|
|
| (77 intermediate revisions by 13 users not shown) |
| Line 1: |
Line 1: |
| − | This page is for people to post OWASP related news items, like new releases, updates, or announcements. This page is monitored, and particularly important stories will be copied to the front page. | + | This page is for people to post OWASP related news items, like new releases, updates, or announcements. If the news is about application security but NOT OWASP-specific, please post it to [[Application Security News]]. |
| | | | |
| − | Please post new items at the top of the list using the following format:
| + | For older stories, please refer to the following pages: |
| | + | * '''[[OWASP News 2006]] |
| | + | * '''[[OWASP News 2007]] |
| | | | |
| − | <nowiki>
| + | This page is monitored, and stories will be copied to the OWASP [[Main Page]]. Please post new items at the top of the list using the following format: |
| − | ; '''Mon ## - [[OWASP Project|Headline for announcement]]''' | + | |
| − | : Details... | + | ; '''Mon ## - [[OWASP Project|Headline for announcement]]''' |
| − | </nowiki>
| + | : Details... |
| | | | |
| | ==Stories== | | ==Stories== |
| − | ;'''Jun 29 - [[Category:OWASP_.NET_Project|Owasp .Net Project in now hosted at www.owasp.org]]
| |
| − | :Comming full circle, the Owasp .Net Project (lead by Dinis Cruz) is now hosted here at the www.owasp.org website. The objective is to consolidate all Owasp projects in one location, and to benefit from cross projects linkage. All information that was hosted at the previous www.owasp.net wiki has now been ported and in the comming weeks, more will be added.
| |
| − |
| |
| − | ;'''Jun 26 - [[PHP Top 5|OWASP PHP Top 5 Released]]'''
| |
| − | :OWASP is pleased to announce the immediate availability of OWASP [[PHP Top 5]]. The OWASP Top 5 is an education piece which provides up to date advice to PHP developers, hosters, and other PHP users. The Top 5 is produced by the [[:Category:OWASP_PHP_Project|OWASP PHP Project]].
| |
| − |
| |
| − | ; '''Jun 23 - [[OWASP WebScarab Project|New version of WebScarab released]]'''
| |
| − | : The new version has a new logo, several new features, and some bugfixes. There are better capabilities for authentication and certificates, dropping conversations, and searching results. There are plugin enhancements to the spider, session id analyzer, and fuzzer. There's also a new extension for forced browsing to obvious extensions.
| |
| − |
| |
| − | '''Jun 21 - [http://sectools.org/tools2.html OWASP WebScarab Ranked 35th on Insecure.org's Top 100 Security Tools]'''
| |
| − | :Nmap's Fyodor asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed him to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. Respondents were allowed to list open source or commercial tools on any platform.
| |
| − |
| |
| − | ; '''Jun 20 - [http://www.amazon.com/gp/product/0471789666/sr=8-1/qid=1150819640/002-1402412-9970431 Professional pen testers rely on OWASP]'''
| |
| − | : [[Image:pentestbook.jpg|100px|right]] This new book is organized around the OWASP Top Ten, and goes into detail about WebScarab and WebGoat. "OWASP's WebScarab is rock solid and a must-have for any serious Web app pen tester"
| |
| − |
| |
| − | ; '''Jun 8 - [[:Category:OWASP CAL9000 Project|New OWASP CAL9000 Project Unveiled]]'''
| |
| − | : Chris Loomis has created an interesting JavaScript driven web application testing tool that allows manual requests, RSnake powered XSS verification, and many other utilities.
| |
| − |
| |
| − | ; '''Jun 6 - [[OWASP Java Project]]'''
| |
| − | : Stephen de Vries and Rohyt Belani have taken on the OWASP Java project and will be building the project roadmap shortly.
| |
| − |
| |
| − | ; '''Jun 3 - [[How to test session identifier strength with WebScarab]]'''
| |
| − | : New article shows you how to use one of the advanced features of WebScarab!
| |
| − |
| |
| − | ; '''Jun 1 - [http://www.uribe100.com OWASP selected in top 100 security websites]'''
| |
| − | : OWASP has been selected as one of the top 100 security websites. Thanks to everyone who's helped us along the way!
| |
| − |
| |
| − | ; '''May 26 - [[:Category:OWASP WebGoat Project|OWASP WebGoat 4.0 released]]'''
| |
| − | : Lots of new features, including multi-stage hands-on '''coding''' labs for [[Authorization|access control]], [[SQL injection]], and [[Cross Site Scripting|cross site scripting]].
| |
| | | | |
| − | ; '''May 25 - [[:Category:OWASP CLASP Project|OWASP CLASP project launched]]''' | + | ; '''Jan 14th 2008''' |
| − | : Thanks to Secure Software for donating the CLASP materials to bootstrap our [[:Category:Activity|secure lifecycle]] efforts. | + | :[https://www.owasp.org/index.php/Minneapolis_St_Paul Twin Cities Chapter - Presents Bruce Schneier - The Economics of Information Security ] |
| | | | |
| − | ; '''May 23 - [[About_The_Open_Web_Application_Security_Project|OWASP 2.0 released]]''' | + | ; '''Jan ?? 2008''' |
| − | : OWASP is moving to the MediaWiki platform to encourage greater collaboration. We're in the process of moving over all the old content. You can still view the [http://old.owasp.org previous website]. | + | :[link] |
This page is for people to post OWASP related news items, like new releases, updates, or announcements. If the news is about application security but NOT OWASP-specific, please post it to Application Security News.
