This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP EU Summit 2008--PRESS

Revision as of 01:01, 14 October 2008 by Mroxberr (talk | contribs) (Media Resources for Working Sessions)

Jump to: navigation, search

Please click here to return to the OWASP EU Summit Portugal 2008 main page.

Press registration is open to any member of the broadcast, print and Internet media who can prove they work for an organization or publication that covers computer security on a regular basis. At the conference we will provide a press room with Internet access and electrical outlets for laptop computers. If you need a separate room for filming interviews, please request it in advance in the comments section. Let us know if there are any other special needs such as speakers you want to interview when you arrive or other items such as computer access to file stories or a fax machine.

We welcome anyone to apply for press credentials but reserve the right to deny you a pass. As such, please be prepared to show us copies of your articles either at your publication's Web site or on the publication's masthead should we request it.

At the show, please be able to present a business card, and government issued picture id, article on your organization's masthead and contact information for your assignment editor should we need it to validate your credentials before issuing you a pass.

Press registration may be granted for the conference and working sessions seminars only. There are no press passes available for Training.

Please make a point to pre-register. Should you attempt to attain credentials on-site, we cannot guarantee you will qualify and must bring all information in the above paragraph.

To register please ask Kate Hartmann for a password and use: Register.gif

Media Resources for Working Sessions

The following text is being provided by the chairs from each of the OWASP EU Summit 2008#WORKING_SESSIONS_-_November_4th_.26_5th_.28Tue.2C_Wed.29. It explains why the working session is important, why it matters to the industry and what might be the beneficial outcomes. We hope to have public/industry information from all the working sessions here in due course for advanced publicity purposes.

OWASP Documentation Projects
Briefing Text The working session on OWASP Documentation Projects is a great chance to understand how the set of OWASP related documents can be used as a toolset to promote security on software development and management. The outcomes from PCI DSS v.1.2 and other standards that will come form the market, shows how important is to understand the importance of protection measures on coding and how these actions will come back in high quality products that can reach the market in a more adequate fashion.

The outcomes will promote OWASP documents in the market and to be part of it will make the difference for your company, your career and your personal contribution for the security community.

Session Page OWASP_Working_Session_-_OWASP_Documentation_Projects
OWASP .NET Project
Briefing Text OWASP secures .NET web applications and services. This working session will promote the OWASP .NET initiative, and discuss the roadmap for OWASP .NET for 2009. Additional objectives include discussing vulnerability research, application review and guidance for .NET and Mono (Open Source .NET) projects.

Are we protecting .NET/Mono developers? Is there adequate security guidance and vulnerability research for technology platforms, frameworks, community software, including:

  • ASP.NET Data Services
  • Sharepoint
  • Silverlight
  • Community Server
  • Wikipedia Search (Mono)
  • DekiWiki (Mono)
Session Page OWASP Working Session - .NET Project
OWASP Education Project
Briefing Text

There is plenty of knowledge available inside the OWASP community, spread via the wiki, Conferences, chapter meetings and not to forget the books.

Another important way to distribute the available knowledge is though education!

The Summit Working Session on Education will cover important aspects such as:

  • How to improve knowledge transfer from OWASP projects towards the community,
  • How to create training material (lessons, classes, courses) from OWASP project material?
  • How to set up an OWASP education baseline,
  • How to setup an OWASP Boot Camp,
  • How to connect to organisation to promote OWASP education content: e.g. universities, other non-profit (or profit?) education organisations,
  • How to organize the OWASP / Conference trainings to make them the best in the world?
  • Can we integrate this into OWASP certification projects?
  • How to setup an OWASP Boot Camp?

This working session is the ideal opportunity to build further on the shoulders of giants and spread OWASP's solutions through the education project!

Session Page OWASP_Working_Session_Education_Project
OWASP Awards
Briefing Text

Governments, businesses and people rely on the Internet - the Internet has almost become something we cannot live without. But the Internet suffers from one terrible flaw: it's insecure. It's insecure because we've rushed into creating a global network of computers without making sure we knew what we were doing. The Open Web Application Security Project (OWASP) is a global open community dedicated to enabling organisations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

There are people and groups working in this area who are doing battle for all of us every day, yet many are unknown outside their own specialist areas. The proposed OWASP Awards could be used to thank and recognise outstanding contributions, identify those who are raising security awareness and highlight those supporting security initiatives such as promoting better practices.

Session Page OWASP_Working_Session_-_OWASP_Awards


OWASP European Summit/October 13th, 2008

OWASP European Summit - Portugal
Portugal/Algarve - 4th - 7th November 2008

Setting the Web Application Security Agenda for 2009: OWASP Invites You to Join Our Summit in Portugal

With the theme 'Setting the AppSec agenda for 2009', the OWASP Summit will be a worldwide gathering of OWASP leaders and key industry players to present and discuss the latest OWASP tools, documentation projects, and web application security trends. Join us in Portugal in just a few short weeks! This venue hosts a diverse selection of training courses along with technical and business tracks, making it THE place to learn about web application security and the resources OWASP has available for use today.

OWASP is a not-for-profit organization with the purpose of supporting the Web Application Security community around the world, and has granted $250,000 USD for web application security research. In addition to over 40 presentations from the OWASP Leaders and grant recipients, the OWASP Summit will host multiple Working Sessions designed to improve collaboration, achieve specific objectives and identify roadmaps for OWASP projects, chapters, and the OWASP community itself.

To facilitate this event, OWASP is investing $150,000 USD which will be used to cover air travel and accommodation expenses for OWASP leaders, active contributors, and select key industry leaders. With their confirmed presence (see list here:, the OWASP Summit will provide a relaxed but professional environment to meet, discuss, influence and contribute to OWASP projects.

The OWASP Summit will also host a large and diverse selection of training courses, covering multiple OWASP specific and Web Application Security Topics.

The remarkable impact of OWASP is made possible only by the collaboration of many dedicated people and organizations worldwide. In that spirit of cooperation, OWASP invites all its members and interested individuals and companies to attend this thrilling event. Please join us and help to set the Web Application Security Agenda for 2009!

Regarding the event sponsorship matters, there are still a few opportunities available (see here – do not miss the opportunity to associate your brand with this gripping and worldwide event!

Please see below for additional details about the OWASP Summit or visit the OWASP Summit website:


OWASP projects selected for Summit presentation include new documentation and innovative tools to help developers, architects, and security specialists ensure that applications are secure:

  • Application Security Verification Standard,
  • Code review guide, V1.1,
  • Ruby on Rails Security Guide v2,
  • Securing WebGoat using ModSecurity,
  • Testing Guide v3,
  • GTK+ GUI for w3af project,
  • Access Control Rules Tester,
  • AntiSamy .NET,
  • Live CD & DVD Project,
  • OpenPGP Extensions for HTTP,
  • Orizon Project,
  • Python Static Analysis,
  • WebScarab-NG,
  • And many, many others.

Working Sessions

Expecting the presence of the application security industry key players, the Working Sessions will cover a wide range of issues such as:

  • OWASP Top 10 2009,
  • Browser Security,
  • Web Application Framework Security,
  • Enterprise Security API Project,
  • Best Practices for OWASP Chapter Leaders,
  • OWASP Documentation Projects,
  • OWASP Tools Projects,
  • OWASP Education Project,
  • OWASP Strategic Planning for 2009,
  • OWASP Certification,
  • OWASP Winter of Code 2009
  • Two-way Internationalization of OWASP Content
  • And many more.


These 2-day, 1-day or 1/2-day training courses cover a wide range of OWASP specific and Web Application Security Topics:

  • OWASP Top 10 - What Developers Should Know on Web Application Security
  • Uncovering WebScarab's Secret Treasures
  • Securing WebGoat with ModSecurity
  • Secure Programming with Java
  • Advanced Web Application Security Testing
  • Building Secure Web 2.0 Applications
  • Building Secure Web Services
  • Building Secure Web Applications with OWASP's Enterprise Security API (ESAPI)
  • Classic ASP Security using OWASP tools
  • Web Application Assessments
  • Hacking Owasp Orizon Project v1.0
  • Ajax Security
  • Practical Penetration Testing: Think Like an Attacker to Stop Attacks
  • Linux Software Exploitation
  • Web server/services hardening using SELinux

Main Contact:

Kate Hartmann
OWASP Operations Director
9175 Guilford Road, Suite 300
Columbia, MD 21046, USA
Phone: +1-301-575-0189
Facsimile: +1-301-604-8033
Email: [email protected]

Portuguese Version

Please click here to see.

Brazilian Version

Please click here to see.

French Version

Please click here to see.

Spanish Version

Please click here to see.