This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects Summit 2013/Working Sessions/0012"

From OWASP
Jump to: navigation, search
(Created page with "{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Projects Summit 2013 Working Sessions</noinclude> |- | summit_track_logo = Image:Working_Session.jpg | summit_ws_lo...")
 
Line 9: Line 9:
 
|-
 
|-
  
| short_working_session_description= '''Review of entire inventory of OWASP Projects using the new assessment criteria.'''  
+
| short_working_session_description= '''The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications.'''  
  
  
 
|-
 
|-
  
| related_project_name1 = OWASP Projects Infrastructure
+
| related_project_name1 = OWASP Mobile Security Project
| related_project_url_1 = https://www.owasp.org/index.php/Category:OWASP_Project
+
| related_project_url_1 = https://www.owasp.org/index.php/OWASP_Mobile_Security_Project
  
 
| related_project_name2 = Project Assessment
 
| related_project_name2 = Project Assessment
Line 31: Line 31:
 
|-
 
|-
  
| summit_session_objective_name1= Introduction to  new assessment criteria to conduct reviews
+
| summit_session_objective_name1= The primary focus is at the application layer.
 +
| summit_session_objective_name2 = Target the areas that the average developer can make a difference.
  
| summit_session_objective_name2 = Team in small groups(2 to 3 max) based on experience and background to asses a set of Projects (Code, Tool or Documentation)
+
| summit_session_objective_name3 = Focus on the mobile applications deployed to end user devices.
 +
| summit_session_objective_name4 = Focus on the broader server-side infrastructure which the mobile apps communicate with.
  
| summit_session_objective_name3 = Fill in the Questionnaire (Google Forms) to complete assessment of Projects and provide the review with a final score and results (Project defined as Incubator, Lab or Flagship)
+
| summit_session_objective_name5 = A heavy focus is placed on the integration between the mobile application, remote authentication services, and cloud platform-specific features.
| summit_session_objective_name4 = Review results of questionnaire with your team
 
 
 
| summit_session_objective_name5 =  Present results and conclusions of assessment session
 
  
 
|-
 
|-
Line 57: Line 56:
 
[[Image:NEW-PROJECTS-BANNER2.jpg]]
 
[[Image:NEW-PROJECTS-BANNER2.jpg]]
  
===Chair: Johanna Curiel ===
+
===Chair: Jack Mannino===
Johanna has mainly worked in the area of C# and ASP.NET development, Testing and Quality Control. She is an experienced developer and understands different types of programming languages such as Java and PHP and different types of scripting languages. Johanna has ample experience in Microsoft Technologies and Security Engineering. At the moment she is working on a research to implement the Prime number theorem to calculate and predict prime numbers faster to break the RSA algorithm.
+
 
 +
Jack Mannino is a managing partner at nVisium Security, a leading provider of mobile application and web application security services. At nVisium he is responsible for ensuring that all services are delivered at the highest levels of quality and with keen attention to detail. He focuses on mobile application security research (especially Android), and is the co-leader of the OWASP Mobile Security Project. In addition to the Mobile Security Project, Jack is also heavily involved with the OWASP Northern Virginia Chapter where he serves as the chapter leader.
 +
 
 +
Jack is the lead developer for the OWASP GoatDroid Project, and is a contributor to the OWASP RailsGoat Project.  
 +
===Operational Manager:===
  
===Operational Manager: Samantha Groves===
 
Samantha Groves is the Project Manager at OWASP. Samantha has led many projects in her career, some of which include website development, brand development, sustainability and socio-behavioural research projects, competitor analysis, event organisation and management, volunteer engagement projects, staff recruitment and training, and marketing department organisation and strategy implementation projects for a variety of commercial and not-for-profit organisations.
 
 
|-
 
|-
  
|summit_session_deliverable_name1 = Review all projects in the active inventory.
+
|summit_session_deliverable_name1 = Top Ten Mobile Risks
  
|summit_session_deliverable_name2 = Assign them an appropriate stage designation based on the review.
+
|summit_session_deliverable_name2 = Mobile Tools
  
|summit_session_deliverable_name3 = Update the inventory based on reviews.
+
|summit_session_deliverable_name3 = Mobile Security Testing
  
|summit_session_deliverable_name4 = Create banners that show what stage each project is on. To be placed on the wiki.
+
|summit_session_deliverable_name4 = Mobile Cheat Sheet Series
  
|summit_session_deliverable_name5 =  
+
|summit_session_deliverable_name5 = Secure Mobile Development
  
|summit_session_deliverable_name6 =  
+
|summit_session_deliverable_name6 = Top Ten Mobile Controls
  
|summit_session_deliverable_name7 =  
+
|summit_session_deliverable_name7 = OWASP Mobile Threat Model Project
  
 
|summit_session_deliverable_name8 =  
 
|summit_session_deliverable_name8 =  
Line 82: Line 83:
 
|-
 
|-
  
| summit_session_leader_name1 = Johanna Curiel
+
| summit_session_leader_name1 = Jack Mannino
| summit_session_leader_email1 = Johanna.Curiel@owasp.org
+
| summit_session_leader_email1 = Jack@nvisiumsecurity.com
 
| summit_session_leader_username1 =  
 
| summit_session_leader_username1 =  
  
Line 96: Line 97:
 
|-
 
|-
  
| operational_leader_name1 = Samantha Groves
+
| operational_leader_name1 =  
| operational_leader_email1 = [email protected]
+
| operational_leader_email1 =
 
| operational_leader_username1 =  
 
| operational_leader_username1 =  
  

Revision as of 18:55, 7 October 2013

Global Summit 2013 Home Page
Global Summit 2013 Tracks

Working Session.jpg Project Reviews
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications.
Related Projects (if any)


Email Contacts & Roles Chair
Jack Mannino @

 Operational Manager
 Mailing list
Google Groups: owasp-project-summit-2013
WORKING SESSION SPECIFICS
Objectives
  1. The primary focus is at the application layer.
  2. Target the areas that the average developer can make a difference.
  3. Focus on the mobile applications deployed to end user devices.
  4. Focus on the broader server-side infrastructure which the mobile apps communicate with.
  5. A heavy focus is placed on the integration between the mobile application, remote authentication services, and cloud platform-specific features.

Venue/Date&Time/Model Venue/Room
AppSec USA 2013: Times Square, New York City 		Date & Time
Monday and Tuesday: all day


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS

NEW-PROJECTS-BANNER2.jpg

Chair: Jack Mannino

Jack Mannino is a managing partner at nVisium Security, a leading provider of mobile application and web application security services. At nVisium he is responsible for ensuring that all services are delivered at the highest levels of quality and with keen attention to detail. He focuses on mobile application security research (especially Android), and is the co-leader of the OWASP Mobile Security Project. In addition to the Mobile Security Project, Jack is also heavily involved with the OWASP Northern Virginia Chapter where he serves as the chapter leader.

Jack is the lead developer for the OWASP GoatDroid Project, and is a contributor to the OWASP RailsGoat Project.

Operational Manager:

WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group 'Delivered by Working Group

Top Ten Mobile Risks

After the Meeting - fill in here.

Mobile Tools

After the Meeting - fill in here.

Mobile Security Testing

After the Meeting - fill in here.

Mobile Cheat Sheet Series

After the Meeting - fill in here.

Secure Mobile Development

After the Meeting - fill in here.

Top Ten Mobile Controls

After the Meeting - fill in here.

OWASP Mobile Threat Model Project

After the Meeting - fill in here.

After the Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed

{{{summit_session_attendee_company21}}}
 {{{summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed21}}}




























































Retrieved from "https://wiki.owasp.org/index.php?title=Projects_Summit_2013/Working_Sessions/0012&oldid=159884"