|
|
| (30 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | <!-- | + | <!-- post news stories on [[OWASP News]] and they'll get picked up here soon --> |
| − | ; '''Mon ## - [[article]]'''
| |
| − | : item
| |
| − | --> | |
| − | ; '''Aug 31 - [[OWASP Autumn Of Code 2006 : Press Release | OWASP Autumn Of Code 2006]]'''
| |
| − | : Today we are lauching a new project called "OWASP Autumn of Code 2006" which will sponsor individuals to work on existing OWASP Projects.
| |
| | | | |
| − | ; '''Aug 31 - [http://video.google.com/videoplay?docid=941077664562737284 Dinis Cruz video interview]''' | + | ; '''Ju1 13 - [[OWASP Newsletter 10]]''' |
| − | : Dinis talks about .NET security, the future of OWASP, and the brand new [[Autumn of Code]] project. | + | : $28K available, OWASP Moderated AppSec News Feed, OWASP on the Move Events |
| | | | |
| − | ; '''Aug 31 - [http://www.owasp.org/index.php/Italy#Aug.2C_2006_-_Article_on_Banca_Finanza_magazine Article about OWASP on Banca Finanza magazine]''' | + | ; '''Jun 10 - [[OWASP Newsletter 9]]''' |
| − | : Banca Finanza mag has interviewed Raoul Chiesa talking about the new risks for the on-line banking security. Raoul speaks about OWASP and web application security. | + | : Top Ten 2007 FINAL!, More SPoC details, lots of pages updated |
| | | | |
| − | ; '''Aug 27 - [[:Category:OWASP Project|New OWASP Projects]]''' | + | ; '''Apr 17 - [[OWASP Newsletter 8]]''' |
| − | : Check out these three new tool projects starting and join us in making them better. | + | : OWASP SpoC projects selected, new OWASP WeBecki tool, OWASP Code Review project, OWASP updates and much more |
| − | * [[:Category:OWASP_LAPSE_Project|LAPSE]] - J2EE static analysis tool
| |
| − | * [[:Category:OWASP_SQLiX_Project|SQLiX]] - SQL injection scanner
| |
| − | * [[:Category:OWASP_Pantera_Web_Assessment_Studio_Project|Pantera]] - Web application analysis engine
| |
| − | | |
| − | ; '''Aug 14 - [http://www.iese.fraunhofer.de/download/Security-Checker-Tools-for-Web-Applications.pdf Detailed analysis of application security tools]'''
| |
| − | : Holger Peine of the Fraunhofer Institute compares a number of free tools (WebScarab, Paros, Burp Suite, Spike Proxy), and commercial tools (AppScan, WebInspect, Acunetix). The methodology is quite detailed and uses OWASP's WebGoat and a 'normal' web application.
| |
| − | | |
| − | ; '''Aug 14 - [http://www.owasp.org/index.php/Image:Threat_modelling_of_pharming.doc When Phishing Evolves to Pharming]
| |
| − | : "Phishing is evolving into a new type of attack called pharming. Pharming redirects users to fraudulent websites seamlessly without any suspicious activity such as spam mail that asks a user to login at a website. This paper analyses possible vectors of pharming and creates a threat model for it with attack tree." OWASP would like to thank Cheong Kai Wee for the submission of this paper! [[:Category:OWASP_Papers|Click here]] for details on submitting your own paper to the [[:Category:OWASP_Papers|OWASP Papers Program]].
| |
| | | | |
| | ; [[OWASP News|Older news...]] | | ; [[OWASP News|Older news...]] |
