This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session029"
From OWASP
Sandra Paiva (talk | contribs) |
|||
| Line 160: | Line 160: | ||
|summit_session_deliverable_name1 = A practical guideline for protecting against CSRF in the real world. | |summit_session_deliverable_name1 = A practical guideline for protecting against CSRF in the real world. | ||
| − | |||
|summit_session_deliverable_name2 = A concise, clear standard for determining whether an application is vulnerable to CSRF. | |summit_session_deliverable_name2 = A concise, clear standard for determining whether an application is vulnerable to CSRF. | ||
| − | |||
|summit_session_deliverable_name3 = | |summit_session_deliverable_name3 = | ||
| − | |||
|summit_session_deliverable_name4 = | |summit_session_deliverable_name4 = | ||
| − | |||
|summit_session_deliverable_name5 = | |summit_session_deliverable_name5 = | ||
| − | | | + | |
| + | |summit_session_deliverable_name6 = | ||
| + | |||
| + | |summit_session_deliverable_name7 = | ||
| + | |||
| + | |summit_session_deliverable_name8 = | ||
|- | |- | ||
Revision as of 21:16, 25 January 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
 Protecting Against CSRF
| ||||||
|---|---|---|---|---|---|---|
| Please see/use the 'discussion' page for more details about this Working Session | ||||||
| Working Sessions Operational Rules - Please see here the general frame of rules. |
| WORKING SESSION IDENTIFICATION | ||||||
|---|---|---|---|---|---|---|
| Short Work Session Description | Examining different ways to build CSRF protection into web applications and web frameworks. | |||||
| Related Projects (if any) |
| |||||
| Email Contacts & Roles | Chair Eric Sheridan @ |
Operational Manager |
Mailing list Subscription Page | |||
| WORKING SESSION SPECIFICS | ||||||
|---|---|---|---|---|---|---|
| Objectives | ||||||
| Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time
|
Discussion Model participants and attendees | |||
| |
|---|
| WORKING SESSION OPERATIONAL RESOURCES | ||||||
|---|---|---|---|---|---|---|
| Projector, whiteboards, markers, Internet connectivity, power | ||||||
| |
|---|
| WORKING SESSION ADDITIONAL DETAILS | ||||||
|---|---|---|---|---|---|---|
| WORKING SESSION OUTCOMES / DELIVERABLES | ||
|---|---|---|
| Proposed by Working Group | Approved by OWASP Board | |
|
A practical guideline for protecting against CSRF in the real world. |
After the Board Meeting - fill in here. | |
|
A concise, clear standard for determining whether an application is vulnerable to CSRF. |
After the Board Meeting - fill in here. | |
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
| WORKING SESSION PARTICIPANTS | ||||||
|---|---|---|---|---|---|---|
| Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
| Chris Schmidt @ |
Aspect Security |
| ||||
| Achim Hoffmann @ |
sic[!]sec |
capabilities of WAFs to protect against CSRF | ||||
| Ryan Barnett @ |
Trustwave's SpiderLabs |
discuss how WAFs (ModSecurity) can help mitigate CSRF. Also want to discuss/test new CSRFGuard v3 JS code | ||||
| Colin Watson @ |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
