This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP EU Summit 2008 Working Sessions
- 1 THIS IS STILL under heavy UPDATES (i.e. work in progress)
- 2 WORKING SESSIONS - November 3rd, 4th & 5th (Mon, Tue & Wed)
- 3 WORKING SESSIONS - November 4rd & 5th (Tue & Wed) (DETAILS)
- 3.1 OWASP Top 10 2009
- 3.2 OWASP Strategic Planning
- 3.3 OWASP Education Project
- 3.4 Winter Of Code 2008
- 3.5 Enterprise Security API Project
- 3.6 ISWG: Browser Security
- 3.7 ISWG: Web Application Framework Security
- 3.8 OWASP .NET Project
- 3.9 OWASP Certification
- 3.10 Code Review Guide
- 3.11 OWASP Awards
- 3.12 Business Models Comparable to OWASP Values
- 3.13 OWASP Intra Governmental Affairs
- 3.14 OWASP ASDR
- 3.15 OWASP Documentation Projects
- 3.16 OWASP Tools Projects
- 3.17 OWASP CD/DVD
- 4 Draft notes
THIS IS STILL under heavy UPDATES (i.e. work in progress)
WORKING SESSIONS - November 3rd, 4th & 5th (Mon, Tue & Wed)
Monday
- OWASP ISWG: Browser Security (part 1) - 4h . . . (ISWG = Intrinsic Security Working Group)
Tuesday
- Working Sessions Operational model - 1h , ALL to attend
- OWASP Strategic Planning for 2009 - 3h
- OWASP Tool's Projects (consolidation action-plan) - 3h
- OWASP ISWG: Web Application Framework Security (part 1) - 3h . . . (ISWG = Intrinsic Security Working Group)
- OWASP Documentation Projects (consolidation action-plan) - 3h
- Winter Of Code 2009 - 4h
- OWASP .NET Project - 2h
- Two-way Internationalization of OWASP Content - 2h
Wednesday
- OWASP Top 10 2009 - 2h
- OWASP Education Project - 2h
- ESAPI Project - 4h
- Code Review (next version) - 2h
- Testing Guide (next version) -2h
- OWASP Certifications - 2h
- OWASP Application Security Desk Reference (ASDR) - 4h
- OWASP Intra Governmental Affairs - 2h
- OWASP Awards - 2h
- OWASP Website -2h
- OWASP Advisory Board (private presentation) - 2h
- OWASP CD/DVD - 2 h
- OWASP Board Meeting (public session) - 3h
WORKING SESSIONS - November 4rd & 5th (Tue & Wed) (DETAILS)
OWASP Top 10 2009 |
---|
Working Session Lead: Dave Wichers
Projected Outcomes:
|
OWASP Strategic Planning |
---|
Working Session Lead: OWASP Board
Projected Outcomes:
|
OWASP Education Project |
---|
Working Session Lead: Sebastien Deleersnyder
Additional Details: There is plenty of knowledge available inside the OWASP community. This is spread via the OWASP AppSec Conferences and the local chapter meetings, not to forget the books available now. Another, very important way to distribute the available knowledge is to teach! In plenty presentations knowledge is put into slides to share it. The next step is to reuse the information of those presentations and create training material. In a Boot Camp for example, it's not only about telling how to break stuff, but let the attendees break it themselves. Also let them fix the problems, with guidance of the experienced! Projected Outcomes:
|
Winter Of Code 2008 |
---|
Working Session Lead: Paulo Coimbra
Projected Outcomes:
|
Enterprise Security API Project |
---|
Working Session Lead: Jeff Williams
Projected Outcomes:
|
ISWG: Browser Security |
---|
Working Session Lead: Arshan Dabirsiaghi
Additional Details:
ISWG = Intrinsic Security Working Group
Time: 30 mins Introduction |
ISWG: Web Application Framework Security |
---|
Working Session Lead:Arshan Dabirsiaghi
Additional Details:
ISWG = Intrinsic Security Working Group
Time: 30 mins Introduction |
OWASP .NET Project |
---|
Working Session Lead:Mark Roxberry
Additional Details:
Projected Outcomes:
|
OWASP Certification |
---|
Working Session Lead:James McGovern
Projected Outcomes:
|
Code Review Guide |
---|
Working Session Lead:Eoin Keary
Projected Outcomes:
|
OWASP Awards |
---|
Working Session Lead:Colin Watson
Additional Details:
|
Business Models Comparable to OWASP Values |
---|
Working Session Lead:Dinis Cruz
organizations
Projected Outcomes:
|
OWASP Intra Governmental Affairs |
---|
Working Session Lead:Dhruv Soi
different countries
together
Projected Outcomes:
Government
|
OWASP ASDR |
---|
Working Session Lead:Leonardo Cavallari Militelli
Projected Outcomes:
|
OWASP Documentation Projects
Working Session Lead:Leonardo Cavallari Militelli
Working Session Team: TBD
Working Sessions Organization Model: Invited Participants + Attendees
Objectives:
- Discuss content normalization, standardization, integration and
collaboration
- Book creation procedure
- Review OWASP Project Assessment
- Discuss Internationalization initiatives
Projected Outcomes:
- TBD
OWASP Tools Projects
Working Session Lead:Leonardo Cavallari Militelli
Working Session Team: {name}
Working Sessions Organization Model: Invited Participants + Attendees
Objectives:
- Discuss documentation procedures
- Book creation procedure
- Review OWASP Project Assessment
Projected Outcomes:
- TBD
OWASP CD/DVD
Working Session Lead:Matt Tesauro
Working Session Team: TBD
Working Sessions Organization Model: "Everybody is a Participant"
Objectives:
- Normalize possible confusion over various Live CD projects
- Determine the duration of OWASP branding for follow-on releases of
older projects
- Discuss an OWASP Project Life Cycle for Live CDs
Additional Details:
Googling either "OWASP LiveCD" or "OWASP Live CD" leads to multiple projects both old and new. For someone not familiar with the Live CD history, determining the "real" Live CD is confusing at best. This topic arose from comments by a review of the current Live CD 2008 project here
Projected Outcomes:
- A graceful method to handle current and future OWASP Live CD releases
- Determine the duration of OWASP branding for Live CDs (possibly better scoped for general OWASP projects discussion)
- Determine an OWASP Project Life Cycle for Live CDs (possibly better scoped for general OWASP projects discussion)
Draft notesNote: there needs to be a 1h session on the 1st day of working sessions (Tue) to explain the rules of the game, how everything will work and what is expected from each WS (Working Session)
Agenda
financially related motions, e.g. Dinis mentioned $200K USD investment plan as an example in an earlier e-mail). What kinds of things to start with. Then they can put the ideas to a list or lists for discussion prior to the meeting.
Working Sessions outcomes
Summit
Groups. However, if doing this at the Summit, there may be controversial issues where the Board rejects a motion. Each working group has a spot on this agenda.
|
---|