This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Newsletter 6"
| Line 5: | Line 5: | ||
== Featured Project: TBD == | == Featured Project: TBD == | ||
XML Gateway Eval Project? | XML Gateway Eval Project? | ||
| + | This OWASP Project defines an open standard for evaluating XML Security Gateways. This criteria will provide the OWASP community a set of standard evaluation criteria to assess the functionality and quality of XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this the XML Security space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services. | ||
== Latest additions to the WIKI == | == Latest additions to the WIKI == | ||
Revision as of 10:18, 2 March 2007
OWASP Newsletter #6
Featured Item: TBD
OWASP Top 10 update??
Featured Project: TBD
XML Gateway Eval Project? This OWASP Project defines an open standard for evaluating XML Security Gateways. This criteria will provide the OWASP community a set of standard evaluation criteria to assess the functionality and quality of XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this the XML Security space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services.
Latest additions to the WIKI
New Pages
- [[OWASP Education Project Modules]]
- Mark O'Neill
- [[OWASP Education Presentation Rating]]
- OWASP Education Project Roadmap
- [[J2EE Bad Practices: JSP Expressions]]
Updated pages
Updated chapter pages:
Other pages:
- Appendix A: Testing Tools
- Access Control In Your J2EE Application
- Hashing Java
- How to add validation logic to HttpServletRequest
- OWASP Autumn of Code 2006 - Project Completion
New Documents & Presentations from chapters
- XSS and XSS Worms (Sven Vetsch) from the Switzerland Chapter.
Latest Blog entries
OWASP Community
- Apr 17 (18:00h) - Rochester chapter meeting
- Apr 12 (18:00h) - Netherlands chapter meeting
- Apr 11 (18:00h) - Toronto chapter meeting
- Apr 10 (18:00h) - Washington DC (N. VA) chapter meeting
- Apr 4 (18:30h) - Boston chapter meeting
- Apr 3 (18:00h) - Melbourne chapter meeting
- Mar 28 (11:30h) - San Antonio chapter meeting
- Mar 22 (18:00h) - London chapter meeting
- Mar 21-22 - Belgium@InfoSecurity
- Mar 20 (18:00h) - Rochester chapter meeting
- Mar 14 (18:00h) - Toronto chapter meeting
- Mar 14 (18:00h) - Chicago chapter meeting
- Mar 13 (18:00h) - Washington DC (N. VA) chapter meeting
- Mar 8 (18:00h) - Ottawa Chapter Meeting
- Mar 7 (18:30h) - Boston chapter meeting
- Mar 7 (18:30h) - Kansas City chapter meeting
- Mar 6 (18:30h) - Philadelphia chapter meeting
- Mar 6 (18:30h) - San Francisco and San Jose chapter meeting
- Mar 6 (18:00h) - Melbourne chapter meeting
Application Security News
- SecurityFocus article, "This article examines the dismal state of application-layer logging as observed from the authors’ years of experience in performing source code security analysis on millions of lines of code."
- A long paper on web application security threats released by honeynet.org. "This paper focuses on application threats against common web applications. After reviewing the fundamentals of a typical attack, we will go on to describe the trends we have observed and to describe the research methods that we currently use to observe and monitor these threats."
