This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Template:OWASP News"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
; '''Jan 2 - [http://books.google.com/books?as_q=owasp&num=100&btnG=Google+Search&as_epq=&as_oq=&as_eq=&as_libcat=0&as_brr=0&as_vt=&as_auth=&as_pub=&as_drrb=c&as_miny=&as_maxy=&as_isbn= The Best Security Books Reference OWASP]'''
 
; '''Jan 2 - [http://books.google.com/books?as_q=owasp&num=100&btnG=Google+Search&as_epq=&as_oq=&as_eq=&as_libcat=0&as_brr=0&as_vt=&as_auth=&as_pub=&as_drrb=c&as_miny=&as_maxy=&as_isbn= The Best Security Books Reference OWASP]'''
 
: There are over 50 security books that reference OWASP. Many of the authors are contributing to OWASP, speaking at our conferences, and participating in our chapters. Some of the books just recommend OWASP, but many are structured around OWASP, and others have whole chapters dedicated to our tools.
 
: There are over 50 security books that reference OWASP. Many of the authors are contributing to OWASP, speaking at our conferences, and participating in our chapters. Some of the books just recommend OWASP, but many are structured around OWASP, and others have whole chapters dedicated to our tools.
 +
 +
; '''Dec 10 - [http://www.sans.org/top20/?ref=1697#c1 SANS and OWASP Partner to Add #1 Web Application Security to SANS Top 20]'''
 +
: The SANS document is widely used, and we're extremely pleased that we could work with them to recognize the risks associated with web applications. From the document... "Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from insufficient validation through to application logic errors."
 +
 +
{| align="center"
 +
| [http://www.sans.org/top20/?ref=1697#c1 https://www.owasp.org/images/8/80/SANS_Logo.jpg]
 +
| [http://www.owasp.org https://www.owasp.org/images/f/f0/OWASP_Logo.gif]
 +
|}
  
 
; '''Nov 28 - [[OWASP JBroFuzz|JBroFuzz 0.3 Released]]'''
 
; '''Nov 28 - [[OWASP JBroFuzz|JBroFuzz 0.3 Released]]'''
Line 10: Line 18:
 
; '''Nov 26 - [[OWASP Site Generator|OWASP Site Generator v.70 Released]]'''
 
; '''Nov 26 - [[OWASP Site Generator|OWASP Site Generator v.70 Released]]'''
 
: A tool that allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) for testing application security tools.
 
: A tool that allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) for testing application security tools.
 
; '''Nov 14 - [[:Category:OWASP_Project|Three great new OWASP projects]]
 
: 1) [[:Category:OWASP Encoding Project|OWASP Encoding Project]] A nice encoding library that supports Java, .NET, PHP, Python, Perl, JavaScript, and Ajax.  2) [[:Category:OWASP WSFuzzer Project|OWASP WSFuzzer Project]] A fuzzing tool for Web Services to support penetration testing efforts.  3) [[:Category:OWASP Insecure Web App Project|OWASP Insecure Web App Project]] A realistic but insecure Java EE web application for use in learning and testing tools.
 
 
; '''Nov 12 - [http://www.owasp.org/google/results.html New OWASP Application Security Search Engine]
 
: We're beta-testing a new Google-powered search engine for application security. The engine indexes the OWASP site and all the other sites dedicated to application security on the Internet. We've set up some simple refinements so that you can ignore commercial, product, or non-OWASP sites if you like. Please give us some [mailto:[email protected]?subject=Search_engine_feedback feedback] if you have ideas for improvement.
 
 
; '''Nov 7 - [[Special:Statistics|OWASP Hits Two-Million Page Views]]'''
 
: Thank you all for your support! We serve approximately 1/2 million page views every month.
 
  
 
; [[OWASP News|Older news...]]
 
; [[OWASP News|Older news...]]

Revision as of 02:25, 8 January 2007

Jan 2 - The Best Security Books Reference OWASP
There are over 50 security books that reference OWASP. Many of the authors are contributing to OWASP, speaking at our conferences, and participating in our chapters. Some of the books just recommend OWASP, but many are structured around OWASP, and others have whole chapters dedicated to our tools.
Dec 10 - SANS and OWASP Partner to Add #1 Web Application Security to SANS Top 20
The SANS document is widely used, and we're extremely pleased that we could work with them to recognize the risks associated with web applications. From the document... "Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from insufficient validation through to application logic errors."
SANS_Logo.jpg OWASP_Logo.gif
Nov 28 - JBroFuzz 0.3 Released
This version adds a more stable core, length updating for fuzzed POST requests and allows you to specify your own fuzz vectors in a separate file.
Nov 26 - OWASP Report Generator 0.88 Released
A tool for security consultants that supports the documentation and reporting of security vulnerabilities discovered during security.
Nov 26 - OWASP Site Generator v.70 Released
A tool that allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) for testing application security tools.
Older news...