This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions"
Sarah Baso (talk | contribs) |
Sarah Baso (talk | contribs) |
||
Line 6: | Line 6: | ||
If you're interested in adding a Working Session for the 2011 Summit, there still is time to start a session! Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules. | If you're interested in adding a Working Session for the 2011 Summit, there still is time to start a session! Please review the [[Working Sessions Methodology|Working Session methodology]] for Working Session rules. | ||
− | =Track | + | =Track: Metrics= |
+ | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
+ | {{:Summit_2011_Working_Sessions/Session055 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session056 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session057 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session058 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session059 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session050 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session051 | Summit_2011_Working_Sessions/Rows}} | ||
+ | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 5: Metrics | See Track Details]]</includeonly> | ||
+ | |||
+ | =Track: Browser Security= | ||
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session001 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session001 | Summit_2011_Working_Sessions/Rows}} | ||
Line 20: | Line 31: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track_1:_Browser_Security | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track_1:_Browser_Security | See Track Details]]</includeonly> | ||
− | =Track | + | =Track: Cross-Site Scripting Eradication= |
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session009 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session009 | Summit_2011_Working_Sessions/Rows}} | ||
Line 30: | Line 41: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 2: Cross-Site Scripting Eradication | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 2: Cross-Site Scripting Eradication | See Track Details]]</includeonly> | ||
− | =Track | + | =Track: University Outreach, Education, and Training= |
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session012 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session012 | Summit_2011_Working_Sessions/Rows}} | ||
Line 39: | Line 50: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 3: University Outreach, Education, and Training | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 3: University Outreach, Education, and Training | See Track Details]]</includeonly> | ||
− | =Track | + | =Track: NoBullSec: OWASP Secure Coding Workshop= |
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session025 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session025 | Summit_2011_Working_Sessions/Rows}} | ||
Line 53: | Line 64: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 4: NoBullSec: OWASP Secure Coding Workshop | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 4: NoBullSec: OWASP Secure Coding Workshop | See Track Details]]</includeonly> | ||
− | =Track | + | =Track: Individual OWASP Projects= |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session062 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session062 | Summit_2011_Working_Sessions/Rows}} | ||
Line 78: | Line 78: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 6: Individual OWASP Projects | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 6: Individual OWASP Projects | See Track Details]]</includeonly> | ||
− | =Track | + | =Track: Global Committees= |
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session013 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session013 | Summit_2011_Working_Sessions/Rows}} | ||
Line 90: | Line 90: | ||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 7: Global Committees | See Track Details]]</includeonly> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 7: Global Committees | See Track Details]]</includeonly> | ||
− | =Track 8: OWASP= | + | =Track: OWASP Quotes= |
+ | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
+ | {{:Summit_2011_Working_Sessions/Session077 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session078 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session079 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session080 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session081 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session082 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session083 | Summit_2011_Working_Sessions/Rows}} | ||
+ | {{:Summit_2011_Working_Sessions/Session084 | Summit_2011_Working_Sessions/Rows}} | ||
+ | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 8: OWASP | See Track Details]]</includeonly><noinclude>[[Category:OWASP_Working_Session]][[Category:Summit_2011]]</noinclude> | ||
+ | |||
+ | =Track: OWASP= | ||
<noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | <noinclude>{{:Template:Summit_2011_Working_Sessions/Columns}} | ||
{{:Summit_2011_Working_Sessions/Session021 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session021 | Summit_2011_Working_Sessions/Rows}} | ||
Line 102: | Line 114: | ||
{{:Summit_2011_Working_Sessions/Session075 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session075 | Summit_2011_Working_Sessions/Rows}} | ||
{{:Summit_2011_Working_Sessions/Session076 | Summit_2011_Working_Sessions/Rows}} | {{:Summit_2011_Working_Sessions/Session076 | Summit_2011_Working_Sessions/Rows}} | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 8: OWASP | See Track Details]]</includeonly><noinclude>[[Category:OWASP_Working_Session]][[Category:Summit_2011]]</noinclude> | |}</noinclude><includeonly>[[Summit_2011_Working_Sessions#Track 8: OWASP | See Track Details]]</includeonly><noinclude>[[Category:OWASP_Working_Session]][[Category:Summit_2011]]</noinclude> |
Revision as of 00:37, 22 December 2010
- 1 Introduction
- 2 Track: Metrics
- 3 Track: Browser Security
- 4 Track: Cross-Site Scripting Eradication
- 5 Track: University Outreach, Education, and Training
- 6 Track: NoBullSec: OWASP Secure Coding Workshop
- 7 Track: Individual OWASP Projects
- 8 Track: Global Committees
- 9 Track: OWASP Quotes
- 10 Track: OWASP
Introduction
Click on the working session name to see the home page for that particular session. During the Summit those working session home pages will be used to document discussions and outcomes.
If you're interested in adding a Working Session for the 2011 Summit, there still is time to start a session! Please review the Working Session methodology for Working Session rules.
Track: Metrics
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
Risk Metrics |
|
|
Chris Wysopal @ |
Tony UcedaVelez @
Mateo Martinez @ Mikko Saario @ Ofer Maor @ Nuno Loureiro @ |
view edit |
Tools Interoperability (Data Instrumentation) |
|
|
Dinis Cruz @ |
Stefano Di Paola @
Jeremy Long @ Sherif Koussa @ |
view edit |
Metrics and Labeling |
|
|
Chris Eng @ |
Vishal Garg @ |
view edit |
Counting and scoring application security defects |
|
|
Chris Eng @ Chris Wysopal @ |
Jason Taylor @
Justin Clarke @ Sherif Koussa @ Vishal Garg @ Matteo Meucci @ Elke Roth-Mandutz @ Mateo Martinez @ Ofer Maor @ |
view edit |
Measuring SDLC process performance |
|
|
Chris Wysopal @ Chris Eng @ |
Eoin Keary @
Nishi Kumar @ Jason Taylor @ Matthew Chalmers @ Justin Clarke @ Seba Deleersnyder @ Sherif Koussa @ Vishal Garg @ Ofer Maor @ Nuno Loureiro @ Tobias Gondrom @Summit 2011 Working Sessions/Session050 Summit 2011 Working Sessions/Session051 |
Track: Browser Security
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
DOM Sandboxing |
|
|
Jasvir Nagra Gareth Heyes @ |
Email John Wilander if you are unable to edit the Wiki and would like to sign up! @
Michael Coates Stefano Di Paola Isaac Dawson Chris Eng @ |
view edit |
HTML5 Security |
|
|
Mario Heiderich Gareth Heyes @ |
John Wilander @
Stefano Di Paola Isaac Dawson Chris Eng @ Nishi Kumar @ Elke Roth-Mandutz @ Nuno Loureiro @ |
view edit |
EcmaScript 5 Security |
|
|
Mario Heiderich TBC |
John Wilander @
Michael Coates @
Stefano Di Paola Isaac Dawson Abraham Kang Gareth Heyes |
view edit |
Enduser Warnings |
|
|
John Wilander @ |
John Wilander @
Michael Coates @
Vishal Garg @ |
view edit |
Site Security Policy |
|
John Wilander @ Michal Coates @ |
John Wilander @
Michael Coates @
Stefano Di Paola Tobias Gondrom @ | |
view edit |
Securing Plugins |
|
John Wilander @
Michael Coates @ | ||
view edit |
Blacklisting |
|
John Wilander @
Michael Coates @ | ||
view edit |
OS Integration |
|
John Wilander @
Michael Coates @ | ||
view edit |
|||||
view edit |
Sandboxed Tabs/Domains/Browser |
|
John Wilander @
Michael Coates @ |
Track: Cross-Site Scripting Eradication
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
XSS and the Frameworks |
|
|
Justin Clarke @ |
Chris Eng @
Abraham Kang |
view edit |
XSS - Awareness, Resources, and Partnerships |
|
|
Justin Clarke @ |
Chris Eng @
Abraham Kang Sherif Koussa @ |
view edit |
WAF Mitigations for XSS |
|
|
Ryan Barnett @ |
Lucas C. Ferreira @
Justin Clarke @ Abraham Kang Mario Heiderich Gareth Heyes |
view edit |
|||||
view edit |
|||||
view edit |
Track: University Outreach, Education, and Training
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
University Outreach |
|
|
Martin Knobloch @ |
Nishi Kumar @
Cecil Su @ Elke Roth-Mandutz @ Heiko Richler @ Lucas C. Ferreira @ Jason Taylor @ Carlos Serrão @ Konstantinos Papapanagiotou @ Mateo Martinez @ |
view edit |
Computer Crime Laws |
|
|
Daniel Cuthbert @ |
Matthew Chalmers @
Abraham Kang |
view edit |
OWASP Academies |
|
|
Sandra Paiva @ |
Martin Knobloch @
Paulo Coimbra @ Dinis Cruz @ Nishi Kumar @ Cecil Su @ Heiko Richler @ Lucas C. Ferreira @ Jason Taylor @ Mateo Martinez @ Konstantinos Papapanagiotou @ Carlos Serrão @ Matteo Meucci @ Elke Roth-Mandutz @ |
view edit |
OWASP Training |
|
|
Sandra Paiva @ |
Martin Knobloch @
Nishi Kumar @ Cecil Su @ Heiko Richler @ Lucas C. Ferreira @ Jason Taylor @ Achim Hoffmann @ Mark Bristow @ Mateo Martinez @ Vishal Garg @ Matteo Meucci @ Jeremy Long @ Seba Deleersnyder @ Ralph Durkee @ |
view edit |
Developer's Security Training Package |
|
|
Brad Causey @ |
Martin Knobloch @
Nishi Kumar @ Jason Taylor @ Carlos Serrão @ Konstantinos Papapanagiotou @ Ralph Durkee @ Mikko Saario @ Mateo Martinez @ Sherif Koussa @ |
Track: NoBullSec: OWASP Secure Coding Workshop
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
Applying ESAPI Input Validation |
|
|
Chris Schmidt @ |
Nishi Kumar @
Justin Clarke @ John Steven @ |
view edit |
Defining AppSensor Detection Points |
|
|
Michael Coates @ |
Ryan Barnett @
Colin Watson Chris Schmidt @ |
view edit |
Contextual Output Encoding |
|
|
Chris Schmidt @ |
Justin Clarke @ Abraham Kang |
view edit |
Protecting Information Stored Client-Side |
|
|
John Steven @ |
Elke Roth-Mandutz @
Jim Manico @ Chris Schmidt @ Justin Clarke @ Fred Donovan @ Antonio Fontes @ |
view edit |
Protecting Against CSRF |
|
Chris Schmidt @
Ryan Barnett @ Mark Thomas @ Vishal Garg @ | ||
view edit |
Providing Access to Persisted Data |
|
|
Dan Cornell @ |
Chris Schmidt @ Justin Clarke @ Dan Cornell @ John Steven @ Ralph Durkee @ |
view edit |
The Future of the OWASP Secure Coding Workshop |
|
|
John Steven @ Chris Schmidt @ |
Justin Clarke @ Jeremy Long @Summit 2011 Working Sessions/Session032 |
view edit |
ESAPI for Ruby |
|
|
Paolo Perego @ |
|
view edit |
ESAPI-CORE |
|
|
Jim Manico @ |
Paolo Perego @
Jim Manico @ |
Track: Individual OWASP Projects
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/AttendeesSummit 2011 Working Sessions/Session062 | |
view edit |
O2 Platform |
|
|
Dinis Cruz @ |
Nishi Kumar @
Jason Taylor @ Steven van der Baan @ Sherif Koussa @ Abraham Kang |
view edit |
Mobile Security |
|
|
Mike Zusman @ David Campbell @ |
Colin Watson
Tom Neaves @ Mateo Martinez @ Justin Clarke @ Sherif Koussa @ Vishal Garg @ Dan Cornell @ Chris Eng @ Jim Manico @ Jack Mannino @ Nishi Kumar @ Steve Jensen Neil Matatall @ Abraham Kang Mikko Saario @ Chris Wysopal @ Antonio Fontes @ |
view edit |
Development Guide |
|
|
Vishal Garg @ |
Matthias Rohr @
Eoin Keary @ Steven van der Baan @ Abraham Kang Fred Donovan @ |
view edit |
ASVS Project |
|
|
Matthias Rohr @ |
Nishi Kumar @
Steven van der Baan @ Jim Manico @ Vishal Garg @ Abraham Kang |
view edit |
Enterprise Web Defense Roundtable |
|
|
Michael Coates @ Chris Lyon @ |
Eoin Keary @
Dinis Cruz @ Chris Schmidt @ Justin Clarke @ Matthias Rohr @ Matteo Meucci @ Mateo Martinez @ Ofer Maor @ |
Track: Global Committees
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
OWASP Board/Committee Governance |
|
|
Mark Bristow @ Jason Li @ Tom Brennan @ |
Jim Manico @
Nishi Kumar @ Joe Bernik Matthew Chalmers @ Sarah Baso @ Kate Hartmann @ John Steven @ Seba Deleersnyder @ |
view edit |
OWASP Projects |
|
|
Brad Causey @ Jason Li @ |
Seba Deleersnyder @
Nishi Kumar @ |
view edit |
OWASP Industry Outreach |
|
Eoin Keary @ Colin Watson |
Lorna Alamri @
David Campbell Eoin Keary Matt Tesauro Joe Bernik Nishi Kumar @ Lucas C. Ferreira @ Tobias Gondrom @ Vehbi Tasar Colin Watson Jason Taylor @ Sarah Baso @ Mateo Martinez @ Konstantinos Papapanagiotou @ | |
view edit |
Membership |
|
|
Dan Cornell @ |
Michael Coates @
Mateo Martinez @ Dan Cornell @ Ofer Maor @ |
view edit |
Connections |
|
|
Jim Manico @ Justin Clarke @ |
Achim Hoffmann @
Doug Wilson @ |
view edit |
Chapters |
|
|
Seba @ |
Mandeep Khera
Matthew Chalmers @ Matteo Meucci @ Mateo Martinez @ Ferdinand Vroom @ Helen Gao @ Ofer Maor @ Antonio Fontes @ |
view edit |
Education |
|
|
Martin Knobloch @ |
Nishi Kumar @
Cecil Su @ Jason Taylor @ |
view edit |
Conferences - Improving Conference Planner Support |
|
|
Mark Bristow @ |
Lorna Alamri @
Nishi Kumar @ Lucas C. Ferreira @ Ralph Durkee @ Matthew Chalmers @ Matteo Meucci @ Mateo Martinez @ Neil Matatall @ Seba Deleersnyder @ |
Track: OWASP Quotes
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
OWASP funding and CEO discussion |
|
Keith Turpin @ |
Matthew Chalmers @
Dinis Cruz @ Mark Bristow @ | |
view edit |
Less preaching to the choir, engage more with the outsiders | TBD |
Matthew Chalmers @
Doug Wilson @ | ||
view edit |
Investment justification for Web Application Security | TBD |
|||
view edit |
Should OWASP work directly with PCI-DSS? | Matthew Chalmers @ Vlatko Kosturjak |
Matthew Chalmers @ | ||
view edit |
How can OWASP reach/talk/engage with auditors |
|
|
Matthew Chalmers @ |
Matthew Chalmers @
Achim Hoffmann @ Justin Clarke @Summit 2011 Working Sessions/Session083 |
view edit |
Creating an Application Security Career - For the Average IT/Network Security Practitioner | TBD |
Track: OWASP
Name of Working Session | Objective(s) | Outcome(s) / Deliverable(s) | Owner/Leader | Members/Attendees | |
view edit |
OWASP Around the World |
|
|
Matthew Chalmers @
Mateo Martinez @ Cecil Su @ | |
view edit |
What is an OWASP Leader? |
|
|
Dinis Cruz @ |
Matthew Chalmers @
Chris Schmidt @ Mark Bristow @ Antonio Fontes @ |
view edit |
Overhauling the OWASP Website |
|
|
Jason Li @ |
Larry Casey
Michael Coates @ Colin Watson Nishi Kumar @ Dinis Cruz @ Matthew Chalmers @ Justin Clarke @ Mark Bristow @ Seba Deleersnyder @ |
view edit |
Managing the OWASP Brand |
|
Jason Li @
Lucas C. Ferreira @ Matthew Chalmers @ Matteo Meucci @ | ||
view edit |
Tracking OWASP Participation |
|
|
Mark Bristow @ |
Jason Li @ |
view edit |
Developer Outreach |
|
|
Mark Bristow @ Jason Li @ |
Martin Knobloch @
Steven van der Baan @ Antonio Fontes @ |
view edit |
Privacy - Personal Data/PII, Legislation and OWASP |
|
|
Colin Watson |
Matthew Chalmers @
Lorna Alamri @ Elke Roth-Mandutz @ David Campbell @ Abraham Kang |
view edit |
Replicating Samy's EU Tour across OWASP |
|
|||
view edit |
S is for Safety (as well as Security) |
|
|
Colin Watson |
Fred Donovan @ |
view edit |
Professionalize OWASP |
|
|
Martin Knobloch @ |
Nishi Kumar @
Lorna Alamri @ Matthew Chalmers @ Justin Clarke @ |