This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Commercial Services"

From OWASP
Jump to: navigation, search
m
m
Line 42: Line 42:
 
[[Image:Asvs-bulb.jpg|link=]]'''How to get your company listed'''  
 
[[Image:Asvs-bulb.jpg|link=]]'''How to get your company listed'''  
  
To be listed in the OWASP Commercial Services Registry, contact the project lead [mailto:mike.boberski@owasp.org here].  
+
To be listed in the OWASP Commercial Services Registry, contact [http://www.owasp.org/index.php/Contact Kate Hartmann].  
  
 
|  
 
|  

Revision as of 02:58, 11 May 2010


This is a DRAFT page!!


Scroll all the way down the page for information about how this page would be accessed


Home



OWASP's mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks, and as a value-add towards this end we have attempted to centralize OWASP project deliverable-based services for you in a single OWASP Commercial Services Registry. OWASP is not affiliated with any technology company, and OWASP does not endorse commercial products or services, although we support the informed use of commercial security technology, and that is the ultimate goal of this registry.

Encouraging the formation of commercial services (verification, implementation services, process improvement, and training) benefits both industry and OWASP by promoting the development and consumption by industry and government of tools and techniques that are based on OWASP open standards, best practices and design patterns. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way. The OWASP Foundation is a not-for-profit entity that ensures the project’s long-term success, providing sound foundations to build commercial services upon.

Firms listed in this registry follow strict rules to ensure the preservation of OWASP’s non-commercial nature. Firms listed in this registry share our belief that application security needs to be approached as a people, process, and technology problem, because the most effective approaches to application security include improvements in all of these areas.

Asvs-ad-where-at.png

Join OWASP

Asvs-writing.JPGHow to join OWASP

The professional association of OWASP Foundation is a not-for-profit 501c3 charitable organization not associated with any commercial product or service.

Get Listed

Asvs-bulb.jpgHow to get your company listed

To be listed in the OWASP Commercial Services Registry, contact Kate Hartmann.

Related resources

Asvs-satellite.jpgOWASP Resources


Verification


Commercial OWASP ASVS verification providers are listed below. Organizations listed are not accredited by OWASP. Neither their products nor services have been endorsed by OWASP. Organizations listed either use ASVS or will help you use it. Provider listings are required to include the following information: company name and link to corporate web site, company location and markets served, company area(s) of application technology expertise, ASVS verification levels offered; approach to performing verifications, and contact name and email. Listings are not allowed to exceed 100 words.



OWASP Member
Organization
Preferences.png

... another OWASP member organization...
Preferences.png

Acme Application Security Co. (1A ,1B) Us.png

Acme Application Security Co. is headquartered in Memphis, Tennessee. Acme Application Security Co. serves both enterprises and governments. Areas of expertise include web 2.0 social media technologies. Acme Application Security Co.'s approach to performing dynamic scans (1A) combines passive vulnerability scanning with manually testing areas of interest. Our approach to performing source code scans (1B) targets both application code and goes beyond ASVS Level 1A requirements to additionally scan any open source underlying frameworks and libraries that were modified or extended to create your application. All reports are tailored to meet organization requirements. Eps closedHS.png Contact us for more information.

CommentHS.png Last modified: April 14, 2010 - 8:36

This organization is not an OWASP member

... not an OWASP member organization...

This organization is not an OWASP member

[1]... not an OWASP member organization...



Implementation Services


Commercial OWASP ESAPI implementation service providers are listed below. Organizations listed are not accredited by OWASP. Neither their products nor services have been endorsed by OWASP. Organizations listed either use ESAPI or will help you use it. Provider listings are required to include the following information: company name and link to corporate web site, company location and markets served, company area(s) of application technology expertise, ESAPI implementation service platforms offered; approach to performing implementations, and contact name and email. Listings are not allowed to exceed 100 words.



OWASP Member
Organization
Preferences.png

... another OWASP member organization...
Preferences.png

Acme Application Security Co. (ESAPI for .NET, ESAPI for Java) Us.png

Acme Application Security Co. is headquartered in Memphis, Tennessee. Acme Application Security Co. serves both enterprises and governments. Areas of expertise include web 2.0 social media technologies. Acme Application Security Co.'s approach to integrating ESAPI typically consists of writing ESAPI adapters using the ESAPI Extended Factory Pattern, and then training developers on their use. We also write secure coding standards based on customized adapters as part of service. Eps closedHS.png Contact us for more information.

CommentHS.png Last modified: April 14, 2010 - 8:36

This organization is not an OWASP member

... not an OWASP member organization...

This organization is not an OWASP member

[2]... not an OWASP member organization...



Process Improvement


Commercial OWASP SAMM process improvement providers are listed below. Organizations listed are not accredited by OWASP. Neither their products nor services have been endorsed by OWASP. Organizations listed either use SAMM or will help you use it. Provider listings are required to include the following information: company name and link to corporate web site, company location and markets served, company area(s) of application technology expertise, SAMM business function process improvement services offered; approach to performing process improvement, and contact name and email. Listings are not allowed to exceed 100 words.



OWASP Member
Organization
Preferences.png

... another OWASP member organization...
Preferences.png

Acme Application Security Co. (Construction, Verification) Us.png

Acme Application Security Co. is headquartered in Memphis, Tennessee. Acme Application Security Co. serves both enterprises and governments. Areas of expertise include web 2.0 social media technologies. Acme Application Security Co.'s approach to Construction and Verification process improvement emphasizes the need to target specific levels of assurance based on risk management principles. Eps closedHS.png Contact us for more information.

CommentHS.png Last modified: April 14, 2010 - 8:36

This organization is not an OWASP member

... not an OWASP member organization...

This organization is not an OWASP member

[3]... not an OWASP member organization...



Training


Commercial OWASP Guide training providers are listed below. Organizations listed are not accredited by OWASP. Neither their products nor services have been endorsed by OWASP. Organizations listed either use OWASP Guides or will help you use them. Provider listings are required to include the following information: company name and link to corporate web site, company location and markets served, company area(s) of application technology expertise, OWASP Guide training offered; approach to performing training, and contact name and email. Listings are not allowed to exceed 100 words.



OWASP Member
Organization
Preferences.png

... another OWASP member organization...
Preferences.png

Acme Application Security Co. (Development, Code Review) Us.png

Acme Application Security Co. is headquartered in Memphis, Tennessee. Acme Application Security Co. serves both enterprises and governments. Areas of expertise include web 2.0 social media technologies. Acme Application Security Co.'s approach to training is hands-on, featuring exercises in both Java and .NET. Our training facilities are large enough to accomodate class sizes up to 12 people. Eps closedHS.png Contact us for more information.

CommentHS.png Last modified: April 14, 2010 - 8:36

This organization is not an OWASP member

... not an OWASP member organization...

This organization is not an OWASP member

[4]... not an OWASP member organization...






... AND THIS IS HOW THIS REGISTRY WOULD BE ACCESSED


How-commercial-svcs-accessed.PNG