OWASP Newsletter 15

OWASP Newsletter #15 (xx-March-2008)

Welcome to the 15th edition of the OWASP Newsletter, featuring the OWASP NYC AppSec 2008 Conference, OWASP Week 2008, and the TBD Project.

As always, if you have any content to add to the next edition, please feel free to add it directly to its WIKI page OWASP Newsletter 16.

Alison McNamee - OWASP Operations Director - [email protected]

Featured Item: OWASP NYC AppSec 2008 Conference

This is going to be the biggest OWASP event yet!! The OWASP NYC AppSec 2008 Conference will take place on Tuesday, October 7th to Thursday, October 10th. There will be two days of seminars and technology expos, and two days of hands-on training. The conference will be held at Pace University in downtown New York City, and has the capacity for up to 1,000 people!!

Registration will open up on April 1st. Don't miss this one!

For more details click here.

Featured Project: TBD

Latest additions to the WIKI

New Pages

• .Net_Project_Wishlist
• .NET_Project_ReOrg_Alpha
• Germany/press
• OWASP_Board_Meetings_3-6-08
• Not-For-Profit_Status
• OWASP_Request_for_Proposal_List
• OWASP_Week_April_08
• OWASP_Board_Meetings_March_Agenda
• OWASP_Board_Meetings_2-7-08
• Ajax_Frameworks
• OWASP_Summer_0f_Code_2008_:_Selection_Assessment_SoC_08_Application_2
• OWASP_Summer_0f_Code_2008_:_Selection_Assessment_SoC_08_Application_1
• OWASP_Summer_0f_Code_2008_:_Selection_Assessment_Type

New Chapter Pages

• Qatar
• Spain/Meetings
• Boulderchaptermeetings2008.html
• Boulderchaptermeetings2007.html
• Mexico City/es

Updated Pages

• Testing_for_Cross_site_scripting
• CSRF_Guard_2x_Roadmap
• Talk:Declarative_Access_Control_in_Java
• OWASP JBroFuzz
• JSP JSTL
• Preventing LDAP Injection in Java
• Password length & complexity
• OWASP Project Assessment
• OWASP_NYC_AppSec_2008_Conference
• OWASP Enterprise Security API
• Italy_OWASP_Day_2
• OWASP_Summer_of_Code_2008_Applications
• Ajax_Literature_Review
• OWASP_Grants
• Reviews_of_security_podcasts
• OWASP_Foundation
• OWASP_Spring_Of_Code_2007_-_Payments
• OWASP_Backend_Security_Project
• Category_talk:OWASP_Testing_Project
• OWASP_Summer_of_Code_2008_Press_Release
• OWASP_Spring_Of_Code_2007_-_Projects
• Web_Application_Firewall
• OWASP_Summer_0f_Code_2008_:_Selection
• OWASP Video
• OWASP_Java_Table_of_Contents

Updated chapter pages:

• Boise
• Belgium
• Austin
• London
• Cleveland
• Mexico City
• Boulder
• Virginia (Northern Virginia)
• Denver
• Memphis
• Eugene
• Belgium
• Chennai
• Rochester
• Belgium
• Turkey
• Italy
• Latvia
• Helsinki
• Minneapolis St Paul
• Cincinnati
• Suncoast
• Sacramento
• Buffalo
• Spain
• Columbus
• Switzerland
• Washington DC
• NYNYMetro
• Netherlands
• Egypt

New Documents & Presentations from chapters

• Robert Hansen's talk on Logic Attacks and Inefficiencie of Robotic Detection at MSP

For a complete list of chapter presentations see the online table of presentations.

OWASP references in the Media

• Top 10 Reasons Web Sites get Hacked
• Do Outsourcing Firms write secure code?
• OWASP Talk PHP Code Analysis Real World Examples
• OWASP Summer of Code
• AntiSamy 1.1 is out!
• Economics of Industry Certifications
• Conference 2008 at NY
• Web Testing and Reporting Best Practices
• XSS and CSRF Attacks
• Email Encryption
• OWASP Australia 2008
• Software Vendors and OWASP
• February OWASP Top 10 - Exploits
• Exposing ECM Security Vulnerabilities
• Res timing file enumeration without javascript in ie7.0
• FOSDEM
• About OWASP
• Why many popular website are risky

Application Security News Feed

• TBD