This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Press"

From OWASP
Jump to: navigation, search
(Updated Contact Us)
 
(56 intermediate revisions by 6 users not shown)
Line 1: Line 1:
== Modelo de Auditoría de sistemas:  ==
+
__NOTOC__
  
Éste es un modelo universal para securizar en un alto grado de seguridad al sistema operativo.
+
=About OWASP=
 
+
{| border="1"
#Sistema de cifrado congelado: Mantiene en secreto la ubicación del archivo del sistema, previniendo ataques de tipo monitoreo de redes.
 
#OpenVAS: Línea de comandos para cifrar- descifrar el protocolo TCP/Ip
 
#Filtro Web: Previene intrusiones a través de puertos inseguros
 
#Clam Antivirus: Previene, detecta y corrige virus informático
 
 
 
<br>
 
 
 
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
 
|-
 
| Clam Antivirus
 
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
 
|-
 
| Filtro Web
 
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
 
|-
 
| OpenVAS
 
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
 
 
|-
 
|-
| Sistema de Cifrado Congelado
+
|The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. There are over 200 OWASP Local Chapters world-wide that are free and open to anyone to attend. OWASP tools and documents can be used to detect and to guard against security-related design and implementation flaws, as well as to add security-related activities into your Software Development Life Cycle (SDLC).
|}
 
 
 
|}
 
  
 +
For additional detail about OWASP, leadership, and corporate details, please refer to the [http://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project About OWASP] page.
 
|}
 
|}
  
|}
+
==Featured projects include:==
  
== Descripción softwares de auditoría  ==
+
* '''[[OWASP Top Ten Project]]''' - The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.
  
*El sistema de cifrado http://truecrypt.org cifra el núcleo del sistema operativo y los discos lógicos impidiendo ataques espía.
+
* '''[[OWASP Code Review Project]]'''
  
*Los comandos shell http://openvas.org sirven para analizar protocolos de red, detección de virus y cifrado del protocolo IpV4-6
+
* '''[[OWASP Zed Attack Proxy Project]]'''
  
*El filtro web http://freenetproject.org es una técnica que reemplaza al Firewall, discriminando puertos inseguros, ahorrando tiempo de procesamiento en el núcleo del sistema.
+
* '''[[OWASP OWTF]]'''
  
*Clamwin.com es un software de código abierto, no usa computación en la nube y tiene una GUI que detecta virus en línea http://sourceforge.net/projects/clamsentinel
+
* '''[[OWASP Web Testing Environment Project]]'''
  
== Macroinformática  ==
+
* '''[https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]'''
  
La macroinformática comprende eficiencia, seguridad y naturaleza. La eficacia de un sistema operativo se mide por la interacción hombre-máquina, sintetizando aplicaciones minimalistas y ejecutándolas nuestro sistema operativo procesará los datos eficientemente, ejemplos:
+
= 2014 Press Releases=
  
*Transmisión cifrada: Cliente e-mail con GnuPG
+
==September==
 +
* September 4: [http://owasp.blogspot.com/2014/09/owasp-global-connector.html OWASP September 4 Connector]
  
http://fellowship.fsfe.org
+
* September 2: [http://owasp.blogspot.com/2014/09/5-reasons-to-attendappsec-usa-2014-you.html 5 Reasons to Attend AppSec USA 2014]
  
*Sistema de cifrado: Cifra y descifra texto plano, imágenes, etc..
+
==August==
 +
* August 19: [http://owasp.blogspot.com/2014/08/owasp-august-19-connector.html OWASP August 19 Connector]
  
#ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe
+
*August 18: [http://owasp.blogspot.com/2014/08/owasp-asvs-20-application-security.html OWASP ASVS 2.0 (Application Security Verification Standard)]
#http://cryptophane.googlecode.com/files/cryptophane-0.7.0.exe
 
  
*Ruby: Lenguaje de programación experimental
+
*August 15: [http://owasp.blogspot.com/2014/08/owasp-appsec-usa-2014-adds-leading.html?spref=tw OWASP AppSec USA 2014 Adds Leading Global Experts to List of Speakers]
  
http://ruby-lang.org
+
*August 13: [http://owasp.blogspot.com/2014/08/call-for-speakers-owasp-ghana.html Call for Speakers: OWASP Ghana Cybersecurity Conference]
  
*J2re1.3.1_20: Ejecutable de objetos interactivos o applets
+
*August 13: [http://owasp.blogspot.com/2014/08/this-friday-is-deadline-to-submit-your.html THIS Friday is the DEADLINE to SUMBIT your Candidacy for the 2014 OWASP BOARD of DIRECTORS]
  
http://java.sun.com/products/archive/j2se/1.3.1_20/index.html  
+
==July==
 +
* July 31: [http://owasp.blogspot.com/2014/07/at-last-appsec-europe-owasp-media.html Videos from AppSec Europe 2014]
  
*Escritorio: Gestor de ventanas X11
+
----
 +
The full list of press releases can be found on the OWASP blog: http://owasp.blogspot.com
  
http://windowmaker.info
+
= OWASP Social Media =
  
*Gnuzilla: Navegador seguro y de uso libre
+
For coverage of what is currently going on within OWASP:
  
http://code.google.com/p/iceweaselwindows/downloads/list
+
----
  
*Gnupdf: Visor de formato de texto universal pdf
+
{{#widget:Twitter|user=owasp|id=507368665927262208}}
  
http://blog.kowalczyk.info/software/sumatrapdf
+
Like Us on  [http://www.facebook.com/pages/OWASP/104106462960656 Facebook]
  
*Gnuflash: Jugador alternativo a flash player
+
Visit the OWASP [http://owasp.blogspot.com Blog]
  
http://gnu.org/software/gnash
+
Connect With Us on [http://www.linkedin.com/groups/Global-OWASP-Foundation-36874 LinkedIn]
  
*Zinf: Reproductor de audio
+
Find Us on [https://plus.google.com/u/0/communities/105181517914716500346 Google+]
  
http://zinf.org
+
Check OWASP Out on [https://www.youtube.com/user/OWASPGLOBAL YouTube]
  
*Informática forense: Análisis de datos ocultos en el disco duro
+
==Submitting News==
 +
Have some OWASP related news you want tweeted? Add it to our [https://docs.google.com/a/owasp.org/spreadsheets/d/1DiFOWc-2Xbmu6rbSBP9uVTBU2gRzCP2TN24YajGkRCQ/edit#gid=0 social media spreadsheet]. The spreadsheet has been set up for project leaders, chapter leaders and OWASP members to post exciting news about what they are doing in OWASP through the official OWASP Twitter feed. Posts are subject to the OWASP Twitter guidelines.
  
http://sleuthkit.org
+
= Press Inquiries =
  
*Compresor: Comprime datos sobreescribiendo bytes repetidos
+
For any inquiries about OWASP, OWASP Projects, or for interviews and/or backgrounds, please utilize our [https://owasporg.atlassian.net/servicedesk/customer/portal/7/group/18/create/72 CONTACT FORM] so we can track and route your request.
  
http://peazip.sourceforge.net
+
= Upcoming OWASP Events =
  
*Ftp: Gestor de descarga de archivos
+
==September==
 +
===[http://2014.appsecusa.org/2014/ AppSec USA 2014: September 16-19]===
 +
AppSec USA is a world-class software security conference for developers, auditors, risk managers, technologists, and entrepreneurs gathering with the world’s top practitioners to share the latest research and practices, in the high energy atmosphere of Downtown Denver.
  
http://dfast.sourceforge.net
+
'''Why should you attend?'''
 +
Insightful keynote addresses delivered by leading industry visionaries from thought leaders of critical infrastructure. Over 50 sessions across 5 tracks (developer, tester, operations, workshops, and legal) with world-renowned subject matter experts An all-new Legal Track to address industry regulations, privacy laws, liability, and more A hands-all Workshop Track providing instruction on essential security tools and skills Thousands of attendees exclusively focused on Software Security Extensive Capture the Flag competition developed exclusively for AppSec USA 2014 Home-brewed beer competition open to all attendees Convenience of Downtown Denver.
  
*AntiKeylogger: Neutraliza el seguimiento de escritorios remotos (Monitoring)
+
==October==
  
http://psmantikeyloger.sourceforge.net
+
===[https://www.owasp.org/index.php/2014_BASC_Homepage 2014 Boston Application Security Conference (BASC): October 18]===
 +
This free conference will take place on Saturday, October 18th at the Microsoft Cambridge Sales Office, One Cambridge Center, Cambridge, MA 02142. '''Note the new location, down the street from previous years' conferences.'''
  
*Password manager: Gestión de contraseñas
+
The BASC will be a free, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide-array of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors should be able to come to the BASC, learn, and hopefully enjoy themselves at the same time.
  
http://passwordsafe.sourceforge.net
+
===[http://lascon.org Lonestar Application Security Conference (LASCON): October 21-24]===
 +
The Lonestar Application Security Conference (LASCON) is an OWASP conference held annually in Austin, TX.  It started in 2010 when James Wickett (@wickett) and Josh Sokol (@joshsokol) along with the OWASP Austin crew put together an amazing 1-day conference with a speaker lineup of some of the who’s-who of the infosec and appsec world.
  
*Limpiador de disco: Borra archivos innecesrios del sistema
+
LASCON 2014, run by David Hughes(@Dav1dHugh3s) and the OWASP Austin crew, will be run in the same tradition as previous LASCON conferences featuring the best speakers, a close-knit community atmosphere and even our signature happy hour replete with a mechanical bull. Year over year, LASCON has been a gathering of thought leaders, web developers, security engineers, mobile developers and information security professionals. LASCON 2014 will have 2 days of pre-conference training and 2 full days of conference across 4 rooms.
  
http://bleachbit.sourceforge.net
+
==December==
  
*Desfragmentador: Reordena los archivos del disco duro, generando espacio virtual
+
===[https://www.owasp.org/index.php/Ghana Ghana CyberSecurity 2014: December 10-11]===
 +
Ghana CyberSecurity aims to be the premier and marquee Information Security and Assurance event for technologists, auditors, risk managers, and entrepreneurs, gathering the world’s top practitioner, to share the latest research, case studies and practices, in the high energy atmosphere of the British Council, Accra.
  
http://kessels.com/jkdefrag
+
'''Why you should attend''': https://www.owasp.org/images/4/45/Still_need_to_know_why_you_should_attend.pdf
  
*X11: Gestor de ventanas, reemplazo de escritorio Xwindow's
+
----
  
http://bb4win.org  
+
For more information on OWASP events, please see [http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference The OWASP Conference page]
  
*Open Hardware: Hardware construído por la comunidad Linux
+
=The OWASP Brand=
 +
OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks. The Brand Guidelines document can be found on the [https://www.owasp.org/index.php/Marketing/Resources#tab=BRAND_GUIDELINES Brand Resources page].
  
http://open-pc.com
+
Below is a copy of the OWASP Logo for official use. More logos can also be found on the Brand Resources page, as well as materials useful for promoting OWASP.  
  
*Open WRT: Firmware libre para configurar transmisión de Internet
 
  
http://openwrt.org
+
[[Image:Owasp logo.jpg|Owasp logo|300px |center]]
  
*Gnu- Linux: Sistema operativo universal
 
  
http://gnewsense.org
+
= 2012 Press Releases =
  
== Biocriptoseguridad ==: Es la unión de la biología, criptografía y hacking ético para formar una defensa stándar contra virus complejos.  
+
* March 12, 2012: [http://owasp.blogspot.com/2012/03/appsecdc-2012.html http://owasp.blogspot.com/2012/03/appsecdc-2012.html AppSec DC Press Release]
 +
* March 9, 2012: [http://owasp.blogspot.com/2012/03/owasp-mission-and-principles.html http://owasp.blogspot.com/2012/03/owasp-mission-and-principles.html OWASP Mission and Principles]
  
Implementación de la biocriptoseguridad informática:
+
<br>
 
 
#Amplificar la banda ancha
 
#Optimizar (limpiar- modificar) el sistema operativo
 
#Desfragmentar los discos lógicos
 
#Ocultar el sistema operativo
 
#Configurar antivirus
 
#Limpiar y desfragmentar
 
#Congelar
 
 
 
*Sistema inmune._ Defensa biológica natural contra infecciones como virus http://immunet.com
 
 
 
*Criptografía._ Método de escritura oculta por caractes, números y letras:—{H}/gJa¢K¡Ng÷752%\*)A>¡#(W|a— http://diskcryptor.net
 
 
 
*Hacking ético._ Auditoría de sistemas informáticos que preserva la integridad de los datos.
 
 
 
Congelador: Mantiene el equilibrio en la integridad de los datos, el sistema operativo, red , memoria ram, ciclos de CPU, espacio en disco duro e incidencias de malware
 
 
 
*http://code.google.com/p/hzr312001/downloads/detail?name=Deep%20systemze%20Standard%20Version%206.51.020.2725.rar&amp;can=2&amp;q= (para Window's)
 
*http://sourceforge.net/projects/lethe (para GNU/Linux)
 
 
 
<br>Auditoría de virus cifrado._ Un criptovirus se oculta tras un algoritmo de criptografía, generalmente es híbrido simétrico-asimétrico con una extensión de 1700bit's, burla los escáneres antivirus con la aleatoriedad de cifrado, facilitando la expansión de las botnet's. La solución es crear un sistema operativo transparente, anonimizarlo y usar herramientas de cifrado stándar de uso libre:
 
 
 
*Gnupg: Sirve para cifrar mensajes de correo electrónico http://gpg4win.org/download.html
 
 
 
*Open Secure Shell: Ofuscador TcpIp, protege el túnel de comunicación digital cifrando la Ip. http://openvas.org
 
 
 
*Red protegida: DNS libre http://namespace.org/switch
 
 
 
*Criptosistema simétrico: Encapsula el disco duro, incluyendo el sistema operativo,usando algoritmo Twofish http://truecrypt.org/downloads.php
 
 
 
*Proxy cifrado: Autenticación de usuario anónimo http://torproject.org
 
  
Energías renovables._ Son energías adquiridas por medios naturales: hidrógeno, aire, sol que disminuyen la toxicidad de las emisiones de Co2 en el medio ambiente, impulsando políticas ecologistas contribuímos a preservar el ecosistema. Ejm: Usando paneles solares fotovoltaicos.
+
<headertabs />

Latest revision as of 04:14, 15 March 2019


The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. There are over 200 OWASP Local Chapters world-wide that are free and open to anyone to attend. OWASP tools and documents can be used to detect and to guard against security-related design and implementation flaws, as well as to add security-related activities into your Software Development Life Cycle (SDLC).

For additional detail about OWASP, leadership, and corporate details, please refer to the About OWASP page.

Featured projects include:

  • OWASP Top Ten Project - The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are.

For coverage of what is currently going on within OWASP:

Like Us on Facebook

Visit the OWASP Blog

Connect With Us on LinkedIn

Find Us on Google+

Check OWASP Out on YouTube

Submitting News

Have some OWASP related news you want tweeted? Add it to our social media spreadsheet. The spreadsheet has been set up for project leaders, chapter leaders and OWASP members to post exciting news about what they are doing in OWASP through the official OWASP Twitter feed. Posts are subject to the OWASP Twitter guidelines.

For any inquiries about OWASP, OWASP Projects, or for interviews and/or backgrounds, please utilize our CONTACT FORM so we can track and route your request.

September

AppSec USA 2014: September 16-19

AppSec USA is a world-class software security conference for developers, auditors, risk managers, technologists, and entrepreneurs gathering with the world’s top practitioners to share the latest research and practices, in the high energy atmosphere of Downtown Denver.

Why should you attend? Insightful keynote addresses delivered by leading industry visionaries from thought leaders of critical infrastructure. Over 50 sessions across 5 tracks (developer, tester, operations, workshops, and legal) with world-renowned subject matter experts An all-new Legal Track to address industry regulations, privacy laws, liability, and more A hands-all Workshop Track providing instruction on essential security tools and skills Thousands of attendees exclusively focused on Software Security Extensive Capture the Flag competition developed exclusively for AppSec USA 2014 Home-brewed beer competition open to all attendees Convenience of Downtown Denver.

October

2014 Boston Application Security Conference (BASC): October 18

This free conference will take place on Saturday, October 18th at the Microsoft Cambridge Sales Office, One Cambridge Center, Cambridge, MA 02142. Note the new location, down the street from previous years' conferences.

The BASC will be a free, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide-array of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors should be able to come to the BASC, learn, and hopefully enjoy themselves at the same time.

Lonestar Application Security Conference (LASCON): October 21-24

The Lonestar Application Security Conference (LASCON) is an OWASP conference held annually in Austin, TX. It started in 2010 when James Wickett (@wickett) and Josh Sokol (@joshsokol) along with the OWASP Austin crew put together an amazing 1-day conference with a speaker lineup of some of the who’s-who of the infosec and appsec world.

LASCON 2014, run by David Hughes(@Dav1dHugh3s) and the OWASP Austin crew, will be run in the same tradition as previous LASCON conferences featuring the best speakers, a close-knit community atmosphere and even our signature happy hour replete with a mechanical bull. Year over year, LASCON has been a gathering of thought leaders, web developers, security engineers, mobile developers and information security professionals. LASCON 2014 will have 2 days of pre-conference training and 2 full days of conference across 4 rooms.

December

Ghana CyberSecurity 2014: December 10-11

Ghana CyberSecurity aims to be the premier and marquee Information Security and Assurance event for technologists, auditors, risk managers, and entrepreneurs, gathering the world’s top practitioner, to share the latest research, case studies and practices, in the high energy atmosphere of the British Council, Accra.

Why you should attend: https://www.owasp.org/images/4/45/Still_need_to_know_why_you_should_attend.pdf

For more information on OWASP events, please see The OWASP Conference page

OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks. The Brand Guidelines document can be found on the Brand Resources page.

Below is a copy of the OWASP Logo for official use. More logos can also be found on the Brand Resources page, as well as materials useful for promoting OWASP.


Owasp logo


Retrieved from "https://wiki.owasp.org/index.php?title=Press&oldid=248829"