cursos de [http://www.siclabs.com SIClabs]<br />
<br><br />
<br />
= Trabajo Argentina =<br />
<br><br />
Creamos esta [https://www.owasp.org/index.php/Trabajo-Argentina página] para mejorar la comunicación entre potenciales empleados y reclutadores de talentos relacionados con seguridad en aplicaciones y seguridad informática en general. Esta página es únicamente para trabajos en Argentina!<br />
Para publicar una búsqueda activa por favor enviar un email a Andrés Riancho (andres@andresriancho.com) incluyendo esta información. La pagina es mantenida en conjunto con Martin Tartarelli (martin.tartarelli@owasp.org), líder del capitulo local de OWASP en Argentina. <br />
<br><br />
<br />
= Sobre OWASP Argentina =<br />
<br><br />
Si desea formar parte y mantenerse informado de nuestras actividades, realizar consultas o participar en proyectos de nuestro capítulo, por favor, suscríbase a nuestra [http://lists.owasp.org/mailman/listinfo/owasp-argentina lista] de correo.<br><br />
<br><br />
*[[User:Tartamar|Martin Tartarelli]] (Lider)<br />
*[[User:Andres.Riancho|Andres Riancho]] (Co-Lider)<br />
*[[User:Walter.Riveros|Walter Riveros]] (Co-Lider)<br />
<br><br />
[[Image:owasparglogo2.jpg]]<br />
<br />
<headertabs /><br />
<br />
[[Category:OWASP Chapter]]<br />
[[Category:Latin America]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:RTG&diff=255995
User:RTG
2019-11-08T12:41:42Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>I am a senior Computer Science student passionate about cyber security. I have research experience in digital forensics and am exploring penetration testing now. Public speaking also draws my interest and as a result, I am a member of the Toastmaster club in my campus. I also like playing and watching football.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:RTG&diff=255996
User talk:RTG
2019-11-08T12:41:42Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 06:41, 8 November 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User:Daniel.conderodriguez&diff=255993
User:Daniel.conderodriguez
2019-11-08T12:37:30Z
<p>Dawnaitken: Creating user page for new user.</p>
<hr />
<div>BS Computer Engineer from UPV/EHU. Linux Foundation Sysadmin & Odin Automation Certified Engineer. Currently working as Webhosting Service Operations Team Manager at a Spanish Telecom. With more than a decade of experience as systems administrator in cloud computing enterprises, he has been crafting cibersecurity solutions and threat hunting. Speaker in Information Security events such as EuskalHack.</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=User_talk:Daniel.conderodriguez&diff=255994
User talk:Daniel.conderodriguez
2019-11-08T12:37:30Z
<p>Dawnaitken: Welcome!</p>
<hr />
<div>'''Welcome to ''OWASP''!'''<br />
We hope you will contribute much and well.<br />
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages].<br />
Again, welcome and have fun! [[User:Dawnaitken|Dawnaitken]] ([[User talk:Dawnaitken|talk]]) 06:37, 8 November 2019 (CST)</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=OWASP_Events/upcoming_events&diff=255978
OWASP Events/upcoming events
2019-11-07T13:09:30Z
<p>Dawnaitken: /* Regional Events */</p>
<hr />
<div>== Global AppSec Events ==<br />
{| class="wikitable"<br />
|-<br />
! Global AppSec Events<br />
! Date<br />
! Location<br />
! Call for Papers<br />
! Call for Training<br />
! Registration<br />
! Sponsorships<br />
|-<br />
|Global AppSec Dublin<br />
|June 15-19, 2020<br />
|Dublin, Ireland<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|-<br />
|Global AppSec San Francisco<br />
|October 19-23, 2020<br />
|San Francisco, CA<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|Coming Soon<br />
|}<br />
<br />
== Regional Events ==<br />
<br />
<br />
Regional OWASP events should be entered with all information requested on the [https://ocms.owasp.org JIRA Service Desk Request Form.] Please, provide a reasonable timeframe to allow for approval and an additional request for help. (If there is incomplete information it will delay the process.) <br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date <br />
! Location<br />
|-<br />
| [https://god.owasp.de/ German OWASP Day 2019]<br />
| December 9-10, 2019<br />
| Karlsruhe, German<br />
|-<br />
| [https://2020.appseccalifornia.org/ AppSec California 2020]<br />
| January 21-24, 2020<br />
| Santa Monica, CA<br />
|-<br />
| [https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2020 OWASP New Zealand Day 2020]<br />
| February 20-21, 2020<br />
| Auckland, New Zealand<br />
|-<br />
| [https://www.owaspseasides.com/ OWASP Seasides]<br />
| March 3-5, 2020<br />
| Panjim Goa, India<br />
|-<br />
| [https://www.snowfroc.com/ SnowFROC 2020]<br />
| March 5, 2020<br />
| Denver, CO<br />
|-<br />
| [https://2020.appsecmorocco.org/ AppSec Morocco & Africa 2020]<br />
| June 4-5, 2020<br />
| Rabat, Morocco<br />
|-<br />
|}<br />
<br />
== Global Partnership Events ==<br />
<br />
The OWASP Foundation global partnership agreements are available for national and international events. This agreement is a strategic yearly agreement with the Foundation and should not be confused with annual regional events that are supported by local chapters. Please submit your request for consideration well in advance for consideration, questions, and approval. [https://ocms.owasp.org JIRA Service Desk Request Form] and choose "Co-marketing" and fill out all required fields and attach the proposed agreement. <br />
<br />
{| class="wikitable"<br />
|-<br />
! Event<br />
! Date<br />
! Location<br />
! Paid Members email marketing@owasp.org <br />
<br />
|-<br />
|[https://www.blackhat.com/eu-19/?_mc=sem_x_bheur_le_tsnr_bheu_x_goog_x-BHEU2019Beu&ppc=y&kw=x&gclid=EAIaIQobChMI7M7t_9im5QIVAj0MCh1kDAAlEAAYASAAEgK18vD_BwE BlackHat Europe 2019]<br />
|December 2-5, 2019<br />
|London<br />
|€ 200.00 discount code available<br />
|-<br />
*'''Call for LOCAL active OWASP (paid) members that would like to [https://owasp.wufoo.com/forms/blackhat-london-volunteers volunteer] for the OWASP booth at BlackHat London 2019 December 4 & 5'''<br />
<br />
|}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Moscow&diff=255963
Moscow
2019-11-05T20:18:18Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Moscow|extra=The chapter leaders are [mailto:boris.savkov@owasp.org Boris Savkov] and [mailto:taras.ivashchenko@owasp.org Taras Ivashchenko]<br />
|meetupurl=https://www.meetup.com/OWASP-Russia/|region=Europe}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Moscow&diff=255962
Moscow
2019-11-05T20:17:58Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Moscow|extra=The chapter leader is [mailto:boris.savkov@owasp.org Boris Savkov] and [mailto:taras.ivashchenko@owasp.org Taras Ivashchenko]<br />
|meetupurl=https://www.meetup.com/OWASP-Russia/|region=Europe}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Moscow&diff=255961
Moscow
2019-11-05T19:53:02Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Moscow|extra=The chapter leader is [mailto:boris.savkov@owasp.org Boris Savkov] and [mailto:taras.ivashchenko@owasp.org Taras Ivashchenko]<br />
|meetupurl=CHANGEME|region=Europe}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Moscow&diff=255960
Moscow
2019-11-05T19:51:00Z
<p>Dawnaitken: </p>
<hr />
<div>{{Chapter Template|chaptername=Moscow|extra=The chapter leader is [mailto:CHANGEME@CHANGEME.COM CHANGEME NAME]|meetupurl=CHANGEME|region=Europe}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Category:Europe&diff=255959
Category:Europe
2019-11-05T19:50:45Z
<p>Dawnaitken: </p>
<hr />
<div>To request to start a new chapter or restart an existing one, visit the [http://www.tfaforms.com/261541 Chapter Request Form].<br />
<br />
{{columns-list|3|<br />
;'''[[Austria]]''':[[Vienna]]<br />
----<br />
;'''[[Azerbaijan]]'''<br />
----<br />
;'''[[Belgium]]'''<br />
----<br />
;'''[[Bulgaria]]''':[[Sofia]]<br />
----<br />
;'''[[Cyprus]]'''<br />
----<br />
;'''[[Czech Republic]]'''<br />
----<br />
;'''[[Denmark]]''':[[Aarhus]]<br/>[[Copenhagen]]<br />
----<br />
;'''[[:Category:Finland|Finland]]''':[[Helsinki]]<br />
----<br />
;'''[[France]]'''<br />
----<br />
;'''[[Germany]]'''<br />
----<br />
;'''[[Greece]]'''<br />
----<br />
;'''[[Hungary]]'''<br />
----<br />
;'''[[:Category:Ireland|Ireland]]''':[[Belfast]]<br/>[[Cork]]<br>[[Ireland-Dublin|Dublin]]<br/>[[Letterkenny]]<br />
----<br />
;'''[[Israel]]'''<br />
----<br />
;'''[[Italy]]'''<br />
----<br />
;'''[[Latvia]]'''<br />
----<br />
;'''[[Lithuania]]'''<br />
----<br />
;'''[[Luxembourg]]'''<br />
----<br />
;'''[[Macedonia]]'''<br />
----<br />
;'''[[Malta]]'''<br />
----<br />
;'''[[Netherlands]]'''<br />
----<br />
;'''[[:Norway]]'''<br />
----<br />
;'''[[Poland]]'''<br />
----<br />
;'''[[Portugal]]''':[[Porto]]<br />
----<br />
;'''[[Romania]]''':[[Bucharest]]<br />[[Cluj]]<br />[[Timisoara]]<br/>[[University Lucian Blaga of Sibiu]]<br />
----<br />
;'''[[Russia]]''':[[Moscow]]<br />
----<br />
;'''[[Scotland]]'''<br />
----<br />
;'''[[:Category:Spain|Spain]]''':[[Almeria]]<br/>[[Bilbao]]<br/>[[Canary Islands]]<br/>[[Madrid]]<br/>[[Sevilla]]<br/>[[Zaragoza]]<br />
----<br />
;'''[[:Category:Sweden|Sweden]]''':[[East Sweden]]<br/>[[Gothenburg]]<br/>[[JKPG]]<br/>[[Northern Sweden]]<br/>[[Stockholm]]<br />
----<br />
;'''[[:Category:Switzerland|Switzerland]]''':[[Geneva]]<br/>[[Switzerland]] (Zurich)<br />
----<br />
;'''[[:Category:Turkey|Turkey]]''':[[Turkey]]<br/>[[Ankara]]<br />
----<br />
;'''[[:Category:Ukraine|Ukraine]]''':[[Dnipro]]<br/>[[Kharkiv]]<br/>[[Kyiv]]<br/>[[Lviv]]<br/>[[Odessa]]<br />[[Ukraine]]<br/>[[Zhytomyr]]<br />
----<br />
;'''[[:Category:United Kingdom|United Kingdom]]''':[[Birmingham]]<br/>[[Bristol]]<br/>[[Cambridge]]<br/>[[Dorset]]<br/>[[Liverpool]]<br/>[[London]]<br/>[[Manchester|Manchester (UK)]]<br/>[[Newcastle]]<br/>[[Suffolk]]<br/>[[Warwick]]<br/>[[Worcestershire]]<br />
<br />
}}<br />
<br />
<br />
<noinclude><br />
This [[:Special:Categories|category]] is meant to contain all [[:Category:OWASP Chapter|OWASP Chapters]] in Europe.<br />
A Inactive chapters are marked with an (i) and are seeking new leaders.<br />
<br />
<br />
[[Category:OWASP Chapter]]<br />
</noinclude></div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Russia&diff=255956
Russia
2019-11-05T18:49:00Z
<p>Dawnaitken: Removed protection from "Russia"</p>
<hr />
<div>{{Inactive Chapter}}<br />
<br />
__NOTOC__<br />
= Добро пожаловать на страницу российского отделения OWASP! =<br />
<br />
[[File:500px-Owasp_ru_logo1.png|350x350px]]<br />
<br />
Открытый проект по обеспечению безопасности веб-приложений (OWASP) представляет собой некоммерческий (501c3), образовательный, благотворительный фонд, помогающий организациям начать проектировать, разрабатывать, приобретать, использовать и поддерживать безопасное ПО. Все инструменты, документы, форумы и отделения OWASP являются бесплатными и открытыми для тех, кто заинтересован в улучшении безопасности приложений.<br />
<br />
== События и встречи ==<br />
Регистрация на будущие встречи российского отделения OWASP, а также информация о прошедших мероприятиях публикуется [https://www.meetup.com/OWASP-Russia на нашей странице в сервисе Meetup.com]. Презентации доступны в [https://speakerdeck.com/owasprussia Speaker Deck], а видеозаписи докладов можно найти на [https://vimeo.com/owasprussia Vimeo]. Чтобы следить за последними новостями подписывайтесь:<br />
<br />
{| border="0" cellpadding="5"<br />
|-<br />
| [[File:Telegram 48.png|32x32px|link=https://t.me/OWASP_RU]]<br />
| [[File:Vimeo 48.png|32x32px|link=https://vimeo.com/owasprussia]]<br />
| [[File:Speakerdeck 48.png|32x32px|link=https://speakerdeck.com/owasprussia]]<br />
| [[File:Meetup 48.png|32x32px|link=https://www.meetup.com/OWASP-Russia]]<br />
| [[File:Twitter48.png|32x32px|link=https://twitter.com/owasp_ru]] <br />
|}<br />
<br />
=== Выступить на будущей встрече ===<br />
У вас есть интересная тема для выступления на одной из будущих встреч российского отделения OWASP? Отлично! Заполните [https://forms.gle/TbVyXNdobSKMSMZ29 форму подачи заявки].<br />
<br />
== Команда российского отделения OWASP==<br />
<br />
* [[User:Taras_Ivashchenko|Тарас Иващенко]], руководитель российского отделения OWASP<br />
* [mailto:luka.safonov@owasp.org Лука Сафонов]<br />
* [mailto:boris.savkov@owasp.org Борис Савков]<br />
<br />
== Присоединиться ==<br />
<br />
Существует множество способов принять участие в жизни российского отделения OWASP:<br />
<br />
* Участие в любом из активных [http://www.owasp.org/index.php/Category:OWASP_Project проектов] (в т.ч. написание утилит и документации)<br />
* Предложение новых проектов<br />
* Переводы существующих проектов на русский язык<br />
* Помощь в организации конференций и встреч<br />
* Продвижение и поддержка проекта OWASP в целом<br />
<br />
== Поддержать ==<br />
Хотели бы помочь развитию OWASP Russia и стать "Local Chapter Supporter"? Больше информации [https://www.owasp.org/index.php/Local_Chapter_Supporter здесь].<br />
<br />
{{Chapter Template|chaptername=Russia|extra=The chapter leader is [[User:Taras_Ivashchenko|Taras Ivaschenko]]<br />
|mailinglistsite=https://groups.google.com/a/owasp.org/forum/#!forum/russia-chapter}}<br />
<br />
[[Category:OWASP Chapter]] <br />
[[Category:Europe]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=Porto_Alegre&diff=255955
Porto Alegre
2019-11-05T18:26:39Z
<p>Dawnaitken: Replaced content with "{{Inactive Chapter}} {{Chapter Template|chaptername=Porto Alegre|extra=The chapter leader position is '''OPEN.''' |mailinglistsite=http://lists.owasp.org/mailman/listin..."</p>
<hr />
<div>{{Inactive Chapter}} <br />
<br />
<br />
{{Chapter Template|chaptername=Porto Alegre|extra=The chapter leader position is '''OPEN.'''<br />
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-poa|emailarchives=http://lists.owasp.org/pipermail/owasp-poa}}</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=National_Institute_of_Technology_Tiruchirappalli&diff=255937
National Institute of Technology Tiruchirappalli
2019-11-04T18:47:45Z
<p>Dawnaitken: </p>
<hr />
<div><h1 style="color:orange;">'''STUDENT CHAPTER'''<br />
</h1><br />
<br />
<br />
{{Chapter Template|chaptername=National Institute of Technology Tiruchirappali|extra=The chapter leaders are [mailto:raj.sureja@owasp.org Raj Sureja], [mailto:anshuman.agrawalis@owasp.org Anshuman Agrawalis] and [mailto:pranav.satish@owasp.org Pranav Satish]<br />
|meetupurl=https://www.meetup.com/OWASP-NIT-Tiruchirappalli-Student-Chapter/|region=Asia/Pacific/Middle East}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken
https://wiki.owasp.org/index.php?title=National_Institute_of_Technology_Tiruchirappalli&diff=255936
National Institute of Technology Tiruchirappalli
2019-11-04T18:19:41Z
<p>Dawnaitken: </p>
<hr />
<div><h1 style="color:orange;">'''STUDENT CHAPTER'''<br />
</h1><br />
<br />
<br />
{{Chapter Template|chaptername=National Institute of Technology Tiruchirappali|extra=The chapter leaders are [mailto:raj.sureja@owasp.org Raj Sureja], [mailto:anshuman.agrawalis@owasp.org Anshuman Agrawalis] and [mailto:pranav.satish@owasp.org Pranav Satish]<br />
|meetupurl=CHANGEME|region=Asia/Pacific/Middle East}}<br />
<br />
== Local News ==<br />
<br />
'''Meeting Location'''<br />
<br />
Everyone is welcome to join us at our chapter meetings.<br />
<br />
[[Category:OWASP Chapter]]</div>
Dawnaitken