This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "CommunityUpdates/2014-08-26"

From OWASP
Jump to: navigation, search
(Upcoming Events)
(Those on Video)
 
(4 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
== Those on Video ==
 
== Those on Video ==
 
* Michael Coates - @_mwc
 
* Michael Coates - @_mwc
 
+
* Mark Major
  
 
== Watch the live or recorded meeting==
 
== Watch the live or recorded meeting==
Line 21: Line 21:
 
* OWASP AppSecUSA - [http://2014.appsecusa.org/2014/registration/ Register Now]
 
* OWASP AppSecUSA - [http://2014.appsecusa.org/2014/registration/ Register Now]
 
[http://appsecusa.org [[File:AppSecUSA.LightBg.900x151.png|alt=AppSec USA 2014| link=http://2014.appsecusa.org]] ]
 
[http://appsecusa.org [[File:AppSecUSA.LightBg.900x151.png|alt=AppSec USA 2014| link=http://2014.appsecusa.org]] ]
 +
* OWASP Asia Tour
 +
** Stops planned in Japan, Thailand, Malaysia, Singapore and China.
 +
** Contact Tobias via email [email protected]
 +
** if you are a chapter in Asia and like to join (and haven't done so yet, please contact Tobias)
 +
** If you are an OWASP member in Asia and have a great technical presentation contact Tobias
  
 
= Chapters =
 
= Chapters =
Line 26: Line 31:
 
<!-- Date - Chapter name - [http://# more info] -->
 
<!-- Date - Chapter name - [http://# more info] -->
 
* September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -[https://www.owasp.org/index.php/AppSec_Israel_2014 more info]  
 
* September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -[https://www.owasp.org/index.php/AppSec_Israel_2014 more info]  
* August 1, 2014 - OWASP USA:Louisville -  [https://www.owasp.org/index.php/Louisville more info]
 
  
 
''[https://www.owasp.org/index.php/OWASP_Chapter Full list of worldwide chapters]'', ''[http://www.google.com/calendar/embed?src=hl6cjgs6ep1h7oniqgueu2bhbo%40group.calendar.google.com&ctz=America/Los_Angeles OWASP Events Calendar]''
 
''[https://www.owasp.org/index.php/OWASP_Chapter Full list of worldwide chapters]'', ''[http://www.google.com/calendar/embed?src=hl6cjgs6ep1h7oniqgueu2bhbo%40group.calendar.google.com&ctz=America/Los_Angeles OWASP Events Calendar]''
Line 83: Line 87:
  
 
= Projects =
 
= Projects =
OWASP JSEC CVE Details  
+
* [[OWASP_JSEC_CVE_Details | OWASP JSEC CVE Details ]]
[https://www.owasp.org/index.php/OWASP_JSEC_CVE_Details]
+
** OWASP JSEC CVE Details is is an opensource application developed in Java that uses the api provided by cvedetails.com to receive latest CVE updates
 +
* [[OWASP_CISO_Survey | OWASP CISO]] Survey has launched.
 +
** Add we need everyone's help to collect the survey data. The Survey is available in English, Chinese, Hebrew and Japanese. https://www.surveymonkey.com/s/CISOSurvey2014
 +
** An email with the invitation to the Survey will go out later today to the leaders and community lists (after my plane has landed). Please forward the invitation to your security managers in your companies. And if you like to join later the analysis and report writing, please join the project team
 +
(https://www.owasp.org/index.php/OWASP_CISO_Survey_Project)
 +
 
 
= Talks & Outreach =
 
= Talks & Outreach =
Recent Security Talks
+
==Recent Security Talks==
 +
* [[Bay_Area | OWASP Bay Area]]
 +
** Paul McMillan from Nebula @PaulM - Attacking the Internet of Things using Time
 +
** Ben Hagen from Netflix @BenHagen - Cloud Security at Scale and What it Means for Your Application
 +
* [http://www.meetup.com/OWASP-NYC/events/189278132/ OWASP NYC]
 +
** Rene Aguero - Defending The New Perimeter: Techniques for Managing User Risk
 +
** David Maman- WAF is Not Enough
 +
* [https://www.owasp.org/index.php/Switzerland#tab=Next_Meetings OWASP Switzerland]
 +
** Stefan Horlacher - (Client-Side) Flash Security by
 
==BlackHat Arsenal 2014==
 
==BlackHat Arsenal 2014==
 
On August 6th and 7th, ZAP, PCI TOOLKIT and Dependency check were presented during the BlackHat USA Arsenal Tools in Las Vegas  
 
On August 6th and 7th, ZAP, PCI TOOLKIT and Dependency check were presented during the BlackHat USA Arsenal Tools in Las Vegas  
Line 99: Line 116:
 
== OWASP in the News ==
 
== OWASP in the News ==
 
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top 10] was mentioned in the VentureBeat article [http://venturebeat.com/2014/08/23/the-internet-of-things-will-be-vulnerable-for-years-and-no-one-is-incentivized-to-fix-it/ The Internet of Things will be vulnerable for years, and no one is incentivized to fix it]
 
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top 10] was mentioned in the VentureBeat article [http://venturebeat.com/2014/08/23/the-internet-of-things-will-be-vulnerable-for-years-and-no-one-is-incentivized-to-fix-it/ The Internet of Things will be vulnerable for years, and no one is incentivized to fix it]
*
+
* OWASP Internet of Things - @ThingsExpo | Internet of Things OWASP Top Ten (#IoT) http://www.sys-con.com/node/3131715
 +
* Organization of American States (OAS) and OWASP - http://www.oas.org/en/media_center/press_release.asp?sCodigo=E-328/14
  
 
= Activities Looking for Volunteers =
 
= Activities Looking for Volunteers =

Latest revision as of 16:08, 26 August 2014

Join the Meeting - Connection Information

  • Tuesday August 26, 2014

Those on Video

  • Michael Coates - @_mwc
  • Mark Major

Watch the live or recorded meeting

9am Pacific / 5pm London

OWASP'er Mentions

Upcoming Events

AppSec USA 2014

  • OWASP Asia Tour
    • Stops planned in Japan, Thailand, Malaysia, Singapore and China.
    • Contact Tobias via email [email protected]
    • if you are a chapter in Asia and like to join (and haven't done so yet, please contact Tobias)
    • If you are an OWASP member in Asia and have a great technical presentation contact Tobias

Chapters

Chapter Events

  • September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -more info

Full list of worldwide chapters, OWASP Events Calendar

Chapter Info

Chapter Metrics Q2

DATE April 2014 May 2014 June 2014
TOTAL 267 Chapters 268 Chapters 270 Chapters


  • Active Chapters: 235
  • Inactive Chapters: 35 (listed as not having a chapter leader)
  • New Chapters: 1
  • Restarted Chapters: 3

Chapters By Region

Total Chapters (inactive chapters)

  • Africa: 16 (3)
  • Asia Pacific: 17 (2)
  • Canada: 12 (6)
  • Europe: 56 (5)
  • Latin America: 38 (10)
  • Middle East: 38 (2)
  • United States: 86 (8)

Conferences

Full conference calendar

Projects

  • OWASP JSEC CVE Details
    • OWASP JSEC CVE Details is is an opensource application developed in Java that uses the api provided by cvedetails.com to receive latest CVE updates
  • OWASP CISO Survey has launched.
    • Add we need everyone's help to collect the survey data. The Survey is available in English, Chinese, Hebrew and Japanese. https://www.surveymonkey.com/s/CISOSurvey2014
    • An email with the invitation to the Survey will go out later today to the leaders and community lists (after my plane has landed). Please forward the invitation to your security managers in your companies. And if you like to join later the analysis and report writing, please join the project team

(https://www.owasp.org/index.php/OWASP_CISO_Survey_Project)

Talks & Outreach

Recent Security Talks

  • OWASP Bay Area
    • Paul McMillan from Nebula @PaulM - Attacking the Internet of Things using Time
    • Ben Hagen from Netflix @BenHagen - Cloud Security at Scale and What it Means for Your Application
  • OWASP NYC
    • Rene Aguero - Defending The New Perimeter: Techniques for Managing User Risk
    • David Maman- WAF is Not Enough
  • OWASP Switzerland
    • Stefan Horlacher - (Client-Side) Flash Security by

BlackHat Arsenal 2014

On August 6th and 7th, ZAP, PCI TOOLKIT and Dependency check were presented during the BlackHat USA Arsenal Tools in Las Vegas The sessions were a success, and OWASP had a big opportunity to present these tools. Other OWASP members were there to present their tools such as Abbas Naderi with Taintless Ryan Barnett with Modsecurity and Josh Sokol with Simple Risk

Visit https://www.blackhat.com/us-14/arsenal.html to learn more about the presentations

OWASP in the News

Activities Looking for Volunteers

OWASP Wiki

Pages that Need Attention

Editing Tips & Tricks

Wiki Clean Up Crew

Wiki-Fu

Announcements from the Foundation