This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Global Industry Committee/Completed Initiatives"
From OWASP
Sarah Baso (talk | contribs) (Created page with "=== Past Global Industry Committee Initiatives === {| class="prettytable FCK__ShowTableBorders" |- ! Task ! Completed ! Type ! Status ! Description ! Who |- | [http://www....") |
(→Past Global Industry Committee Initiatives: Added further completed items) |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
=== Past Global Industry Committee Initiatives === | === Past Global Industry Committee Initiatives === | ||
− | |||
{| class="prettytable FCK__ShowTableBorders" | {| class="prettytable FCK__ShowTableBorders" | ||
|- | |- | ||
Line 9: | Line 8: | ||
! Description | ! Description | ||
! Who | ! Who | ||
+ | |- | ||
+ | | [http://www.rmima.org/2011/aug2011.htm OWASP at Rocky Mountain Information Management Association Mtg] | ||
+ | | 19 Aug 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | Man OWASP booth at RMIMA conference to promote awareness | ||
+ | | DC, Gerrit Padgham | ||
+ | |- | ||
+ | | [https://www.owasp.org/index.php/AppSecEU2011/Industry_Outreach Industry Outreach Sessions at OWASP AppSec EU] | ||
+ | | 10 Jun 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | Conduct industry outreach sessions at AppSec EU to educate about GIC initiatives and solicit feedback | ||
+ | | RB, NK, SB | ||
+ | |- | ||
+ | | [http://pages.event.fishnetsecurity.com/page.aspx?QS=472529ec60bdf32a82a426e012293c9bd031529fe8a7723f3daf606009fc4561 Enterprise Security Solutions Summit] | ||
+ | | 7 Jun 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | Manning the OWASP booth doing outreach, membership drive, etc. | ||
+ | | DC | ||
+ | |- | ||
+ | | [http://www.ico.gov.uk/for_organisations/data_protection/topic_guides/data_sharing.aspx UK ICO Data Sharing Code of Practice] | ||
+ | | 10 May 2011 | ||
+ | | Standards | ||
+ | | Closed | ||
+ | | Submitted [https://www.owasp.org/index.php/File:Owasp-ico-data-sharing-cop-consultation-response-1.pdf OWASP response] (12/20/2010) to last year's consultation on the draft | ||
+ | | CW | ||
+ | |- | ||
+ | | [http://www.brighttalk.com/community/cloud-computing/webcast/24582 OWASP Panel at Brighttalk Appsec Summit] | ||
+ | | 16 March 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | Participate in panel of OWASP leaders to discuss new web application threats and give insights on ways to secure them for business | ||
+ | | DC | ||
+ | |- | ||
+ | | [http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP FedRAMP] | ||
+ | | 17 Jan 2011 | ||
+ | | Standards | ||
+ | | Closed | ||
+ | | Provide response to FedRAMP certification and accreditation process | ||
+ | | RB | ||
+ | |- | ||
+ | | [http://hacking-lab.com/ Hacking Lab] | ||
+ | | 14 Dec 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | Matt Tesauro has been working with Hacking Lab previously and brought it to the GIC | ||
+ | | MAT | ||
+ | |- | ||
+ | | OWASP Top 10 Presentation | ||
+ | | 2/18/11 or 2/25/11 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | OWASP Presentation Royal Holloway, University of London presentation | ||
+ | | YP | ||
+ | |- | ||
+ | | Leeds Chapter Leader Presentation | ||
+ | | 13 Dec 2011 | ||
+ | | Outreach | ||
+ | | Closed | ||
+ | | LA is gathering OWASP overview and project information for OWASP Leeds presentation needs. | ||
+ | | LA | ||
+ | |- | ||
+ | | New IETF Web Security working group / W3C Web Application Security Working Group | ||
+ | | Ongoing | ||
+ | | All Members | ||
+ | | Closed | ||
+ | | Invite and coordinate OWASP contributions on this IETF/W3C Group | ||
+ | | YP | ||
|- | |- | ||
| [http://www.owasp.org/index.php/OWASP_Mobile_Security_Project Kickoff OWASP Mobile Security Project] | | [http://www.owasp.org/index.php/OWASP_Mobile_Security_Project Kickoff OWASP Mobile Security Project] |
Latest revision as of 08:11, 19 July 2012
Past Global Industry Committee Initiatives
Task | Completed | Type | Status | Description | Who | |
---|---|---|---|---|---|---|
OWASP at Rocky Mountain Information Management Association Mtg | 19 Aug 2011 | Outreach | Closed | Man OWASP booth at RMIMA conference to promote awareness | DC, Gerrit Padgham | |
Industry Outreach Sessions at OWASP AppSec EU | 10 Jun 2011 | Outreach | Closed | Conduct industry outreach sessions at AppSec EU to educate about GIC initiatives and solicit feedback | RB, NK, SB | |
Enterprise Security Solutions Summit | 7 Jun 2011 | Outreach | Closed | Manning the OWASP booth doing outreach, membership drive, etc. | DC | |
UK ICO Data Sharing Code of Practice | 10 May 2011 | Standards | Closed | Submitted OWASP response (12/20/2010) to last year's consultation on the draft | CW | |
OWASP Panel at Brighttalk Appsec Summit | 16 March 2011 | Outreach | Closed | Participate in panel of OWASP leaders to discuss new web application threats and give insights on ways to secure them for business | DC | |
FedRAMP | 17 Jan 2011 | Standards | Closed | Provide response to FedRAMP certification and accreditation process | RB | |
Hacking Lab | 14 Dec 2011 | Outreach | Closed | Matt Tesauro has been working with Hacking Lab previously and brought it to the GIC | MAT | |
OWASP Top 10 Presentation | 2/18/11 or 2/25/11 | Outreach | Closed | OWASP Presentation Royal Holloway, University of London presentation | YP | |
Leeds Chapter Leader Presentation | 13 Dec 2011 | Outreach | Closed | LA is gathering OWASP overview and project information for OWASP Leeds presentation needs. | LA | |
New IETF Web Security working group / W3C Web Application Security Working Group | Ongoing | All Members | Closed | Invite and coordinate OWASP contributions on this IETF/W3C Group | YP | |
Kickoff OWASP Mobile Security Project | 2011 Summit | Projects | Closed | Provide GIC oversight to Mobile Security Project | DC | |
FTC Protecting Consumer Privacy in an Era of Rapid Change | 18 Feb 2011 | Standards | Closed | Provide response to "FTC Protecting Consumer Privacy in an Era of Rapid Change - A framework for businesses and policymakers" | CW | |
BCS London Central | 17 Feb 2011 | Outreach | Closed | Present a talk about OWASP. | CW | |
Data Sharing CoP | 5 Jan 2011 | Standards | Closed | Provide response to UK ICO's "Data Sharing Code of Practice Consultation" | CW/AF | |
CRESTCON | 14 Dec 2011 | Outreach | Closed | YP is attending CRESTCON in Royal Holloway, Surrey, UK | YP | |
(ISC)^2 Application Security Advisory Board (ASAB) | 19 Nov 2010 | Outreach | Closed | YP is now a member of the (ISC)^2 ASAB, with the first meeting to be held in FL on the above stated date. | YP | |
T.E.N./Fortify Software Security Assurance Summit | 1 Dec 2010 | Outreach | Closed | Discuss quick wins and high impact software assurance activities using the OWASP SAMM model as reference and cite other OWASP projects as resources. | AF | |
DOJ Nondiscimination on the Basis of Disability | 30 Nov 2010 | Standards | Closed | Provide response to US DOJ's "Accessibility of Web Information and Services of State and Local Government Entities and Public Accommodations" | AF/LA | |
e-Consumer Protection Consultation | 13 Oct 2010 | Standards | Closed | Review and provide official OWASP response to UK Office of Fair Trading e-Consumer Protection Consultation. | YP | |
ENISA Common Assurance Maturity Model | 8 Oct 2010 | Standards | Closed | Work with Category:OWASP Cloud ‐ 10 Project to contribute to the development of Common Assurance Maturity Model for ENISA/Cloud Security Alliance/etc joint initiative. | CW | |
Mobile Web Application Best Practices Working Draft | 6 Aug 2010 | Standards | Closed | Review and provide official OWASP response to W3C's Mobile Web Best Practices Working Group. | DC | |
UK Office of Fair Trading | 23 Jul 2010 | Standards | Closed | Ask to be added to official consultation list | CW | |
BusinessLink | 1 Jul 2010 | Outreach | Closed | Offer to contribute to development of IT security information about application security on the BusinessLink website for UK SMEs. Outcome - no help required at present, but BusinessLink system to be disbanded. | CW | |
Veracode | 28 Jun 2010 | Outreach | Closed | Discuss use of Open SAMM to classify Secure SDL maturity in Veracode's code analysis summary reports. Outcome - positive response received. | CW | |
OWASP Leeds/North | 16 Jun 2010 | Outreach | Closed | Presentations at chapter meeting in Newcastle-upon-Tyne about ENISA CAMM and OWASP Appsensor | CW | |
Front Range OWASP Conference (FROC) 2010 | 2 Jun 2010 | Outreach | Closed | Conference organisation Vids & presentations online | DC | |
OWASP Presentation at ISACA Denver Annual Meeting | 27 May 2010 | Outreach | Closed | Presentation Presentation online | DC | |
ISSA-UK | 13 May 2010 | Outreach | Closed | Presentation | YP | |
Personal Information Online COP | 5 Mar 2010 | Legislation | Closed | Provide response to UK Information Commissioner's Office draft "Personal Information Online Code of Practice" | YP | |
ENISA Mobile Apps | Mar 2010 | Outreach | Closed | Identify and introduce OWASP contact for ENISA's Mobile Apps Project, in conjunction with Dinis Cruz. | CW | |
Technology Strategy Board Secure Software Development Partnership | 18 Feb 2010 | Outreach | Closed | Liaise with the UK Technology Strategy Board about the Secure Software Development Partnership (SSDP) in conjunction with the London chapter leader Justin Clarke | CW | |
US Information Systems Security Association Northern Virginia Chapter (ISSA-NOVA) | 21 Jan 2010 | Outreach | Closed | Provide presentation covering CSSLP, fundamentals of AppSec and Intro to OWASP and Global Industry Committee | AF | |
ENISA | Jan 2010 | Outreach | Closed | Discuss opportunities for OWASP to work with ENISA, in conjunction with Dinis Cruz. | CW | |
NIST SP 800-37 Revision 1 FPD Review Project | 30 Dec 2009 | Standards | Closed | Provide response to "NIST SP 800-37 Revision 1 Final Public Draft, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach" | RB | |
CREST CRESTCon | 15 Dec 2009 | Outreach | Closed | Already an oversubscribed event, YP & CW have been placed on the reserve list. Update: Positions secured for the 15th. | YP | |
SDL Pro Network | 30 Nov 2009 | Outreach | Closed | Contact SDL Pro Network to discuss if there are opportunities for OWASP to become involved or connected in some way | CW | |
Draft NIST IR 7628 | 25 Nov 2009 | Standards | Closed | Provide response to "NIST IR 7628 Draft Smart Grid Cyber Security Strategy and Requirements" | CW | |
Appsec DC 2009 | 10-13 Nov 2009 | Outreach | Closed | Conference organisation - special effort to engage with US Federal sector | RB | |
UK Ministry of Justice | - | Legislation | Closed | Ask to be added to official consultation list | CW | |
IT-SA | 13-15 Oct 2009 | Outreach | Closed | OWASP booth at trade show | GH | |
OWASP AppSec Germany 2009 | 13 Oct 2009 | Outreach | Closed | Conference organisation | GH | |
US Library of Congress | 28 Sep 2009 | Outreach | Closed | Presentation about OWASP | RB | |
OWASP Ireland AppSec 2009 | 10 Sep 2009 | Outreach | Closed | Conference organisation | EK | |
OWASP Citations | 7 Sep 2009 | Other | Closed | Identify and record the most important references to OWASP in official, or otherwise important, documents. Page created at: Industry:Citations | CW | |
US Library of Congress | 26 Aug 2009 | Outreach | Closed | Presentation about OWASP | RB | |
OWASP webcast at Brighttalk Data and Privacy in Web 2.0 Summit | 13 Aug 2009 | Outreach | Closed | Deliver OWASP presentation on XSS, client side exploitation, and countermeasures. | DC | |
SAFECode Secure Development Practices (update to Oct 2008 version) | 31 Jul 2009 | Standards | Closed | Response to SAFECode "Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today." | CW | |
OWASP CSA Project | 8 Jul 2009 | Standards | Closed | Response to RFC Cloud Security Alliance Guidance v1.0 | TB | |
Scotland | 25 Jun 2009 | Outreach | Closed | Presentation about the Global Industry Committee, its role and recent activities (presentation slides File:Owasp-scotland-industry-committee-june-2009.ppt and written notes File:Owasp-scotland-industry-committee-june-2009-notes.pdf) | CW | |
OWASP Presentation at CFP Con 2009 | 1 Jun 2009 | Outreach | Closed | Deliver presentation on web threats and countermeasures. See CFP tutorial page grep OWASP for more info. | DC | |
ENISA Who-Is-Who Directory | - | Outreach | Closed | Contact ENISA regarding OWASP inclusion in directory (in progress). Encourage European chapter leaders to contact their ENISA liaison officers (completed). Contact UK liaison officer on behalf of London, Leeds and Scotland chapters. | CW | |
IIL Insurance Institute of London | 2 Jun 2009 | Outreach | Closed | Contact IIL regarding future input to their publication Insurance Aspects of E-Commerce | CW | |
Draft NIST SP 800-118 | 29 May 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-118 Guide to Enterprise Password Management" | CW/EK/RB/DC | |
German IT Industry Association | 15 May 2009 | Outreach | Closed | Presentation on OWASP | GH | |
Outreach Presentation to Frontier Airlines | 7 May 2009 | Outreach | Closed | Provide outreach presentation covering fundamentals of AppSec and Intro to OWASP | DC | |
DPC BS 10012 | 31 Mar 2009 | Standards | Closed | Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC) | CW | |
Draft NIST SP 800-53 Revision 3 | 27 Mar 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations" | RB | |
Draft NIST SP 800-122 | 13 Mar 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" | CW | |
London | 12 Mar 2009 | Outreach | Closed | Presentation about the Global Industry Committee, its role and recent activities (presentation slides File:Owasp-london-industry-committee-march-2009.ppt and written notes File:Owasp-london-industry-committee-march-2009-notes.pdf) | CW | |
Digital Britain Interim Report | 11 Mar 2009 | Legislation | Closed | Provide response to UK Government's "Digital Britain Interim Report Jan 2009" | CW | |
SnowFROC Front Range | 5 Mar 2009 | Outreach | Closed | Conference organisation | DC | |
US Department of Commerce | 25 Feb 2009 | Outreach | Closed | Presentation about OWASP to Economic Security Working Group | RB | |
DPC BS 8878:2009 | 31 Jan 2009 | Standards | Closed | Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC) | Puneet/CW | |
AppSec Presentation Delivered to Infragard, Dec 2008 | Dec 2008 | Outreach | Closed | Infragard is a collaboration between the US FBI and maintainers of critical infrastructure. Presentation here. Email DC for full PPT with speaker notes | DC | |
The Register Google Analytics — Yes, it is a security risk | Nov 2008 | Outreach | Closed | Co-ordination of response and provision of comments from OWASP leaders about risk of JavaScript on Barack Obama's website | DC |