This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Working Session - Web Application Framework Security"

From OWASP

Jump to: navigation, search

Latest revision as of 16:20, 1 November 2008

Working Sessions Operational Rules - Please see here the general frame of rules.

WORKING SESSION IDENTIFICATION
Work Session Name	ISWG Web Application Framework Security
Short Work Session Description	Generate
Related Projects (if any)	Brainstorming on how to introduce more useful security into our web application frameworks OWASP ISWG (Intrinsic Security Working Group) - Web Application Framework Security
Email Contacts & Roles	Chair Arshan Dabirsiaghi	Secretary Kuai Hinojosa	Mailing list Subscription Page

WORKING SESSION SPECIFICS
Objectives	Discuss gaps and patterns in gaps in security coverage across frameworks, Discuss possible solutions for security areas.
Venue/Date&Time/Model	Venue OWASP EU Summit Portugal 2008	Date&Time November 5, 2008 Time 9:00AM	Discussion Model "Participants + Attendees"

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
Related resources: OWASP_Working_Session_-_Browser_Security_Letters Frameworks to invite: .NET, J2EE, Spring, Struts, ASP.NET MVC, RoR, PHP, etc. 10 Oct: "Open Letter to Frameworks (version for open mailing lists)" sent to Ruby-on-Rails Core mailing list Springnet Developer mailing list Struts Dev mailing list

WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions	Proposed by Working Group	Approved by OWASP Board
	Actionable advice for each individual frameworks .	After the Board Meeting - fill in here.
	Identify points-of-contact for frameworks.	After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)

WORKING SESSION PARTICIPANTS
	Name	Company	Notes & reason for participating, issues to be discussed/addressed
-	TDB (Officially Invited by OWASP)		Official Representative from Microsoft's ASP.NET team
-	TDB (Officially Invited by OWASP)		Official Representative from Apache Struts team
-	TDB (Officially Invited by OWASP)		Official Representative from CakePHP team
-	TDB (Officially Invited by OWASP)		Official Representative from Ruby-on-Rails team
-	TDB (Officially Invited by OWASP)		Official Representative from Spring.NET team
1	Mario Heiderich	Independent	General Expertise
2	Gareth Heyes	Independent	General Expertise
3	Marcin Wielgoszewski	Protiviti	Participant
4	Adam Baso	Symantec	Participant
5	Giorgio Fedon	Minded Security	Participant
6	Colin Watson	Watson Hall	Participant
7	Esteban Ribicic	HP	Participant
8	Daniele Bellucci	Communication Valley	Partecipant
9
10

If needed add here more lines.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Working_Session_-_Web_Application_Framework_Security&oldid=45346"

Category:

OWASP Working Session

@@ Line 49: / Line 49: @@
   |-
   | style="width:100%; background:#cccccc" align="left"|
+* '''Related resources:''' [[OWASP_Working_Session_-_Browser_Security_Letters]]
 * '''Frameworks to invite:''' .NET, J2EE, Spring, Struts, ASP.NET MVC, RoR, PHP, etc.
+** 10 Oct: "Open Letter to Frameworks (version for open mailing lists)" sent to
+*** Ruby-on-Rails Core mailing list
+*** Springnet Developer mailing list
+*** Struts Dev mailing list
   |}
 {| style="width:100%" border="0" align="center"
@@ Line 77: / Line 83: @@
   |-
   | style="width:7%; background:#7B8ABD" align="center"| -
-  | style="width:15%; background:#cccccc" align="center"| TDB
+  | style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
   | style="width:15%; background:#cccccc" align="center"| http://forums.asp.net/Themes/fan/images/roleicons/dff6f773-6732-4cd8-addf-42a8ab367d22.gif
   | style="width:63%; background:#cccccc" align="center"| Official Representative from Microsoft's ASP.NET team
+ |-
+ | style="width:7%; background:#7B8ABD" align="center"| -
+ | style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
+ | style="width:15%; background:#cccccc" align="center"| http://metawidget.sourceforge.net/media/logo-struts.gif
+ | style="width:63%; background:#cccccc" align="center"| Official Representative from Apache Struts team
+ |-
+ | style="width:7%; background:#7B8ABD" align="center"| -
+ | style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
+ | style="width:15%; background:#cccccc" align="center"| http://boedesign.com/wp-content/themes/bd5/images/cakephp.gif
+ | style="width:63%; background:#cccccc" align="center"| Official Representative from CakePHP team
+ |-
+ | style="width:7%; background:#7B8ABD" align="center"| -
+ | style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
+ | style="width:15%; background:#cccccc" align="center"| http://www.tutorialized.com/upload/20070625154105_rails.jpg
+ | style="width:63%; background:#cccccc" align="center"| Official Representative from Ruby-on-Rails team
+ |-
+ | style="width:7%; background:#7B8ABD" align="center"| -
+ | style="width:15%; background:#cccccc" align="center"| TDB (Officially Invited by OWASP)
+ | style="width:15%; background:#cccccc" align="center"| http://www.springframework.net/doc-1.1-M1/reference/html/images/xdev-spring_logo.jpg
+ | style="width:63%; background:#cccccc" align="center"| Official Representative from Spring.NET team
   |-
   | style="width:7%; background:#7B8ABD" align="center"|1
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Mario Heiderich
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Independent
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|General Expertise
   |-
   | style="width:7%; background:#7B8ABD" align="center"|2
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Gareth Heyes
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Independent
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|General Expertise
   |-
   | style="width:7%; background:#7B8ABD" align="center"|3
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Marcin Wielgoszewski
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Protiviti
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|Participant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|4
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Adam Baso
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Symantec
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|Participant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|5
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Giorgio Fedon
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Minded Security
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|Participant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|6
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Colin Watson
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"| Watson Hall
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|Participant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|7
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|Esteban Ribicic
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"|HP
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"|Participant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|8
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"| Daniele Bellucci
-  | style="width:15%; background:#cccccc" align="center"|
+  | style="width:15%; background:#cccccc" align="center"| Communication Valley
-  | style="width:63%; background:#cccccc" align="center"|
+  | style="width:63%; background:#cccccc" align="center"| Partecipant
 |-
   | style="width:7%; background:#7B8ABD" align="center"|9
@@ Line 132: / Line 158: @@
   |}
 If needed add here more lines.
+[[Category:OWASP_Working_Session]]

Difference between revisions of "OWASP Working Session - Web Application Framework Security"

Latest revision as of 16:20, 1 November 2008

Working Session Participants

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools