This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session052"
Vishal Garg (talk | contribs) |
Cmartorella (talk | contribs) |
||
(20 intermediate revisions by 12 users not shown) | |||
Line 4: | Line 4: | ||
| summit_session_attendee_name1 = Nishi Kumar | | summit_session_attendee_name1 = Nishi Kumar | ||
| summit_session_attendee_email1 = [email protected] | | summit_session_attendee_email1 = [email protected] | ||
+ | | summit_session_attendee_username1 = | ||
| summit_session_attendee_company1= FIS | | summit_session_attendee_company1= FIS | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1= | ||
Line 9: | Line 10: | ||
| summit_session_attendee_name2 = Cecil Su | | summit_session_attendee_name2 = Cecil Su | ||
| summit_session_attendee_email2 = [email protected] | | summit_session_attendee_email2 = [email protected] | ||
+ | | summit_session_attendee_username2 = | ||
| summit_session_attendee_company2= GT | | summit_session_attendee_company2= GT | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2= | ||
Line 14: | Line 16: | ||
| summit_session_attendee_name3 = Lucas C. Ferreira | | summit_session_attendee_name3 = Lucas C. Ferreira | ||
| summit_session_attendee_email3 = [email protected] | | summit_session_attendee_email3 = [email protected] | ||
+ | | summit_session_attendee_username3 = | ||
| summit_session_attendee_company3= | | summit_session_attendee_company3= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3= | ||
− | | summit_session_attendee_name4 = | + | | summit_session_attendee_name4 = Keith Turpin |
− | | summit_session_attendee_email4 = | + | | summit_session_attendee_email4 = keith.turpin@owasp.org |
+ | | summit_session_attendee_username4 = Keith_Turpin | ||
| summit_session_attendee_company4= | | summit_session_attendee_company4= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4= | ||
Line 24: | Line 28: | ||
| summit_session_attendee_name5 = Achim Hoffmann | | summit_session_attendee_name5 = Achim Hoffmann | ||
| summit_session_attendee_email5 = [email protected] | | summit_session_attendee_email5 = [email protected] | ||
+ | | summit_session_attendee_username5 = Achim | ||
| summit_session_attendee_company5= sic[!]sec | | summit_session_attendee_company5= sic[!]sec | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5= | ||
Line 29: | Line 34: | ||
| summit_session_attendee_name6 = Tom Neaves | | summit_session_attendee_name6 = Tom Neaves | ||
| summit_session_attendee_email6 = [email protected] | | summit_session_attendee_email6 = [email protected] | ||
− | | summit_session_attendee_company6= Verizon Business | + | | summit_session_attendee_username6 = |
− | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6= | + | | summit_session_attendee_company6 = Verizon Business |
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6 = | ||
| summit_session_attendee_name7 = Vishal Garg | | summit_session_attendee_name7 = Vishal Garg | ||
| summit_session_attendee_email7 = [email protected] | | summit_session_attendee_email7 = [email protected] | ||
+ | | summit_session_attendee_username7 = | ||
| summit_session_attendee_company7= AppSecure Labs | | summit_session_attendee_company7= AppSecure Labs | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7= | ||
− | | summit_session_attendee_name8 = | + | | summit_session_attendee_name8 = Giorgio Fedon |
− | | summit_session_attendee_email8 = | + | | summit_session_attendee_email8 = [email protected] |
− | | summit_session_attendee_company8= | + | | summit_session_attendee_username8 = |
+ | | summit_session_attendee_company8= Minded Security | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8= | ||
− | | summit_session_attendee_name9 = | + | | summit_session_attendee_name9 = Stefano Di Paola |
− | | summit_session_attendee_email9 = | + | | summit_session_attendee_email9 = [email protected] |
− | | summit_session_attendee_company9= | + | | summit_session_attendee_username9 = |
+ | | summit_session_attendee_company9= Minded Security | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9= | ||
− | | summit_session_attendee_name10 = | + | | summit_session_attendee_name10 = Pavol Luptak |
− | | summit_session_attendee_email10 = | + | | summit_session_attendee_email10 = [email protected] |
− | | summit_session_attendee_company10= | + | | summit_session_attendee_username10 = |
+ | | summit_session_attendee_company10= Nethemba | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10= | ||
− | | summit_session_attendee_name11 = | + | | summit_session_attendee_name11 = Andre Gironda |
− | | summit_session_attendee_email11 = | + | | summit_session_attendee_email11 = andregATthegmail |
+ | | summit_session_attendee_username11 = Dre | ||
| summit_session_attendee_company11= | | summit_session_attendee_company11= | ||
− | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11= | + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11= Will be available remotely |
− | | summit_session_attendee_name12 = | + | | summit_session_attendee_name12 = Edward Bonver |
− | | summit_session_attendee_email12 = | + | | summit_session_attendee_email12 = [email protected] |
− | | summit_session_attendee_company12= | + | | summit_session_attendee_username12 = Edward Bonver |
+ | | summit_session_attendee_company12= Symantec | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12= | ||
− | | summit_session_attendee_name13 = | + | | summit_session_attendee_name13 = Wojciech Dworakowski |
− | | summit_session_attendee_email13 = | + | | summit_session_attendee_email13 = [email protected] |
− | | summit_session_attendee_company13= | + | | summit_session_attendee_username13 = Wojciech Dworakowski |
+ | | summit_session_attendee_company13= SecuRing | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13= | ||
− | | summit_session_attendee_name14 = | + | | summit_session_attendee_name14 = Vlatko Kosturjak |
− | | summit_session_attendee_email14 = | + | | summit_session_attendee_email14 = [email protected] |
+ | | summit_session_attendee_username14 = kost | ||
| summit_session_attendee_company14= | | summit_session_attendee_company14= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= | ||
− | | summit_session_attendee_name15 = | + | | summit_session_attendee_name15 = Antonio Fontes |
− | | summit_session_attendee_email15 = | + | | summit_session_attendee_email15 = [email protected] |
− | | summit_session_attendee_company15= | + | | summit_session_attendee_username15 = |
+ | | summit_session_attendee_company15= L7 Sécurité | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15= | ||
− | | summit_session_attendee_name16 = | + | | summit_session_attendee_name16 = Christian Martorella |
− | | summit_session_attendee_email16 = | + | | summit_session_attendee_email16 = [email protected] |
− | | summit_session_attendee_company16= | + | | summit_session_attendee_username16 = |
+ | | summit_session_attendee_company16= Verizon Business | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16= | ||
| summit_session_attendee_name17 = | | summit_session_attendee_name17 = | ||
| summit_session_attendee_email17 = | | summit_session_attendee_email17 = | ||
+ | | summit_session_attendee_username17 = | ||
| summit_session_attendee_company17= | | summit_session_attendee_company17= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17= | ||
Line 89: | Line 106: | ||
| summit_session_attendee_name18 = | | summit_session_attendee_name18 = | ||
| summit_session_attendee_email18 = | | summit_session_attendee_email18 = | ||
+ | | summit_session_attendee_username18 = | ||
| summit_session_attendee_company18= | | summit_session_attendee_company18= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18= | ||
Line 94: | Line 112: | ||
| summit_session_attendee_name19 = | | summit_session_attendee_name19 = | ||
| summit_session_attendee_email19 = | | summit_session_attendee_email19 = | ||
+ | | summit_session_attendee_username19 = | ||
| summit_session_attendee_company19= | | summit_session_attendee_company19= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19= | ||
Line 99: | Line 118: | ||
| summit_session_attendee_name20 = | | summit_session_attendee_name20 = | ||
| summit_session_attendee_email20 = | | summit_session_attendee_email20 = | ||
+ | | summit_session_attendee_username20 = | ||
| summit_session_attendee_company20= | | summit_session_attendee_company20= | ||
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20= | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20= | ||
Line 109: | Line 129: | ||
| mailing_list = | | mailing_list = | ||
|- | |- | ||
− | | short_working_session_description= | + | | short_working_session_description= We need to define:<br> |
+ | <br>- an updated vulnerability list to test (from the OWASP Common Vulnerabiltity list) | ||
+ | <br>- Create a more readable guide, eliminating some sections that are not | ||
+ | really useful, | ||
+ | <br>- Insert new testing techniques: HTTP Verb tampering, HTTP Parameter | ||
+ | Pollutions, etc., | ||
+ | <br>- Rationalize some sections as Session Management Testing, | ||
+ | <br>- Debate if create a new section: Client side security and Firefox | ||
+ | extensions testing. | ||
|- | |- | ||
Line 130: | Line 158: | ||
|- | |- | ||
− | | summit_session_objective_name1= | + | | summit_session_objective_name1= Show the v3, and debating what we need to create an excellent v4 |
| summit_session_objective_name2 = | | summit_session_objective_name2 = | ||
Line 142: | Line 170: | ||
|- | |- | ||
− | | working_session_date_and_time = | + | | working_session_date_and_time = TODO |
|- | |- | ||
Line 154: | Line 182: | ||
|- | |- | ||
− | | working_session_additional_details = | + | | working_session_additional_details = The presence of participants on the Working Session [[Summit 2011 Working Sessions/Session085|'''Common structure and numbering for all guides''']] is advisable. |
|- | |- | ||
Line 181: | Line 209: | ||
| summit_session_leader_name2 = | | summit_session_leader_name2 = | ||
| summit_session_leader_email2 = | | summit_session_leader_email2 = | ||
+ | | summit_session_leader_username2 = | ||
| summit_session_leader_name3 = | | summit_session_leader_name3 = | ||
| summit_session_leader_email3 = | | summit_session_leader_email3 = | ||
+ | | summit_session_leader_username3 = | ||
|- | |- | ||
− | | operational_leader_name1 = | + | | operational_leader_name1 = Giorgio Fedon |
− | | operational_leader_email1 = | + | | operational_leader_email1 = |
|- | |- |
Latest revision as of 12:20, 9 February 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
OWASP Testing Guide | ||||||
---|---|---|---|---|---|---|
Please see/use the 'discussion' page for more details about this Working Session | ||||||
Working Sessions Operational Rules - Please see here the general frame of rules. |
WORKING SESSION IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Short Work Session Description | We need to define:
| |||||
Related Projects (if any) |
| |||||
Email Contacts & Roles | Chair Matteo Meucci @ |
Operational Manager Giorgio Fedon |
Mailing list Subscription Page |
WORKING SESSION SPECIFICS | ||||||
---|---|---|---|---|---|---|
Objectives |
| |||||
Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time TODO
|
Discussion Model participants and attendees |
|
---|
WORKING SESSION OPERATIONAL RESOURCES | ||||||
---|---|---|---|---|---|---|
Projector, whiteboards, markers, Internet connectivity, power |
|
---|
WORKING SESSION ADDITIONAL DETAILS | ||||||
---|---|---|---|---|---|---|
The presence of participants on the Working Session Common structure and numbering for all guides is advisable. |
WORKING SESSION OUTCOMES / DELIVERABLES | ||
---|---|---|
Proposed by Working Group | Approved by OWASP Board | |
An updated outline for the testing guide that is tied into the OWASP common numbering scheme |
After the Board Meeting - fill in here. | |
After the Board Meeting - fill in here. | ||
A committed project manager who can reach out to experts to get the document completed. |
After the Board Meeting - fill in here. | |
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. |
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
WORKING SESSION PARTICIPANTS | ||||||
---|---|---|---|---|---|---|
Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
Nishi Kumar @ |
FIS |
| ||||
Cecil Su @ |
GT |
| ||||
Lucas C. Ferreira @ |
| |||||
Keith Turpin @ |
| |||||
Achim Hoffmann @ |
sic[!]sec |
| ||||
Tom Neaves @ |
Verizon Business |
| ||||
Vishal Garg @ |
AppSecure Labs |
| ||||
Giorgio Fedon @ |
Minded Security |
| ||||
Stefano Di Paola @ |
Minded Security |
| ||||
Pavol Luptak @ |
Nethemba |
| ||||
Andre Gironda @ |
Will be available remotely | |||||
Edward Bonver @ |
Symantec |
| ||||
Wojciech Dworakowski @ |
SecuRing |
| ||||
Vlatko Kosturjak @ |
| |||||
Antonio Fontes @ |
L7 Sécurité |
| ||||
Christian Martorella @ |
Verizon Business |
| ||||
|
| |||||
|
| |||||
|
| |||||
|
|