This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Project Summit 2014"
From OWASP
(→Working Sessions) |
|||
| (33 intermediate revisions by 2 users not shown) | |||
| Line 18: | Line 18: | ||
Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes. | Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes. | ||
| + | [[image:Wiki education banner.png|700px| center]] | ||
{| | {| | ||
| width="50pt" align="center" style="background: #DCD0FF" | | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| Line 26: | Line 27: | ||
| width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
|- | |- | ||
| − | | style="background: #F5F5F5" align="center" | | + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/001| View]] |
| − | | style="background: #F5F5F5" align="center" | [ | + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project] |
| − | | style="background: #F5F5F5" | 1. | + | | style="background: #F5F5F5" | 1. Re-thinking the concept of OWASP University Supporter |
| − | 2. | + | 2. Expand the concept of the OWASP Student Chapters. |
| − | 3. | + | 3. Establish and expand the OWASP University Challenge. |
| − | 4. | + | 4. Suggested application security curriculum. |
| + | |||
| + | 5. Discuss and establish the concept of OWASP Academic Advocate. | ||
| style="background: #F5F5F5" |1. | | style="background: #F5F5F5" |1. | ||
| Line 42: | Line 45: | ||
4. | 4. | ||
| − | | style="background: #F5F5F5" | | + | | style="background: #F5F5F5" | Konstantinos Papapanagiotou, Vasileios Vlachos, Martin Knobloch |
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | [[image:Wiki media banner.png|700px|center]] | ||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/002| View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project] | ||
| + | | style="background: #F5F5F5" | 1. Present the official OWASP YouTube channel | ||
| + | 2. Involve project leaders to promote their content | ||
| + | |||
| + | | style="background: #F5F5F5" |1. Create live and recorded video contents for OWASP projects | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Jonathan Marcil | ||
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | [[image:Wiki podcast banner.png|700px|center]] | ||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/003|View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_Podcast OWASP 24/7 Podcast Series] | ||
| + | | style="background: #F5F5F5" | | ||
| + | | style="background: #F5F5F5" | 1. Have four(4) Project Leaders volunteer to be interviewed for the series. | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Mark Miller | ||
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | [[image:Wiki developers banner.png|700px|center]] | ||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/004 | View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Developer Guide] | ||
| + | | style="background: #F5F5F5" | | ||
| + | | style="background: #F5F5F5" | 1. More actively engaged volunteers and rebuild the project within OWASP so it can become self-sustaining. | ||
| + | 2. More DevGuide text (at the very least, I hope to finish one chapter during my remote hack-a-thon). | ||
| + | |||
| + | 3. More awareness of the Dev Guide's importance and history to OWASP. | ||
| + | |||
| + | 4. To work with volunteers to discuss and refine the roadmap. | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Andrew van der Stock | ||
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | [[image:Wiki codereview banner.png| 700px|center]] | ||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/005 | View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide] | ||
| + | | style="background: #F5F5F5" | | ||
| + | | style="background: #F5F5F5" | 1. Collect a number of bad coding examples to show readers code they should avoid writing. | ||
| + | 2. Collect a number of good coding examples to show readers how security code should be written. | ||
| + | |||
| + | 3. Collect the above for Java, PHP and C# languages, plus possibly C/C++, Ruby, Python, Perl, etc. | ||
| + | |||
| + | 4. Raise awareness of the ongoing Code Review Guide and encourage OWASP members to participate in the project. | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Gary Robinson | ||
|style="background: #F5F5F5" | | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/006 | View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:OWASP_PCI_Project PCI Toolkit] | ||
| + | | style="background: #F5F5F5" | 1. let the public understand what are PCI_DSS requirements and how important these are for the Credit Card companies. | ||
| + | 2. Show how the PCI-DSS scoping process can be much better understood using this tool. | ||
| + | |||
| + | 3. SHow to the public how important many OWASP guidelines are to the scoping process and to maintaining PCI-DSS compliance. | ||
| + | | style="background: #F5F5F5" | 1. Set on wiki for the project leaders to consider for their next release or improvements for the project. | ||
| + | 2. Promote incubator projects with potential. | ||
| + | |||
| + | 3. Get more students to participate as contributors and keep them motivated to participate in the next Gsoc 2015. | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Johanna Curiel | ||
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/009 | View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OpenSAMM] | ||
| + | | style="background: #F5F5F5" | | ||
| + | | style="background: #F5F5F5" | | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| | ||
| + | |style="background: #F5F5F5" | | ||
| + | |} | ||
| + | |||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/010 | View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/Global_Initiatives/Cyber_Security_Startup_Initiative OWASP Cyber Security Startup Initiative] | ||
| + | | style="background: #F5F5F5" | 1. To introduce this new innovative initiative to the OWASP community. | ||
| + | | style="background: #F5F5F5" | 1. Garner support from the corporate, academic and startup communities. | ||
| + | |||
| + | | style="background: #F5F5F5" align="center"| Neill Gernon | ||
| + | |style="background: #F5F5F5" | [http://attending.io/events/appseceu Sign up to attend] | ||
| + | |} | ||
| + | |||
| + | {| | ||
| + | | width="50pt" align="center" style="background: #DCD0FF" | | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Name of Working Session''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Objective(s)''' | ||
| + | | width="200pt" align="center" style="background: #DCD0FF" | '''Outcome(s)/Deliverable(s)''' | ||
| + | | width="150pt" align="center" style="background: #DCD0FF" | '''Owner/Leader''' | ||
| + | | width="150" align="center" style="background: #DCD0FF" | '''Members/Attendees''' | ||
| + | |- | ||
| + | | style="background: #F5F5F5" align="center" | [[Projects Summit 2014/Working Sessions/012| View]] | ||
| + | | style="background: #F5F5F5" align="center" | [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project] | ||
| + | | style="background: #F5F5F5" | 1. Presentation of the project | ||
| + | 2. Project overview, goals and objectives | ||
| + | |||
| + | 3. Review of challenges faced by the team, case studies | ||
| + | |||
| + | 4. Brainstorming session on what should be he focus of our efforts | ||
| + | |||
| + | 5. Identify what need to be secured | ||
| + | | style="background: #F5F5F5" | | ||
| + | | style="background: #F5F5F5" align="center" | Enrico Branca | ||
| + | |style="background: #F5F5F5" | | ||
|} | |} | ||
Latest revision as of 20:57, 20 June 2014
| |
|
|---|---|
|
Introduction
The OWASP Project Summit is a smaller version of the much larger OWASP Summits. This event activity gives our project leaders the opportunity to showcase their project progress, and have attendees sit down and work on project tasks during the event. It is an excellent opportunity to engage the event attendees, and it gives project leaders the chance to move forward on their project milestones while meeting new potential volunteers that can assist with future milestones.
Working Sessions
Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes.
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Education Project | 1. Re-thinking the concept of OWASP University Supporter
2. Expand the concept of the OWASP Student Chapters. 3. Establish and expand the OWASP University Challenge. 4. Suggested application security curriculum. 5. Discuss and establish the concept of OWASP Academic Advocate. |
1.
2. 3. 4. |
Konstantinos Papapanagiotou, Vasileios Vlachos, Martin Knobloch |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Media Project | 1. Present the official OWASP YouTube channel
2. Involve project leaders to promote their content |
1. Create live and recorded video contents for OWASP projects | Jonathan Marcil |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP 24/7 Podcast Series | 1. Have four(4) Project Leaders volunteer to be interviewed for the series. | Mark Miller |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Developer Guide | 1. More actively engaged volunteers and rebuild the project within OWASP so it can become self-sustaining.
2. More DevGuide text (at the very least, I hope to finish one chapter during my remote hack-a-thon). 3. More awareness of the Dev Guide's importance and history to OWASP. 4. To work with volunteers to discuss and refine the roadmap. |
Andrew van der Stock |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Code Review Guide | 1. Collect a number of bad coding examples to show readers code they should avoid writing.
2. Collect a number of good coding examples to show readers how security code should be written. 3. Collect the above for Java, PHP and C# languages, plus possibly C/C++, Ruby, Python, Perl, etc. 4. Raise awareness of the ongoing Code Review Guide and encourage OWASP members to participate in the project. |
Gary Robinson |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | PCI Toolkit | 1. let the public understand what are PCI_DSS requirements and how important these are for the Credit Card companies.
2. Show how the PCI-DSS scoping process can be much better understood using this tool. 3. SHow to the public how important many OWASP guidelines are to the scoping process and to maintaining PCI-DSS compliance. |
1. Set on wiki for the project leaders to consider for their next release or improvements for the project.
2. Promote incubator projects with potential. 3. Get more students to participate as contributors and keep them motivated to participate in the next Gsoc 2015. |
Johanna Curiel |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OpenSAMM |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Cyber Security Startup Initiative | 1. To introduce this new innovative initiative to the OWASP community. | 1. Garner support from the corporate, academic and startup communities. | Neill Gernon | Sign up to attend |
| Name of Working Session | Objective(s) | Outcome(s)/Deliverable(s) | Owner/Leader | Members/Attendees | |
| View | OWASP Python Security Project | 1. Presentation of the project
2. Project overview, goals and objectives 3. Review of challenges faced by the team, case studies 4. Brainstorming session on what should be he focus of our efforts 5. Identify what need to be secured |
Enrico Branca |
