This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Newsletter 7"
(→Featured Event: Application Security Track at Spring <br /> Conference 2007 (Athens, OH Mar-22)) |
|||
Line 1: | Line 1: | ||
''Sent to owasp-all mailing list on ?? Mar 2007'' | ''Sent to owasp-all mailing list on ?? Mar 2007'' | ||
== OWASP Newsletter #7 (?-Mar-2007) == | == OWASP Newsletter #7 (?-Mar-2007) == | ||
− | Welcome to the 7th OWASP Newsletter, | + | Welcome to the 7th OWASP Newsletter, stuffed with the latest OWASP and Web Application Security updates. |
− | + | If you have any content to add to the next edition, feel free to add it directly to its WIKI page ([[OWASP Newsletter 8]]). | |
+ | As Dinis is very busy this week, I helped him out with this Newsletter. | ||
− | == Featured Project: | + | Sebastien Deleersnyder |
+ | |||
+ | Belgium Chapter Leader | ||
+ | |||
+ | == Featured Item: [[:Category:OWASP Chapter|OWASP Chapters]] == | ||
+ | |||
+ | Currently there are over 80 OWASP chapters world wide! The OWASP chapters program helps to foster local discussion of application security around the world. Our local chapters are free and open to anyone. Check out the [[:Category:OWASP Chapter|chapters page]] to locate a chapter near you or start a new chapter. | ||
+ | |||
+ | There are a lot of resources availble for all chapters: The [[Chapter Rules|Chapter Rules]], the OWASP [[Chapter Leader Handbook|Chapter Leader Handbook ]] and if you are short of local chapter material, we have started to make available presentations in the monthly [[Chapter Presentation Bundles|Chapter Presentation Bundles]]. | ||
+ | |||
+ | An extra call for action towards the OWASP (chapter) leaders: If you are in other countries/cities and you would like to participate in a local chapter | ||
+ | meeting, do not hesitate to contact the local chapter leader! | ||
+ | |||
+ | == Featured Project: [[:Category:OWASP SWAAT Project|OWASP SWAAT Project]] == | ||
+ | SWAAT is a free web application source code analysis tool. SWAAT searches through source code and analyzes against the database of potentially dangerous strings given in the .xml files. Thus it does NOT positively identify the existence of a vulnerability - this generally requires application contextual knowledge. It identifies the usage of functions / strings / SQL that could lead to a finding. All potentially dangerous code references are included in the output report. | ||
+ | |||
+ | Future releases of SWAAT will include: | ||
+ | * a graphical user interface (GUI) | ||
+ | * integrated development environment (IDE) plug-ins | ||
+ | * more sophisticated functionality and logic (for example to work with .java source) | ||
+ | |||
+ | SWAAT was generously donated by [http://www.securitycompass.com Security Compass] | ||
== Featured Event: Application Security Track at Spring <br /> Conference 2007 (Athens, OH Mar-22) == | == Featured Event: Application Security Track at Spring <br /> Conference 2007 (Athens, OH Mar-22) == | ||
− | Harden web applications against the OWASP "Top 10 Threats"! | + | Harden web applications against the OWASP "Top 10 Threats"! The Spring <br /> Conference 2007 is held on Thursday, March 22, 2007 on the campus of Ohio University in Athens, Ohio. They have a dedicated Application Security track and more in this day long event that has been described as, "one of the best kept secrets in Information Technology!". |
At this event, the fifth annual, Joel Stanley of Resource Interactive, in Columbus, OH, will share his experiences in maintaining applications with user bases as large as 15+ million. He'll explore how to utilize standards by which application security and vulnerability can be judged. Join hundreds of your IT professional peers in this and your choices of thirty-four other sessions in seven tracks at this day long event that costs only $35 (including your lunch!). Ben Forta, Chief Product Evangelist of Adobe Systems will be giving the Key Note presentation, plus Ben will be back to give a presentation at the Lunchtime Session as well. Visit [http://www.sbconference.com http://www.sbconference.com] for all the details and to register online! | At this event, the fifth annual, Joel Stanley of Resource Interactive, in Columbus, OH, will share his experiences in maintaining applications with user bases as large as 15+ million. He'll explore how to utilize standards by which application security and vulnerability can be judged. Join hundreds of your IT professional peers in this and your choices of thirty-four other sessions in seven tracks at this day long event that costs only $35 (including your lunch!). Ben Forta, Chief Product Evangelist of Adobe Systems will be giving the Key Note presentation, plus Ben will be back to give a presentation at the Lunchtime Session as well. Visit [http://www.sbconference.com http://www.sbconference.com] for all the details and to register online! |
Revision as of 09:25, 12 March 2007
Sent to owasp-all mailing list on ?? Mar 2007
OWASP Newsletter #7 (?-Mar-2007)
Welcome to the 7th OWASP Newsletter, stuffed with the latest OWASP and Web Application Security updates.
If you have any content to add to the next edition, feel free to add it directly to its WIKI page (OWASP Newsletter 8).
As Dinis is very busy this week, I helped him out with this Newsletter.
Sebastien Deleersnyder
Belgium Chapter Leader
Featured Item: OWASP Chapters
Currently there are over 80 OWASP chapters world wide! The OWASP chapters program helps to foster local discussion of application security around the world. Our local chapters are free and open to anyone. Check out the chapters page to locate a chapter near you or start a new chapter.
There are a lot of resources availble for all chapters: The Chapter Rules, the OWASP Chapter Leader Handbook and if you are short of local chapter material, we have started to make available presentations in the monthly Chapter Presentation Bundles.
An extra call for action towards the OWASP (chapter) leaders: If you are in other countries/cities and you would like to participate in a local chapter meeting, do not hesitate to contact the local chapter leader!
Featured Project: OWASP SWAAT Project
SWAAT is a free web application source code analysis tool. SWAAT searches through source code and analyzes against the database of potentially dangerous strings given in the .xml files. Thus it does NOT positively identify the existence of a vulnerability - this generally requires application contextual knowledge. It identifies the usage of functions / strings / SQL that could lead to a finding. All potentially dangerous code references are included in the output report.
Future releases of SWAAT will include:
- a graphical user interface (GUI)
- integrated development environment (IDE) plug-ins
- more sophisticated functionality and logic (for example to work with .java source)
SWAAT was generously donated by Security Compass
Featured Event: Application Security Track at Spring <br /> Conference 2007 (Athens, OH Mar-22)
Harden web applications against the OWASP "Top 10 Threats"! The Spring <br /> Conference 2007 is held on Thursday, March 22, 2007 on the campus of Ohio University in Athens, Ohio. They have a dedicated Application Security track and more in this day long event that has been described as, "one of the best kept secrets in Information Technology!".
At this event, the fifth annual, Joel Stanley of Resource Interactive, in Columbus, OH, will share his experiences in maintaining applications with user bases as large as 15+ million. He'll explore how to utilize standards by which application security and vulnerability can be judged. Join hundreds of your IT professional peers in this and your choices of thirty-four other sessions in seven tracks at this day long event that costs only $35 (including your lunch!). Ben Forta, Chief Product Evangelist of Adobe Systems will be giving the Key Note presentation, plus Ben will be back to give a presentation at the Lunchtime Session as well. Visit http://www.sbconference.com for all the details and to register online!
Latest additions to the WIKI
New Pages
- tbd
Updated pages
Updated chapter pages:
- tbd
Other pages:
- tbd
New Documents & Presentations from chapters
- tbd
For a complete list of chapter presentations see the online table of presentations.
Latest Blog entries
- tbd
OWASP Community
- tbd
Application Security News
- tbd
OWASP references in the Media
- tbd