This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Podcast News

From OWASP
Revision as of 02:26, 29 May 2009 by Jmanico (talk | contribs)

Jump to: navigation, search

OWASP Podcast News

OWASP NEWS April 2009

OWASP General News


Global Committees progress https://www.owasp.org/index.php/Global_Committee_Pages
What should the next OWASP Top 10 contain? http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
Upcoming Conferences http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference
Season of Code 2009 http://www.owasp.org/index.php/OWASP_Season_of_Code_2009
Board Mins. http://www.owasp.org/index.php/OWASP_Board_Meetings

OWASP AppSec News

4/16 http://www.informit.com/articles/article.aspx?p=1338343
http://www.cigital.com/justiceleague/2009/04/16/software-security-2008/ Gary McGraw uses statistics to show that Software Security has come of age
4/17 http://research.zscaler.com/2009/04/we-used-to-laugh-at-xss.html
Michael Sutton discusses history of XSS from Defcon 10 (2002) to the present day (Twitter worm)
4/17 http://jeremiahgrossman.blogspot.com/2009/04/software-security-grew-to-nearly-500m.html
Jeremiah uses McDonalds and Mortons as comparatives for black-box vs. white-box security testing
4/17 http://jeremiahgrossman.blogspot.com/2009/04/website-threats-and-their-capabilities.html
OWASP Catalyst announced
4/20 http://paco.to/?p=305
Paco lists 5 reasons for software certifications
4/20 http://www.greensheet.com/newswire.php?newswire_id=11693
Qualys, Inc., the leading provider of on demand IT security risk and compliance management solutions, today announced QualysGuard(R) PCI Connect which is the industry's first Software-as-as-Service (SaaS) ecosystem for PCI compliance connecting merchants to multiple partners and security solutions in order to document and meet all 12 requirements for PCI DSS
4/20 http://labs.securitycompass.com/index.php/2009/04/20/security-analysis-of-core-j2ee-design-patterns/
Rohit Sethi of SecurityCompass posts a blog post on a new Security Compass Labs blog about "Security Analysis of Core Java Enterprise Patterns"
4/21 http://docs.google.com/Doc?id=dd7x5smw_16hdd34ggz
mario heiderich posts some results of browser fuzzing on extraneous characters in tags
4/22 http://plynt.com/blog/2009/04/how-frequently-should-an-appli/
The Plynt blog asks the question, "How frequently shoud Applications be Tested?"
4/24 Wendel Guglielmetti Henrique from Trustwave and Sandro Gauchi of EnableSecurity spoke at TROOPERS09 in Munch about "The Truth of Web Application Firewalls
what the vendors do NOT want you to know"
4/27 http://tacticalwebappsec.blogspot.com/2009/04/scanner-and-waf-data-sharing.html
Ryan Barnett gives guidance on how best to make VA+WAF work together
4/27 http://www.owasp.org/index.php/Category:OWASP_PCI_Project
Ed Bellis and Trey Ford start a PCI effort to ensure their activities uniformly meet PCI requirements, and for those getting started - to aid in building a website security strategy that also ensures sustainable PCI compliance.
Retrieved from "https://wiki.owasp.org/index.php?title=Podcast_News&oldid=62944"