https://wiki.owasp.org/api.php?action=feedcontributions&user=Jason+Taylor&feedformat=atomOWASP - User contributions [en]2024-03-29T08:46:54ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=115076OWASP Exams Project2011-08-04T19:31:22Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam - Single Select]]<br />
* [[OWASP Top 10 Threats and Mitigations Exam - Multiple Select|Corresponding Multiple Select questions]]<br />
<br />
The multiple select exam contains a sub-set of questions from the single select exam, however, they have been changed so that there are multiple correct answers to choose from. We are interested in feedback on which type of exam people prefer. Multiple select exams are much harder and the answers sometime feel more ambiguous. Single select exams are easier since you only need to select the one best answer to get the question right.<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course. <br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam. <br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com TeamMentor OWASP Edition]. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library TeamMentor OWASP Library Source]. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ Guidance Explorer Authoring Tool]. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
==== Sponsor ====<br />
[[Image:SILogoHoriz-300x49.jpg]]<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=115075OWASP Exams Project2011-08-04T19:30:55Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam - Single Select]]<br />
* [[OWASP Top 10 Threats and Mitigations Exam - Multiple Select|Corresponding Multiple Select questions]]<br />
<br />
The multiple select exam contains a sub-set of questions from the single select exam, however they have been changed so that there are multiple correct answers to choose from. We are interested in feedback on which type of exam people prefer. Multiple select exams are much harder and the answers sometime feel more ambiguous. Single select exams are easier since you only need to select the one best answer to get the question right.<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course. <br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam. <br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com TeamMentor OWASP Edition]. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library TeamMentor OWASP Library Source]. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ Guidance Explorer Authoring Tool]. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
==== Sponsor ====<br />
[[Image:SILogoHoriz-300x49.jpg]]<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=107564OWASP Exams Project2011-03-24T19:40:17Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course. <br />
* [http://www.owaspa.org/moodle/ OWASP Top 10 Threats and Mitigations] eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam. <br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com TeamMentor OWASP Edition]. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library TeamMentor OWASP Library Source]. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ Guidance Explorer Authoring Tool]. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=File:Certification_-_January_2011_OWASP_Acadamies_Meeting_v0.2.pdf&diff=102729File:Certification - January 2011 OWASP Acadamies Meeting v0.2.pdf2011-01-31T17:04:08Z<p>Jason Taylor: uploaded a new version of "File:Certification - January 2011 OWASP Acadamies Meeting v0.2.pdf":&#32;Changed to OWASP PPT template</p>
<hr />
<div></div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102434OWASP Exams Project2011-01-28T17:58:54Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* OWASP Top 10 Threats and Mitigations eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course. Available by 2/4.<br />
* OWASP Top 10 Threats and Mitigations [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam. Available by 2/4.<br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com TeamMentor OWASP Edition]. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library TeamMentor OWASP Library Source]. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ Guidance Explorer Authoring Tool]. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102433OWASP Exams Project2011-01-28T17:57:48Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations''' eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course. Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations''' [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam. Available by 2/4.<br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102432OWASP Exams Project2011-01-28T17:56:32Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations [http://en.wikipedia.org/wiki/Sharable_Content_Object_Reference_Model SCORM] exam.''' Available by 2/4.<br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Top_10_Threats_and_Mitigations_Exam&diff=102387OWASP Top 10 Threats and Mitigations Exam2011-01-28T12:50:39Z<p>Jason Taylor: </p>
<hr />
<div><center>'''Course Title: OWASP Top 10 Threats and Mitigation'''</center><br />
<br />
<center></center><br />
<br />
<center>'''Exam Questions'''</center><br />
<br />
<br />
<br />
<br />
<br />
Which of the following can be caused by an injection attack? <br />
<br />
# Spoofing <br />
# Data loss '''(Correct)'''<br />
# Denial of service '''(Correct)'''<br />
# Insecure direct object references<br />
<br />
<br />
<br />
Which threat can occur in languages that do not support a clear distinction between code and data? <br />
<br />
# Injection '''(Correct)'''<br />
# Insecure direct object references <br />
# Failure to restrict URL access <br />
# Insufficient transport layer protection <br />
<br />
<br />
<br />
Which of the following scenarios can lead to an injection attack?<br />
<br />
# Unvalidated input is embedded in an instruction stream. '''(Correct)'''<br />
# Unvalidated input cannot be distinguished from valid instructions. '''(Correct)'''<br />
# A Web application does not validate a client’s access to a resource. <br />
# A Web action performs an operation on behalf of the user without checking a shared secret. <br />
<br />
<br />
<br />
Which threat is your Web application susceptible to if a user can pass specially crafted input that invokes semantic control codes? <br />
<br />
# Injection '''(Correct)'''<br />
# Insecure direct object references <br />
# Failure to restrict URL access <br />
# Insufficient transport layer protection <br />
<br />
<br />
<br />
Which of the following techniques can be used to protect against injection attacks?<br />
<br />
# Input validation '''(Correct)'''<br />
# Allow list '''(Correct)'''<br />
# Escaping '''(Correct)'''<br />
# Memory size checks<br />
# Validate integer values before referencing arrays<br />
<br />
<br />
<br />
<br />
<br />
Which of the following components are vulnerable to injection attacks? <br />
<br />
# Control constructs<br />
# Registry keys <br />
# Regular expressions '''(Correct)'''<br />
# SQL queries based on user input '''(Correct)'''<br />
<br />
<br />
<br />
Which control construct can be used to perform an SQL injection attack? <br />
<br />
# Single quote (') '''(Correct)'''<br />
# Null (\0) byte<br />
# Less than sign(&lt;)<br />
# Greater than sign(&gt;)<br />
<br />
<br />
<br />
Which two mitigation techniques when used in combination can help you strictly define valid input? <br />
<br />
# Allow list ('''Correct''')<br />
# Block list '''(Correct)'''<br />
# Table indirection <br />
# Escaping<br />
<br />
<br />
<br />
Which of the following are architecture-level techniques used to prevent attacks based on malicious input? <br />
<br />
# Allow list <br />
# Table indirection '''(Correct)'''<br />
# Escaping <br />
# Object class for user input '''(Correct)'''<br />
<br />
<br />
<br />
Which mitigation technique helps you tell the parser that a specific character is a literal and not a control character? <br />
<br />
# Table indirection <br />
# Allow list <br />
# Escaping '''(Correct)'''<br />
# Block list <br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
You should use a blacklist wherever possible; use whitelists only as a secondary defense. <br />
<br />
# True <br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which mitigation technique helps you define disallowed inputs? <br />
<br />
# Allow list <br />
# Block list '''(Correct)'''<br />
# Table indirection <br />
# Escaping <br />
<br />
<br />
<br />
Which threat is caused by an injection attack into a browser?<br />
<br />
# Cross-site scripting '''(Correct)'''<br />
# Cross-site request forgery <br />
# Insecure direct object references <br />
# Broken authentication and session management <br />
<br />
<br />
<br />
Which of the following languages are the primary targets of cross-site scripting? <br />
<br />
# HTML '''(Correct)'''<br />
# SQL <br />
# XSLT<br />
# JavaScript '''(Correct)'''<br />
<br />
<br />
<br />
Which type of attack occurs when a malicious user convinces a victim to send a request containing malicious input to a server? <br />
<br />
# Reflected XSS '''(Correct)''' <br />
# Persistent XSS <br />
# Insecure direct object references<br />
# Failure to restrict URL access<br />
<br />
<br />
<br />
What should you do to prevent a DOM-based XSS attack? <br />
<br />
# Set the HttpOnly flag in cookies <br />
# Ensure that session IDs are not exposed in a URL <br />
# Ensure that a different nonce is created for each request <br />
# Validate any input that comes from another Web site '''(Correct)'''<br />
<br />
<br />
<br />
How does malicious input flow in a DOM-based XSS? <br />
<br />
# From server to client<br />
# From client to itself '''(Correct)'''<br />
# From attacker to server (M1_T3_P3)<br />
# From victim to server (M1_T3_P2)<br />
<br />
<br />
<br />
Which of the following techniques should you use to prevent malicious input?<br />
<br />
# Allow List '''(Correct)'''<br />
# Block list''' (Correct)'''<br />
# Escaping '''(Correct)'''<br />
# Encryption <br />
# Table indirection <br />
<br />
<br />
<br />
You should set the HttpOnly flag in a cookie to ensure that: <br />
<br />
# The cookie is not available to client scripts '''(Correct)'''<br />
# The cookie is deleted when the user closes the browser<br />
# The cookie is sent over an encrypted channel <br />
# The cookie is a persistent cookie<br />
<br />
<br />
<br />
You should set a secure flag in a cookie to ensure that:<br />
<br />
# The cookie is a persistent cookie.<br />
# The cookie is not available to client script. <br />
# The cookie is sent over an encrypted channel. '''(Correct)'''<br />
# The cookie is deleted when the user closes the browser.<br />
<br />
<br />
<br />
Which type of attack occurs when an attacker submits data to the server and the data is stored on the server? <br />
<br />
# DOM-based XSS <br />
# Reflected XSS <br />
# Persistent XSS '''(Correct)'''<br />
# Cross-site request forgery <br />
<br />
<br />
<br />
Which of the following input sources can be controlled by a malicious user? <br />
<br />
# <nowiki>Window.lo</nowiki>cation '''(Correct)'''<br />
# GET/POST parameters '''(Correct)'''<br />
# Server configuration files<br />
# Ports and network resources <br />
<br />
<br />
<br />
Which of the following scenarios may result in broken authentication and session management vulnerabilities? <br />
<br />
# Poorly implemented custom code is used. '''(Correct)'''<br />
# Misconfigured off-the-shelf code''' '''is used.''' (Correct)'''<br />
# Unvalidated input cannot be distinguished from valid instructions. <br />
# Unvalidated input is embedded in an instruction stream. <br />
<br />
<br />
<br />
Which of the following actions should you take before implementing a custom authentication and session management system?<br />
<br />
# Find out if a suitable framework component already exists. '''(Correct)'''<br />
# Find out if you can use a small extension to an existing component to implement the system. '''(Correct)'''<br />
# Find out if form variables are available to store data. <br />
# Find out if you need to use session-based indirection. <br />
<br />
<br />
<br />
State whether the following statement is True or False. <br />
<br />
When implementing an authentication or session system, you should ensure that new session IDs are not created at login.<br />
<br />
# True<br />
# False ('''Correct''')<br />
<br />
<br />
<br />
Which of the following functionalities should you include in an authentication and session management system?<br />
<br />
# Logout functionality '''(Correct)''' <br />
# Inactivity timeout functionality '''(Correct)'''<br />
# Escaping functionality<br />
# Forwarding system functionality<br />
<br />
<br />
<br />
Why should you use CAPTCHA? <br />
<br />
# To create cryptographically random session IDs <br />
# To protect credentials by using encryption or cryptographic salt and hash <br />
# To protect authentication systems from automated or brute-force attacks '''(Correct)'''<br />
# To ensure that authentication systems implement inactivity timeout functionality <br />
<br />
<br />
<br />
What should you do before passing credentials over the network? <br />
<br />
# Replace the credentials with a cryptographic salt and hash ('''Correct''')<br />
# Accept session IDs from URLs <br />
# Share the credentials with the client. <br />
# Use persistent cookies to manage session IDs. <br />
<br />
<br />
<br />
Which location should you ideally use to store a session ID?<br />
<br />
# URLs <br />
# Form variables<br />
# Persistent cookies <br />
# Non-persistent cookies '''(Correct)'''<br />
<br />
<br />
<br />
What should you do to ensure that JavaScript cannot be used to access a cookie?<br />
<br />
# Set the secure flag in the cookie <br />
# Set the HttpOnly flag in the cookie '''(Correct)'''<br />
# Use the CAPTCHA system<br />
# Use non-persistent cookies <br />
<br />
<br />
<br />
Which of the following are authentication system mandatory requirements?<br />
<br />
# Strong passwords are required. '''(Correct)'''<br />
# Use a GOTCHA to prevent automated attacks.<br />
# User logout and session inactivity are required.''' (Correct)'''<br />
# Session IDs are only accepted from cookies and parameter variables.<br />
# Credentials are always protected with encryption or cryptographic salting and hashing. '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following are requirements for an authentication token? <br />
<br />
# It should identify returning users to the site <br />
# It should be used as a replacement for a user's credentials '''(Correct)'''<br />
# It should always use a persistent cookie <br />
# It should always use a non-persistent cookie '''(Correct)'''<br />
<br />
<br />
<br />
State whether the following statement is True or False. <br />
<br />
An identification token is a replacement for a user’s credentials and should allow access to restricted resources of a Web site. <br />
<br />
# True <br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following tasks are performed by a session-based system? <br />
<br />
# Identifying returning users '''(Correct)'''<br />
# Providing access to restricted resources '''(Correct)'''<br />
# Using the HTTP protocol <br />
# Sending successful logins to a well-known location <br />
<br />
<br />
<br />
Which threat can occur when a Web application fails to validate a client's access to a resource?<br />
<br />
# Injection<br />
# Cross-site scripting <br />
# Insecure direct object reference '''(Correct)'''<br />
# Cross-site request forgery <br />
<br />
<br />
<br />
Which of the following objects are susceptible to an insecure direct object reference attack? <br />
<br />
# Files '''(Correct)'''<br />
# Registry keys '''(Correct)'''<br />
# Conditional constructs <br />
# GET/POST parameters <br />
<br />
<br />
<br />
Which of the following vulnerabilities may be caused by an insecure direct object reference attack? <br />
<br />
# Executing commands on the server.<br />
# Impersonating any user on the system.<br />
# Modifying SQL data pointed to by the query.<br />
# Modifying data without authorization. '''(Correct)'''<br />
# Accessing a resource without authorization. '''(Correct)'''<br />
<br />
<br />
<br />
What should you do to mitigate the threat of an insecure direct object reference attack?<br />
<br />
# Use session-based indirection. '''(Correct)'''<br />
# Use POST parameters instead of GET parameters. <br />
# Perform an access check each time a resource identifier arrives as input. '''(Correct)'''<br />
# Send successful logins to a well-known location instead of automatic redirection. <br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
Time of Check Time of Use (TOCTOU) occurs if the authorization check is performed on one page of a Web site and the resource is used on a different page.<br />
<br />
# True '''(Correct)'''<br />
# False<br />
<br />
<br />
<br />
Your Web application stores information about many accounts. Which threat is your Web application susceptible to if you can manipulate the URL of an account page to access all accounts? <br />
<br />
# Cross-site request forgery<br />
# Insecure direct object reference '''(Correct)'''<br />
# Cross-site scripting<br />
# Injection<br />
<br />
<br />
<br />
Which of the following threats are caused by poor input validation?<br />
<br />
# Injection '''(Correct)'''<br />
# Cross-site scripting '''(Correct)'''<br />
# Insecure direct object reference '''(Correct)''' <br />
# Insecure cryptographic storage <br />
# Insufficient transport layer protection<br />
<br />
<br />
<br />
Which threat can occur when a POST parameter performs an operation on behalf of a user without checking a shared secret?<br />
<br />
# Cross-site request forgery '''(Correct)'''<br />
# Insecure direct object reference <br />
# Cross-site scripting <br />
# Injection <br />
<br />
<br />
<br />
Which of the following are the results of a cross-site request forgery?<br />
<br />
# Elevation of privilege '''(Correct)'''<br />
# Denial of service '''(Correct)'''<br />
# Spoofing and tampering '''(Correct)'''<br />
# Enabling of IPSec<br />
# Misconfigured or disabled security features<br />
<br />
<br />
<br />
Which of the following attacks can occur when a malicious user lures victims to malicious content on a Web site?<br />
<br />
# Injection <br />
# Cross-site scripting<br />
# Insecure direct object reference<br />
# Cross-site request forgery '''(Correct)'''<br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
The downside of a nonce is that it needs to be stored on the client.<br />
<br />
# True<br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
What should you add to an HMAC to ensure that the secret value is unique for each request?<br />
<br />
# Salt <br />
# Nonce <br />
# Session ID <br />
# Timestamp'''(Correct)'''<br />
<br />
<br />
<br />
Which of the following practices should you observe in order to implement defense-in-depth techniques against CSRF attacks?<br />
<br />
# Use GET parameters<br />
# Use automatic redirection. <br />
# Don’t include secrets in the URL. '''(Correct)'''<br />
# Resubmit POST parameters during redirection.<br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
GET parameters limit the types of manipulation a malicious user can perform on the victim to forge a request.<br />
<br />
# True<br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following may cause a security misconfiguration threat?<br />
<br />
# Unused services '''(Correct)'''<br />
# Default accounts '''(Correct)'''<br />
# Bad cryptography <br />
# Unsafe key storage <br />
<br />
<br />
<br />
You have not yet applied some recent service packs and updates to your Web application. Which of the following threats is your Web server susceptible to? <br />
<br />
# Injection <br />
# Security misconfiguration '''(Correct)'''<br />
# Insecure cryptographic storage <br />
# Cross-site request forgery <br />
<br />
<br />
<br />
<br />
<br />
Which of the following actions should you take to reevaluate your environment and address new threats? <br />
<br />
# Add or remove network segments '''(Correct)'''<br />
# Apply the latest service packs, patches, hotfixes, and updates '''(Correct)''' <br />
# Use custom cryptographic algorithms <br />
# Use your browser to forge unauthorized requests<br />
<br />
<br />
<br />
Which of the following procedures are involved in the hardening process? <br />
<br />
# Disable unnecessary features. '''(Correct)'''<br />
# Review all settings/configurations. '''(Correct)'''<br />
# Repeat the process at random intervals.<br />
# Update the environment with changes only when needed.<br />
<br />
<br />
<br />
Which of the following consequences can occur if your production environment does not match your development, testing, and staging environments? <br />
<br />
# Your application may not work. '''(Correct)'''<br />
# Your application may not perform some authentication checks '''(Correct)'''. <br />
# Your application may elevate privileges.<br />
# Your application may deny service. <br />
<br />
<br />
<br />
Which of the following can cause insecure cryptography?<br />
<br />
# Unsalted hash '''(Correct)'''<br />
# Unused services<br />
# Default accounts <br />
# Failure to rotate keys '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following can lead to bad cryptography?<br />
<br />
# Custom cryptographic algorithms '''(Correct)'''<br />
# Insufficient cryptographic protocols '''(Correct)'''<br />
# New products <br />
# Missing patches <br />
<br />
<br />
<br />
Which of the following may result in cryptographic weakness?<br />
<br />
# Poor/weak algorithm choice '''(Correct)'''<br />
# Custom cryptographic algorithms '''(Correct)'''<br />
# Insufficient cryptographic protocols '''(Correct)'''<br />
# Missing patches<br />
# Unnecessary/unused services or features<br />
<br />
<br />
<br />
Which of the following protocols are network encryption protocols?<br />
<br />
# SSL '''(Correct)'''<br />
# EFS <br />
# IPSec '''(Correct)'''<br />
# Kerberos <br />
<br />
<br />
<br />
Which of the following factors help you secure keys? <br />
<br />
# Complexity '''(Correct)'''<br />
# Rotation '''(Correct)'''<br />
# Randomness '''(Correct)'''<br />
# Encryption <br />
<br />
<br />
<br />
Which of the following combines public-key cryptography with a cryptographic hash?<br />
<br />
# Nonce<br />
# Digital signature '''(Correct)'''<br />
# SSL<br />
# Salt<br />
<br />
<br />
<br />
Which of the following depicts the typical impact of failure to restrict URL access?<br />
<br />
# Attackers access other users’ accounts and data. '''(Correct)'''<br />
# Attackers impersonate any user on the system.<br />
# Attackers invoke functions and services they have no authorization for. '''(Correct)'''<br />
# Attackers perform all actions that the victims themselves have permission to perform.<br />
<br />
<br />
<br />
When users log on to your Web site, they are directed to a page with a URL that authorizes them using their role. Which threat is your Web application susceptible to if users can modify their role? <br />
<br />
# Injection<br />
# Cross-site scripting<br />
# Failure to restrict URL access '''(Correct)'''<br />
# Unvalidated redirects and forwards<br />
<br />
<br />
<br />
Which of the following actions should you take to verify the implementation of your Web application? <br />
<br />
# Use policy mechanisms <br />
# Use a simple and positive model at every layer <br />
# Verify that each URL in your application is protected. '''(Correct)'''<br />
# Use your browser to forge unauthorized requests '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following should you use to protect the connections between the physical tiers of your application?<br />
<br />
# EFS <br />
# SSL '''(Correct)'''<br />
# IPSec '''(Correct)'''<br />
# Kerberos <br />
<br />
<br />
<br />
Which of the following actions should you take to implement transport layer protection? <br />
<br />
# Install IDS<br />
# Enable SSL'''(Correct)'''<br />
# Set the HttpOnly flag on session ID cookies <br />
# Enable IPSec '''(Correct)'''<br />
<br />
<br />
<br />
<br />
<br />
Which of the following can result from unvalidated redirects and forwards?<br />
<br />
# Brute force attack <br />
# Network sniffing <br />
# Man-in-the-middle attack <br />
# Bypassed authorization checks '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following actions should you take to protect a Web application from unvalidated redirects and forwards?<br />
<br />
# Validate the referrer header '''(Correct)'''<br />
# Use extended validation certificates <br />
# Validate all input from the client '''(Correct)'''<br />
# Disallow requests to unauthorized file types <br />
<br />
<br />
<br />
Which of the following actions should you take to detect unvalidated redirects and forwards?<br />
<br />
# Use internal transfers without authorizing the user for target URL <br />
# Use your browser to forge unauthorized requests<br />
# Use weblogs to identify redirects and forwards '''(Correct)'''<br />
# Use policy mechanisms <br />
<br />
<br />
<br />
What should you do to prevent security issues if a user submits some data to your Web application? <br />
<br />
# Validate the data. '''(Correct)'''<br />
# Use session-based indirection. <br />
# Use POST parameters. <br />
# Set the secure flags in cookies. <br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
If the input can be confused for instructions in the language or the way the language is applied, then the language is vulnerable to the cross-site request forgery attack. <br />
<br />
# True<br />
# False ('''Correct''')<br />
<br />
<br />
<br />
In which of the following scenarios should you use the escaping technique? <br />
<br />
# When user input is echoed back to the user in HTML '''(Correct)'''<br />
# When you need to validate any input as valid input <br />
# When you are trying to protect against regular expression injection <br />
# When you need to tell the interpreter that input is data and not code '''(Correct)'''<br />
<br />
<br />
<br />
What should you do to prevent unvalidated redirect and forwards vulnerabilities? <br />
<br />
# Use table indirection '''(Correct)'''<br />
# Use an allow list<br />
# Allow only relative redirects '''(Correct)'''<br />
# Use session-based indirection</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Top_10_Threats_and_Mitigations_Exam&diff=102386OWASP Top 10 Threats and Mitigations Exam2011-01-28T12:49:45Z<p>Jason Taylor: Created page with '<center>'''Course Title: OWASP Top 10 Threats and Mitigation'''</center> <center></center> <center>'''Exam Questions'''</center> Which of the following can be caused by an…'</p>
<hr />
<div><center>'''Course Title: OWASP Top 10 Threats and Mitigation'''</center><br />
<br />
<center></center><br />
<br />
<center>'''Exam Questions'''</center><br />
<br />
<br />
<br />
<br />
<br />
Which of the following can be caused by an injection attack? <br />
<br />
# Spoofing <br />
# Data loss '''(Correct)'''<br />
# Denial of service '''(Correct)'''<br />
# Insecure direct object references<br />
<br />
<br />
<br />
Which threat can occur in languages that do not support a clear distinction between code and data? <br />
<br />
# Injection '''(Correct)'''<br />
# Insecure direct object references <br />
# Failure to restrict URL access <br />
# Insufficient transport layer protection <br />
<br />
<br />
<br />
Which of the following scenarios can lead to an injection attack?<br />
<br />
# Unvalidated input is embedded in an instruction stream. '''(Correct)'''<br />
# Unvalidated input cannot be distinguished from valid instructions. '''(Correct)'''<br />
# A Web application does not validate a client’s access to a resource. <br />
# A Web action performs an operation on behalf of the user without checking a shared secret. <br />
<br />
<br />
<br />
Which threat is your Web application susceptible to if a user can pass specially crafted input that invokes semantic control codes? <br />
<br />
# Injection '''(Correct)'''<br />
# Insecure direct object references <br />
# Failure to restrict URL access <br />
# Insufficient transport layer protection <br />
<br />
<br />
<br />
Which of the following techniques can be used to protect against injection attacks?<br />
<br />
# Input validation '''(Correct)'''<br />
# Allow list '''(Correct)'''<br />
# Escaping '''(Correct)'''<br />
# Memory size checks<br />
# Validate integer values before referencing arrays<br />
<br />
<br />
<br />
<br />
<br />
Which of the following components are vulnerable to injection attacks? <br />
<br />
# Control constructs<br />
# Registry keys <br />
# Regular expressions '''(Correct)'''<br />
# SQL queries based on user input '''(Correct)'''<br />
<br />
<br />
<br />
Which control construct can be used to perform an SQL injection attack? <br />
<br />
# Single quote (') '''(Correct)'''<br />
# Null (\0) byte<br />
# Less than sign(&lt;)<br />
# Greater than sign(&gt;)<br />
<br />
<br />
<br />
Which two mitigation techniques when used in combination can help you strictly define valid input? <br />
<br />
# Allow list ('''Correct''')<br />
# Block list '''(Correct)'''<br />
# Table indirection <br />
# Escaping<br />
<br />
<br />
<br />
Which of the following are architecture-level techniques used to prevent attacks based on malicious input? <br />
<br />
# Allow list <br />
# Table indirection '''(Correct)'''<br />
# Escaping <br />
# Object class for user input '''(Correct)'''<br />
<br />
<br />
<br />
Which mitigation technique helps you tell the parser that a specific character is a literal and not a control character? <br />
<br />
# Table indirection <br />
# Allow list <br />
# Escaping '''(Correct)'''<br />
# Block list <br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
You should use a blacklist wherever possible; use whitelists only as a secondary defense. <br />
<br />
# True <br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which mitigation technique helps you define disallowed inputs? <br />
<br />
# Allow list <br />
# Block list '''(Correct)'''<br />
# Table indirection <br />
# Escaping <br />
<br />
<br />
<br />
Which threat is caused by an injection attack into a browser?<br />
<br />
# Cross-site scripting '''(Correct)'''<br />
# Cross-site request forgery <br />
# Insecure direct object references <br />
# Broken authentication and session management <br />
<br />
<br />
<br />
Which of the following languages are the primary targets of cross-site scripting? <br />
<br />
# HTML '''(Correct)'''<br />
# SQL <br />
# XSLT<br />
# JavaScript '''(Correct)'''<br />
<br />
<br />
<br />
Which type of attack occurs when a malicious user convinces a victim to send a request containing malicious input to a server? <br />
<br />
# Reflected XSS '''(Correct)''' <br />
# Persistent XSS <br />
# Insecure direct object references<br />
# Failure to restrict URL access<br />
<br />
<br />
<br />
What should you do to prevent a DOM-based XSS attack? <br />
<br />
# Set the HttpOnly flag in cookies <br />
# Ensure that session IDs are not exposed in a URL <br />
# Ensure that a different nonce is created for each request <br />
# Validate any input that comes from another Web site '''(Correct)'''<br />
<br />
<br />
<br />
How does malicious input flow in a DOM-based XSS? <br />
<br />
# From server to client<br />
# From client to itself '''(Correct)'''<br />
# From attacker to server (M1_T3_P3)<br />
# From victim to server (M1_T3_P2)<br />
<br />
<br />
<br />
Which of the following techniques should you use to prevent malicious input?<br />
<br />
# Allow List '''(Correct)'''<br />
# Block list''' (Correct)'''<br />
# Escaping '''(Correct)'''<br />
# Encryption <br />
# Table indirection <br />
<br />
<br />
<br />
You should set the HttpOnly flag in a cookie to ensure that: <br />
<br />
# The cookie is not available to client scripts '''(Correct)'''<br />
# The cookie is deleted when the user closes the browser<br />
# The cookie is sent over an encrypted channel <br />
# The cookie is a persistent cookie<br />
<br />
<br />
<br />
You should set a secure flag in a cookie to ensure that:<br />
<br />
# The cookie is a persistent cookie.<br />
# The cookie is not available to client script. <br />
# The cookie is sent over an encrypted channel. '''(Correct)'''<br />
# The cookie is deleted when the user closes the browser.<br />
<br />
<br />
<br />
Which type of attack occurs when an attacker submits data to the server and the data is stored on the server? <br />
<br />
# DOM-based XSS <br />
# Reflected XSS <br />
# Persistent XSS '''(Correct)'''<br />
# Cross-site request forgery <br />
<br />
<br />
<br />
Which of the following input sources can be controlled by a malicious user? <br />
<br />
# <nowiki>Window.lo</nowiki>cation '''(Correct)'''<br />
# GET/POST parameters '''(Correct)'''<br />
# Server configuration files<br />
# Ports and network resources <br />
<br />
<br />
<br />
Which of the following scenarios may result in broken authentication and session management vulnerabilities? <br />
<br />
# Poorly implemented custom code is used. '''(Correct)'''<br />
# Misconfigured off-the-shelf code''' '''is used.''' (Correct)'''<br />
# Unvalidated input cannot be distinguished from valid instructions. <br />
# Unvalidated input is embedded in an instruction stream. <br />
<br />
<br />
<br />
Which of the following actions should you take before implementing a custom authentication and session management system?<br />
<br />
# Find out if a suitable framework component already exists. '''(Correct)'''<br />
# Find out if you can use a small extension to an existing component to implement the system. '''(Correct)'''<br />
# Find out if form variables are available to store data. <br />
# Find out if you need to use session-based indirection. <br />
<br />
<br />
<br />
State whether the following statement is True or False. <br />
<br />
When implementing an authentication or session system, you should ensure that new session IDs are not created at login.<br />
<br />
# True<br />
# False ('''Correct''')<br />
<br />
<br />
<br />
Which of the following functionalities should you include in an authentication and session management system?<br />
<br />
# Logout functionality '''(Correct)''' <br />
# Inactivity timeout functionality '''(Correct)'''<br />
# Escaping functionality<br />
# Forwarding system functionality<br />
<br />
<br />
<br />
Why should you use CAPTCHA? <br />
<br />
# To create cryptographically random session IDs <br />
# To protect credentials by using encryption or cryptographic salt and hash <br />
# To protect authentication systems from automated or brute-force attacks '''(Correct)'''<br />
# To ensure that authentication systems implement inactivity timeout functionality <br />
<br />
<br />
<br />
What should you do before passing credentials over the network? <br />
<br />
# Replace the credentials with a cryptographic salt and hash ('''Correct''')<br />
# Accept session IDs from URLs <br />
# Share the credentials with the client. <br />
# Use persistent cookies to manage session IDs. <br />
<br />
<br />
<br />
Which location should you ideally use to store a session ID?<br />
<br />
# URLs <br />
# Form variables<br />
# Persistent cookies <br />
# Non-persistent cookies '''(Correct)'''<br />
<br />
<br />
<br />
What should you do to ensure that JavaScript cannot be used to access a cookie?<br />
<br />
# Set the secure flag in the cookie <br />
# Set the HttpOnly flag in the cookie '''(Correct)'''<br />
# Use the CAPTCHA system<br />
# Use non-persistent cookies <br />
<br />
<br />
<br />
Which of the following are authentication system mandatory requirements?<br />
<br />
# Strong passwords are required. '''(Correct)'''<br />
# Use a GOTCHA to prevent automated attacks.<br />
# User logout and session inactivity are required.''' (Correct)'''<br />
# Session IDs are only accepted from cookies and parameter variables.<br />
# Credentials are always protected with encryption or cryptographic salting and hashing. '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following are requirements for an authentication token? <br />
<br />
# It should identify returning users to the site <br />
# It should be used as a replacement for a user's credentials '''(Correct)'''<br />
# It should always use a persistent cookie <br />
# It should always use a non-persistent cookie '''(Correct)'''<br />
<br />
<br />
<br />
State whether the following statement is True or False. <br />
<br />
An identification token is a replacement for a user’s credentials and should allow access to restricted resources of a Web site. <br />
<br />
# True <br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following tasks are performed by a session-based system? <br />
<br />
# Identifying returning users '''(Correct)'''<br />
# Providing access to restricted resources '''(Correct)'''<br />
# Using the HTTP protocol <br />
# Sending successful logins to a well-known location <br />
<br />
<br />
<br />
Which threat can occur when a Web application fails to validate a client's access to a resource?<br />
<br />
# Injection<br />
# Cross-site scripting <br />
# Insecure direct object reference '''(Correct)'''<br />
# Cross-site request forgery <br />
<br />
<br />
<br />
Which of the following objects are susceptible to an insecure direct object reference attack? <br />
<br />
# Files '''(Correct)'''<br />
# Registry keys '''(Correct)'''<br />
# Conditional constructs <br />
# GET/POST parameters <br />
<br />
<br />
<br />
Which of the following vulnerabilities may be caused by an insecure direct object reference attack? <br />
<br />
# Executing commands on the server.<br />
# Impersonating any user on the system.<br />
# Modifying SQL data pointed to by the query.<br />
# Modifying data without authorization. '''(Correct)'''<br />
# Accessing a resource without authorization. '''(Correct)'''<br />
<br />
<br />
<br />
What should you do to mitigate the threat of an insecure direct object reference attack?<br />
<br />
# Use session-based indirection. '''(Correct)'''<br />
# Use POST parameters instead of GET parameters. <br />
# Perform an access check each time a resource identifier arrives as input. '''(Correct)'''<br />
# Send successful logins to a well-known location instead of automatic redirection. <br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
Time of Check Time of Use (TOCTOU) occurs if the authorization check is performed on one page of a Web site and the resource is used on a different page.<br />
<br />
# True '''(Correct)'''<br />
# False<br />
<br />
<br />
<br />
Your Web application stores information about many accounts. Which threat is your Web application susceptible to if you can manipulate the URL of an account page to access all accounts? <br />
<br />
# Cross-site request forgery<br />
# Insecure direct object reference '''(Correct)'''<br />
# Cross-site scripting<br />
# Injection<br />
<br />
<br />
<br />
Which of the following threats are caused by poor input validation?<br />
<br />
# Injection '''(Correct)'''<br />
# Cross-site scripting '''(Correct)'''<br />
# Insecure direct object reference '''(Correct)''' <br />
# Insecure cryptographic storage <br />
# Insufficient transport layer protection<br />
<br />
<br />
<br />
Which threat can occur when a POST parameter performs an operation on behalf of a user without checking a shared secret?<br />
<br />
# Cross-site request forgery '''(Correct)'''<br />
# Insecure direct object reference <br />
# Cross-site scripting <br />
# Injection <br />
<br />
<br />
<br />
Which of the following are the results of a cross-site request forgery?<br />
<br />
# Elevation of privilege '''(Correct)'''<br />
# Denial of service '''(Correct)'''<br />
# Spoofing and tampering '''(Correct)'''<br />
# Enabling of IPSec<br />
# Misconfigured or disabled security features<br />
<br />
<br />
<br />
Which of the following attacks can occur when a malicious user lures victims to malicious content on a Web site?<br />
<br />
# Injection <br />
# Cross-site scripting<br />
# Insecure direct object reference<br />
# Cross-site request forgery '''(Correct)'''<br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
The downside of a nonce is that it needs to be stored on the client.<br />
<br />
# True<br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
What should you add to an HMAC to ensure that the secret value is unique for each request?<br />
<br />
# Salt <br />
# Nonce <br />
# Session ID <br />
# Timestamp'''(Correct)'''<br />
<br />
<br />
<br />
Which of the following practices should you observe in order to implement defense-in-depth techniques against CSRF attacks?<br />
<br />
# Use GET parameters<br />
# Use automatic redirection. <br />
# Don’t include secrets in the URL. '''(Correct)'''<br />
# Resubmit POST parameters during redirection.<br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
GET parameters limit the types of manipulation a malicious user can perform on the victim to forge a request.<br />
<br />
# True<br />
# False '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following may cause a security misconfiguration threat?<br />
<br />
# Unused services '''(Correct)'''<br />
# Default accounts '''(Correct)'''<br />
# Bad cryptography <br />
# Unsafe key storage <br />
<br />
<br />
<br />
You have not yet applied some recent service packs and updates to your Web application. Which of the following threats is your Web server susceptible to? <br />
<br />
# Injection <br />
# Security misconfiguration '''(Correct)'''<br />
# Insecure cryptographic storage <br />
# Cross-site request forgery <br />
<br />
<br />
<br />
<br />
<br />
Which of the following actions should you take to reevaluate your environment and address new threats? <br />
<br />
# Add or remove network segments '''(Correct)'''<br />
# Apply the latest service packs, patches, hotfixes, and updates '''(Correct)''' <br />
# Use custom cryptographic algorithms <br />
# Use your browser to forge unauthorized requests<br />
<br />
<br />
<br />
Which of the following procedures are involved in the hardening process? <br />
<br />
# Disable unnecessary features. '''(Correct)'''<br />
# Review all settings/configurations. '''(Correct)'''<br />
# Repeat the process at random intervals.<br />
# Update the environment with changes only when needed.<br />
<br />
<br />
<br />
Which of the following consequences can occur if your production environment does not match your development, testing, and staging environments? <br />
<br />
# Your application may not work. '''(Correct)'''<br />
# Your application may not perform some authentication checks '''(Correct)'''. <br />
# Your application may elevate privileges.<br />
# Your application may deny service. <br />
<br />
<br />
<br />
Which of the following can cause insecure cryptography?<br />
<br />
# Unsalted hash '''(Correct)'''<br />
# Unused services<br />
# Default accounts <br />
# Failure to rotate keys '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following can lead to bad cryptography?<br />
<br />
# Custom cryptographic algorithms '''(Correct)'''<br />
# Insufficient cryptographic protocols '''(Correct)'''<br />
# New products <br />
# Missing patches <br />
<br />
<br />
<br />
Which of the following may result in cryptographic weakness?<br />
<br />
# Poor/weak algorithm choice '''(Correct)'''<br />
# Custom cryptographic algorithms '''(Correct)'''<br />
# Insufficient cryptographic protocols '''(Correct)'''<br />
# Missing patches<br />
# Unnecessary/unused services or features<br />
<br />
<br />
<br />
Which of the following protocols are network encryption protocols?<br />
<br />
# SSL '''(Correct)'''<br />
# EFS <br />
# IPSec '''(Correct)'''<br />
# Kerberos <br />
<br />
<br />
<br />
Which of the following factors help you secure keys? <br />
<br />
# Complexity '''(Correct)'''<br />
# Rotation '''(Correct)'''<br />
# Randomness '''(Correct)'''<br />
# Encryption <br />
<br />
<br />
<br />
Which of the following combines public-key cryptography with a cryptographic hash?<br />
<br />
# Nonce<br />
# Digital signature '''(Correct)'''<br />
# SSL<br />
# Salt<br />
<br />
<br />
<br />
Which of the following depicts the typical impact of failure to restrict URL access?<br />
<br />
# Attackers access other users’ accounts and data. '''(Correct)'''<br />
# Attackers impersonate any user on the system.<br />
# Attackers invoke functions and services they have no authorization for. '''(Correct)'''<br />
# Attackers perform all actions that the victims themselves have permission to perform.<br />
<br />
<br />
<br />
When users log on to your Web site, they are directed to a page with a URL that authorizes them using their role. Which threat is your Web application susceptible to if users can modify their role? <br />
<br />
# Injection<br />
# Cross-site scripting<br />
# Failure to restrict URL access '''(Correct)'''<br />
# Unvalidated redirects and forwards<br />
<br />
<br />
<br />
Which of the following actions should you take to verify the implementation of your Web application? <br />
<br />
# Use policy mechanisms <br />
# Use a simple and positive model at every layer <br />
# Verify that each URL in your application is protected. '''(Correct)'''<br />
# Use your browser to forge unauthorized requests '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following should you use to protect the connections between the physical tiers of your application?<br />
<br />
# EFS <br />
# SSL '''(Correct)'''<br />
# IPSec '''(Correct)'''<br />
# Kerberos <br />
<br />
<br />
<br />
Which of the following actions should you take to implement transport layer protection? <br />
<br />
# Install IDS<br />
# Enable SSL'''(Correct)'''<br />
# Set the HttpOnly flag on session ID cookies <br />
# Enable IPSec '''(Correct)'''<br />
<br />
<br />
<br />
<br />
<br />
Which of the following can result from unvalidated redirects and forwards?<br />
<br />
# Brute force attack <br />
# Network sniffing <br />
# Man-in-the-middle attack <br />
# Bypassed authorization checks '''(Correct)'''<br />
<br />
<br />
<br />
Which of the following actions should you take to protect a Web application from unvalidated redirects and forwards?<br />
<br />
# Validate the referrer header '''(Correct)'''<br />
# Use extended validation certificates <br />
# Validate all input from the client '''(Correct)'''<br />
# Disallow requests to unauthorized file types <br />
<br />
<br />
<br />
Which of the following actions should you take to detect unvalidated redirects and forwards?<br />
<br />
# Use internal transfers without authorizing the user for target URL <br />
# Use your browser to forge unauthorized requests<br />
# Use weblogs to identify redirects and forwards '''(Correct)'''<br />
# Use policy mechanisms <br />
<br />
<br />
<br />
What should you do to prevent security issues if a user submits some data to your Web application? <br />
<br />
# Validate the data. '''(Correct)'''<br />
# Use session-based indirection. <br />
# Use POST parameters. <br />
# Set the secure flags in cookies. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
State whether the following statement is True or False.<br />
<br />
If the input can be confused for instructions in the language or the way the language is applied, then the language is vulnerable to the cross-site request forgery attack. <br />
<br />
# True<br />
# False ('''Correct''')<br />
<br />
<br />
<br />
In which of the following scenarios should you use the escaping technique? <br />
<br />
# When user input is echoed back to the user in HTML '''(Correct)'''<br />
# When you need to validate any input as valid input <br />
# When you are trying to protect against regular expression injection <br />
# When you need to tell the interpreter that input is data and not code '''(Correct)'''<br />
<br />
<br />
<br />
<br />
<br />
What should you do to prevent unvalidated redirect and forwards vulnerabilities? <br />
<br />
# Use table indirection '''(Correct)'''<br />
# Use an allow list<br />
# Allow only relative redirects '''(Correct)'''<br />
# Use session-based indirection</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102375OWASP Exams Project2011-01-28T12:15:06Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
===TeamMentor Security Knowledge Base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102374OWASP Exams Project2011-01-28T12:14:31Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [[OWASP Top 10 Threats and Mitigations Exam]]<br />
<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
===TeamMentor security knowledge base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102373OWASP Exams Project2011-01-28T12:13:18Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
===TeamMentor security knowledge base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The exams that are available in this project are:<br />
* [OWASP Top 10 Threats and Mitigations Exam]<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=102263Summit 2011 Working Sessions/Session0892011-01-26T21:49:55Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Dinis Cruz<br />
| summit_session_attendee_email1 = dinis.cruz@owasp.org<br />
| summit_session_attendee_company1= Dinis.cruz<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Matthew Chalmers<br />
| summit_session_attendee_email2 = matthew.chalmers@owasp.org<br />
| summit_session_attendee_company2=[http://www.rockwellautomation.com/ http://www.rockwellautomation.com/lib/images/ralogo_web.gif]<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Mateo Martinez<br />
| summit_session_attendee_email3 = mateo.martinez@owasp.org<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators and trainers. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of CC-licensed exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha CC-licensed exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = OWASP Exams Project<br />
| related_project_url_1 = http://www.owasp.org/index.php/OWASP_Exams_Project<br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for CC-licensed exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for CC-licensed exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first CC-licensed exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = A business plan for evaluation by the community at large. What is the investment, schedule, metrics, benefit…<br />
<br />
|summit_session_deliverable_name2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
<br />
|summit_session_deliverable_name6 = <br />
<br />
|summit_session_deliverable_name7 = <br />
<br />
|summit_session_deliverable_name8 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Jason Taylor<br />
| summit_session_leader_email1 = jason.taylor@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102223OWASP Exams Project2011-01-26T18:45:18Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
===TeamMentor security knowledge base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components (click on the links for access to each):<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The first exam that will be made available in this project is:<br />
* '''OWASP Top 10 Threats and Mitigations.''' Available by 2/4.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102222OWASP Exams Project2011-01-26T18:44:41Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
===TeamMentor security knowledge base===<br />
The TeamMentor security knowledge base is a collection of articles that students can use to learn application security concepts before or after taking an exam. This information can be used to brush up on concepts pre-exam or can be used as part of continuous education and during the application of application security concepts on the job. <br />
<br />
The TeamMentor knowledge base consists of the following components:<br />
* [http://owasp.securityinnovation.com '''TeamMentor OWASP Edition''']. This is a web application that contains a browseable, searchable collection of free application security articles focused on OWASP concepts.<br />
* [https://github.com/SecurityInnovation/OWASP-TeamMentor-Library '''TeamMentor OWASP Library Source''']. This is a GitHub repository that contains all of the XML files that make up the OWASP library. You can download the library and make changes to it in order to meet your particular needs. If you make changes to the files in the library itself, be sure to retain library integrity by using the Guidance Explorer authoring tool and testing your library before checking any files into the source repository. We will periodically update the TeamMentor OWASP Edition instance with changes made by the community to the GitHub library.<br />
* [http://guidanceexplorer.codeplex.com/ '''Guidance Explorer Authoring Tool''']. This is a .NET application that you can use to edit library files or create new library articles. Please use this tool when making changes to the library so that you preserve library integrity.<br />
<br />
===Exams===<br />
As exams are ready we will add them to this page for those who want a version of the exam outside of the Moodle LMS.<br />
<br />
The first exam that will be made available in this project is:<br />
* '''OWASP Top 10 Threats and Mitigations.''' Available by 2/4.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102215OWASP Exams Project2011-01-26T18:34:43Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams. This project will also include study aids for use in learning material covered by the exams.<br />
<br />
==Components==<br />
===Moodle Learning Management System===<br />
You can find the OWASP Academies Moodle learning management system (LMS) here - [http://www.owaspa.org/moodle http://www.owaspa.org/moodle]<br />
<br />
The Moodle learning management system will contain eLearning courses to teach OWASP related application security content related to the exams in this project. The LMS will also host exams from this project so that students can log into the system, take an exam and get a grade. Independent students can use this system and educators can also administer an exam for a class or multiple classes of students.<br />
<br />
The first deliverables of this project on the LMS are:<br />
* '''OWASP Top 10 Threats and Mitigations eLearning course.''' Available by 2/4.<br />
* '''OWASP Top 10 Threats and Mitigations exam.''' Available by 2/4.<br />
<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=OWASP_Exams_Project&diff=102204OWASP Exams Project2011-01-26T18:24:07Z<p>Jason Taylor: </p>
<hr />
<div>==== Main ====<br />
<br />
==Description==<br />
<br />
The OWASP Exams project will establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The project will include creation of a set of CC-licensed exams, a model for exam usage, and a roadmap for future exam creation.<br />
The exams will be distributed in this project site as well as in Moodle (an open source LMS) format so that they can be re-purposed for use in any system or an educator can use them directly in Moodle to administer exams to students. Ideally the exams will be tied to OWASP Academies learning blocks so that there is good learning and training content that can be used to motivate the usage of the exams.<br />
<br />
==== Project About ====<br />
{{:Projects/OWASP Exams Project | Project About}}<br />
<br />
<br />
__NOTOC__ <headertabs /><br />
<br />
[[Category:OWASP_Project|Exams Project]] [[Category:OWASP_Document]][[Category:OWASP_Alpha_Quality_Document|OWASP Alpha Quality Document]]</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=101107Summit 2011 Working Sessions/Session0892011-01-19T23:21:06Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Dinis Cruz<br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Matthew Chalmers<br />
| summit_session_attendee_email2 = matthew.chalmers@owasp.org<br />
| summit_session_attendee_company2=[http://www.rockwellautomation.com/ http://www.rockwellautomation.com/lib/images/ralogo_web.gif]<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators and trainers. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of CC-licensed exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha CC-licensed exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for CC-licensed exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for CC-licensed exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first CC-licensed exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Jason Taylor<br />
| summit_session_leader_email1 = jason.taylor@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session039&diff=101106Summit 2011 Working Sessions/Session0392011-01-19T23:20:48Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Dinis Cruz<br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Matthew Chalmers<br />
| summit_session_attendee_email2 = matthew.chalmers@owasp.org<br />
| summit_session_attendee_company2=[http://www.rockwellautomation.com/ http://www.rockwellautomation.com/lib/images/ralogo_web.gif]<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Certification<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session039<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which an certification/exam based on OWASP materials could be created. The topics of discussion will include: <br />
* What is a workable/acceptable certification model for OWASP's Community?<br />
* What types of certification should there be?<br />
* What would a CC-licensed certification exam look like (as executed by others)?<br />
* Since OWASP is not interested or able to administer certifications itself who could run/administer such CC certifications/exams?<br />
* What should OWASP's official position be on entities that provide OWASP based certifications?<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1 = Determine whether certification would have value for OWASP's Community<br />
<br />
| summit_session_objective_name2 = Determine a model by which certification based on OWASP materials could succeed<br />
<br />
| summit_session_objective_name3 = Determine a model for creation and distribution of a CC-licensed certification exam based on OWASP materials<br />
<br />
| summit_session_objective_name4 = (if agreed) Determine a model for supporting the administration of certification based on OWASP Materials<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session039<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session039<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session039&diff=100998Summit 2011 Working Sessions/Session0392011-01-19T16:52:15Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Dinis Cruz<br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Certification<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session039<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which an certification/exam based on OWASP materials could be created. The topics of discussion will include: <br />
* What is a workable/acceptable certification model for OWASP's Community?<br />
* What types of certification should there be?<br />
* What would a CC-licensed certification exam look like (as executed by others)?<br />
* Since OWASP is not interested or able to administer certifications itself who could run/administer such CC certifications/exams?<br />
* What should OWASP's official position on the entities that provide OWASP based certifications?<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1 = Determine whether certification would have value for OWASP's Community<br />
<br />
| summit_session_objective_name2 = Determine a model by which certification based on OWASP materials could succeed<br />
<br />
| summit_session_objective_name3 = Determine a model for creation and distribution of a CC-licensed certification exam based on OWASP materials<br />
<br />
| summit_session_objective_name4 = (if agreed) Determine a model for supporting the administration of certification based on OWASP Materials<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session039<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session039<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=100997Summit 2011 Working Sessions/Session0892011-01-19T16:52:08Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Dinis Cruz<br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of CC-licensed exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha CC-licensed exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for CC-licensed exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for CC-licensed exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first CC-licensed exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Jason Taylor<br />
| summit_session_leader_email1 = jason.taylor@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session039&diff=100908Summit 2011 Working Sessions/Session0392011-01-18T21:17:32Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Certification<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session039<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which an certification/exam based on OWASP materials could be created. The topics of discussion will include: <br />
* What is a workable/acceptable certification model for OWASP's Community?<br />
* What types of certification should there be?<br />
* What would a CC-licensed certification exam look like (as executed by others)?<br />
* Since OWASP is not interested or able to administer certifications itself who could run/administer such CC certifications/exams?<br />
* What should OWASP's official position on the entities that provide OWASP based certifications?<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1 = Determine whether certification would have value for OWASP's Community<br />
<br />
| summit_session_objective_name2 = Determine a model by which certification based on OWASP materials could succeed<br />
<br />
| summit_session_objective_name3 = Determine a model for creation and distribution of a CC-licensed certification exam based on OWASP materials<br />
<br />
| summit_session_objective_name4 = (if agreed) Determine a model for supporting the administration of certification based on OWASP Materials<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session039<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session039<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session039&diff=100884Summit 2011 Working Sessions/Session0392011-01-18T19:19:20Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Certification<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session039<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which an OWASP certification exam could be created. The topics of discussion will include: what is a workable certification model for OWASP, what types of certification should there be, what would a CC-licensed certification exam look like, assuming that OWASP is not interested or able to administer certifications itself how would a certification exam be administered.<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Determine if OWASP certification has value<br />
<br />
| summit_session_objective_name2 = Determine a model by which OWASP certification could succeed<br />
<br />
| summit_session_objective_name3 = Create a list of certifications that would be achievable in the first year<br />
<br />
| summit_session_objective_name4 = Determine a model for creation and distribution of a CC-licensed certification exam<br />
<br />
| summit_session_objective_name5 = Determine a model to support administration of an OWASP certification<br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session039<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session039<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=100881Summit 2011 Working Sessions/Session0892011-01-18T19:11:21Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute CC-licensed exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of CC-licensed exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha CC-licensed exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for CC-licensed exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for CC-licensed exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first CC-licensed exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Jason Taylor<br />
| summit_session_leader_email1 = jason.taylor@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=100859Summit 2011 Working Sessions/Session0892011-01-18T17:00:35Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Jason Taylor<br />
| summit_session_leader_email1 = jason.taylor@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=100857Summit 2011 Working Sessions/Session0892011-01-18T16:44:09Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session089&diff=100856Summit 2011 Working Sessions/Session0892011-01-18T16:42:56Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]] <br />
| summit_ws_logo = [[Image:T._university.jpg]]<br />
| summit_session_name = OWASP Exams<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session089<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to establish the model by which the OWASP community can create and distribute exams for use by educators. The purpose of the exams is to improve the effectiveness of OWASP training through the use of exams as a means of measurement and student progress tracking. The session will include discussion of exam creation, exam usage, numbers and types of exams and means by which the exams usage can be popularized and expanded. The session will also include a learning center and an exam center with pre-populated content so that session members can experience one possible model for training and exam usage and base discussion on that experience. Session members can also review an alpha exam and help to improve and extend the exam questions. <br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= Establish model for exams creation<br />
<br />
| summit_session_objective_name2 = Establish model for exams distribution and usage<br />
<br />
| summit_session_objective_name3 = Establish a first exam to test the concept (an alpha will be brought to the working session)<br />
<br />
| summit_session_objective_name4 = Try OWASP training and exam end-to-end to experience and improve training and exam usage scenarios<br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = <br />
| summit_session_leader_email1 = <br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session089<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session089<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session015&diff=100437Summit 2011 Working Sessions/Session0152011-01-14T12:26:34Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = <br />
| summit_session_attendee_email1 = <br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._global_committees.jpg]]<br />
| summit_ws_logo = [[Image:WS._global_commitee.jpg]]<br />
| summit_session_name = Industry<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session015<br />
| mailing_list = https://lists.owasp.org/mailman/listinfo/global_industry_committee<br />
<br />
|-<br />
<br />
| short_working_session_description=<br />
13:00 Industry Committee background, what we've accomplished and looking forward<br />
14:00 Dr. Vehbi Tasar, CISSP, CSSLP Director of Professional Programs Development ISC (2), Speaking on ISC(2) credentials: CSSLP and ASAB<br />
<br />
15:00 Joe Bernik, CISO at Fifth Third Bank, Speaking on FS-ISAC<br />
<br />
16:00 Tobias Gondrom, Speaking on IETF <br />
|-<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = Tuesday 8 February, 2011 13:00 - 17:00<br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Yiannis Pavlosoglou<br />
| summit_session_leader_email1 = yiannis@owasp.org<br />
| summit_session_leader_wiki_username1 = Yiannis<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
| summit_session_leader_wiki_username2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
| summit_session_leader_wiki_username3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 = Colin Watson<br />
| operational_leader_email1 = colin.watson@owasp.org<br />
| operational_leader_wiki_username1 = Clerkendweller<br />
<br />
|-<br />
<br />
| summit_session_attendee_name1 = Lorna Alamri<br />
| summit_session_attendee_email1 = lorna.alamri@owasp.org<br />
| summit_session_attendee_wiki_username1 = Lorna Alamri<br />
<br />
| summit_session_attendee_name2 = David Campbell<br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_wiki_username2 = <br />
<br />
| summit_session_attendee_name3 = Eoin Keary<br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_wiki_username3 = <br />
<br />
| summit_session_attendee_name4 = Matt Tesauro<br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_wiki_username4 = <br />
<br />
| summit_session_attendee_name5 = Joe Bernik<br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_wiki_username5 = <br />
<br />
| summit_session_attendee_name6 = Nishi Kumar<br />
| summit_session_attendee_email6 = nishi.kumar@owasp.org<br />
| summit_session_attendee_wiki_username6 = <br />
<br />
| summit_session_attendee_name7 = Lucas C. Ferreira<br />
| summit_session_attendee_email7 = lucas.ferreira@owasp.org<br />
| summit_session_attendee_wiki_username7 = sapao<br />
<br />
| summit_session_attendee_name8 = Tobias Gondrom<br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_wiki_username8 = <br />
<br />
| summit_session_attendee_name9 = Vehbi Tasar<br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_wiki_username9 = <br />
<br />
| summit_session_attendee_name10 = Colin Watson<br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_wiki_username10 = <br />
<br />
| summit_session_attendee_name11 = Jason Taylor<br />
| summit_session_attendee_email11 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_wiki_username11 = <br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_wiki_username12 = <br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_wiki_username13 = <br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_wiki_username14 = <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_wiki_username15 = <br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_wiki_username16 = <br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_wiki_username17= <br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_wiki_username18 = <br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_wiki_username19 = <br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_wiki_username20 = <br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session015<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session015<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session019&diff=100436Summit 2011 Working Sessions/Session0192011-01-14T12:24:01Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Nishi Kumar<br />
| summit_session_attendee_email1 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company1= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Cecil Su<br />
| summit_session_attendee_email2 = cecil.su@owasp.org<br />
| summit_session_attendee_company2= GT<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Jason Taylor<br />
| summit_session_attendee_email3 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._global_committees.jpg]]<br />
| summit_ws_logo = [[Image:WS._global_commitee.jpg]]<br />
| summit_session_name = Education<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session019<br />
| mailing_list =<br />
|-<br />
<br />
| short_working_session_description= Define goals for the up coming year<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
Estimate how the past achievements do support the current educational developments <br />
| summit_session_objective_name2 = <br />
Evaluate how we can get the projects involved in developing (or at least reviewing) training material<br />
| summit_session_objective_name3 = <br />
Define new goals for the upcoming period<br />
| summit_session_objective_name4 = <br />
Define success factors for the upcoming period<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Martin Knobloch <br />
| summit_session_leader_email1 = martin.knobloch@owasp.org<br />
<br />
| summit_session_leader_name2 = Seba<br />
| summit_session_leader_email2 = seba@owasp.org<br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session019<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session019<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session015&diff=100435Summit 2011 Working Sessions/Session0152011-01-14T12:23:57Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Jason Taylor<br />
| summit_session_attendee_email1 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._global_committees.jpg]]<br />
| summit_ws_logo = [[Image:WS._global_commitee.jpg]]<br />
| summit_session_name = Industry<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session015<br />
| mailing_list = https://lists.owasp.org/mailman/listinfo/global_industry_committee<br />
<br />
|-<br />
<br />
| short_working_session_description=<br />
13:00 Industry Committee background, what we've accomplished and looking forward<br />
14:00 Dr. Vehbi Tasar, CISSP, CSSLP Director of Professional Programs Development ISC (2), Speaking on ISC(2) credentials: CSSLP and ASAB<br />
<br />
15:00 Joe Bernik, CISO at Fifth Third Bank, Speaking on FS-ISAC<br />
<br />
16:00 Tobias Gondrom, Speaking on IETF <br />
|-<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = Tuesday 8 February, 2011 13:00 - 17:00<br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Yiannis Pavlosoglou<br />
| summit_session_leader_email1 = yiannis@owasp.org<br />
| summit_session_leader_wiki_username1 = Yiannis<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
| summit_session_leader_wiki_username2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
| summit_session_leader_wiki_username3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 = Colin Watson<br />
| operational_leader_email1 = colin.watson@owasp.org<br />
| operational_leader_wiki_username1 = Clerkendweller<br />
<br />
|-<br />
<br />
| summit_session_attendee_name1 = Lorna Alamri<br />
| summit_session_attendee_email1 = lorna.alamri@owasp.org<br />
| summit_session_attendee_wiki_username1 = Lorna Alamri<br />
<br />
| summit_session_attendee_name2 = David Campbell<br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_wiki_username2 = <br />
<br />
| summit_session_attendee_name3 = Eoin Keary<br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_wiki_username3 = <br />
<br />
| summit_session_attendee_name4 = Matt Tesauro<br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_wiki_username4 = <br />
<br />
| summit_session_attendee_name5 = Joe Bernik<br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_wiki_username5 = <br />
<br />
| summit_session_attendee_name6 = Nishi Kumar<br />
| summit_session_attendee_email6 = nishi.kumar@owasp.org<br />
| summit_session_attendee_wiki_username6 = <br />
<br />
| summit_session_attendee_name7 = Lucas C. Ferreira<br />
| summit_session_attendee_email7 = lucas.ferreira@owasp.org<br />
| summit_session_attendee_wiki_username7 = sapao<br />
<br />
| summit_session_attendee_name8 = Tobias Gondrom<br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_wiki_username8 = <br />
<br />
| summit_session_attendee_name9 = Vehbi Tasar<br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_wiki_username9 = <br />
<br />
| summit_session_attendee_name10 = Colin Watson<br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_wiki_username10 = <br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_wiki_username11 = <br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_wiki_username12 = <br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_wiki_username13 = <br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_wiki_username14 = <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_wiki_username15 = <br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_wiki_username16 = <br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_wiki_username17= <br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_wiki_username18 = <br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_wiki_username19 = <br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_wiki_username20 = <br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session015<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session015<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session063&diff=100433Summit 2011 Working Sessions/Session0632011-01-14T12:23:34Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Nishi Kumar<br />
| summit_session_attendee_email1 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company1= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Jason Taylor<br />
| summit_session_attendee_email2 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._individual_projects.jpg]]<br />
| summit_ws_logo = [[Image:WS._individual_projects.jpg]]<br />
| summit_session_name = O2 Platform<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session063<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description=<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Dinis Cruz<br />
| summit_session_leader_email1 = dinis.cruz@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session063<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session063<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session069&diff=100432Summit 2011 Working Sessions/Session0692011-01-14T12:23:29Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Nishi Kumar<br />
| summit_session_attendee_email1 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company1= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Cecil Su<br />
| summit_session_attendee_email2 = cecil.su@owasp.org<br />
| summit_session_attendee_company2= GT<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Jason Taylor<br />
| summit_session_attendee_email3 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]]<br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP TOP 10 online training in Hacking-Lab<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session069<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= We would like to open an OWASP TOP 10 online training in Hacking-Lab. This training will likely have the following pre-conditions:<br />
* OWASP top 10 training (all cases are covered)<br />
* Trainer feature for some well-known, trustworthy OWASP members<br />
* Access to the solution videos of the OWASP TOP 10 issues<br />
* Branding the OWASP Hacking-Lab Event in an OWASP-style<br />
* OWASP Certificate for those receiving full points to all lab cases<br />
<br />
|-<br />
<br />
| related_project_name1 = Hacking Lab<br />
| related_project_url_1 = http://www.hacking-lab.com<br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= To learn more about the OWASP TOP 10 cases in Hacking-Lab - Vulnerable Apps in HL<br />
<br />
| summit_session_objective_name2 = Experience the users's view of a training - lab descriptions, exercises, send-solution, ranking, global ranking, my profile<br />
<br />
| summit_session_objective_name3 = Experience the teacher's view of a training - solution movies, accpet or reject solutions from users, solution movie<br />
<br />
| summit_session_objective_name4 = Experience the Hacking-Lab LiveCD (accessing the lab), teaming, levels in HL, avatar, rankings<br />
<br />
| summit_session_objective_name5 = Talk about a potential collaboration between OWASP and Hacking-Lab for the future. Free OWASP TOP 10 training. <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = Proposed agenda:<br/><br />
<br />
We will talk about Hacking-Lab, it's core services and digg into the users and teachers view of the portal page. You will experience the full features of the Hacking-Lab training infrastructure for being prepared, if Hacking-Lab could be a valuable service for a free OWASP TOP 10 training in the future. <br />
<br />
a) introduction hacking-lab <br/><br />
b) user view <br/><br />
c) teacher view <br/><br />
d) hands-on training with the livecd <br/><br />
<br />
This way - everybody fully understands the available *service* in<br />
question and we can then further negotiate the collaboration if this is<br />
something OWASP want to digg into.<br />
<br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Ivan Buetler<br />
| summit_session_leader_email1 = ivan.buetler@csnc.ch<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session069<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session069<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session042&diff=100431Summit 2011 Working Sessions/Session0422011-01-14T12:23:26Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Martin Knobloch<br />
| summit_session_attendee_email1 = martin.knobloch@owasp.org<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Nishi Kumar<br />
| summit_session_attendee_email2 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company2= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Jason Taylor<br />
| summit_session_attendee_email3 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]]<br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = Developer's Security Training Package<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session042<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= Compile a set of documents and slides to assist in the delivery of a security training class for developers<br />
<br />
|-<br />
<br />
| related_project_name1 = OWASP Development Guide, OWASP Secure Coding Practices - Quick Reference Guide, OWASP Enterprise Security API (ESAPI) Project, <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = OWASP Code Review Guide, <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = OWASP Application Security Verification Standard Project, <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = OWASP Testing Guide, <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = OWASP Top Ten Project<br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= To create an organized package that can be used by companies for the purposes of educating developers on securely coding web applications and web services<br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = Create modules that contain various aspects of Developer education<br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = Template to help choose modules to create a total developer package<br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Brad Causey<br />
| summit_session_leader_email1 = bradcausey@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session042<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session042<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session041&diff=100430Summit 2011 Working Sessions/Session0412011-01-14T12:23:24Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Martin Knobloch<br />
| summit_session_attendee_email1 = martin.knobloch@owasp.org<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Paulo Coimbra<br />
| summit_session_attendee_email2 = paulo.coimbra@owasp.org<br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Dinis Cruz<br />
| summit_session_attendee_email3 = dinis.cruz@owasp.org<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = Nishi Kumar<br />
| summit_session_attendee_email4 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company4= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = Cecil Su<br />
| summit_session_attendee_email5 = cecil.su@owasp.org<br />
| summit_session_attendee_company5= GT<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = Heiko Richler<br />
| summit_session_attendee_email6 = heiko.richler@owasp.org<br />
| summit_session_attendee_company6=GSO-University of Applied Sciences<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = Lucas C. Ferreira<br />
| summit_session_attendee_email7 = lucas.ferreira@owasp.org<br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = Colin Watson<br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = Jason Taylor<br />
| summit_session_attendee_email9 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]]<br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Training<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session041<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description= This session aims to consolidate the OWASP Training model as a base for the Chapter-lead training initiatives with a view of making the Local Chapters and the training initiatives by them organised instrumental in reinforcing visibility of OWASP Projects within the local corporate communities and, by that, in encouraging the use and understanding of our tools and documentation.<br><br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1 = Consolidation of the OWASP Training Model (Paid and Non Paid):<br />
| summit_session_objective_name2 = Methodolgies;<br />
| summit_session_objective_name3 = Contents and materials;<br />
| summit_session_objective_name4 = Trainers Database;<br />
| summit_session_objective_name5 = Training Kit <br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
* Consolidation of the OWASP Training model<br />
* Relation with paid/commercial training<br />
* Consolidation of methodologies<br />
* Definition of contents within the OWASP universe of projects<br />
* Production of training materials - training modules, publications, videos, CDs<br />
* Identification of Trainers - Trainers Database<br />
* Consolidation of the OWASP Training wiki page as a Training Kit for any Chapters wanting to organise training initiatives<br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Sandra Paiva<br />
| summit_session_leader_email1 = sandra.paiva@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session041<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session041<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session040&diff=100429Summit 2011 Working Sessions/Session0402011-01-14T12:23:09Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Martin Knobloch<br />
| summit_session_attendee_email1 = martin.knobloch@owasp.org<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Paulo Coimbra<br />
| summit_session_attendee_email2 = paulo.coimbra@owasp.org<br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Dinis Cruz<br />
| summit_session_attendee_email3 = dinis.cruz@owasp.org<br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = Nishi Kumar<br />
| summit_session_attendee_email4 = nishi.kumar@owasp.org<br />
| summit_session_attendee_company4= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = Cecil Su<br />
| summit_session_attendee_email5 = cecil.su@owasp.org<br />
| summit_session_attendee_company5= GT<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = Heiko Richler<br />
| summit_session_attendee_email6 = heiko.richler@owasp.org<br />
| summit_session_attendee_company6= GSO-University of Applied Sciences<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = Lucas C. Ferreira<br />
| summit_session_attendee_email7 = lucas.ferreira@owasp.org<br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = Jason Taylor<br />
| summit_session_attendee_email8 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]]<br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = OWASP Academies<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session040<br />
| mailing_list =<br />
<br />
|-<br />
<br />
| short_working_session_description=This session aims to discuss and establish the model under which the OWASP Academies will be implemented and developed, i.e., a frame under which work will be done with Universities, Polytechnic Institutes, IT Schools and other Academic institutions with a view to establish solid relationships and develop with these organisms ways to collaborate and participate in the design of courses focused on web application security.<br> Part of what will be discussed in this working session will be the continuation of the first meeting being organised for January, in Lisbon, where the vision, the materials and the action plan for the Academies, among other related issues, will be debated.<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
| summit_session_objective_name1 = Identification of goals;<br />
| summit_session_objective_name2 = Definition of methodology;<br />
| summit_session_objective_name3 = Analysis of legal aspects and relationship with Universities, other Academic institutions and Governmental initiatives;<br />
| summit_session_objective_name4 = Identification of Trainers and their involvement;<br />
| summit_session_objective_name5 = Certification of Contents and materials.<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
| summit_session_leader_name1 = Sandra Paiva<br />
| summit_session_leader_email1 = sandra.paiva@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session040<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session040<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session012&diff=100428Summit 2011 Working Sessions/Session0122011-01-14T12:22:51Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Nishi Kumar<br />
| summit_session_attendee_email1 = nishi.kumar@owasp.org <br />
| summit_session_attendee_company1= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Cecil Su<br />
| summit_session_attendee_email2 = cecil.su@owasp.org<br />
| summit_session_attendee_company2= Grant Thornton<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Elke Roth-Mandutz<br />
| summit_session_attendee_email3 = elke.roth-mandutz@ohm-hochschule.de<br />
| summit_session_attendee_company3= GSO-University of Applied Sciences<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = Heiko Richler<br />
| summit_session_attendee_email4 = heiko.richler@ohm-hochschule.de<br />
| summit_session_attendee_company4= GSO-University of Applied Sciences<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = Lucas C. Ferreira<br />
| summit_session_attendee_email5 = lucas.ferreira@owasp.org<br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = Jason Taylor<br />
| summit_session_attendee_email6 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._university.jpg]]<br />
| summit_ws_logo = [[Image:WS._university.jpg]]<br />
| summit_session_name = University Outreach<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session012<br />
| mailing_list =<br />
|-<br />
<br />
| short_working_session_description= During the university outreach working session, we hope to bring OWASP educational supporters together and address questions such as:<br />
<br />
● What security education programs currently exist in university settings around the world?<br />
<br />
● How can OWASP participate and influence the curricula of these educational programs?<br />
<br />
● How can we foster relationships between OWASP and universities?<br />
<br />
● How can the relationship between OWASP and universities be standardized?<br />
<br />
● What can OWASP offer universities and what can they, in turn, expect from each other?<br />
|-<br />
<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
Estimation of Security prorams currently exist in university settings around the world<br />
| summit_session_objective_name2 = <br />
How can OWASP participate and influence the curricula of these educational programs?<br />
| summit_session_objective_name3 = <br />
How can we foster relationships between OWASP and universities?<br />
| summit_session_objective_name4 = <br />
How can the relationship between OWASP and universities be standardized?<br />
| summit_session_objective_name5 = <br />
What can OWASP offer universities and what can they, in turn, expect from each other?<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Martin Knobloch<br />
| summit_session_leader_email1 = martin.knobloch@owasp.org<br />
<br />
| summit_session_leader_name2 = <br />
| summit_session_leader_email2 = <br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session012<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session012<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session058&diff=100427Summit 2011 Working Sessions/Session0582011-01-14T12:16:50Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Jason Taylor<br />
| summit_session_attendee_email1 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = <br />
| summit_session_attendee_email2 = <br />
| summit_session_attendee_company2=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = <br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = <br />
| summit_session_attendee_email4 = <br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._metrics.jpg]]<br />
| summit_ws_logo = [[Image:WS._metrics.jpg]]<br />
| summit_session_name = Counting and scoring application security defects<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session058<br />
| mailing_list =<br />
|-<br />
| short_working_session_description= We all know that you can’t control what you can’t measure and that you need to measure the right things or you won’t be steering towards the right outcome. For this session we will define the right outcome as “low risk to an organization from vulnerabilities in applications.” What are the right things to measure? How can we measure them? How can we use these application security metrics to drive towards low application risk. It would also be great if this could be translated into monetary risk to determine if an organizations investment in applications is not too much or too little. Some of the concepts discussed will be to take a portfolio view of application risk, assigning business risk to applications, counting defects, and measuring SDLC process performance. This is a big unsolved problem so come prepared with ideas and be willing to take part in a discussion. Includes discussion of CWSS 0.1.<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Chris Wysopal<br />
| summit_session_leader_email1 = cwysopal@Veracode.com<br />
<br />
| summit_session_leader_name2 = Chris Eng<br />
| summit_session_leader_email2 = ceng@Veracode.com<br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session058<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session058<br />
}}</div>Jason Taylorhttps://wiki.owasp.org/index.php?title=Summit_2011_Working_Sessions/Session059&diff=100426Summit 2011 Working Sessions/Session0592011-01-14T12:14:43Z<p>Jason Taylor: </p>
<hr />
<div>{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude><br />
|-<br />
<br />
| summit_session_attendee_name1 = Justin Clarke<br />
| summit_session_attendee_email1 = justin@gdssecurity.com<br />
| summit_session_attendee_company1=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=<br />
<br />
| summit_session_attendee_name2 = Nishi Kumar<br />
| summit_session_attendee_email2 = nishi.kumar@owasp.org <br />
| summit_session_attendee_company2= FIS<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=<br />
<br />
| summit_session_attendee_name3 = Colin Watson<br />
| summit_session_attendee_email3 = <br />
| summit_session_attendee_company3=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=<br />
<br />
| summit_session_attendee_name4 = Jason Taylor<br />
| summit_session_attendee_email4 = jtaylor@securityinnovation.com<br />
| summit_session_attendee_company4=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=<br />
<br />
| summit_session_attendee_name5 = <br />
| summit_session_attendee_email5 = <br />
| summit_session_attendee_company5=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=<br />
<br />
| summit_session_attendee_name6 = <br />
| summit_session_attendee_email6 = <br />
| summit_session_attendee_company6=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=<br />
<br />
| summit_session_attendee_name7 = <br />
| summit_session_attendee_email7 = <br />
| summit_session_attendee_company7=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=<br />
<br />
| summit_session_attendee_name8 = <br />
| summit_session_attendee_email8 = <br />
| summit_session_attendee_company8=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=<br />
<br />
| summit_session_attendee_name9 = <br />
| summit_session_attendee_email9 = <br />
| summit_session_attendee_company9=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=<br />
<br />
| summit_session_attendee_name10 = <br />
| summit_session_attendee_email10 = <br />
| summit_session_attendee_company10=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=<br />
<br />
| summit_session_attendee_name11 = <br />
| summit_session_attendee_email11 = <br />
| summit_session_attendee_company11=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=<br />
<br />
| summit_session_attendee_name12 = <br />
| summit_session_attendee_email12 = <br />
| summit_session_attendee_company12=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=<br />
<br />
| summit_session_attendee_name13 = <br />
| summit_session_attendee_email13 = <br />
| summit_session_attendee_company13=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=<br />
<br />
| summit_session_attendee_name14 = <br />
| summit_session_attendee_email14 = <br />
| summit_session_attendee_company14=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= <br />
<br />
| summit_session_attendee_name15 = <br />
| summit_session_attendee_email15 = <br />
| summit_session_attendee_company15=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=<br />
<br />
| summit_session_attendee_name16 = <br />
| summit_session_attendee_email16 = <br />
| summit_session_attendee_company16=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=<br />
<br />
| summit_session_attendee_name17 = <br />
| summit_session_attendee_email17 = <br />
| summit_session_attendee_company17=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=<br />
<br />
| summit_session_attendee_name18 = <br />
| summit_session_attendee_email18 = <br />
| summit_session_attendee_company18=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=<br />
<br />
| summit_session_attendee_name19 = <br />
| summit_session_attendee_email19 = <br />
| summit_session_attendee_company19=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=<br />
<br />
| summit_session_attendee_name20 = <br />
| summit_session_attendee_email20 = <br />
| summit_session_attendee_company20=<br />
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=<br />
<br />
|-<br />
| summit_track_logo = [[Image:T._metrics.jpg]]<br />
| summit_ws_logo = [[Image:WS._metrics.jpg]]<br />
| summit_session_name = Measuring SDLC process performance<br />
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session059<br />
| mailing_list =<br />
<br />
| short_working_session_description=<br />
<br />
|-<br />
<br />
| related_project_name1 = <br />
| related_project_url_1 = <br />
<br />
| related_project_name2 = <br />
| related_project_url_2 = <br />
<br />
| related_project_name3 = <br />
| related_project_url_3 = <br />
<br />
| related_project_name4 = <br />
| related_project_url_4 = <br />
<br />
| related_project_name5 = <br />
| related_project_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_objective_name1= <br />
<br />
| summit_session_objective_name2 = <br />
<br />
| summit_session_objective_name3 = <br />
<br />
| summit_session_objective_name4 = <br />
<br />
| summit_session_objective_name5 = <br />
<br />
|-<br />
<br />
| working_session_date_and_time = <br />
<br />
|-<br />
<br />
| discussion_model = participants and attendees<br />
<br />
|-<br />
<br />
| operational_resources = Projector, whiteboards, markers, Internet connectivity, power<br />
<br />
|-<br />
<br />
| working_session_additional_details = <br />
<br />
|-<br />
<br />
|summit_session_deliverable_name1 = <br />
|summit_session_deliverable_url_1 = <br />
<br />
|summit_session_deliverable_name2 = <br />
|summit_session_deliverable_url_2 = <br />
<br />
|summit_session_deliverable_name3 = <br />
|summit_session_deliverable_url_3 = <br />
<br />
|summit_session_deliverable_name4 = <br />
|summit_session_deliverable_url_4 = <br />
<br />
|summit_session_deliverable_name5 = <br />
|summit_session_deliverable_url_5 = <br />
<br />
|-<br />
<br />
| summit_session_leader_name1 = Chris Wysopal<br />
| summit_session_leader_email1 = cwysopal@Veracode.com<br />
<br />
| summit_session_leader_name2 = Chris Eng<br />
| summit_session_leader_email2 = ceng@Veracode.com<br />
<br />
| summit_session_leader_name3 = <br />
| summit_session_leader_email3 = <br />
<br />
|-<br />
<br />
| operational_leader_name1 =<br />
| operational_leader_email1 =<br />
<br />
|-<br />
<br />
| meeting_notes = <br />
<br />
|-<br />
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session059<br />
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session059<br />
}}</div>Jason Taylor