This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Summit 2011 Working Sessions/Session052"

From OWASP
Jump to: navigation, search
Line 17: Line 17:
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=
  
| summit_session_attendee_name4 = Colin Watson
+
| summit_session_attendee_name4 =  
| summit_session_attendee_email4 = [email protected]
+
| summit_session_attendee_email4 =  
 
| summit_session_attendee_company4=
 
| summit_session_attendee_company4=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=

Revision as of 10:41, 31 January 2011

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. individual projects.jpg OWASP Testing Guide
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description We need to define:


- an updated vulnerability list to test (from the OWASP Common Vulnerabiltity list)
- Create a more readable guide, eliminating some sections that are not really useful,
- Insert new testing techniques: HTTP Verb tampering, HTTP Parameter Pollutions, etc.,
- Rationalize some sections as Session Management Testing,
- Debate if create a new section: Client side security and Firefox extensions testing.

Related Projects (if any)


Email Contacts & Roles Chair
Matteo Meucci @

Operational Manager
Giorgio Fedon
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  1. Show the v3, and debating what we need to create an excellent v4

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time
TODO


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group Approved by OWASP Board

An updated outline for the testing guide that is tied into the OWASP common numbering scheme

After the Board Meeting - fill in here.

A short white paper with ideas for revisions to the Testing Guide for evaluation and discussion by the community at large.

After the Board Meeting - fill in here.

A committed project manager who can reach out to experts to get the document completed.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
Nishi Kumar @
FIS

Cecil Su @
GT

Lucas C. Ferreira @





Achim Hoffmann @
sic[!]sec

Tom Neaves @
Verizon Business

Vishal Garg @
AppSecure Labs

Giorgio Fedon @
Minded Security

Stefano Di Paola @
Minded Security

Pavol Luptak @
Nethemba